docker/quay
1
0
Fork 0
mirror of https://github.com/quay/quay.git synced 2026-01-29 08:42:15 +03:00
Code Activity
Files
dmage-patch-1
quay/data/model/__init__.py
Daniel Messer e8ff33e728 logs: add failure logging for login, push, pull and delete events (PROJQUAY-5411) (#1903) 
* add login failure logging

Signed-off-by: dmesser <dmesser@redhat.com>

* move failure logging into credential validation

Signed-off-by: dmesser <dmesser@redhat.com>

* more precise tracking of affected users

Signed-off-by: dmesser <dmesser@redhat.com>

* fix indent

Signed-off-by: dmesser <dmesser@redhat.com>

* differentiate robots with wrong credentials

Signed-off-by: dmesser <dmesser@redhat.com>

* don't audit failures by default

Signed-off-by: dmesser <dmesser@redhat.com>

* discrete failure tracking for logins, push, pulls and deletes

Signed-off-by: dmesser <dmesser@redhat.com>

* refine log metadata

Signed-off-by: dmesser <dmesser@redhat.com>

* login failure log visualization

Signed-off-by: dmesser <dmesser@redhat.com>

* properly use data model

Signed-off-by: dmesser <dmesser@redhat.com>

* fix unit test bug

Signed-off-by: dmesser <dmesser@redhat.com>

* track non-existing repos differently

Signed-off-by: dmesser <dmesser@redhat.com>

* log view visualization of failed pushes and pulls

Signed-off-by: dmesser <dmesser@redhat.com>

* ensure all tests are conducted with failure logging

Signed-off-by: dmesser <dmesser@redhat.com>

* additional unicode protection

Signed-off-by: dmesser <dmesser@redhat.com>

* python black formatting

Signed-off-by: dmesser <dmesser@redhat.com>

* add cypress test data

Signed-off-by: dmesser <dmesser@redhat.com>

* add safety checks for ascii conversion attempts

Signed-off-by: dmesser <dmesser@redhat.com>

* adjusting unit test with correct error message

Signed-off-by: dmesser <dmesser@redhat.com>

* update to alembic head

Signed-off-by: dmesser <dmesser@redhat.com>

* add standard oauth token metadata in audit

Signed-off-by: dmesser <dmesser@redhat.com>

* update alembic head

Signed-off-by: dmesser <dmesser@redhat.com>

* correct field name

Signed-off-by: dmesser <dmesser@redhat.com>

* formatting

Signed-off-by: dmesser <dmesser@redhat.com>

* bump alembic head

Signed-off-by: dmesser <dmesser@redhat.com>

* refactor auth logging imports

Signed-off-by: dmesser <dmesser@redhat.com>

* bump alembic head

Signed-off-by: dmesser <dmesser@redhat.com>

* formatting

Signed-off-by: dmesser <dmesser@redhat.com>

* restore module

Signed-off-by: dmesser <dmesser@redhat.com>

* pre-commit fixes

Signed-off-by: dmesser <dmesser@redhat.com>

* adding missing default

Signed-off-by: dmesser <dmesser@redhat.com>

* bump alembic head

Signed-off-by: dmesser <dmesser@redhat.com>

* update test data

Signed-off-by: dmesser <dmesser@redhat.com>

* refactoring to save db calls

Signed-off-by: dmesser <dmesser@redhat.com>

* fix unit tests

Signed-off-by: dmesser <dmesser@redhat.com>

* handle unicode conversion errors on email look up

Signed-off-by: dmesser <dmesser@redhat.com>

* bump alembic head

Signed-off-by: dmesser <dmesser@redhat.com>

* proper debug logging and conditional db calls

Signed-off-by: dmesser <dmesser@redhat.com>

* omit wildcard import

Signed-off-by: dmesser <dmesser@redhat.com>

* re-add import

Signed-off-by: dmesser <dmesser@redhat.com>

---------

Signed-off-by: dmesser <dmesser@redhat.com>
2024-01-16 16:46:20 +01:00

231 lines
4.0 KiB
Python
Raw Permalink Blame History

from data.database import db, db_transaction
class DataModelException(Exception):
pass
