OpenStack Dashboard (Horizon)

Operations log polluted with policy requests

Bug #1688206 reported by Mateusz Kowalski on 2017-05-04

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	OpenStack Dashboard (Horizon)	Fix Released	Medium	Mateusz Kowalski	OpenStack Dashboard (Horizon) pike-3

Bug Description

Currently operations log is polluted with a lot of requests regarding policy enforcement which are not generated by the user explicitly, like in the following example:

2017-05-04 10:09:51,683 [Personal makowals] [e6721c4a-2600-4260-a6f3-e287c04c1a4c] [makowals] [https] [/project/images] [/api/policy/] [None] [POST] [200] [{"rules": [["image", "modify_image"]], "token": "********", "password": "********", "csrfmiddlewaretoken": "********"}]
2017-05-04 10:09:51,687 [Personal makowals] [e6721c4a-2600-4260-a6f3-e287c04c1a4c] [makowals] [https] [/project/images] [/api/policy/] [None] [POST] [200] [{"rules": [["image", "add_image"]], "token": "********", "password": "********", "csrfmiddlewaretoken": "********"}]
2017-05-04 10:09:51,693 [Personal makowals] [e6721c4a-2600-4260-a6f3-e287c04c1a4c] [makowals] [https] [/project/images] [/api/policy/] [None] [POST] [200] [{"rules": [["image", "delete_image"]], "token": "********", "password": "********", "csrfmiddlewaretoken": "********"}]

As for auditing purposes these requests have no value, it would make more sense to hide them by default or at least provide some configuration option (like 'ignored_urls') in order for the operator to be able to disable these entries.

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2017-05-04: Fix proposed to horizon (master)

Fix proposed to branch: master
Review: https://review.openstack.org/462437

Changed in horizon:
assignee:	nobody → Mateusz Kowalski (makowals)
status:	New → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2017-06-26: Fix merged to horizon (master)

Reviewed: https://review.openstack.org/462437
Committed: https://git.openstack.org/cgit/openstack/horizon/commit/?id=9242e4902ec7470f2819fa84ad964adbcdcf5eb2
Submitter: Jenkins
Branch: master

commit 9242e4902ec7470f2819fa84ad964adbcdcf5eb2
Author: Mateusz Kowalski <email address hidden>
Date: Thu May 4 10:26:56 2017 +0200

operation_log: Add ignored_urls parameter

Request URLs can be put in ignored_urls in OPERATION_LOG_OPTIONS
in order to ignore them from auditing.

Change-Id: I6673e765fd88bc4230a3b7ced2ee227669136bb2
Closes-Bug: #1688206

Changed in horizon:
status:	In Progress → Fix Released

Akihiro Motoki (amotoki) on 2017-06-27

Changed in horizon:
milestone:	none → pike-3
importance:	Undecided → Medium

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2017-06-27: Fix proposed to horizon (master)

Fix proposed to branch: master
Review: https://review.openstack.org/477827

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2017-06-30: Fix merged to horizon (master)

Reviewed: https://review.openstack.org/477827
Committed: https://git.openstack.org/cgit/openstack/horizon/commit/?id=e38f75a6c8af4b214294567aecd0ac37e5f72558
Submitter: Jenkins
Branch: master

commit e38f75a6c8af4b214294567aecd0ac37e5f72558
Author: Mateusz Kowalski <email address hidden>
Date: Tue Jun 27 10:41:12 2017 +0200

operation_log: Fix wrong reference to ignored urls

Fixes typo in a previous patch where underscore in front
of variable name was ommited.

Change-Id: I050148607bb0016cc4d4c5852784671ad994a078
Closes-Bug: #1688206

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2017-07-27: Fix included in openstack/horizon 12.0.0.0b3

This issue was fixed in the openstack/horizon 12.0.0.0b3 development milestone.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.