diff --git a/cmd/acl-handlers.go b/cmd/acl-handlers.go index 931b44907..1a5f8dc63 100644 --- a/cmd/acl-handlers.go +++ b/cmd/acl-handlers.go @@ -61,7 +61,7 @@ type accessControlPolicy struct { func (api objectAPIHandlers) PutBucketACLHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "PutBucketACL") - defer logger.AuditLog(w, r, "PutBucketACL", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) vars := mux.Vars(r) bucket := vars["bucket"] @@ -125,7 +125,7 @@ func (api objectAPIHandlers) PutBucketACLHandler(w http.ResponseWriter, r *http. func (api objectAPIHandlers) GetBucketACLHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "GetBucketACL") - defer logger.AuditLog(w, r, "GetBucketACL", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) vars := mux.Vars(r) bucket := vars["bucket"] @@ -176,7 +176,7 @@ func (api objectAPIHandlers) GetBucketACLHandler(w http.ResponseWriter, r *http. func (api objectAPIHandlers) PutObjectACLHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "PutObjectACL") - defer logger.AuditLog(w, r, "PutObjectACL", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) vars := mux.Vars(r) bucket := vars["bucket"] @@ -240,7 +240,7 @@ func (api objectAPIHandlers) PutObjectACLHandler(w http.ResponseWriter, r *http. func (api objectAPIHandlers) GetObjectACLHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "GetObjectACL") - defer logger.AuditLog(w, r, "GetObjectACL", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) vars := mux.Vars(r) bucket := vars["bucket"] diff --git a/cmd/admin-bucket-handlers.go b/cmd/admin-bucket-handlers.go index a640eba2a..5b431aca7 100644 --- a/cmd/admin-bucket-handlers.go +++ b/cmd/admin-bucket-handlers.go @@ -41,7 +41,7 @@ const ( func (a adminAPIHandlers) PutBucketQuotaConfigHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "PutBucketQuotaConfig") - defer logger.AuditLog(w, r, "PutBucketQuotaConfig", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objectAPI, _ := validateAdminReq(ctx, w, r, iampolicy.SetBucketQuotaAdminAction) if objectAPI == nil { @@ -81,7 +81,7 @@ func (a adminAPIHandlers) PutBucketQuotaConfigHandler(w http.ResponseWriter, r * func (a adminAPIHandlers) GetBucketQuotaConfigHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "GetBucketQuotaConfig") - defer logger.AuditLog(w, r, "GetBucketQuotaConfig", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objectAPI, _ := validateAdminUsersReq(ctx, w, r, iampolicy.GetBucketQuotaAdminAction) if objectAPI == nil { @@ -116,7 +116,7 @@ func (a adminAPIHandlers) GetBucketQuotaConfigHandler(w http.ResponseWriter, r * func (a adminAPIHandlers) SetRemoteTargetHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "SetBucketTarget") - defer logger.AuditLog(w, r, "SetBucketTarget", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) vars := mux.Vars(r) bucket := vars["bucket"] update := r.URL.Query().Get("update") == "true" @@ -205,7 +205,7 @@ func (a adminAPIHandlers) SetRemoteTargetHandler(w http.ResponseWriter, r *http. func (a adminAPIHandlers) ListRemoteTargetsHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "ListBucketTargets") - defer logger.AuditLog(w, r, "ListBucketTargets", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) vars := mux.Vars(r) bucket := vars["bucket"] arnType := vars["type"] @@ -244,7 +244,7 @@ func (a adminAPIHandlers) ListRemoteTargetsHandler(w http.ResponseWriter, r *htt func (a adminAPIHandlers) RemoveRemoteTargetHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "RemoveBucketTarget") - defer logger.AuditLog(w, r, "RemoveBucketTarget", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) vars := mux.Vars(r) bucket := vars["bucket"] arn := vars["arn"] diff --git a/cmd/admin-handlers-config-kv.go b/cmd/admin-handlers-config-kv.go index f65572787..ca4691cd9 100644 --- a/cmd/admin-handlers-config-kv.go +++ b/cmd/admin-handlers-config-kv.go @@ -62,7 +62,7 @@ func validateAdminReqConfigKV(ctx context.Context, w http.ResponseWriter, r *htt func (a adminAPIHandlers) DelConfigKVHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "DeleteConfigKV") - defer logger.AuditLog(w, r, "DeleteConfigKV", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) cred, objectAPI := validateAdminReqConfigKV(ctx, w, r) if objectAPI == nil { @@ -104,7 +104,7 @@ func (a adminAPIHandlers) DelConfigKVHandler(w http.ResponseWriter, r *http.Requ func (a adminAPIHandlers) SetConfigKVHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "SetConfigKV") - defer logger.AuditLog(w, r, "SetConfigKV", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) cred, objectAPI := validateAdminReqConfigKV(ctx, w, r) if objectAPI == nil { @@ -176,7 +176,7 @@ func (a adminAPIHandlers) SetConfigKVHandler(w http.ResponseWriter, r *http.Requ func (a adminAPIHandlers) GetConfigKVHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "GetConfigKV") - defer logger.AuditLog(w, r, "GetConfigKV", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) cred, objectAPI := validateAdminReqConfigKV(ctx, w, r) if objectAPI == nil { @@ -214,7 +214,7 @@ func (a adminAPIHandlers) GetConfigKVHandler(w http.ResponseWriter, r *http.Requ func (a adminAPIHandlers) ClearConfigHistoryKVHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "ClearConfigHistoryKV") - defer logger.AuditLog(w, r, "ClearConfigHistoryKV", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) _, objectAPI := validateAdminReqConfigKV(ctx, w, r) if objectAPI == nil { @@ -251,7 +251,7 @@ func (a adminAPIHandlers) ClearConfigHistoryKVHandler(w http.ResponseWriter, r * func (a adminAPIHandlers) RestoreConfigHistoryKVHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "RestoreConfigHistoryKV") - defer logger.AuditLog(w, r, "RestoreConfigHistoryKV", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) _, objectAPI := validateAdminReqConfigKV(ctx, w, r) if objectAPI == nil { @@ -299,7 +299,7 @@ func (a adminAPIHandlers) RestoreConfigHistoryKVHandler(w http.ResponseWriter, r func (a adminAPIHandlers) ListConfigHistoryKVHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "ListConfigHistoryKV") - defer logger.AuditLog(w, r, "ListConfigHistoryKV", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) cred, objectAPI := validateAdminReqConfigKV(ctx, w, r) if objectAPI == nil { @@ -339,7 +339,7 @@ func (a adminAPIHandlers) ListConfigHistoryKVHandler(w http.ResponseWriter, r *h func (a adminAPIHandlers) HelpConfigKVHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "HelpConfigKV") - defer logger.AuditLog(w, r, "HelpHistoryKV", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) _, objectAPI := validateAdminReqConfigKV(ctx, w, r) if objectAPI == nil { @@ -367,7 +367,7 @@ func (a adminAPIHandlers) HelpConfigKVHandler(w http.ResponseWriter, r *http.Req func (a adminAPIHandlers) SetConfigHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "SetConfig") - defer logger.AuditLog(w, r, "SetConfig", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) cred, objectAPI := validateAdminReqConfigKV(ctx, w, r) if objectAPI == nil { @@ -424,7 +424,7 @@ func (a adminAPIHandlers) SetConfigHandler(w http.ResponseWriter, r *http.Reques func (a adminAPIHandlers) GetConfigHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "GetConfig") - defer logger.AuditLog(w, r, "GetConfig", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) cred, objectAPI := validateAdminReqConfigKV(ctx, w, r) if objectAPI == nil { diff --git a/cmd/admin-handlers-users.go b/cmd/admin-handlers-users.go index 3e642a0ab..f4dade622 100644 --- a/cmd/admin-handlers-users.go +++ b/cmd/admin-handlers-users.go @@ -56,7 +56,7 @@ func validateAdminUsersReq(ctx context.Context, w http.ResponseWriter, r *http.R func (a adminAPIHandlers) RemoveUser(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "RemoveUser") - defer logger.AuditLog(w, r, "RemoveUser", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objectAPI, _ := validateAdminUsersReq(ctx, w, r, iampolicy.DeleteUserAdminAction) if objectAPI == nil { @@ -94,7 +94,7 @@ func (a adminAPIHandlers) RemoveUser(w http.ResponseWriter, r *http.Request) { func (a adminAPIHandlers) ListUsers(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "ListUsers") - defer logger.AuditLog(w, r, "ListUsers", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objectAPI, cred := validateAdminUsersReq(ctx, w, r, iampolicy.ListUsersAdminAction) if objectAPI == nil { @@ -128,7 +128,7 @@ func (a adminAPIHandlers) ListUsers(w http.ResponseWriter, r *http.Request) { func (a adminAPIHandlers) GetUserInfo(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "GetUserInfo") - defer logger.AuditLog(w, r, "GetUserInfo", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) vars := mux.Vars(r) name := vars["accessKey"] @@ -184,7 +184,7 @@ func (a