public override void OnActionExecuting(ActionExecutingContext filterContext)
{
EnsureArg.IsNotNull(filterContext, nameof(filterContext));
if (filterContext.ActionDescriptor is ControllerActionDescriptor actionDescriptor)
{
var attribute = s_attributeDict.GetOrAdd(actionDescriptor, GetAttributeToAdd);
if (attribute == null || !(attribute is AllowAnonymousAttribute || attribute is AuditEventSubTypeAttribute))
{
throw new NotSupportedException(string.Format(Resources.AuditEventSubTypeNotSet, actionDescriptor.MethodInfo.Name));
}
// If anonymous allowed, don't audit.
if (attribute is AllowAnonymousAttribute)
{
base.OnActionExecuting(filterContext);
return;
}
var auditEventSubTypeAttribute = attribute as AuditEventSubTypeAttribute;
IFhirRequestContext fhirRequestContext = _fhirRequestContextAccessor.FhirRequestContext;
fhirRequestContext.RequestSubType = new Coding(ValueSets.AuditEventSubType.System, auditEventSubTypeAttribute.AuditEventType);
_auditLogger.LogAudit(
AuditAction.Executing,
action: fhirRequestContext.RequestSubType.Code,
resourceType: null,
requestUri: fhirRequestContext.Uri,
statusCode: null,
correlationId: _fhirRequestContextAccessor.FhirRequestContext.CorrelationId,
claims: _claimsIndexer.Extract());
}
base.OnActionExecuting(filterContext);
}
public AuditLoggingFilterTests()
{
_fhirResult = new FhirResult(new Patient()
{
Name = { new HumanName()
{
Text = "TestPatient"
} }
});
_executedContext = new ResultExecutedContext(
new ActionContext(new DefaultHttpContext(), new RouteData(), new ControllerActionDescriptor()
{
DisplayName = "Executed Context Test Descriptor"
}),
new List <IFilterMetadata>(),
_fhirResult,
FilterTestsHelper.CreateMockFhirController());
_executedContext.HttpContext.Response.StatusCode = (int)HttpStatusCode.Created;
_fhirResult.StatusCode = HttpStatusCode.Created;
_fhirRequestContext.RequestType.Returns(new Coding("System", "TestRequestType"));
_fhirRequestContext.RequestSubType = new Coding("System", "TestRequestSubType");
_fhirRequestContext.Uri.Returns(new Uri("https://fhirtest/fhir?count=100"));
_fhirRequestContextAccessor.FhirRequestContext.Returns(_fhirRequestContext);
_fhirRequestContextAccessor.FhirRequestContext.Principal.Returns(_claimsPrincipal);
_securityConfiguration.LastModifiedClaims.Returns(new HashSet <string> {
"claim1"
});
_securityOptions.Value.Returns(_securityConfiguration);
_claimsPrincipal.Claims.Returns(new List <System.Security.Claims.Claim> {
Claim1
});
_claims = new KeyValuePair <string, string>[]
{
KeyValuePair.Create("claim", "value"),
};
_claimsIndexer = Substitute.For <IClaimsIndexer>();
_claimsIndexer.Extract().Returns(_claims);
_filter = new AuditLoggingFilterAttribute(
_auditLogger,
_fhirRequestContextAccessor,
_claimsIndexer);
}
/// <inheritdoc />
public ResourceWrapper Create(Resource resource, bool deleted)
{
RawResource rawResource = _rawResourceFactory.Create(resource);
IReadOnlyCollection <SearchIndexEntry> searchIndices = _searchIndexer.Extract(resource);
IFhirRequestContext fhirRequestContext = _fhirRequestContextAccessor.FhirRequestContext;
return(new ResourceWrapperWithSearchIndices(
resource,
rawResource,
new ResourceRequest(fhirRequestContext.Uri, fhirRequestContext.Method),
deleted,
searchIndices,
_compartmentIndexer.Extract(resource.ResourceType, searchIndices),
_claimsIndexer.Extract()));
}
public void GivenAFhirRequest_WhenExecutingAnValidAction_ThenLogAuditMustBeCalled()
{
var executingContext = new ActionExecutingContext(
new ActionContext(new DefaultHttpContext(), new RouteData(), new ControllerActionDescriptor()
{
DisplayName = "Executing Context Test Descriptor"
}),
new List <IFilterMetadata>(),
_actionArguments,
FilterTestsHelper.CreateMockFhirController());
var descriptor = executingContext.ActionDescriptor as ControllerActionDescriptor;
var claims = _claimsIndexer.Extract();
descriptor.MethodInfo = typeof(FilterTestsHelper).GetMethod("MethodWithAuditEventAttribute");
_filter.OnActionExecuting(executingContext);
_auditLogger.Received(1).LogAudit(AuditAction.Executing, _fhirRequestContext.RequestSubType.Code, null, _fhirRequestContext.Uri, null, _fhirRequestContext.CorrelationId, _claims);
_executedContext.ActionDescriptor = executingContext.ActionDescriptor;
_filter.OnResultExecuted(_executedContext);
_auditLogger.Received(2).LogAudit(Arg.Any <AuditAction>(), Arg.Any <string>(), Arg.Any <string>(), Arg.Any <Uri>(), Arg.Any <HttpStatusCode?>(), Arg.Any <string>(), Arg.Any <IReadOnlyCollection <KeyValuePair <string, string> > >());
_auditLogger.Received(1).LogAudit(AuditAction.Executed, _fhirRequestContext.RequestSubType.Code, _fhirResult.Resource.TypeName, _fhirRequestContext.Uri, _fhirResult.StatusCode, _fhirRequestContext.CorrelationId, _claims);
}