operation_log: Add ignored_urls parameter

Request URLs can be put in ignored_urls in OPERATION_LOG_OPTIONS
in order to ignore them from auditing.

Change-Id: I6673e765fd88bc4230a3b7ced2ee227669136bb2
Closes-Bug: #1688206

doc/source/install/settings.rst

@@ -1776,6 +1776,7 @@ Default::
         {
          'mask_fields': ['password'],
          'target_methods': ['POST'],
+         'ignored_urls': ['/js/', '/static/', '^/api/'],
          'format': ("[%(domain_name)s] [%(domain_id)s] [%(project_name)s]"
              " [%(project_id)s] [%(user_name)s] [%(user_id)s] [%(request_scheme)s]"
              " [%(referer_url)s] [%(request_url)s] [%(message)s] [%(method)s]"
@@ -1789,6 +1790,7 @@ This setting controls the behavior of the operation log.
   The fields specified in ``mask_fields`` are logged as ``********``.
 * ``target_methods`` is a request method which is logged to a operation log.
   The valid methods are ``POST``, ``GET``, ``PUT``, ``DELETE``.
+* ``ignored_urls`` is a list of request URLs to be hidded from a log.
 * ``format`` defines the operation log format.
   Currently you can use the following keywords.
   The default value contains all keywords.

horizon/middleware/operation_log.py

@@ -14,6 +14,7 @@
 
 import json
 import logging
+import re
 
 from django.conf import settings
 from django.contrib import messages as django_messages
@@ -65,12 +66,15 @@ class OperationLogMiddleware(object):
             " [%(project_id)s] [%(user_name)s] [%(user_id)s]"
             " [%(request_scheme)s] [%(referer_url)s] [%(request_url)s]"
             " [%(message)s] [%(method)s] [%(http_status)s] [%(param)s]")
+        _default_ignored_urls = ['/js/', '/static/', '^/api/']
         self.target_methods = [x for x in _methods if x in _available_methods]
         self.mask_fields = _log_option.get("mask_fields", ['password'])
         self.format = _log_option.get("format", _default_format)
-        self.static_rule = ['/js/', '/static/']
         self._logger = logging.getLogger('horizon.operation_log')
 
+        ignored_urls = _log_option.get("ignore_urls", _default_ignored_urls)
+        self._ignored_urls = [re.compile(url) for url in ignored_urls]
+
     def process_response(self, request, response):
         """Log user operation."""
         log_format = self._get_log_format(request)
@@ -113,11 +117,10 @@ class OperationLogMiddleware(object):
         method = request.method.upper()
         if not (method in self.target_methods):
             return
-        if method == 'GET':
+        request_url = urlparse.unquote(request.path)
-            request_url = urlparse.unquote(request.path)
+        for rule in self.ignored_urls:
-            for rule in self.static_rule:
+            if rule.search(request_url):
-                if rule in request_url:
+                return
-                    return
         return self.format
 
     def _get_parameters_from_request(self, request, exception=False):

openstack_dashboard/local/local_settings.py.example

@@ -830,6 +830,7 @@ REST_API_REQUIRED_SETTINGS = ['OPENSTACK_HYPERVISOR_FEATURES',
 #OPERATION_LOG_OPTIONS = {
 #    'mask_fields': ['password'],
 #    'target_methods': ['POST'],
+#    'ignored_urls': ['/js/', '/static/', '^/api/'],
 #    'format': ("[%(client_ip)s] [%(domain_name)s]"
 #        " [%(domain_id)s] [%(project_name)s]"
 #        " [%(project_id)s] [%(user_name)s] [%(user_id)s] [%(request_scheme)s]"