adminAPIHandlers) GetUserInfo(w http.ResponseWriter, r *http.Request) { func (a adminAPIHandlers) UpdateGroupMembers(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "UpdateGroupMembers") - defer logger.AuditLog(w, r, "UpdateGroupMembers", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objectAPI, _ := validateAdminUsersReq(ctx, w, r, iampolicy.AddUserToGroupAdminAction) if objectAPI == nil { @@ -229,7 +229,7 @@ func (a adminAPIHandlers) UpdateGroupMembers(w http.ResponseWriter, r *http.Requ func (a adminAPIHandlers) GetGroup(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "GetGroup") - defer logger.AuditLog(w, r, "GetGroup", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objectAPI, _ := validateAdminUsersReq(ctx, w, r, iampolicy.GetGroupAdminAction) if objectAPI == nil { @@ -258,7 +258,7 @@ func (a adminAPIHandlers) GetGroup(w http.ResponseWriter, r *http.Request) { func (a adminAPIHandlers) ListGroups(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "ListGroups") - defer logger.AuditLog(w, r, "ListGroups", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objectAPI, _ := validateAdminUsersReq(ctx, w, r, iampolicy.ListGroupsAdminAction) if objectAPI == nil { @@ -284,7 +284,7 @@ func (a adminAPIHandlers) ListGroups(w http.ResponseWriter, r *http.Request) { func (a adminAPIHandlers) SetGroupStatus(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "SetGroupStatus") - defer logger.AuditLog(w, r, "SetGroupStatus", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objectAPI, _ := validateAdminUsersReq(ctx, w, r, iampolicy.EnableGroupAdminAction) if objectAPI == nil { @@ -321,7 +321,7 @@ func (a adminAPIHandlers) SetGroupStatus(w http.ResponseWriter, r *http.Request) func (a adminAPIHandlers) SetUserStatus(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "SetUserStatus") - defer logger.AuditLog(w, r, "SetUserStatus", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objectAPI, _ := validateAdminUsersReq(ctx, w, r, iampolicy.EnableUserAdminAction) if objectAPI == nil { @@ -356,7 +356,7 @@ func (a adminAPIHandlers) SetUserStatus(w http.ResponseWriter, r *http.Request) func (a adminAPIHandlers) AddUser(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "AddUser") - defer logger.AuditLog(w, r, "AddUser", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) vars := mux.Vars(r) accessKey := path.Clean(vars["accessKey"]) @@ -444,7 +444,7 @@ func (a adminAPIHandlers) AddUser(w http.ResponseWriter, r *http.Request) { func (a adminAPIHandlers) AddServiceAccount(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "AddServiceAccount") - defer logger.AuditLog(w, r, "AddServiceAccount", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) // Get current object layer instance. objectAPI := newObjectLayerFn() @@ -523,7 +523,7 @@ func (a adminAPIHandlers) AddServiceAccount(w http.ResponseWriter, r *http.Reque func (a adminAPIHandlers) ListServiceAccounts(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "ListServiceAccounts") - defer logger.AuditLog(w, r, "ListServiceAccounts", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) // Get current object layer instance. objectAPI := newObjectLayerFn() @@ -578,7 +578,7 @@ func (a adminAPIHandlers) ListServiceAccounts(w http.ResponseWriter, r *http.Req func (a adminAPIHandlers) DeleteServiceAccount(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "DeleteServiceAccount") - defer logger.AuditLog(w, r, "DeleteServiceAccount", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) // Get current object layer instance. objectAPI := newObjectLayerFn() @@ -637,7 +637,7 @@ func (a adminAPIHandlers) DeleteServiceAccount(w http.ResponseWriter, r *http.Re func (a adminAPIHandlers) AccountInfoHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "AccountInfo") - defer logger.AuditLog(w, r, "AccountInfo", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) // Get current object layer instance. objectAPI := newObjectLayerFn() @@ -751,7 +751,7 @@ func (a adminAPIHandlers) AccountInfoHandler(w http.ResponseWriter, r *http.Requ func (a adminAPIHandlers) InfoCannedPolicyV2(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "InfoCannedPolicyV2") - defer logger.AuditLog(w, r, "InfoCannedPolicyV2", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objectAPI, _ := validateAdminUsersReq(ctx, w, r, iampolicy.GetPolicyAdminAction) if objectAPI == nil { @@ -778,7 +778,7 @@ func (a adminAPIHandlers) InfoCannedPolicyV2(w http.ResponseWriter, r *http.Requ func (a adminAPIHandlers) InfoCannedPolicy(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "InfoCannedPolicy") - defer logger.AuditLog(w, r, "InfoCannedPolicy", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objectAPI, _ := validateAdminUsersReq(ctx, w, r, iampolicy.GetPolicyAdminAction) if objectAPI == nil { @@ -802,7 +802,7 @@ func (a adminAPIHandlers) InfoCannedPolicy(w http.ResponseWriter, r *http.Reques func (a adminAPIHandlers) ListCannedPoliciesV2(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "ListCannedPoliciesV2") - defer logger.AuditLog(w, r, "ListCannedPoliciesV2", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objectAPI, _ := validateAdminUsersReq(ctx, w, r, iampolicy.ListUserPoliciesAdminAction) if objectAPI == nil { @@ -836,7 +836,7 @@ func (a adminAPIHandlers) ListCannedPoliciesV2(w http.ResponseWriter, r *http.Re func (a adminAPIHandlers) ListCannedPolicies(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "ListCannedPolicies") - defer logger.AuditLog(w, r, "ListCannedPolicies", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objectAPI, _ := validateAdminUsersReq(ctx, w, r, iampolicy.ListUserPoliciesAdminAction) if objectAPI == nil { @@ -870,7 +870,7 @@ func (a adminAPIHandlers) ListCannedPolicies(w http.ResponseWriter, r *http.Requ func (a adminAPIHandlers) RemoveCannedPolicy(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "RemoveCannedPolicy") - defer logger.AuditLog(w, r, "RemoveCannedPolicy", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objectAPI, _ := validateAdminUsersReq(ctx, w, r, iampolicy.DeletePolicyAdminAction) if objectAPI == nil { @@ -898,7 +898,7 @@ func (a adminAPIHandlers) RemoveCannedPolicy(w http.ResponseWriter, r *http.Requ func (a adminAPIHandlers) AddCannedPolicy(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "AddCannedPolicy") - defer logger.AuditLog(w, r, "AddCannedPolicy", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objectAPI, _ := validateAdminUsersReq(ctx, w, r, iampolicy.CreatePolicyAdminAction) if objectAPI == nil { @@ -950,7 +950,7 @@ func (a adminAPIHandlers) AddCannedPolicy(w http.ResponseWriter, r *http.Request func (a adminAPIHandlers) SetPolicyForUserOrGroup(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "SetPolicyForUserOrGroup") - defer logger.AuditLog(w, r, "SetPolicyForUserOrGroup", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objectAPI, _ := validateAdminUsersReq(ctx, w, r, iampolicy.AttachPolicyAdminAction) if objectAPI == nil { diff --git a/cmd/admin-handlers.go b/cmd/admin-handlers.go index 825c39140..6c6e637b9 100644 --- a/cmd/admin-handlers.go +++ b/cmd/admin-handlers.go @@ -79,7 +79,7 @@ func updateServer(u *url.URL, sha256Sum []byte, lrTime time.Time, mode string) ( func (a adminAPIHandlers) ServerUpdateHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "ServerUpdate") - defer logger.AuditLog(w, r, "ServerUpdate", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objectAPI, _ := validateAdminReq(ctx, w, r, iampolicy.ServerUpdateAdminAction) if objectAPI == nil { @@ -188,7 +188,7 @@ func (a adminAPIHandlers) ServerUpdateHandler(w http.ResponseWriter, r *http.Req func (a adminAPIHandlers) ServiceHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "Service") - defer logger.AuditLog(w, r, "Service", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) vars := mux.Vars(r) action := vars["action"] @@ -285,7 +285,7 @@ type ServerInfo struct { func (a adminAPIHandlers) StorageInfoHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "StorageInfo") - defer logger.AuditLog(w, r, "StorageInfo", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objectAPI, _ := validateAdminReq(ctx, w, r, iampolicy.StorageInfoAdminAction) if objectAPI == nil { @@ -328,7 +328,7 @@ func (a adminAPIHandlers) StorageInfoHandler(w http.ResponseWriter, r *http.Requ func (a adminAPIHandlers) DataUsageInfoHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "DataUsageInfo") - defer logger.AuditLog(w, r, "DataUsageInfo", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objectAPI, _ := validateAdminReq(ctx, w, r, iampolicy.DataUsageInfoAdminAction) if objectAPI == nil { @@ -408,7 +408,7 @@ type PeerLocks struct { func (a adminAPIHandlers) ForceUnlockHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "ForceUnlock") - defer