dani
/
lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'improve-log4perl-2565' into 'v2.0' 

Enrich Log4Perl placeholders with request details

See merge request lemonldap-ng/lemonldap-ng!234
This commit is contained in:
Yadd 2022-02-16 16:18:26 +00:00
parent c161738b42 004810b18b
commit 525e6711d6
9 changed files with 173 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
doc/sources/admin/logs.rst
View File

@ -210,7 +210,30 @@ Default values:
log4perlConfFile = /etc/log4perl.conf
log4perlLogger = LLNG
log4perlUserLogger = LLNG.user
log4perlUserLogger = LLNGuser
Sample ``log4perl.conf`` file
.. code::
log4perl.logger.LLNG = DEBUG, Syslog
log4perl.logger.LLNGuser = INFO, Syslog
log4perl.appender.Syslog = Log::Dispatch::Syslog
log4perl.appender.Syslog.ident = LLNG
log4perl.appender.Syslog.layout = PatternLayout
log4perl.appender.Syslog.layout.ConversionPattern = [%p] %m
For additional information, please read the `Log4Perl documentation <https://metacpan.org/pod/Log::Log4perl>`__
.. versionadded:: 2.0.14
The following special formatters have been added to standard `PatternLayout placeholders <https://metacpan.org/pod/Log::Log4perl::Layout::PatternLayout>`__
* ``%Q{address}``: IP address of the request
* ``%Q{user}``: Username of the current user
* ``%Q{id}``: Session ID of the current user
* ``%E{ENV_VAR}``: content of the ``ENV_VAR`` variable
Sentry
~~~~~~

4
lemonldap-ng-common/lemonldap-ng.ini
View File

@ -80,12 +80,12 @@ logLevel = warn
;logger = Lemonldap::NG::Common::Logger::Log4perl
;log4perlConfFile = /etc/log4perl.conf
;log4perlLogger = LLNG
;log4perlUserLogger = LLNG.user
;log4perlUserLogger = LLNGuser
;
; Here, Log4perl configuration is read from /etc/log4perl.conf. The "LLNG"
; value points to the logger class. Example:
; log4perl.logger.LLNG = WARN, File1
; log4perl.logger.LLNG.user = INFO, File2
; log4perl.logger.LLNGuser = INFO, File2
; ...
; CONFIGURATION CHECK

44
lemonldap-ng-common/lib/Lemonldap/NG/Common/Logger/Log4perl.pm
View File

@ -2,6 +2,7 @@ package Lemonldap::NG::Common::Logger::Log4perl;
use strict;
use Log::Log4perl;
use Log::Log4perl::MDC;
our $VERSION = '2.0.0';
@ -10,8 +11,41 @@ our $init = 0;
sub new {
my ( $class, $conf, %args ) = @_;
my $self = bless {}, $class;
unless ($init) {
my $file = $conf->{log4perlConfFile} || '/etc/log4perl.conf';
# Fix reporting of code location
Log::Log4perl->wrapper_register(
"Lemonldap::NG::Common::Logger::_Duplicate");
Log::Log4perl->wrapper_register(__PACKAGE__);
# map %E to the stored $req->env
Log::Log4perl::Layout::PatternLayout::add_global_cspec(
'E',
sub {
my $layout = shift;
my $subvar = $layout->{curlies};
my $req = Log::Log4perl::MDC->get("req");
return defined($req) ? $req->env->{$subvar} : undef;
}
);
# map %Q to the stored $req
Log::Log4perl::Layout::PatternLayout::add_global_cspec(
'Q',
sub {
my $layout = shift;
my $subvar = $layout->{curlies};
my $req = Log::Log4perl::MDC->get("req");
if ( ref($req) and $req->can($subvar) ) {
return $req->$subvar;
}
else {
return undef;
}
}
);
Log::Log4perl->init($file);
$init++;
}
@ -23,6 +57,16 @@ sub new {
return $self;
}
sub setRequestObj {
my ($self, $req) = @_;
Log::Log4perl::MDC->put( "req", $req );
}
sub clearRequestObj {
my ($self, $req) = @_;
my $text = Log::Log4perl::MDC->remove();
}
sub AUTOLOAD {
my $self = shift;
no strict;

28
lemonldap-ng-common/lib/Lemonldap/NG/Common/PSGI.pm
View File

@ -344,10 +344,36 @@ sub run {
sub _run {
my $self = shift;
return sub {
$self->handler( Lemonldap::NG::Common::PSGI::Request->new( $_[0] ) );
$self->_logAndHandle(
Lemonldap::NG::Common::PSGI::Request->new( $_[0] ) );
};
}
sub _logAndHandle {
my ( $self, $req ) = @_;
# register the request object to the logging system
if ( ref( $self->logger ) and $self->logger->can('setRequestObj') ) {
$self->logger->setRequestObj($req);
}
if ( ref( $self->userLogger ) and $self->userLogger->can('setRequestObj') ) {
$self->userLogger->setRequestObj($req);
}
# Call the handler
my $res = $self->handler($req);
# Clear the logging system before the next request
if ( ref( $self->logger ) and $self->logger->can('clearRequestObj') ) {
$self->logger->clearRequestObj($req);
}
if ( ref( $self->userLogger ) and $self->userLogger->can('clearRequestObj') ) {
$self->userLogger->clearRequestObj($req);
}
return $res;
}
1;
__END__

17
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/ApacheMP2.pm
View File

@ -43,7 +43,24 @@ sub launch {
my $class = "Lemonldap::NG::Handler::ApacheMP2::$type";
eval "require $class";
die $@ if ($@);
# register the request object to the logging system
if ( ref( $class->logger ) and $class->logger->can('setRequestObj') ) {
$class->logger->setRequestObj($req);
}
