(w *ResponseWriter, r *http.Request)
| 220 | } |
| 221 | |
| 222 | func auditHttp(w *ResponseWriter, r *http.Request) { |
| 223 | body := getRequestBody(r) |
| 224 | var user string |
| 225 | if token := r.Header.Get("X-Dgraph-AccessToken"); token != "" { |
| 226 | user = getUser(token, false) |
| 227 | } else if token := r.Header.Get("X-Dgraph-AuthToken"); token != "" { |
| 228 | user = getUser(token, true) |
| 229 | } else { |
| 230 | user = getUser("", false) |
| 231 | } |
| 232 | |
| 233 | auditor.Audit(&AuditEvent{ |
| 234 | User: user, |
| 235 | Namespace: x.ExtractNamespaceHTTP(r), |
| 236 | ServerHost: x.WorkerConfig.MyAddr, |
| 237 | ClientHost: r.RemoteAddr, |
| 238 | Endpoint: r.URL.Path, |
| 239 | ReqType: Http, |
| 240 | Req: truncate(checkRequestBody(Http, r.URL.Path, string(body)), maxReqLength), |
| 241 | Status: http.StatusText(w.statusCode), |
| 242 | QueryParams: r.URL.Query(), |
| 243 | }) |
| 244 | } |
| 245 | |
| 246 | // password fields are accessible only via /admin endpoint hence, |
| 247 | // this will be only called with /admin endpoint |
no test coverage detected