logger.AuditLog(w, r, "ForceUnlock", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objectAPI, _ := validateAdminReq(ctx, w, r, iampolicy.ForceUnlockAdminAction) if objectAPI == nil { @@ -447,7 +447,7 @@ func (a adminAPIHandlers) ForceUnlockHandler(w http.ResponseWriter, r *http.Requ func (a adminAPIHandlers) TopLocksHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "TopLocks") - defer logger.AuditLog(w, r, "TopLocks", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objectAPI, _ := validateAdminReq(ctx, w, r, iampolicy.TopLocksAdminAction) if objectAPI == nil { @@ -499,7 +499,7 @@ type StartProfilingResult struct { func (a adminAPIHandlers) StartProfilingHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "StartProfiling") - defer logger.AuditLog(w, r, "StartProfiling", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) // Validate request signature. _, adminAPIErr := checkAdminRequestAuth(ctx, r, iampolicy.ProfilingAdminAction, "") @@ -604,7 +604,7 @@ func (f dummyFileInfo) Sys() interface{} { return f.sys } func (a adminAPIHandlers) DownloadProfilingHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "DownloadProfiling") - defer logger.AuditLog(w, r, "DownloadProfiling", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) // Validate request signature. _, adminAPIErr := checkAdminRequestAuth(ctx, r, iampolicy.ProfilingAdminAction, "") @@ -705,7 +705,7 @@ func extractHealInitParams(vars map[string]string, qParms url.Values, r io.Reade func (a adminAPIHandlers) HealHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "Heal") - defer logger.AuditLog(w, r, "Heal", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objectAPI, _ := validateAdminReq(ctx, w, r, iampolicy.HealAdminAction) if objectAPI == nil { @@ -916,7 +916,7 @@ func getAggregatedBackgroundHealState(ctx context.Context) (madmin.BgHealState, func (a adminAPIHandlers) BackgroundHealStatusHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "HealBackgroundStatus") - defer logger.AuditLog(w, r, "HealBackgroundStatus", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objectAPI, _ := validateAdminReq(ctx, w, r, iampolicy.HealAdminAction) if objectAPI == nil { @@ -1137,7 +1137,7 @@ func (a adminAPIHandlers) TraceHandler(w http.ResponseWriter, r *http.Request) { func (a adminAPIHandlers) ConsoleLogHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "ConsoleLog") - defer logger.AuditLog(w, r, "ConsoleLog", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objectAPI, _ := validateAdminReq(ctx, w, r, iampolicy.ConsoleLogAdminAction) if objectAPI == nil { @@ -1208,7 +1208,7 @@ func (a adminAPIHandlers) ConsoleLogHandler(w http.ResponseWriter, r *http.Reque // KMSCreateKeyHandler - POST /minio/admin/v3/kms/key/create?key-id= func (a adminAPIHandlers) KMSCreateKeyHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "KMSCreateKey") - defer logger.AuditLog(w, r, "KMSCreateKey", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objectAPI, _ := validateAdminReq(ctx, w, r, iampolicy.KMSCreateKeyAdminAction) if objectAPI == nil { @@ -1231,7 +1231,7 @@ func (a adminAPIHandlers) KMSCreateKeyHandler(w http.ResponseWriter, r *http.Req func (a adminAPIHandlers) KMSKeyStatusHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "KMSKeyStatus") - defer logger.AuditLog(w, r, "KMSKeyStatus", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objectAPI, _ := validateAdminReq(ctx, w, r, iampolicy.KMSKeyStatusAdminAction) if objectAPI == nil { @@ -1304,7 +1304,7 @@ func (a adminAPIHandlers) KMSKeyStatusHandler(w http.ResponseWriter, r *http.Req func (a adminAPIHandlers) HealthInfoHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "HealthInfo") - defer logger.AuditLog(w, r, "HealthInfo", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objectAPI, _ := validateAdminReq(ctx, w, r, iampolicy.HealthInfoAdminAction) if objectAPI == nil { @@ -1482,7 +1482,7 @@ func (a adminAPIHandlers) HealthInfoHandler(w http.ResponseWriter, r *http.Reque func (a adminAPIHandlers) BandwidthMonitorHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "BandwidthMonitor") - defer logger.AuditLog(w, r, "BandwidthMonitor", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) // Validate request signature. _, adminAPIErr := checkAdminRequestAuth(ctx, r, iampolicy.BandwidthMonitorAction, "") @@ -1535,7 +1535,7 @@ func (a adminAPIHandlers) BandwidthMonitorHandler(w http.ResponseWriter, r *http func (a adminAPIHandlers) ServerInfoHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "ServerInfo") - defer logger.AuditLog(w, r, "ServerInfo", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) // Validate request signature. _, adminAPIErr := checkAdminRequestAuth(ctx, r, iampolicy.ServerInfoAdminAction, "") diff --git a/cmd/bucket-encryption-handlers.go b/cmd/bucket-encryption-handlers.go index 866ba2079..b81f9537a 100644 --- a/cmd/bucket-encryption-handlers.go +++ b/cmd/bucket-encryption-handlers.go @@ -37,7 +37,7 @@ const ( func (api objectAPIHandlers) PutBucketEncryptionHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "PutBucketEncryption") - defer logger.AuditLog(w, r, "PutBucketEncryption", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objAPI := api.ObjectAPI() if objAPI == nil { @@ -102,7 +102,7 @@ func (api objectAPIHandlers) PutBucketEncryptionHandler(w http.ResponseWriter, r func (api objectAPIHandlers) GetBucketEncryptionHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "GetBucketEncryption") - defer logger.AuditLog(w, r, "GetBucketEncryption", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objAPI := api.ObjectAPI() if objAPI == nil { @@ -145,7 +145,7 @@ func (api objectAPIHandlers) GetBucketEncryptionHandler(w http.ResponseWriter, r func (api objectAPIHandlers) DeleteBucketEncryptionHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "DeleteBucketEncryption") - defer logger.AuditLog(w, r, "DeleteBucketEncryption", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objAPI := api.ObjectAPI() if objAPI == nil { diff --git a/cmd/bucket-handlers.go b/cmd/bucket-handlers.go index e66e3a109..562386b9b 100644 --- a/cmd/bucket-handlers.go +++ b/cmd/bucket-handlers.go @@ -157,7 +157,7 @@ func initFederatorBackend(buckets []BucketInfo, objLayer ObjectLayer) { func (api objectAPIHandlers) GetBucketLocationHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "GetBucketLocation") - defer logger.AuditLog(w, r, "GetBucketLocation", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) vars := mux.Vars(r) bucket := vars["bucket"] @@ -205,7 +205,7 @@ func (api objectAPIHandlers) GetBucketLocationHandler(w http.ResponseWriter, r * func (api objectAPIHandlers) ListMultipartUploadsHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "ListMultipartUploads") - defer logger.AuditLog(w, r, "ListMultipartUploads", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) vars := mux.Vars(r) bucket := vars["bucket"] @@ -260,7 +260,7 @@ func (api objectAPIHandlers) ListMultipartUploadsHandler(w http.ResponseWriter, func (api objectAPIHandlers) ListBucketsHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "ListBuckets") - defer logger.AuditLog(w, r, "ListBuckets", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objectAPI := api.ObjectAPI() if objectAPI == nil { @@ -347,7 +347,7 @@ func (api objectAPIHandlers) ListBucketsHandler(w http.ResponseWriter, r *http.R func (api objectAPIHandlers) DeleteMultipleObjectsHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "DeleteMultipleObjects") - defer logger.AuditLog(w, r, "DeleteMultipleObjects", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) vars := mux.Vars(r) bucket := vars["bucket"] @@ -611,7 +611,7 @@ func (api objectAPIHandlers) DeleteMultipleObjectsHandler(w http.ResponseWriter, func (api objectAPIHandlers) PutBucketHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "PutBucket") - defer logger.AuditLog(w, r, "PutBucket", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objectAPI := api.ObjectAPI() if objectAPI == nil { @@ -742,7 +742,7 @@ func (api objectAPIHandlers) PutBucketHandler(w http.ResponseWriter, r *http.Req func (api objectAPIHandlers) PostPolicyBucketHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "PostPolicyBucket") - defer logger.AuditLog(w, r, "PostPolicyBucket", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objectAPI := api.ObjectAPI() if objectAPI == nil { @@ -1006,7 +1006,7 @@ func (api objectAPIHandlers) PostPolicyBucketHandler(w http.ResponseWriter, r *h func (api objectAPIHandlers) HeadBucketHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "HeadBucket") - defer logger.AuditLog(w, r, "HeadBucket", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) vars := mux.Vars(r) bucket := vars["bucket"] @@ -1036,7 +1036,7 @@ func (api objectAPIHandlers) HeadBucketHandler(w http.ResponseWriter, r *http.Re func (api objectAPIHandlers) DeleteBucketHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "DeleteBucket") - defer logger.AuditLog(w, r, "DeleteBucket", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) vars := mux.Vars(r) bucket := vars["bucket"] @@ -1124,7 +1124,7 @@ func (api objectAPIHandlers) DeleteBucketHandler(w http.ResponseWriter, r *http. func (api objectAPIHandlers) PutBucketObjectLockConfigHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "PutBucketObjectLockConfig") - defer logger.AuditLog(w, r, "PutBucketObjectLockConfig", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) vars := mux.Vars(r) bucket := vars["bucket"] @@ -1180,7 +1180,7 @@ func (api objectAPIHandlers) PutBucketObjectLockConfigHandler(w http.ResponseWri func (api objectAPIHandlers) GetBucketObjectLockConfigHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "GetBucketObjectLockConfig") - defer logger.AuditLog(w, r, "GetBucketObjectLockConfig", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) vars := mux.Vars(r) bucket := vars["bucket"] @@ -1218,7 +1218,7 @@ func (api objectAPIHandlers) GetBucketObjectLockConfigHandler(w http.ResponseWri func (api objectAPIHandlers) PutBucketTaggingHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "PutBucketTagging") - defer logger.AuditLog(w, r, "PutBucketTagging", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) vars := mux.Vars(r) bucket := vars["bucket"] @@ -1262,7 +1262,7 @@ func (api objectAPIHandlers) PutBucketTaggingHandler(w http.ResponseWriter, r *h func (api objectAPIHandlers) GetBucketTaggingHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "GetBucketTagging") - defer logger.AuditLog(w, r, "GetBucketTagging", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) vars := mux.Vars(r) bucket := vars["bucket"] @@ -1300,7 +1300,7 @@ func (api objectAPIHandlers) GetBucketTaggingHandler(w http.ResponseWriter, r *h func (api objectAPIHandlers) DeleteBucketTaggingHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "DeleteBucketTagging") - defer logger.AuditLog(w, r, "DeleteBucketTagging", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) vars := mux.Vars(r) bucket := vars["bucket"] @@ -1330,7 +1330,7 @@ func (api objectAPIHandlers) DeleteBucketTaggingHandler(w http.ResponseWriter, r // Add a replication configuration on the specified bucket as specified in https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketReplication.html func (api objectAPIHandlers) PutBucketReplicationConfigHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "PutBucketReplicationConfig") - defer logger.AuditLog(w, r, "PutBucketReplicationConfig", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) vars := mux.Vars(r) bucket := vars["bucket"] @@ -1394,7 +1394,7 @@ func (api objectAPIHandlers) PutBucketReplicationConfigHandler(w http.ResponseWr func (api objectAPIHandlers) GetBucketReplicationConfigHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "GetBucketReplicationConfig") - defer logger.AuditLog(w, r, "GetBucketReplicationConfig", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) vars := mux.Vars(r) bucket := vars["bucket"] @@ -1435,7 +1435,7 @@ func (api objectAPIHandlers) GetBucketReplicationConfigHandler(w http.ResponseWr // ---------- func (api objectAPIHandlers) DeleteBucketReplicationConfigHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "DeleteBucketReplicationConfig") - defer logger.AuditLog(w, r, "DeleteBucketReplicationConfig", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) vars := mux.Vars(r) bucket := vars["bucket"] diff --git a/cmd/bucket-lifecycle-handlers.go b/cmd/bucket-lifecycle-handlers.go index 1d82143d9..d221dcb6e 100644 --- a/cmd/bucket-lifecycle-handlers.go +++ b/cmd/bucket-lifecycle-handlers.go @@ -38,7 +38,7 @@ const ( func (api objectAPIHandlers) PutBucketLifecycleHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "PutBucketLifecycle") - defer logger.AuditLog(w, r, "PutBucketLifecycle", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objAPI := api.ObjectAPI() if objAPI == nil { @@ -103,7 +103,7 @@ func (api objectAPIHandlers) PutBucketLifecycleHandler(w http.ResponseWriter, r func (api objectAPIHandlers) GetBucketLifecycleHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "GetBucketLifecycle") - defer logger.AuditLog(w, r, "GetBucketLifecycle", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objAPI := api.ObjectAPI() if objAPI == nil { @@ -145,7 +145,7 @@ func (api objectAPIHandlers) GetBucketLifecycleHandler(w http.ResponseWriter, r func (api objectAPIHandlers) DeleteBucketLifecycleHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "DeleteBucketLifecycle") - defer logger.AuditLog(w, r, "DeleteBucketLifecycle", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objAPI := api.ObjectAPI() if objAPI == nil { diff --git a/cmd/bucket-listobjects-handlers.go b/cmd/bucket-listobjects-handlers.go index 93e8997de..28e166892 100644 --- a/cmd/bucket-listobjects-handlers.go +++ b/cmd/bucket-listobjects-handlers.go @@ -82,7 +82,7 @@ func validateListObjectsArgs(marker, delimiter, encodingType string, maxKeys int func (api objectAPIHandlers) ListObjectVersionsHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "ListObjectVersions") - defer logger.AuditLog(w, r, "ListObjectVersions", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) vars := mux.Vars(r) bucket := vars["bucket"] @@ -143,7 +143,7 @@ func (api objectAPIHandlers) ListObjectVersionsHandler(w http.ResponseWriter, r func (api objectAPIHandlers) ListObjectsV2MHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "ListObjectsV2M") - defer logger.AuditLog(w, r, "ListObjectsV2M", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) vars := mux.Vars(r) bucket := vars["bucket"] @@ -210,7 +210,7 @@ func (api objectAPIHandlers) ListObjectsV2MHandler(w http.ResponseWriter, r *htt func (api objectAPIHandlers) ListObjectsV2Handler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "ListObjectsV2") - defer logger.AuditLog(w, r, "ListObjectsV2", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) vars := mux.Vars(r) bucket := vars["bucket"] @@ -314,7 +314,7 @@ func proxyRequestByStringHash(ctx context.Context, w http.ResponseWriter, r *htt func (api objectAPIHandlers) ListObjectsV1Handler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "ListObjectsV1") - defer logger.AuditLog(w, r, "ListObjectsV1", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) vars := mux.Vars(r) bucket := vars["bucket"] diff --git a/cmd/bucket-notification-handlers.go b/cmd/bucket-notification-handlers.go index 40d9325b1..682e194de 100644 --- a/cmd/bucket-notification-handlers.go +++ b/cmd/bucket-notification-handlers.go @@ -39,7 +39,7 @@ const ( func (api objectAPIHandlers) GetBucketNotificationHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "GetBucketNotification") - defer logger.AuditLog(w, r, "GetBucketNotification", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) vars := mux.Vars(r) bucketName := vars["bucket"] @@ -111,7 +111,7 @@ func (api objectAPIHandlers) GetBucketNotificationHandler(w http.ResponseWriter, func (api objectAPIHandlers) PutBucketNotificationHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "PutBucketNotification") - defer logger.AuditLog(w, r, "PutBucketNotification", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objectAPI := api.ObjectAPI() if objectAPI == nil { diff --git a/cmd/bucket-policy-handlers.go b/cmd/bucket-policy-handlers.go index 9c3f79290..841e7f20f 100644 --- a/cmd/bucket-policy-handlers.go +++ b/cmd/bucket-policy-handlers.go @@ -40,7 +40,7 @@ const ( func (api objectAPIHandlers) PutBucketPolicyHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "PutBucketPolicy") - defer logger.AuditLog(w, r, "PutBucketPolicy", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objAPI := api.ObjectAPI() if objAPI == nil { @@ -106,7 +106,7 @@ func (api objectAPIHandlers) PutBucketPolicyHandler(w http.ResponseWriter, r *ht func (api objectAPIHandlers) DeleteBucketPolicyHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "DeleteBucketPolicy") - defer logger.AuditLog(w, r, "DeleteBucketPolicy", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objAPI := api.ObjectAPI() if objAPI == nil { @@ -141,7 +141,7 @@ func (api objectAPIHandlers) DeleteBucketPolicyHandler(w http.ResponseWriter, r func (api objectAPIHandlers) GetBucketPolicyHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "GetBucketPolicy") - defer logger.AuditLog(w, r, "GetBucketPolicy", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objAPI := api.ObjectAPI() if objAPI == nil { diff --git a/cmd/bucket-versioning-handler.go b/cmd/bucket-versioning-handler.go index