dcovington
/
Campaign_Tracker
1
0
フォーク 0
コード 課題 4 プルリクエスト 0 リリース 0 Wiki アクティビティ
選択できるのは25トピックまでです。 トピックは、先頭が英数字で、英数字とダッシュ('-')を使用した35文字以内のものにしてください。
24 コミット
2 ブランチ
17MB
ツリー: e85cb5a2c3
ブランチ タグ
${ item.name }
ブランチ ${ searchTerm } を作成
'e85cb5a2c3' から
${ noResults }
Campaign_Tracker/Campaign_Tracker.Server/Audit/AppendOnlyFileAuditService.cs

120 行
4.4KB
Raw Blame 履歴 

  1. using System.Collections.Concurrent;

  2. using System.Text.Json;

  3. 

  4. namespace Campaign_Tracker.Server.Audit;

  5. 

  6. /// <summary>

  7. /// Persistent, append-only audit service that writes JSON Lines to daily rotating files.

  8. ///

  9. /// Guarantees:

  10. /// - AC #1: Every Record() call writes actor, timestamp (UTC), event type, resource, outcome.

  11. /// - AC #2: Files are never deleted by this service; retained indefinitely (365+ day policy).

  12. /// - AC #4: The interface and file format are append-only — no update or delete operations exist.

  13. /// - AC #5: Record() throws AuditServiceUnavailableException if the file system is unavailable,

  14. ///           which propagates to the caller and blocks the auditable action.

  15. /// </summary>

  16. public sealed class AppendOnlyFileAuditService : IAuditService

  17. {

  18.     private readonly string _logDirectory;

  19.     private readonly ILogger<AppendOnlyFileAuditService> _logger;

  20.     private readonly ConcurrentQueue<AuditEvent> _recentEvents = new();

  21.     private readonly object _fileLock = new();

  22.     private const int MaxRecentEvents = 1000;

  23. 

  24.     private static readonly JsonSerializerOptions JsonOptions = new()

  25.     {

  26.         PropertyNamingPolicy = JsonNamingPolicy.CamelCase,

  27.     };

  28. 

  29.     public AppendOnlyFileAuditService(string logDirectory, ILogger<AppendOnlyFileAuditService> logger)

  30.     {

  31.         _logDirectory = logDirectory;

  32.         _logger = logger;

  33.         Directory.CreateDirectory(logDirectory);

  34.     }

  35. 

  36.     /// <summary>

  37.     /// Appends the event as a JSON line to the day's audit file, then caches it in memory.

  38.     /// Throws <see cref="AuditServiceUnavailableException"/> if the write fails (AC #5).

  39.     /// </summary>

  40.     public void Record(AuditEvent auditEvent)

  41.     {

  42.         ValidateRequiredFields(auditEvent);

  43. 

  44.         var normalizedEvent = auditEvent with

  45.         {

  46.             RecordedAt = auditEvent.RecordedAt.ToUniversalTime(),

  47.         };

  48.         var line = JsonSerializer.Serialize(normalizedEvent, JsonOptions) + Environment.NewLine;

  49.         var filePath = GetDailyFilePath(normalizedEvent.RecordedAt);

  50. 

  51.         try

  52.         {

  53.             lock (_fileLock)

  54.             {

  55.                 File.AppendAllText(filePath, line);

  56.             }

  57.         }

  58.         catch (Exception ex)

  59.         {

  60.             _logger.LogError(ex, "Audit write failed for event {EventType} by {Actor}.", auditEvent.EventType, auditEvent.ActorIdentity);

  61.             throw new AuditServiceUnavailableException(

  62.                 $"Audit log write failed for {auditEvent.EventType}.", ex);

  63.         }

  64. 

  65.         // Maintain bounded in-memory cache for GetRecent() queries.

  66.         _recentEvents.Enqueue(normalizedEvent);

  67.         while (_recentEvents.Count > MaxRecentEvents)

  68.         {

  69.             _recentEvents.TryDequeue(out _);

  70.         }

  71.     }

  72. 

  73.     /// <summary>

  74.     /// Returns up to <paramref name="maxCount"/> of the most recently recorded events

  75.     /// from the in-process cache. For full historical queries, read the .jsonl files directly.

  76.     /// </summary>

  77.     public IReadOnlyCollection<AuditEvent> GetRecent(int maxCount = 200)

  78.     {

  79.         if (maxCount < 0)

  80.         {

  81.             throw new ArgumentOutOfRangeException(nameof(maxCount), "Recent audit event count cannot be negative.");

  82.         }

  83. 

  84.         if (maxCount == 0)

  85.         {

  86.             return [];

  87.         }

  88. 

  89.         var events = _recentEvents.ToArray();

  90.         return events.Length <= maxCount

  91.             ? events

  92.             : events[^maxCount..];

  93.     }

  94. 

  95.     /// <summary>Returns the path of the log file for the given UTC date.</summary>

  96.     public string GetDailyFilePath(DateTimeOffset timestamp)

  97.     {

  98.         var date = timestamp.UtcDateTime.ToString("yyyy-MM-dd");

  99.         return Path.Combine(_logDirectory, $"audit-{date}.jsonl");

  100.     }

  101. 

  102.     private static void ValidateRequiredFields(AuditEvent auditEvent)

  103.     {

  104.         ArgumentNullException.ThrowIfNull(auditEvent);

  105.         ValidateRequired(auditEvent.EventType, nameof(auditEvent.EventType));

  106.         ValidateRequired(auditEvent.ActorIdentity, nameof(auditEvent.ActorIdentity));

  107.         ValidateRequired(auditEvent.Resource, nameof(auditEvent.Resource));

  108.         ValidateRequired(auditEvent.Outcome, nameof(auditEvent.Outcome));

  109.         ValidateRequired(auditEvent.TraceIdentifier, nameof(auditEvent.TraceIdentifier));

  110.     }

  111. 

  112.     private static void ValidateRequired(string? value, string fieldName)

  113.     {

  114.         if (string.IsNullOrWhiteSpace(value))

  115.         {

  116.             throw new ArgumentException($"Audit field {fieldName} is required.", fieldName);

  117.         }

  118.     }

  119. }

Powered by TurnKey Linux.