mirror of
https://github.com/gravitational/teleport
synced 2024-10-19 16:53:57 +00:00
remove changes that temporarily kept e builds working (#28979)
This commit is contained in:
parent
04212d37bc
commit
473214eb45
|
@ -181,7 +181,7 @@ func NewServer(cfg *InitConfig, opts ...ServerOption) (*Server, error) {
|
||||||
cfg.AuditLog = events.NewDiscardAuditLog()
|
cfg.AuditLog = events.NewDiscardAuditLog()
|
||||||
}
|
}
|
||||||
if cfg.Emitter == nil {
|
if cfg.Emitter == nil {
|
||||||
cfg.Emitter = events.NewDiscardEmitterReal()
|
cfg.Emitter = events.NewDiscardEmitter()
|
||||||
}
|
}
|
||||||
if cfg.Streamer == nil {
|
if cfg.Streamer == nil {
|
||||||
cfg.Streamer = events.NewDiscardStreamer()
|
cfg.Streamer = events.NewDiscardStreamer()
|
||||||
|
|
|
@ -4578,7 +4578,7 @@ func createSAMLIdPTestUsers(t *testing.T, server *Server) (string, string) {
|
||||||
func modifyAndWaitForEvent(t *testing.T, errFn require.ErrorAssertionFunc, client *Client, srv *TestTLSServer, eventCode string, fn func() error) apievents.AuditEvent {
|
func modifyAndWaitForEvent(t *testing.T, errFn require.ErrorAssertionFunc, client *Client, srv *TestTLSServer, eventCode string, fn func() error) apievents.AuditEvent {
|
||||||
// Make sure we ignore events after consuming this one.
|
// Make sure we ignore events after consuming this one.
|
||||||
defer func() {
|
defer func() {
|
||||||
srv.AuthServer.AuthServer.emitter = events.NewDiscardEmitterReal()
|
srv.AuthServer.AuthServer.emitter = events.NewDiscardEmitter()
|
||||||
}()
|
}()
|
||||||
chanEmitter := eventstest.NewChannelEmitter(1)
|
chanEmitter := eventstest.NewChannelEmitter(1)
|
||||||
srv.AuthServer.AuthServer.emitter = chanEmitter
|
srv.AuthServer.AuthServer.emitter = chanEmitter
|
||||||
|
@ -5750,28 +5750,32 @@ func TestWatchHeadlessAuthentications_usersCanOnlyWatchThemselves(t *testing.T)
|
||||||
identity: TestUser(admin),
|
identity: TestUser(admin),
|
||||||
filter: types.HeadlessAuthenticationFilter{},
|
filter: types.HeadlessAuthenticationFilter{},
|
||||||
expectWatchError: "user cannot watch headless authentications without a filter for their username",
|
expectWatchError: "user cannot watch headless authentications without a filter for their username",
|
||||||
}, {
|
},
|
||||||
|
{
|
||||||
name: "NOK alice cannot filter for username=bob",
|
name: "NOK alice cannot filter for username=bob",
|
||||||
identity: TestUser(alice),
|
identity: TestUser(alice),
|
||||||
filter: types.HeadlessAuthenticationFilter{
|
filter: types.HeadlessAuthenticationFilter{
|
||||||
Username: bob,
|
Username: bob,
|
||||||
},
|
},
|
||||||
expectWatchError: "user \"alice\" cannot watch headless authentications of \"bob\"",
|
expectWatchError: "user \"alice\" cannot watch headless authentications of \"bob\"",
|
||||||
}, {
|
},
|
||||||
|
{
|
||||||
name: "OK alice can filter for username=alice",
|
name: "OK alice can filter for username=alice",
|
||||||
identity: TestUser(alice),
|
identity: TestUser(alice),
|
||||||
filter: types.HeadlessAuthenticationFilter{
|
filter: types.HeadlessAuthenticationFilter{
|
||||||
Username: alice,
|
Username: alice,
|
||||||
},
|
},
|
||||||
expectResources: aliceAuthns,
|
expectResources: aliceAuthns,
|
||||||
}, {
|
},
|
||||||
|
{
|
||||||
name: "OK bob can filter for username=bob",
|
name: "OK bob can filter for username=bob",
|
||||||
identity: TestUser(bob),
|
identity: TestUser(bob),
|
||||||
filter: types.HeadlessAuthenticationFilter{
|
filter: types.HeadlessAuthenticationFilter{
|
||||||
Username: bob,
|
Username: bob,
|
||||||
},
|
},
|
||||||
expectResources: bobAuthns,
|
expectResources: bobAuthns,
|
||||||
}, {
|
},
|
||||||
|
{
|
||||||
name: "OK alice can filter for pending requests",
|
name: "OK alice can filter for pending requests",
|
||||||
identity: TestUser(alice),
|
identity: TestUser(alice),
|
||||||
filter: types.HeadlessAuthenticationFilter{
|
filter: types.HeadlessAuthenticationFilter{
|
||||||
|