bc14e1d2b..50296e619 100644 --- a/cmd/bucket-versioning-handler.go +++ b/cmd/bucket-versioning-handler.go @@ -40,7 +40,7 @@ const ( func (api objectAPIHandlers) PutBucketVersioningHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "PutBucketVersioning") - defer logger.AuditLog(w, r, "PutBucketVersioning", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) vars := mux.Vars(r) bucket := vars["bucket"] @@ -98,7 +98,7 @@ func (api objectAPIHandlers) PutBucketVersioningHandler(w http.ResponseWriter, r func (api objectAPIHandlers) GetBucketVersioningHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "GetBucketVersioning") - defer logger.AuditLog(w, r, "GetBucketVersioning", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) vars := mux.Vars(r) bucket := vars["bucket"] diff --git a/cmd/dummy-handlers.go b/cmd/dummy-handlers.go index 7460db38d..d99ef681c 100644 --- a/cmd/dummy-handlers.go +++ b/cmd/dummy-handlers.go @@ -32,7 +32,7 @@ import ( func (api objectAPIHandlers) GetBucketWebsiteHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "GetBucketWebsite") - defer logger.AuditLog(w, r, "GetBucketWebsite", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) vars := mux.Vars(r) bucket := vars["bucket"] @@ -64,7 +64,7 @@ func (api objectAPIHandlers) GetBucketWebsiteHandler(w http.ResponseWriter, r *h func (api objectAPIHandlers) GetBucketAccelerateHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "GetBucketAccelerate") - defer logger.AuditLog(w, r, "GetBucketAccelerate", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) vars := mux.Vars(r) bucket := vars["bucket"] @@ -97,7 +97,7 @@ func (api objectAPIHandlers) GetBucketAccelerateHandler(w http.ResponseWriter, r func (api objectAPIHandlers) GetBucketRequestPaymentHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "GetBucketRequestPayment") - defer logger.AuditLog(w, r, "GetBucketRequestPayment", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) vars := mux.Vars(r) bucket := vars["bucket"] @@ -131,7 +131,7 @@ func (api objectAPIHandlers) GetBucketRequestPaymentHandler(w http.ResponseWrite func (api objectAPIHandlers) GetBucketLoggingHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "GetBucketLogging") - defer logger.AuditLog(w, r, "GetBucketLogging", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) vars := mux.Vars(r) bucket := vars["bucket"] @@ -170,7 +170,7 @@ func (api objectAPIHandlers) DeleteBucketWebsiteHandler(w http.ResponseWriter, r func (api objectAPIHandlers) GetBucketCorsHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "GetBucketCors") - defer logger.AuditLog(w, r, "GetBucketCors", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) vars := mux.Vars(r) bucket := vars["bucket"] diff --git a/cmd/erasure-object.go b/cmd/erasure-object.go index 6755c82cc..430486f57 100644 --- a/cmd/erasure-object.go +++ b/cmd/erasure-object.go @@ -51,6 +51,7 @@ func (er erasureObjects) CopyObject(ctx context.Context, srcBucket, srcObject, d } defer ObjectPathUpdated(pathJoin(dstBucket, dstObject)) + lk := er.NewNSLock(dstBucket, dstObject) if err := lk.GetLock(ctx, globalOperationTimeout); err != nil { return oi, err @@ -580,7 +581,9 @@ func (er erasureObjects) PutObject(ctx context.Context, bucket string, object st // putObject wrapper for erasureObjects PutObject func (er erasureObjects) putObject(ctx context.Context, bucket string, object string, r *PutObjReader, opts ObjectOptions) (objInfo ObjectInfo, err error) { - defer ObjectPathUpdated(pathJoin(bucket, object)) + defer func() { + ObjectPathUpdated(pathJoin(bucket, object)) + }() data := r.Reader diff --git a/cmd/erasure-server-pool.go b/cmd/erasure-server-pool.go index a175fdc31..e133766a7 100644 --- a/cmd/erasure-server-pool.go +++ b/cmd/erasure-server-pool.go @@ -126,6 +126,7 @@ func newErasureServerPools(ctx context.Context, endpointServerPools EndpointServ if err != nil { return nil, err } + z.serverPools[i].poolNumber = i } ctx, z.shutdown = context.WithCancel(ctx) go intDataUpdateTracker.start(ctx, localDrives...) diff --git a/cmd/erasure-sets.go b/cmd/erasure-sets.go index 918133de4..9f5069d52 100644 --- a/cmd/erasure-sets.go +++ b/cmd/erasure-sets.go @@ -83,6 +83,8 @@ type erasureSets struct { setCount, setDriveCount int defaultParityCount int + poolNumber int + disksConnectEvent chan diskConnectInfo // Distribution algorithm of choice. @@ -411,6 +413,7 @@ func newErasureSets(ctx context.Context, endpoints Endpoints, storageDisks []Sto // Initialize erasure objects for a given set. s.sets[i] = &erasureObjects{ + setNumber: i, setDriveCount: setDriveCount, defaultParityCount: defaultParityCount, getDisks: s.GetDisks(i), @@ -449,6 +452,44 @@ func (s *erasureSets) cleanupStaleUploads(ctx context.Context, cleanupInterval, } } +const objectErasureMapKey = "objectErasureMap" + +type auditObjectOp struct { + Pool int `json:"pool"` + Set int `json:"set"` + BackendServers []string `json:"backendServers"` +} + +func auditObjectErasureSet(ctx context.Context, object string, set *erasureObjects, poolNum int) { + if len(logger.AuditTargets) == 0 { + return + } + + object = decodeDirObject(object) + + op := auditObjectOp{ + Pool: poolNum + 1, + Set: set.setNumber + 1, + BackendServers: set.getEndpoints(), + } + + var objectErasureSetTag map[string]auditObjectOp + reqInfo := logger.GetReqInfo(ctx) + for _, kv := range reqInfo.GetTags() { + if kv.Key == objectErasureMapKey { + objectErasureSetTag = kv.Val.(map[string]auditObjectOp) + break + } + } + + if objectErasureSetTag == nil { + objectErasureSetTag = make(map[string]auditObjectOp) + } + + objectErasureSetTag[object] = op + reqInfo.SetTags(objectErasureMapKey, objectErasureSetTag) +} + // NewNSLock - initialize a new namespace RWLocker instance. func (s *erasureSets) NewNSLock(bucket string, objects ...string) RWLocker { if len(objects) == 1 { @@ -744,12 +785,16 @@ func (s *erasureSets) ListBuckets(ctx context.Context) (buckets []BucketInfo, er // GetObjectNInfo - returns object info and locked object ReadCloser func (s *erasureSets) GetObjectNInfo(ctx context.Context, bucket, object string, rs *HTTPRangeSpec, h http.Header, lockType LockType, opts ObjectOptions) (gr *GetObjectReader, err error) { - return s.getHashedSet(object).GetObjectNInfo(ctx, bucket, object, rs, h, lockType, opts) + set := s.getHashedSet(object) + auditObjectErasureSet(ctx, object, set, s.poolNumber) + return set.GetObjectNInfo(ctx, bucket, object, rs, h, lockType, opts) } // GetObject - reads an object from the hashedSet based on the object name. func (s *erasureSets) GetObject(ctx context.Context, bucket, object string, startOffset int64, length int64, writer io.Writer, etag string, opts ObjectOptions) error { - return s.getHashedSet(object).GetObject(ctx, bucket, object, startOffset, length, writer, etag, opts) + set := s.getHashedSet(object) + auditObjectErasureSet(ctx, object, set, s.poolNumber) + return set.GetObject(ctx, bucket, object, startOffset, length, writer, etag, opts) } func (s *erasureSets) parentDirIsObject(ctx context.Context, bucket, parent string) bool { @@ -761,18 +806,24 @@ func (s *erasureSets) parentDirIsObject(ctx context.Context, bucket, parent stri // PutObject - writes an object to hashedSet based on the object name. func (s *erasureSets) PutObject(ctx context.Context, bucket string, object string, data *PutObjReader, opts ObjectOptions) (objInfo ObjectInfo, err error) { + set := s.getHashedSet(object) + auditObjectErasureSet(ctx, object, set, s.poolNumber) opts.ParentIsObject = s.parentDirIsObject - return s.getHashedSet(object).PutObject(ctx, bucket, object, data, opts) + return set.PutObject(ctx, bucket, object, data, opts) } // GetObjectInfo - reads object metadata from the hashedSet based on the object name. func (s *erasureSets) GetObjectInfo(ctx context.Context, bucket, object string, opts ObjectOptions) (objInfo ObjectInfo, err error) { - return s.getHashedSet(object).GetObjectInfo(ctx, bucket, object, opts) + set := s.getHashedSet(object) + auditObjectErasureSet(ctx, object, set, s.poolNumber) + return set.GetObjectInfo(ctx, bucket, object, opts) } // DeleteObject - deletes an object from the hashedSet based on the object name. func (s *erasureSets) DeleteObject(ctx context.Context, bucket string, object string, opts ObjectOptions) (objInfo ObjectInfo, err error) { - return s.getHashedSet(object).DeleteObject(ctx, bucket, object, opts) + set := s.getHashedSet(object) + auditObjectErasureSet(ctx, object, set, s.poolNumber) + return set.DeleteObject(ctx, bucket, object, opts) } // DeleteObjects - bulk delete of objects @@ -817,10 +868,14 @@ func (s *erasureSets) DeleteObjects(ctx context.Context, bucket string, objects // Invoke bulk delete on objects per set and save // the result of the delete operation