if ( ref( $class->userLogger ) and $class->userLogger->can('setRequestObj') ) {
$class->userLogger->setRequestObj($req);
}
my ($res) = $class->$sub($req);
# Clear the logging system before the next request
if ( ref( $class->logger ) and $class->logger->can('clearRequestObj') ) {
$class->logger->clearRequestObj($req);
}
if ( ref( $class->userLogger ) and $class->userLogger->can('clearRequestObj') ) {
$class->userLogger->clearRequestObj($req);
}
return $res;
}

33
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/PSGI.pm
View File

@ -38,7 +38,7 @@ sub init {
## @methodi void _run()
# Check if protecton is activated then return a code ref that will launch
# _authAndTrace() if protection in on or handler() else
# _logAuthTrace() if protection in on or handler() else
#@return code-ref
sub _run {
my $self = shift;
@ -50,7 +50,7 @@ sub _run {
# Handle requests
# Developers, be careful: Only this part is executed at each request
return sub {
return $self->_authAndTrace(
return $self->_logAuthTrace(
Lemonldap::NG::Common::PSGI::Request->new( $_[0] ) );
};
}
@ -68,7 +68,7 @@ sub _run {
# Handle unprotected requests
return sub {
my $req = Lemonldap::NG::Common::PSGI::Request->new( $_[0] );
my $res = $self->handler($req);
my $res = $self->_logAndHandle($req);
push @{ $res->[1] }, $req->spliceHdrs;
return $res;
};
@ -111,6 +111,31 @@ sub reload {
};
}
sub _logAuthTrace {
my ( $self, $req, $noCall ) = @_;
# register the request object to the logging system
if ( ref( $self->logger ) and $self->logger->can('setRequestObj') ) {
$self->logger->setRequestObj($req);
}
if ( ref( $self->userLogger ) and $self->userLogger->can('setRequestObj') ) {
$self->userLogger->setRequestObj($req);
}
# Call the handler
my $res = $self->_authAndTrace( $req, $noCall );
# Clear the logging system before the next request
if ( ref( $self->logger ) and $self->logger->can('clearRequestObj') ) {
$self->logger->clearRequestObj($req);
}
if ( ref( $self->userLogger ) and $self->userLogger->can('clearRequestObj') ) {
$self->userLogger->clearRequestObj($req);
}
return $res;
}
## @method private PSGI-Response _authAndTrace($req)
# Launch $self->api::run() and then handler() if
# response is 200.
@ -138,7 +163,7 @@ sub _authAndTrace {
}
else {
$self->logger->debug('User authenticated, calling handler()');
$res = $self->handler($req);
$res = $self->_logAndHandle($req);
push @{ $res->[1] }, $req->spliceHdrs;
return $res;
}

37
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/PSGI/Try.pm
View File

@ -8,17 +8,33 @@ our $VERSION = '2.0.14';
extends 'Lemonldap::NG::Handler::PSGI::Router';
has 'authRoutes' => (
is => 'rw',
isa => 'HashRef',
default =>
sub { { GET => {}, POST => {}, PUT => {}, PATCH => {}, DELETE => {}, OPTIONS => {} } }
is => 'rw',
isa => 'HashRef',
default => sub {
{
GET => {},
POST => {},
PUT => {},
PATCH => {},
DELETE => {},
OPTIONS => {}
}
}
);
has 'unAuthRoutes' => (
is => 'rw',
isa => 'HashRef',
default =>
sub { { GET => {}, POST => {}, PUT => {}, PATCH => {}, DELETE => {}, OPTIONS => {} } }
is => 'rw',
isa => 'HashRef',
default => sub {
{
GET => {},
POST => {},
PUT => {},
PATCH => {},
DELETE => {},
OPTIONS => {}
}
}
);
sub addRoute {
@ -69,7 +85,7 @@ sub _run {
return sub {
my $req = Lemonldap::NG::Common::PSGI::Request->new( $_[0] );
my $res = $self->_authAndTrace( $req, 1 );
my $res = $self->_logAuthTrace( $req, 1 );
if ( $res->[0] < 300 ) {
$self->routes( $self->authRoutes );
$req->userData( $self->api->data );
@ -87,10 +103,11 @@ sub _run {
else {
return $res;
}
$res = $self->handler($req);
$res = $self->_logAndHandle($req);
push @{ $res->[1] }, $req->spliceHdrs;
return $res;
};
}
1;

2
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Server.pm
View File

@ -25,7 +25,7 @@ sub _run {
my ($self) = @_;
return sub {
my $req = Lemonldap::NG::Common::PSGI::Request->new( $_[0] );
my $res = $self->_authAndTrace($req);
my $res = $self->_logAuthTrace($req);
push @{ $res->[1] }, $req->spliceHdrs,
Cookie => ( $req->{Cookie} // '' );
return $res;

4
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Server/Nginx.pm
View File

@ -17,7 +17,7 @@ sub init {
}
## @method void _run()
# Return a subroutine that call _authAndTrace() and tranform redirection
# Return a subroutine that call _logAuthTrace() and tranform redirection
# response code from 302 to 401 (not authenticated) ones. This is required
# because Nginx "auth_request" parameter does not accept it. The Nginx
# configuration file should transform them back to 302 using:
@ -31,7 +31,7 @@ sub _run {
return sub {
my $req = $_[0];
$self->logger->debug('New request');
my $res = $self->_authAndTrace(
my $res = $self->_logAuthTrace(
Lemonldap::NG::Common::PSGI::Request->new($req) );
# Transform 302 responses in 401 since Nginx refuse it