-
Notifications
You must be signed in to change notification settings - Fork 8.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add session id to audit log #85451
Add session id to audit log #85451
Conversation
ACK: will review today |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, just a couple of nits, thanks!
const sessionCookieValue = await this.options.sessionCookie.get(request); | ||
if (sessionCookieValue) { | ||
return sessionCookieValue.sid; | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
question/nit: how do you feel about returning null
instead of undefined
here? So that it's consistent with getCurrentUser
, Session.get
and etc?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I find null
a cause of unintended bugs and behaviours and the distinctions between "not set" (undefined
) and "set but empty" (null
) to be rarely important.
e.g. null
can cause bugs when using optional parameters and default values since the default value will not be used. null
is also of type object which is weird and can cause bugs so I rarely use it.
Having said that, I think in this case, we really are dealing with the "not set" scenario so I think undefined
is correct.
Why are you using null
for the other methods?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why are you using null for the other methods?
TL;DR: We don't have any guidelines on that yet and even though I have a slightly stronger opinion on getCurrentUser
and Session.get
as explained below, I don't have the same strong reasons to use null
in this particular case except for consistency. Both would work for me and I trust your judgement here 👍
I think that we historically treated null
not as set but empty
, but more like an intentional absence of any object value, like the user or session objects are absent in a particular context, it's expected and intentional, and we explicitly manifest that with null
. As a side benefit, when you return null;
you explicitly define an exit point, where undefined
can be either intentional or not (e.g. forgotten return
statement).
Regarding default and optional parameters, I'd say it's more about personal preference, I find the code that is explicit about using default and optional parameters a little bit easier to read and understand, and type system will prevent unintentional behavior in case parameter cannot be null
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think the definition makes sense* then. For object values use null
, for primitives use undefined
. That also explains why null is of type object.
* I'm using "sense" in the loosest meaning of the word here since most other programming languages have a single type the denote absence of a value and get by just fine 🤷♀️
@elasticmachine merge upstream |
💛 Build succeeded, but was flaky
Test FailuresX-Pack API Integration Tests.x-pack/test/api_integration/apis/security_solution/kpi_network·ts.apis SecuritySolution Endpoints Kpi Network With packetbeat Make sure that we get KpiNetwork networkEvents dataStandard Out
Stack Trace
Metrics [docs]Distributable file count
History
To update your PR or re-run it, just comment with: |
* master: (116 commits) Fix UX E2E tests (elastic#85722) Increasing default api key removalDelay to 1h (elastic#85576) align cors settings names with elasticsearch (elastic#85738) unskip tests and make sure submit is not triggered too quickly (elastic#85567) Row trigger 2 (elastic#83167) Add session id to audit log (elastic#85451) [TSVB] Fields lists do not populate all the times (elastic#85530) [Visualize] Removes the external link icon from OSS badges (elastic#85580) fixes EQL tests (elastic#85712) [APM] enable 'log_level' for Go (elastic#85511) ini `1.3.5` -> `1.3.7` (elastic#85707) Fix fleet route protections (elastic#85626) [Monitoring] Some progress on making alerts better in the UI (elastic#81569) [Security Solution] Refactor Timeline Notes to use EuiCommentList (elastic#85256) [Security Solution][Detections][Threshold Rules] Threshold rule exceptions (elastic#85103) [Security Solution] Alerts details (elastic#83963) skip flaky suite (elastic#62060) skip flaky suite (elastic#85098) skip flaky suite (elastic#84020) skip flaky suite (elastic#85671) ...
Summary
This PR adds session id output to the audit log.
This is useful for auditors in order to trace different user sessions.
Checklist
Delete any items that are not applicable to this PR.