for _, objsGroup := range objSetMap { - dobjects, errs := s.getHashedSet(objsGroup[0].object.ObjectName).DeleteObjects(ctx, bucket, toNames(objsGroup), opts) + set := s.getHashedSet(objsGroup[0].object.ObjectName) + dobjects, errs := set.DeleteObjects(ctx, bucket, toNames(objsGroup), opts) for i, obj := range objsGroup { delErrs[obj.origIndex] = errs[i] delObjects[obj.origIndex] = dobjects[i] + if errs[i] == nil { + auditObjectErasureSet(ctx, obj.object.ObjectName, set, s.poolNumber) + } } } @@ -832,6 +887,8 @@ func (s *erasureSets) CopyObject(ctx context.Context, srcBucket, srcObject, dstB srcSet := s.getHashedSet(srcObject) dstSet := s.getHashedSet(dstObject) + auditObjectErasureSet(ctx, dstObject, dstSet, s.poolNumber) + cpSrcDstSame := srcSet == dstSet // Check if this request is only metadata update. if cpSrcDstSame && srcInfo.metadataOnly { @@ -1013,46 +1070,60 @@ func (s *erasureSets) startMergeWalksVersionsN(ctx context.Context, bucket, pref func (s *erasureSets) ListMultipartUploads(ctx context.Context, bucket, prefix, keyMarker, uploadIDMarker, delimiter string, maxUploads int) (result ListMultipartsInfo, err error) { // In list multipart uploads we are going to treat input prefix as the object, // this means that we are not supporting directory navigation. - return s.getHashedSet(prefix).ListMultipartUploads(ctx, bucket, prefix, keyMarker, uploadIDMarker, delimiter, maxUploads) + set := s.getHashedSet(prefix) + auditObjectErasureSet(ctx, prefix, set, s.poolNumber) + return set.ListMultipartUploads(ctx, bucket, prefix, keyMarker, uploadIDMarker, delimiter, maxUploads) } // Initiate a new multipart upload on a hashedSet based on object name. func (s *erasureSets) NewMultipartUpload(ctx context.Context, bucket, object string, opts ObjectOptions) (uploadID string, err error) { - return s.getHashedSet(object).NewMultipartUpload(ctx, bucket, object, opts) + set := s.getHashedSet(object) + auditObjectErasureSet(ctx, object, set, s.poolNumber) + return set.NewMultipartUpload(ctx, bucket, object, opts) } // Copies a part of an object from source hashedSet to destination hashedSet. func (s *erasureSets) CopyObjectPart(ctx context.Context, srcBucket, srcObject, destBucket, destObject string, uploadID string, partID int, startOffset int64, length int64, srcInfo ObjectInfo, srcOpts, dstOpts ObjectOptions) (partInfo PartInfo, err error) { destSet := s.getHashedSet(destObject) - + auditObjectErasureSet(ctx, destObject, destSet, s.poolNumber) return destSet.PutObjectPart(ctx, destBucket, destObject, uploadID, partID, NewPutObjReader(srcInfo.Reader, nil, nil), dstOpts) } // PutObjectPart - writes part of an object to hashedSet based on the object name. func (s *erasureSets) PutObjectPart(ctx context.Context, bucket, object, uploadID string, partID int, data *PutObjReader, opts ObjectOptions) (info PartInfo, err error) { - return s.getHashedSet(object).PutObjectPart(ctx, bucket, object, uploadID, partID, data, opts) + set := s.getHashedSet(object) + auditObjectErasureSet(ctx, object, set, s.poolNumber) + return set.PutObjectPart(ctx, bucket, object, uploadID, partID, data, opts) } // GetMultipartInfo - return multipart metadata info uploaded at hashedSet. func (s *erasureSets) GetMultipartInfo(ctx context.Context, bucket, object, uploadID string, opts ObjectOptions) (result MultipartInfo, err error) { - return s.getHashedSet(object).GetMultipartInfo(ctx, bucket, object, uploadID, opts) + set := s.getHashedSet(object) + auditObjectErasureSet(ctx, object, set, s.poolNumber) + return set.GetMultipartInfo(ctx, bucket, object, uploadID, opts) } // ListObjectParts - lists all uploaded parts to an object in hashedSet. func (s *erasureSets) ListObjectParts(ctx context.Context, bucket, object, uploadID string, partNumberMarker int, maxParts int, opts ObjectOptions) (result ListPartsInfo, err error) { - return s.getHashedSet(object).ListObjectParts(ctx, bucket, object, uploadID, partNumberMarker, maxParts, opts) + set := s.getHashedSet(object) + auditObjectErasureSet(ctx, object, set, s.poolNumber) + return set.ListObjectParts(ctx, bucket, object, uploadID, partNumberMarker, maxParts, opts) } // Aborts an in-progress multipart operation on hashedSet based on the object name. func (s *erasureSets) AbortMultipartUpload(ctx context.Context, bucket, object, uploadID string, opts ObjectOptions) error { - return s.getHashedSet(object).AbortMultipartUpload(ctx, bucket, object, uploadID, opts) + set := s.getHashedSet(object) + auditObjectErasureSet(ctx, object, set, s.poolNumber) + return set.AbortMultipartUpload(ctx, bucket, object, uploadID, opts) } // CompleteMultipartUpload - completes a pending multipart transaction, on hashedSet based on object name. func (s *erasureSets) CompleteMultipartUpload(ctx context.Context, bucket, object, uploadID string, uploadedParts []CompletePart, opts ObjectOptions) (objInfo ObjectInfo, err error) { + set := s.getHashedSet(object) + auditObjectErasureSet(ctx, object, set, s.poolNumber) opts.ParentIsObject = s.parentDirIsObject - return s.getHashedSet(object).CompleteMultipartUpload(ctx, bucket, object, uploadID, uploadedParts, opts) + return set.CompleteMultipartUpload(ctx, bucket, object, uploadID, uploadedParts, opts) } /* @@ -1328,17 +1399,20 @@ func (s *erasureSets) HealObject(ctx context.Context, bucket, object, versionID // PutObjectTags - replace or add tags to an existing object func (s *erasureSets) PutObjectTags(ctx context.Context, bucket, object string, tags string, opts ObjectOptions) error { - return s.getHashedSet(object).PutObjectTags(ctx, bucket, object, tags, opts) + er := s.getHashedSet(object) + return er.PutObjectTags(ctx, bucket, object, tags, opts) } // DeleteObjectTags - delete object tags from an existing object func (s *erasureSets) DeleteObjectTags(ctx context.Context, bucket, object string, opts ObjectOptions) error { - return s.getHashedSet(object).DeleteObjectTags(ctx, bucket, object, opts) + er := s.getHashedSet(object) + return er.DeleteObjectTags(ctx, bucket, object, opts) } // GetObjectTags - get object tags from an existing object func (s *erasureSets) GetObjectTags(ctx context.Context, bucket, object string, opts ObjectOptions) (*tags.Tags, error) { - return s.getHashedSet(object).GetObjectTags(ctx, bucket, object, opts) + er := s.getHashedSet(object) + return er.GetObjectTags(ctx, bucket, object, opts) } // maintainMRFList gathers the list of successful partial uploads diff --git a/cmd/erasure.go b/cmd/erasure.go index f44cac7a9..c20a1dd25 100644 --- a/cmd/erasure.go +++ b/cmd/erasure.go @@ -51,6 +51,8 @@ type erasureObjects struct { setDriveCount int defaultParityCount int + setNumber int + // getDisks returns list of storageAPIs. getDisks func() []StorageAPI diff --git a/cmd/listen-notification-handlers.go b/cmd/listen-notification-handlers.go index 311d5bdd5..097ce1af9 100644 --- a/cmd/listen-notification-handlers.go +++ b/cmd/listen-notification-handlers.go @@ -30,7 +30,7 @@ import ( func (api objectAPIHandlers) ListenNotificationHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "ListenNotification") - defer logger.AuditLog(w, r, "ListenNotification", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) // Validate if bucket exists. objAPI := api.ObjectAPI() diff --git a/cmd/logger/audit.go b/cmd/logger/audit.go index 2d294580e..5ee599007 100644 --- a/cmd/logger/audit.go +++ b/cmd/logger/audit.go @@ -18,14 +18,13 @@ package logger import ( "bytes" + "context" "fmt" "io" "net/http" - "net/url" "strconv" "time" - "github.com/gorilla/mux" "github.com/minio/minio/cmd/logger/message/audit" ) @@ -125,7 +124,7 @@ func (lrw *ResponseWriter) Size() int { } // AuditLog - logs audit logs to all audit targets. -func AuditLog(w http.ResponseWriter, r *http.Request, api string, reqClaims map[string]interface{}, filterKeys ...string) { +func AuditLog(ctx context.Context, w http.ResponseWriter, r *http.Request, reqClaims map[string]interface{}, filterKeys ...string) { // Fast exit if there is not audit target configured if len(AuditTargets) == 0 { return @@ -144,11 +143,9 @@ func AuditLog(w http.ResponseWriter, r *http.Request, api string, reqClaims map[ timeToFirstByte = st.TimeToFirstByte } - vars := mux.Vars(r) - bucket := vars["bucket"] - object, err := url.PathUnescape(vars["object"]) - if err != nil { - object = vars["object"] + reqInfo := GetReqInfo(ctx) + if reqInfo == nil { + return } entry := audit.ToEntry(w, r, reqClaims, globalDeploymentID) @@ -158,12 +155,13 @@ func AuditLog(w http.ResponseWriter, r *http.Request, api string, reqClaims map[ delete(entry.ReqHeader, filterKey) delete(entry.RespHeader, filterKey) } - entry.API.Name = api - entry.API.Bucket = bucket - entry.API.Object = object + entry.API.Name = reqInfo.API + entry.API.Bucket = reqInfo.BucketName + entry.API.Object = reqInfo.ObjectName entry.API.Status = http.StatusText(statusCode) entry.API.StatusCode = statusCode entry.API.TimeToResponse = strconv.FormatInt(timeToResponse.Nanoseconds(), 10) + "ns" + entry.Tags = reqInfo.GetTagsMap() // ttfb will be recorded only for GET requests, Ignore such cases where ttfb will be empty. if timeToFirstByte != 0 { entry.API.TimeToFirstByte = strconv.FormatInt(timeToFirstByte.Nanoseconds(), 10) + "ns" diff --git a/cmd/logger/logger.go b/cmd/logger/logger.go index b25f16b14..1ff09400e 100644 --- a/cmd/logger/logger.go +++ b/cmd/logger/logger.go @@ -335,7 +335,7 @@ func logIf(ctx context.Context, err error, errKind ...interface{}) { } kv := req.GetTags() - tags := make(map[string]string, len(kv)) + tags := make(map[string]interface{}, len(kv)) for _, entry := range kv { tags[entry.Key] = entry.Val } @@ -376,7 +376,7 @@ func logIf(ctx context.Context, err error, errKind ...interface{}) { entry.API.Args.Object = hashString(entry.API.Args.Object) entry.RemoteHost = hashString(entry.RemoteHost) entry.Trace.Message = reflect.TypeOf(err).String() - entry.Trace.Variables = make(map[string]string) + entry.Trace.Variables = make(map[string]interface{}) } // Iterate over all logger targets to send the log entry diff --git a/cmd/logger/message/audit/entry.go b/cmd/logger/message/audit/entry.go index 5c287c306..18887248b 100644 --- a/cmd/logger/message/audit/entry.go +++ b/cmd/logger/message/audit/entry.go @@ -49,6 +49,7 @@ type Entry struct { ReqQuery map[string]string `json:"requestQuery,omitempty"` ReqHeader map[string]string `json:"requestHeader,omitempty"` RespHeader map[string]string `json:"responseHeader,omitempty"` + Tags map[string]interface{} `json:"tags,omitempty"` } // ToEntry - constructs an audit entry object. diff --git a/cmd/logger/message/log/entry.go b/cmd/logger/message/log/entry.go index bc5140338..e8e19c318 100644 --- a/cmd/logger/message/log/entry.go +++ b/cmd/logger/message/log/entry.go @@ -27,9 +27,9 @@ type Args struct { // Trace - defines the trace. type Trace struct { - Message string `json:"message,omitempty"` - Source []string `json:"source,omitempty"` - Variables map[string]string `json:"variables,omitempty"` + Message string `json:"message,omitempty"` + Source []string `json:"source,omitempty"` + Variables map[string]interface{} `json:"variables,omitempty"` } // API - defines the api type and its args. diff --git a/cmd/logger/reqinfo.go b/cmd/logger/reqinfo.go index 36bc01ecf..ee5a1d238 100644 --- a/cmd/logger/reqinfo.go +++ b/cmd/logger/reqinfo.go @@ -30,7 +30,7 @@ const contextLogKey = contextKeyType("miniolog") // KeyVal - appended to ReqInfo.Tags type KeyVal struct { Key string - Val string + Val interface{} } // ReqInfo stores the request info. @@ -62,7 +62,7 @@ func NewReqInfo(remoteHost, userAgent, deploymentID, requestID, api, bucket, obj } // AppendTags - appends key/val to ReqInfo.tags -func (r *ReqInfo) AppendTags(key string, val string) *ReqInfo { +func (r *ReqInfo) AppendTags(key string, val interface{}) *ReqInfo { if r == nil { return nil } @@ -73,7 +73,7 @@ func (r *ReqInfo) AppendTags(key string, val string) *ReqInfo { } // SetTags - sets key/val to ReqInfo.tags -func (r *ReqInfo) SetTags(key string, val string) *ReqInfo { +func (r *ReqInfo) SetTags(key string, val interface{}) *ReqInfo { if r == nil { return nil } @@ -105,6 +105,20 @@ func (r *ReqInfo) GetTags() []KeyVal { return append([]KeyVal(nil), r.tags...) } +// GetTagsMap - returns the user defined tags in a map structure +func (r *ReqInfo) GetTagsMap() map[string]interface{} { + if r == nil { + return nil + } + r.RLock() + defer r.RUnlock() + m := make(map[string]interface{}, len(r.tags)) + for _, t := range r.tags { + m[t.Key] = t.Val + } + return m +} + // SetReqInfo sets ReqInfo in the context. func SetReqInfo(ctx context.Context, req *ReqInfo) context.Context { if ctx == nil { diff --git a/cmd/logger/target/console/console.go b/cmd/logger/target/console/console.go index 0a48f4b5b..99fe3a389 100644 --- a/cmd/logger/target/console/console.go +++ b/cmd/logger/target/console/console.go @@ -76,7 +76,7 @@ func (c *Target) Send(e interface{}, logKind string) error { if tagString != "" { tagString += ", " } - tagString += key + "=" + value + tagString += fmt.Sprintf("%s=%v", key, value) } } diff --git a/cmd/object-api-datatypes.go b/cmd/object-api-datatypes.go index 06460bcdd..ff3a75650 100644 --- a/cmd/object-api-datatypes.go +++ b/cmd/object-api-datatypes.go @@ -234,7 +234,8 @@ type ObjectInfo struct { Legacy bool // indicates object on disk is in legacy data format // backendType indicates which backend filled this structure - backendType BackendType + backendType BackendType + VersionPurgeStatus VersionPurgeStatusType } diff --git a/cmd/object-handlers.go b/cmd/object-handlers.go index 423bb8b4e..97d50473a 100644 --- a/cmd/object-handlers.go +++ b/cmd/object-handlers.go @@ -94,7 +94,7 @@ func setHeadGetRespHeaders(w http.ResponseWriter, reqParams url.Values) { func (api objectAPIHandlers) SelectObjectContentHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "SelectObject") - defer logger.AuditLog(w, r, "SelectObject", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) // Fetch object stat info. objectAPI := api.ObjectAPI() @@ -302,7 +302,7 @@ func (api objectAPIHandlers) SelectObjectContentHandler(w http.ResponseWriter, r func (api objectAPIHandlers) GetObjectHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "GetObject") - defer logger.AuditLog(w, r, "GetObject", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objectAPI := api.ObjectAPI() if objectAPI == nil { @@ -504,7 +504,7 @@ func (api objectAPIHandlers) GetObjectHandler(w http.ResponseWriter, r *http.Req func (api objectAPIHandlers) HeadObjectHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "HeadObject") - defer logger.AuditLog(w, r, "HeadObject", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objectAPI := api.ObjectAPI() if objectAPI == nil { @@ -795,7 +795,7 @@ func isRemoteCallRequired(ctx context.Context, bucket string, objAPI ObjectLayer func (api objectAPIHandlers) CopyObjectHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "CopyObject") - defer logger.AuditLog(w, r, "CopyObject", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objectAPI := api.ObjectAPI() if objectAPI == nil { @@ -1306,7 +1306,7 @@ func (api objectAPIHandlers) CopyObjectHandler(w http.ResponseWriter, r *http.Re // - X-Amz-Copy-Source-Server-Side-Encryption-Customer-Key func (api objectAPIHandlers) PutObjectHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "PutObject") - defer logger.AuditLog(w, r, "PutObject", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objectAPI := api.ObjectAPI() if objectAPI == nil { @@ -1613,7 +1613,7 @@ func (api objectAPIHandlers) PutObjectHandler(w http.ResponseWriter, r *http.Req func (api objectAPIHandlers) NewMultipartUploadHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "NewMultipartUpload") - defer logger.AuditLog(w, r, "NewMultipartUpload", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objectAPI := api.ObjectAPI() if objectAPI == nil { @@ -1741,7 +1741,7 @@ func (api objectAPIHandlers) NewMultipartUploadHandler(w http.ResponseWriter, r func (api objectAPIHandlers) CopyObjectPartHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "CopyObjectPart") - defer logger.AuditLog(w, r, "CopyObjectPart", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objectAPI := api.ObjectAPI() if objectAPI == nil { @@ -2062,7 +2062,7 @@ func (api objectAPIHandlers) CopyObjectPartHandler(w http.ResponseWriter, r *htt func (api objectAPIHandlers) PutObjectPartHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "PutObjectPart") - defer logger.AuditLog(w, r, "PutObjectPart", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objectAPI := api.ObjectAPI() if objectAPI == nil { @@ -2313,7 +2313,7 @@ func (api objectAPIHandlers) PutObjectPartHandler(w http.ResponseWriter, r *http func (api objectAPIHandlers) AbortMultipartUploadHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "AbortMultipartUpload") - defer logger.AuditLog(w, r, "AbortMultipartUpload", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) vars := mux.Vars(r) bucket := vars["bucket"] @@ -2353,7 +2353,7 @@ func (api objectAPIHandlers) AbortMultipartUploadHandler(w http.ResponseWriter, func (api objectAPIHandlers) ListObjectPartsHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "ListObjectParts") - defer logger.AuditLog(w, r, "ListObjectParts", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) vars := mux.Vars(r) bucket := vars["bucket"] @@ -2492,7 +2492,7 @@ func sendWhiteSpace(w http.ResponseWriter) <-chan bool { func (api