class InvalidLabelKeyException(DataModelException):
pass
class InvalidMediaTypeException(DataModelException):
pass
class BlobDoesNotExist(DataModelException):
pass
class InvalidBlobUpload(DataModelException):
pass
class InvalidEmailAddressException(DataModelException):
pass
class InvalidOrganizationException(DataModelException):
pass
class InvalidProxyCacheConfigException(DataModelException):
pass
class InvalidPasswordException(DataModelException):
pass
class InvalidRobotException(DataModelException):
pass
class DeactivatedRobotOwnerException(InvalidRobotException):
pass
class InvalidRobotCredentialException(InvalidRobotException):
pass
class InvalidRobotOwnerException(InvalidRobotException):
pass
class InvalidUsernameException(DataModelException):
pass
class RepositoryDoesNotExist(DataModelException):
pass
class InvalidRepositoryBuildException(DataModelException):
pass
class InvalidBuildTriggerException(DataModelException):
pass
class InvalidTokenException(DataModelException):
pass
class InvalidNotificationException(DataModelException):
pass
class InvalidImageException(DataModelException):
pass
class UserAlreadyInTeam(DataModelException):
pass
class InvalidTeamException(DataModelException):
pass
class InvalidTeamMemberException(DataModelException):
pass
class InvalidManifestException(DataModelException):
pass
class ManifestDoesNotExist(DataModelException):
pass
class ServiceKeyDoesNotExist(DataModelException):
pass
class ServiceKeyAlreadyApproved(DataModelException):
pass
class ServiceNameInvalid(DataModelException):
pass
class TagDoesNotExist(DataModelException):
pass
class TagAlreadyCreatedException(DataModelException):
pass
class StaleTagException(DataModelException):
pass
class InvalidSystemQuotaConfig(Exception):
pass
class QuotaExceededException(DataModelException):
pass
class InvalidNamespaceQuota(DataModelException):
pass
class InvalidNamespaceQuotaLimit(DataModelException):
pass
class InvalidNamespaceQuotaType(DataModelException):
pass
class UnsupportedQuotaSize(DataModelException):
pass
class OrgSubscriptionBindingAlreadyExists(DataModelException):
pass
class NamespaceAutoPrunePolicyAlreadyExists(DataModelException):
pass
class NamespaceAutoPrunePolicyDoesNotExist(DataModelException):
pass
class InvalidNamespaceAutoPrunePolicy(DataModelException):
pass
class InvalidNamespaceAutoPruneMethod(DataModelException):
pass
class InvalidNamespaceException(DataModelException):
pass
class TooManyLoginAttemptsException(Exception):
def __init__(self, message, retry_after):
super(TooManyLoginAttemptsException, self).__init__(message)
self.retry_after = retry_after
class Config(object):
def __init__(self):
self.app_config = None
self.store = None
self.image_cleanup_callbacks = []
self.repo_cleanup_callbacks = []
def register_image_cleanup_callback(self, callback):
self.image_cleanup_callbacks.append(callback)
return lambda: self.image_cleanup_callbacks.remove(callback)
def register_repo_cleanup_callback(self, callback):
self.repo_cleanup_callbacks.append(callback)
return lambda: self.repo_cleanup_callbacks.remove(callback)
config = Config()
# There MUST NOT be any circular dependencies between these subsections. If there are fix it by
# moving the minimal number of things to _basequery
from data.model import (
appspecifictoken,
autoprune,
blob,
build,
entitlements,
gc,
label,
log,
message,
modelutil,
namespacequota,
notification,
oauth,
organization,
organization_skus,
permission,
proxy_cache,
release,
repo_mirror,
repository,
repositoryactioncount,
service_keys,
storage,
team,
token,
user,
)
View Git Blame Copy Permalink