Intercept all _api calls
44 views
Skip to first unread message
Cloud Coders
Jul 11, 2014, 3:55:10 PM7/11/14
to aran...@googlegroups.com
Hi All,
First of all; i'm very very pleased with the new DML capabilities in 2.2 beta, good job!
Now for the question:
I'm trying to create some sort of audit functionality for all calls made to the database.
The idea i had was to create a route like so:
{
"middleware": [
{
"url": {
"match": "/_api/*"
},
"action": {
"do": "audit/capture"
}
}
]
}
and the audit/capture is a simple piece of code in the _modules collection:
....
function capture(req, res, options, next) {
console.info(req);
next();
}
What i was expecting was to see any call to /_db/mydb/_api/* to be logged but it does not as it seems.
I flushed modules and reloaded routing etc but can't seem to get it to work.
Anyone with experience on this?
Thnx!
Regards,
Martijn
Cloud Coders
Jul 11, 2014, 4:45:34 PM7/11/14
to aran...@googlegroups.com
What i noticed is that:
/_db/mydb/_admin
does get logged when i use /* as match but
/_db/mydb/_api
does not.
Is _api intentionally 'suppressed' ?
Regards,
Martijn
--
You received this message because you are subscribed to the Google Groups "ArangoDB" group.
To unsubscribe from this group and stop receiving emails from it, send an email to arangodb+u...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Message has been deleted
Frank Celler
Jul 15, 2014, 2:50:56 PM7/15/14
to aran...@googlegroups.com
Yes, currently the "_api" calls are not routed through the middleware. Some of some are in written in C++ for speed.
In principle one could sacrifice some performance and allow catching these calls as well.
In principle one could sacrifice some performance and allow catching these calls as well.
To unsubscribe from this group and stop receiving emails from it, send an email to arangodb+unsubscribe@googlegroups.com.
Cloud Coders
Jul 15, 2014, 3:07:55 PM7/15/14
to aran...@googlegroups.com
Hi Frank,
OK, so at the moment it cannot be done.
As i have apache sitting in front of Arango trough which requests are proxied i can probably create a route say _myapi/*, only 'expose' this one trough apache (not proxying /_api/*), have middleware do it's thing on /_myapi/* and redirect to _api.
I'll test this workaround.
Is there an expected version where authorization functionality will be included?
Thnx!
Regards,
Martijn
To unsubscribe from this group and stop receiving emails from it, send an email to arangodb+u...@googlegroups.com.
Frank Celler
Jul 16, 2014, 5:22:52 AM7/16/14
to aran...@googlegroups.com
Am Dienstag, 15. Juli 2014 21:07:55 UTC+2 schrieb Cloud Coders:
Hi Frank,OK, so at the moment it cannot be done.As i have apache sitting in front of Arango trough which requests are proxied i can probably create a route say _myapi/*, only 'expose' this one trough apache (not proxying /_api/*), have middleware do it's thing on /_myapi/* and redirect to _api.I'll test this workaround.Is there an expected version where authorization functionality will be included?
We are currently working on it. So hopefully in the next few weeks.
Cloud Coders
Jul 16, 2014, 8:09:28 AM7/16/14
to aran...@googlegroups.com
Nice! Thnx.
Frank Celler
Jul 23, 2014, 4:30:06 AM7/23/14
to aran...@googlegroups.com
Nice! Thnx.
To unsubscribe from this group and stop receiving emails from it, send an email to arangodb+unsubscribe@googlegroups.com.
Cloud Coders
Jul 23, 2014, 4:00:04 PM7/23/14
to aran...@googlegroups.com
Thnx. I'll keep in mind to possibly open one myself next time ;)
Reply all
Reply to author
Forward
0 new messages