objectAPIHandlers) CompleteMultipartUploadHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "CompleteMultipartUpload") - defer logger.AuditLog(w, r, "CompleteMultipartUpload", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) vars := mux.Vars(r) bucket := vars["bucket"] @@ -2665,6 +2665,7 @@ func (api objectAPIHandlers) CompleteMultipartUploadHandler(w http.ResponseWrite if replicate, sync := mustReplicate(ctx, r, bucket, object, objInfo.UserDefined, objInfo.ReplicationStatus.String()); replicate { scheduleReplication(ctx, objInfo, objectAPI, sync) } + // Write success response. writeSuccessResponseXML(w, encodedSuccessResponse) @@ -2686,7 +2687,7 @@ func (api objectAPIHandlers) CompleteMultipartUploadHandler(w http.ResponseWrite func (api objectAPIHandlers) DeleteObjectHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "DeleteObject") - defer logger.AuditLog(w, r, "DeleteObject", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) vars := mux.Vars(r) bucket := vars["bucket"] @@ -2841,7 +2842,7 @@ func (api objectAPIHandlers) DeleteObjectHandler(w http.ResponseWriter, r *http. func (api objectAPIHandlers) PutObjectLegalHoldHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "PutObjectLegalHold") - defer logger.AuditLog(w, r, "PutObjectLegalHold", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) vars := mux.Vars(r) bucket := vars["bucket"] @@ -2939,7 +2940,7 @@ func (api objectAPIHandlers) PutObjectLegalHoldHandler(w http.ResponseWriter, r func (api objectAPIHandlers) GetObjectLegalHoldHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "GetObjectLegalHold") - defer logger.AuditLog(w, r, "GetObjectLegalHold", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) vars := mux.Vars(r) bucket := vars["bucket"] @@ -3004,7 +3005,7 @@ func (api objectAPIHandlers) GetObjectLegalHoldHandler(w http.ResponseWriter, r func (api objectAPIHandlers) PutObjectRetentionHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "PutObjectRetention") - defer logger.AuditLog(w, r, "PutObjectRetention", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) vars := mux.Vars(r) bucket := vars["bucket"] @@ -3110,7 +3111,7 @@ func (api objectAPIHandlers) PutObjectRetentionHandler(w http.ResponseWriter, r // GetObjectRetentionHandler - get object retention configuration of object, func (api objectAPIHandlers) GetObjectRetentionHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "GetObjectRetention") - defer logger.AuditLog(w, r, "GetObjectRetention", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) vars := mux.Vars(r) bucket := vars["bucket"] @@ -3170,7 +3171,7 @@ func (api objectAPIHandlers) GetObjectRetentionHandler(w http.ResponseWriter, r // GetObjectTaggingHandler - GET object tagging func (api objectAPIHandlers) GetObjectTaggingHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "GetObjectTagging") - defer logger.AuditLog(w, r, "GetObjectTagging", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) vars := mux.Vars(r) bucket := vars["bucket"] @@ -3220,7 +3221,7 @@ func (api objectAPIHandlers) GetObjectTaggingHandler(w http.ResponseWriter, r *h // PutObjectTaggingHandler - PUT object tagging func (api objectAPIHandlers) PutObjectTaggingHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "PutObjectTagging") - defer logger.AuditLog(w, r, "PutObjectTagging", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) vars := mux.Vars(r) bucket := vars["bucket"] @@ -3287,7 +3288,7 @@ func (api objectAPIHandlers) PutObjectTaggingHandler(w http.ResponseWriter, r *h // DeleteObjectTaggingHandler - DELETE object tagging func (api objectAPIHandlers) DeleteObjectTaggingHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "DeleteObjectTagging") - defer logger.AuditLog(w, r, "DeleteObjectTagging", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) objAPI := api.ObjectAPI() if objAPI == nil { @@ -3349,7 +3350,7 @@ func (api objectAPIHandlers) DeleteObjectTaggingHandler(w http.ResponseWriter, r // ---------- func (api objectAPIHandlers) PostRestoreObjectHandler(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "PostRestoreObject") - defer logger.AuditLog(w, r, "PostRestoreObject", mustGetClaimsFromToken(r)) + defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r)) vars := mux.Vars(r) bucket := vars["bucket"] object, err := url.PathUnescape(vars["object"]) diff --git a/cmd/sts-handlers.go b/cmd/sts-handlers.go index 6cce31c20..60264f7de 100644 --- a/cmd/sts-handlers.go +++ b/cmd/sts-handlers.go @@ -173,7 +173,7 @@ func (sts *stsAPIHandlers) AssumeRole(w http.ResponseWriter, r *http.Request) { } ctx = newContext(r, w, action) - defer logger.AuditLog(w, r, action, nil) + defer logger.AuditLog(ctx, w, r, nil) sessionPolicyStr := r.Form.Get(stsPolicy) // https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html @@ -284,7 +284,7 @@ func (sts *stsAPIHandlers) AssumeRoleWithSSO(w http.ResponseWriter, r *http.Requ } ctx = newContext(r, w, action) - defer logger.AuditLog(w, r, action, nil) + defer logger.AuditLog(ctx, w, r, nil) if globalOpenIDValidators == nil { writeSTSErrorResponse(ctx, w, true, ErrSTSNotInitialized, errServerNotInitialized) @@ -437,7 +437,7 @@ func (sts *stsAPIHandlers) AssumeRoleWithClientGrants(w http.ResponseWriter, r * func (sts *stsAPIHandlers) AssumeRoleWithLDAPIdentity(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "AssumeRoleWithLDAPIdentity") - defer logger.AuditLog(w, r, "AssumeRoleWithLDAPIdentity", nil, stsLDAPPassword) + defer logger.AuditLog(ctx, w, r, nil, stsLDAPPassword) // Parse the incoming form data. if err := r.ParseForm(); err != nil { diff --git a/cmd/web-handlers.go b/cmd/web-handlers.go index 63d820130..ec1c85653 100644 --- a/cmd/web-handlers.go +++ b/cmd/web-handlers.go @@ -1081,7 +1081,7 @@ func (web *webAPIHandlers) Upload(w http.ResponseWriter, r *http.Request) { // obtain the claims here if possible, for audit logging. claims, owner, authErr := webRequestAuthenticate(r) - defer logger.AuditLog(w, r, "WebUpload", claims.Map()) + defer logger.AuditLog(ctx, w, r, claims.Map()) objectAPI := web.ObjectAPI() if objectAPI == nil { @@ -1321,10 +1321,8 @@ func (web *webAPIHandlers) Upload(w http.ResponseWriter, r *http.Request) { func (web *webAPIHandlers) Download(w http.ResponseWriter, r *http.Request) { ctx := newContext(r, w, "WebDownload") - vars := mux.Vars(r) - claims, owner, authErr := webTokenAuthenticate(r.URL.Query().Get("token")) - defer logger.AuditLog(w, r, "WebDownload", claims.Map()) + defer logger.AuditLog(ctx, w, r, claims.Map()) objectAPI := web.ObjectAPI() if objectAPI == nil { @@ -1332,6 +1330,8 @@ func (web *webAPIHandlers) Download(w http.ResponseWriter, r *http.Request) { return } + vars := mux.Vars(r) + bucket := vars["bucket"] object, err := url.PathUnescape(vars["object"]) if err != nil { @@ -1521,7 +1521,7 @@ func (web *webAPIHandlers) DownloadZip(w http.ResponseWriter, r *http.Request) { claims, owner, authErr := webTokenAuthenticate(r.URL.Query().Get("token")) ctx := newContext(r, w, "WebDownloadZip") - defer logger.AuditLog(w, r, "WebDownloadZip", claims.Map()) + defer logger.AuditLog(ctx, w, r, claims.Map()) objectAPI := web.ObjectAPI() if objectAPI == nil { diff --git a/cmd/web-router.go b/cmd/web-router.go index 211a5595e..6dde61650 100644 --- a/cmd/web-router.go +++ b/cmd/web-router.go @@ -88,7 +88,8 @@ func registerWebRouter(router *mux.Router) error { if globalHTTPTrace.NumSubscribers() > 0 { globalHTTPTrace.Publish(WebTrace(ri)) } - logger.AuditLog(ri.ResponseWriter, ri.Request, ri.Method, claims.Map()) + ctx := newContext(ri.Request, ri.ResponseWriter, ri.Method) + logger.AuditLog(ctx, ri.ResponseWriter, ri.Request, claims.Map()) } }) diff --git a/docs/logging/README.md b/docs/logging/README.md index 85d42bf51..111f82fed 100644 --- a/docs/logging/README.md +++ b/docs/logging/README.md @@ -58,7 +58,12 @@ minio server /mnt/data Setting this environment variable automatically enables audit logging to the HTTP target. The audit logging is in JSON format as described below. -NOTE: `timeToFirstByte` and `timeToResponse` will be expressed in Nanoseconds. +NOTE: +- `timeToFirstByte` and `timeToResponse` will be expressed in Nanoseconds. +- In the case of the erasure setup `tags.objectErasureMap` provides + - Pool number + - Set number + - The list of disks belonging to the set ```json { @@ -95,6 +100,18 @@ NOTE: `timeToFirstByte` and `timeToResponse` will be expressed in Nanoseconds. "Vary": "Origin", "X-Amz-Request-Id": "15BA4A72C0C70AFC", "X-Xss-Protection": "1; mode=block" + }, + "tags": { + "objectErasureMap": { + "pool": 1, + "set": 10, + "path/to/object": [ + "http://minio.example.com/mnt/zone1/disk1", + "http://minio.example.com/mnt/zone1/disk2", + "http://minio.example.com/mnt/zone1/disk3", + "http://minio.example.com/mnt/zone1/disk4" + ] + } } } ```