MCPcopy
hub / github.com/dgraph-io/dgraph / AuditRequestHttp

Function AuditRequestHttp

audit/interceptor.go:97–128  ·  view source on GitHub ↗
(next http.Handler)

Source from the content-addressed store, hash-verified

95}
96
97func AuditRequestHttp(next http.Handler) http.Handler {
98 return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
99 skip := func(method string) bool {
100 return skipEPs[r.URL.Path]
101 }
102
103 if atomic.LoadUint32(&auditEnabled) == 0 || skip(r.URL.Path) {
104 next.ServeHTTP(w, r)
105 return
106 }
107
108 // Websocket connection in graphQl happens differently. We only get access tokens and
109 // metadata in payload later once the connection is upgraded to correct protocol.
110 // Doc: https://github.com/apollographql/subscriptions-transport-ws/blob/v0.9.4/PROTOCOL.md
111 //
112 // Auditing for websocket connections will be handled by graphql/admin/http.go:154#Subscribe
113 for _, subprotocol := range websocket.Subprotocols(r) {
114 if subprotocol == "graphql-ws" {
115 next.ServeHTTP(w, r)
116 return
117 }
118 }
119
120 rw := NewResponseWriter(w)
121 var buf bytes.Buffer
122 tee := io.TeeReader(r.Body, &buf)
123 r.Body = io.NopCloser(tee)
124 next.ServeHTTP(rw, r)
125 r.Body = io.NopCloser(bytes.NewReader(buf.Bytes()))
126 auditHttp(rw, r)
127 })
128}
129
130func AuditWebSockets(ctx context.Context, req *schema.Request) {
131 if atomic.LoadUint32(&auditEnabled) == 0 {

Callers 2

runFunction · 0.92
setupServerFunction · 0.92

Calls 3

NewResponseWriterFunction · 0.85
auditHttpFunction · 0.85
ServeHTTPMethod · 0.80

Tested by

no test coverage detected