root
/
grafana
mirror of https://github.com/grafana/grafana.git
1
0
Fork 0
Code Issues Actions 40 Packages Projects Releases Wiki Activity

AuthZService: Add attributes to traces (#102433)

This commit is contained in:
Gabriel MABILLE 2025-03-19 12:21:39 +01:00 committed by GitHub
parent 3e3ab8e064
commit 9a556fbde6
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 14 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
pkg/services/authz/rbac/service.go
View File

@ -103,6 +103,14 @@ func (s *Service) Check(ctx context.Context, req *authzv1.CheckRequest) (*authzv
}
ctx = request.WithNamespace(ctx, req.GetNamespace())
span.SetAttributes(
attribute.String("subject", req.Subject),
attribute.String("namespace", checkReq.Namespace.Value),
attribute.String("action", checkReq.Action),
attribute.String("name", checkReq.Name),
attribute.String("folder", checkReq.ParentFolder),
)
permissions, err := s.getIdentityPermissions(ctx, checkReq.Namespace, checkReq.IdentityType, checkReq.UserUID, checkReq.Action)
if err != nil {
ctxLogger.Error("could not get user permissions", "subject", req.GetSubject(), "error", err)
@ -134,6 +142,12 @@ func (s *Service) List(ctx context.Context, req *authzv1.ListRequest) (*authzv1.
}
ctx = request.WithNamespace(ctx, req.GetNamespace())
span.SetAttributes(
attribute.String("subject", req.Subject),
attribute.String("namespace", listReq.Namespace.Value),
attribute.String("action", listReq.Action),
)
permissions, err := s.getIdentityPermissions(ctx, listReq.Namespace, listReq.IdentityType, listReq.UserUID, listReq.Action)
if err != nil {
ctxLogger.Error("could not get user permissions", "subject", req.GetSubject(), "error", err)