GRPC C++  1.66.0
grpc_audit_logging.h
Go to the documentation of this file.
1 //
2 //
3 // Copyright 2023 gRPC authors.
4 //
5 // Licensed under the Apache License, Version 2.0 (the "License");
6 // you may not use this file except in compliance with the License.
7 // You may obtain a copy of the License at
8 //
9 // http://www.apache.org/licenses/LICENSE-2.0
10 //
11 // Unless required by applicable law or agreed to in writing, software
12 // distributed under the License is distributed on an "AS IS" BASIS,
13 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 // See the License for the specific language governing permissions and
15 // limitations under the License.
16 //
17 //
18 
19 #ifndef GRPC_GRPC_AUDIT_LOGGING_H
20 #define GRPC_GRPC_AUDIT_LOGGING_H
21 
22 #include <memory>
23 #include <string>
24 
25 #include "absl/status/statusor.h"
26 #include "absl/strings/string_view.h"
27 
28 #include <grpc/support/json.h>
30 
31 namespace grpc_core {
32 namespace experimental {
33 
34 // The class containing the context for an audited RPC.
35 class AuditContext {
36  public:
37  AuditContext(absl::string_view rpc_method, absl::string_view principal,
38  absl::string_view policy_name, absl::string_view matched_rule,
39  bool authorized)
40  : rpc_method_(rpc_method),
41  principal_(principal),
42  policy_name_(policy_name),
43  matched_rule_(matched_rule),
44  authorized_(authorized) {}
45 
46  absl::string_view rpc_method() const { return rpc_method_; }
47  absl::string_view principal() const { return principal_; }
48  absl::string_view policy_name() const { return policy_name_; }
49  absl::string_view matched_rule() const { return matched_rule_; }
50  bool authorized() const { return authorized_; }
51 
52  private:
53  absl::string_view rpc_method_;
54  absl::string_view principal_;
55  absl::string_view policy_name_;
56  absl::string_view matched_rule_;
57  bool authorized_;
58 };
59 
60 // This base class for audit logger implementations.
61 class AuditLogger {
62  public:
63  virtual ~AuditLogger() = default;
64  virtual absl::string_view name() const = 0;
65  virtual void Log(const AuditContext& audit_context) = 0;
66 };
67 
68 // This is the base class for audit logger factory implementations.
70  public:
71  class Config {
72  public:
73  virtual ~Config() = default;
74  virtual absl::string_view name() const = 0;
75  virtual std::string ToString() const = 0;
76  };
77 
78  virtual ~AuditLoggerFactory() = default;
79  virtual absl::string_view name() const = 0;
80 
81  virtual absl::StatusOr<std::unique_ptr<Config>> ParseAuditLoggerConfig(
82  const Json& json) = 0;
83 
84  virtual std::unique_ptr<AuditLogger> CreateAuditLogger(
85  std::unique_ptr<AuditLoggerFactory::Config>) = 0;
86 };
87 
88 // Registers an audit logger factory. This should only be called during
89 // initialization.
90 void RegisterAuditLoggerFactory(std::unique_ptr<AuditLoggerFactory> factory);
91 
92 } // namespace experimental
93 } // namespace grpc_core
94 
95 #endif // GRPC_GRPC_AUDIT_LOGGING_H
grpc_core::experimental::RegisterAuditLoggerFactory
void RegisterAuditLoggerFactory(std::unique_ptr< AuditLoggerFactory > factory)
grpc_core::experimental::AuditContext
Definition: grpc_audit_logging.h:35
grpc_core
Definition: grpc_audit_logging.h:31
grpc_core::experimental::AuditLogger::name
virtual absl::string_view name() const =0
grpc_core::experimental::AuditLoggerFactory::~AuditLoggerFactory
virtual ~AuditLoggerFactory()=default
grpc_core::experimental::AuditLogger::~AuditLogger
virtual ~AuditLogger()=default
grpc_core::experimental::AuditLoggerFactory::name
virtual absl::string_view name() const =0
grpc_core::experimental::AuditLogger::Log
virtual void Log(const AuditContext &audit_context)=0
grpc_core::experimental::AuditLoggerFactory::Config::name
virtual absl::string_view name() const =0
grpc_core::experimental::Json
Definition: json.h:37
grpc_core::experimental::AuditLoggerFactory::ParseAuditLoggerConfig
virtual absl::StatusOr< std::unique_ptr< Config > > ParseAuditLoggerConfig(const Json &json)=0
grpc_core::experimental::AuditContext::authorized
bool authorized() const
Definition: grpc_audit_logging.h:50
grpc_core::experimental::AuditLogger
Definition: grpc_audit_logging.h:61
grpc_core::experimental::AuditLoggerFactory::Config::ToString
virtual std::string ToString() const =0
grpc_core::experimental::AuditLoggerFactory
Definition: grpc_audit_logging.h:69
grpc_core::experimental::AuditLoggerFactory::Config::~Config
virtual ~Config()=default
grpc_core::experimental::AuditContext::rpc_method
absl::string_view rpc_method() const
Definition: grpc_audit_logging.h:46
json.h
grpc_core::experimental::AuditLoggerFactory::CreateAuditLogger
virtual std::unique_ptr< AuditLogger > CreateAuditLogger(std::unique_ptr< AuditLoggerFactory::Config >)=0
grpc_core::experimental::AuditContext::policy_name
absl::string_view policy_name() const
Definition: grpc_audit_logging.h:48
grpc_core::experimental::AuditContext::matched_rule
absl::string_view matched_rule() const
Definition: grpc_audit_logging.h:49
grpc_core::experimental::AuditContext::principal
absl::string_view principal() const
Definition: grpc_audit_logging.h:47
grpc_core::experimental::AuditLoggerFactory::Config
Definition: grpc_audit_logging.h:71
grpc_core::experimental::AuditContext::AuditContext
AuditContext(absl::string_view rpc_method, absl::string_view principal, absl::string_view policy_name, absl::string_view matched_rule, bool authorized)
Definition: grpc_audit_logging.h:37
port_platform.h