@ -5779,7 +5783,8 @@ func TestWatchHeadlessAuthentications_usersCanOnlyWatchThemselves(t *testing.T)
|
||||||
State: types.HeadlessAuthenticationState_HEADLESS_AUTHENTICATION_STATE_PENDING,
|
State: types.HeadlessAuthenticationState_HEADLESS_AUTHENTICATION_STATE_PENDING,
|
||||||
},
|
},
|
||||||
expectResources: []*types.HeadlessAuthentication{aliceAuthns[types.HeadlessAuthenticationState_HEADLESS_AUTHENTICATION_STATE_PENDING]},
|
expectResources: []*types.HeadlessAuthentication{aliceAuthns[types.HeadlessAuthenticationState_HEADLESS_AUTHENTICATION_STATE_PENDING]},
|
||||||
}, {
|
},
|
||||||
|
{
|
||||||
name: "OK alice can filter for a specific request",
|
name: "OK alice can filter for a specific request",
|
||||||
identity: TestUser(alice),
|
identity: TestUser(alice),
|
||||||
filter: types.HeadlessAuthenticationFilter{
|
filter: types.HeadlessAuthenticationFilter{
|
||||||
|
|
|
@ -129,17 +129,16 @@ func (d *DiscardRecorder) RecordEvent(ctx context.Context, pe apievents.Prepared
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// NewDiscardEmitterReal returns a no-op discard emitter
|
// NewDiscardEmitter returns a no-op discard emitter
|
||||||
func NewDiscardEmitterReal() *DiscardEmitterReal {
|
func NewDiscardEmitter() *DiscardEmitter {
|
||||||
return &DiscardEmitterReal{}
|
return &DiscardEmitter{}
|
||||||
}
|
}
|
||||||
|
|
||||||
// DiscardEmitter discards all events
|
// DiscardEmitter discards all events
|
||||||
// TODO(capnspacehook): rename to DiscardEmitter after e PR is merged
|
type DiscardEmitter struct{}
|
||||||
type DiscardEmitterReal struct{}
|
|
||||||
|
|
||||||
// EmitAuditEvent discards audit event
|
// EmitAuditEvent discards audit event
|
||||||
func (*DiscardEmitterReal) EmitAuditEvent(ctx context.Context, event apievents.AuditEvent) error {
|
func (*DiscardEmitter) EmitAuditEvent(ctx context.Context, event apievents.AuditEvent) error {
|
||||||
log.WithFields(log.Fields{
|
log.WithFields(log.Fields{
|
||||||
"event_id": event.GetID(),
|
"event_id": event.GetID(),
|
||||||
"event_type": event.GetType(),
|
"event_type": event.GetType(),
|
||||||
|
@ -155,26 +154,9 @@ func NewDiscardStreamer() *DiscardStreamer {
|
||||||
return &DiscardStreamer{}
|
return &DiscardStreamer{}
|
||||||
}
|
}
|
||||||
|
|
||||||
// TODO(capnspacehook): remove after e PR is merged
|
|
||||||
func NewDiscardEmitter() *DiscardStreamer {
|
|
||||||
return NewDiscardStreamer()
|
|
||||||
}
|
|
||||||
|
|
||||||
// DiscardStreamer creates DiscardRecorders
|
// DiscardStreamer creates DiscardRecorders
|
||||||
type DiscardStreamer struct{}
|
type DiscardStreamer struct{}
|
||||||
|
|
||||||
// EmitAuditEvent discards audit event
|
|
||||||
// TODO(capnspacehook): remove after e PR is merged
|
|
||||||
func (*DiscardStreamer) EmitAuditEvent(ctx context.Context, event apievents.AuditEvent) error {
|
|
||||||
log.WithFields(log.Fields{
|
|
||||||
"event_id": event.GetID(),
|
|
||||||
"event_type": event.GetType(),
|
|
||||||
"event_time": event.GetTime(),
|
|
||||||
"event_index": event.GetIndex(),
|
|
||||||
}).Debugf("Discarding event")
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
|
|
||||||
// CreateAuditStream creates a stream that discards all events
|
// CreateAuditStream creates a stream that discards all events
|
||||||
func (*DiscardStreamer) CreateAuditStream(ctx context.Context, sid session.ID) (apievents.Stream, error) {
|
func (*DiscardStreamer) CreateAuditStream(ctx context.Context, sid session.ID) (apievents.Stream, error) {
|
||||||
return NewDiscardRecorder(), nil
|
return NewDiscardRecorder(), nil
|
||||||
|
|
|
@ -24,9 +24,6 @@ import (
|
||||||
"github.com/gravitational/teleport/lib/session"
|
"github.com/gravitational/teleport/lib/session"
|
||||||
)
|
)
|
||||||
|
|
||||||
// TODO(capnspacehook): remove after e PR is merged
|
|
||||||
type MockEmitter = MockRecorderEmitter
|
|
||||||
|
|
||||||
// MockRecorderEmitter is a recorder and emitter that stores all events.
|
// MockRecorderEmitter is a recorder and emitter that stores all events.
