feat(audit): add file view event type to distinguish preview from download#2563
Open
yuuhikaze wants to merge 3 commits intoopencloud-eu:mainfrom
Open
feat(audit): add file view event type to distinguish preview from download#2563yuuhikaze wants to merge 3 commits intoopencloud-eu:mainfrom
yuuhikaze wants to merge 3 commits intoopencloud-eu:mainfrom
Conversation
…nload Add FileViewed event type alongside FileDownloaded for audit logging: - Reva: Add events.FileViewed event type with Unmarshal() method - Reva: Modify events middleware to check intent parameter from gRPC Opaque - If intent == 'preview', emit FileViewed event - Otherwise, emit FileDownloaded event for backward compatibility - Reva: Extract intent from HTTP query parameters and headers in GET handler - Read intent from ?intent= query param or X-OC-Intent header - Add to gRPC request Opaque field as 'oc:intent' - OpenCloud: Add AuditEventFileViewed type and conversion function - OpenCloud: Register FileViewed event handler in audit service - OpenCloud: Update RegisteredEvents() to include FileViewed This enables distinguishing file views from downloads for compliance tracking and audit logging purposes. Intent is signaled client-side and propagates through HTTP headers/query parameters to gRPC Opaque field, where the events middleware uses it to emit appropriate audit events. Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
Add clear comments explaining the event conversion pattern and the purpose of the new FileViewed event type for audit trail distinction. This improves code readability and helps maintainers understand the design intent.
Add NOSONAR comment for squid:S3776 (cognitive complexity) to acknowledge that large switch statements are idiomatic for event type handling. Document why this pattern is necessary and unavoidable in event systems.
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Add
FileViewedevent type to distinguish file previews from downloads in audit logs. Complements opencloud-eu/web#2281 (intent signaling) for complete audit trail distinction.Purpose
Enable audit trail distinction between file access patterns:
This enables policies like:
Similar to Microsoft 365's intent signaling for compliance and data protection.
Changes
OpenCloud Audit Service
AuditEventFileViewedin audit serviceFileViewedevents to audit log entries with actionfile_viewedFileViewedregistered inRegisteredEvents()listReva Events
events.FileViewedwith proper marshalingoc:intent == 'preview'→ emitFileViewedFileDownloaded(backward compatible)?intent=preview|downloadX-OC-IntentRequest Flow
Testing Status
Notes
FileDownloadedevents