|
||||||
type MockRecorderEmitter struct {
|
type MockRecorderEmitter struct {
|
||||||
mu sync.RWMutex
|
mu sync.RWMutex
|
||||||
|
|
|
@ -401,7 +401,7 @@ func newSession(ctx authContext, forwarder *Forwarder, req *http.Request, params
|
||||||
log: log,
|
log: log,
|
||||||
io: io,
|
io: io,
|
||||||
accessEvaluator: accessEvaluator,
|
accessEvaluator: accessEvaluator,
|
||||||
emitter: events.NewDiscardEmitterReal(),
|
emitter: events.NewDiscardEmitter(),
|
||||||
terminalSizeQueue: newMultiResizeQueue(streamContext),
|
terminalSizeQueue: newMultiResizeQueue(streamContext),
|
||||||
started: false,
|
started: false,
|
||||||
sess: sess,
|
sess: sess,
|
||||||
|
|
|
@ -32,7 +32,7 @@ func TestEmitConnTeleport(t *testing.T) {
|
||||||
|
|
||||||
go server.Write([]byte(msg))
|
go server.Write([]byte(msg))
|
||||||
|
|
||||||
conn := newEmitConn(context.Background(), client, events.NewDiscardEmitterReal(), "serverid")
|
conn := newEmitConn(context.Background(), client, events.NewDiscardEmitter(), "serverid")
|
||||||
buffer := make([]byte, 64)
|
buffer := make([]byte, 64)
|
||||||
n, err := conn.Read(buffer)
|
n, err := conn.Read(buffer)
|
||||||
require.NoError(t, err)
|
require.NoError(t, err)
|
||||||
|
@ -46,7 +46,7 @@ func TestEmitConnNotTeleport(t *testing.T) {
|
||||||
|
|
||||||
go server.Write([]byte(msg))
|
go server.Write([]byte(msg))
|
||||||
|
|
||||||
conn := newEmitConn(context.Background(), client, events.NewDiscardEmitterReal(), "serverid")
|
conn := newEmitConn(context.Background(), client, events.NewDiscardEmitter(), "serverid")
|
||||||
buffer := make([]byte, 64)
|
buffer := make([]byte, 64)
|
||||||
n, err := conn.Read(buffer)
|
n, err := conn.Read(buffer)
|
||||||
require.NoError(t, err)
|
require.NoError(t, err)
|
||||||
|
@ -64,7 +64,7 @@ func TestEmitConnTeleportSmallReads(t *testing.T) {
|
||||||
}
|
}
|
||||||
}()
|
}()
|
||||||
|
|
||||||
conn := newEmitConn(context.Background(), client, events.NewDiscardEmitterReal(), "serverid")
|
conn := newEmitConn(context.Background(), client, events.NewDiscardEmitter(), "serverid")
|
||||||
buffer := make([]byte, 64)
|
buffer := make([]byte, 64)
|
||||||
|
|
||||||
for _, chunk := range chunks {
|
for _, chunk := range chunks {
|
||||||
|
@ -86,7 +86,7 @@ func TestEmitConnNotTeleportSmallReads(t *testing.T) {
|
||||||
}
|
}
|
||||||
}()
|
}()
|
||||||
|
|
||||||
conn := newEmitConn(context.Background(), client, events.NewDiscardEmitterReal(), "serverid")
|
conn := newEmitConn(context.Background(), client, events.NewDiscardEmitter(), "serverid")
|
||||||
buffer := make([]byte, 64)
|
buffer := make([]byte, 64)
|
||||||
|
|
||||||
for _, chunk := range chunks {
|
for _, chunk := range chunks {
|
||||||
|
|
|
@ -1537,7 +1537,7 @@ func (process *TeleportProcess) initAuthService() error {
|
||||||
"turned off. This is dangerous, you will not be able to view audit events " +
|
"turned off. This is dangerous, you will not be able to view audit events " +
|
||||||
"or save and playback recorded sessions."
|
"or save and playback recorded sessions."
|
||||||
process.log.Warn(warningMessage)
|
process.log.Warn(warningMessage)
|
||||||
emitter, streamer = events.NewDiscardEmitterReal(), events.NewDiscardStreamer()
|
emitter, streamer = events.NewDiscardEmitter(), events.NewDiscardStreamer()
|
||||||
} else {
|
} else {
|
||||||
// check if session recording has been disabled. note, we will continue
|
// check if session recording has been disabled. note, we will continue
|
||||||
// logging audit events, we just won't record sessions.
|
// logging audit events, we just won't record sessions.
|
||||||
|
|
|
@ -512,7 +512,7 @@ func createSuite(t *testing.T, mockAWSHandler http.HandlerFunc, app types.Applic
|
||||||
require.NoError(t, err)
|
require.NoError(t, err)
|
||||||
|
|
||||||
audit, err := common.NewAudit(common.AuditConfig{
|
audit, err := common.NewAudit(common.AuditConfig{
|
||||||
Emitter: libevents.NewDiscardEmitterReal(),
|
Emitter: libevents.NewDiscardEmitter(),
|
||||||
Recorder: libevents.WithNoOpPreparer(recorder),
|
Recorder: libevents.WithNoOpPreparer(recorder),
|
||||||
})
|
})
|
||||||
require.NoError(t, err)
|
require.NoError(t, err)
|
||||||
|
|
Loading…
Reference in a new issue