Pass down SignedUserName down to AccessLogger context

zeripath · zeripath · commit f784e855b6ea · 2021-08-02T21:19:57.000+01:00
Unfortunately when the AccessLogger was moved back before the contexters the SignedUserName reporting was lost. This is due to Request.WithContext leading to a shallow copy of the Request and the modules/context/Context being within that request. This PR adds a new context variable of a string pointer which is set and handled in the contexters. Fix #16600 Signed-off-by: Andrew Thornton <art27@cantab.net>
diff --git a/modules/context/access_log.go b/modules/context/access_log.go
@@ -6,6 +6,7 @@ package context
 
 import (
 	"bytes"
+	"context"
 	"html/template"
 	"net/http"
 	"time"
@@ -22,18 +23,19 @@ type routerLoggerOptions struct {
 	Ctx            map[string]interface{}
 }
 
+var signedUserNameStringPointerKey interface{} = "signedUserNameStringPointerKey"
+
 // AccessLogger returns a middleware to log access logger
 func AccessLogger() func(http.Handler) http.Handler {
 	logger := log.GetLogger("access")
 	logTemplate, _ := template.New("log").Parse(setting.AccessLogTemplate)
 	return func(next http.Handler) http.Handler {
 		return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
 			start := time.Now()
-			next.ServeHTTP(w, req)
 			identity := "-"
-			if val := SignedUserName(req); val != "" {
-				identity = val
-			}
+			r := req.WithContext(context.WithValue(req.Context(), signedUserNameStringPointerKey, &identity))
+
+			next.ServeHTTP(w, r)
 			rw := w.(ResponseWriter)
 
 			buf := bytes.NewBuffer([]byte{})
diff --git a/modules/context/api.go b/modules/context/api.go
@@ -275,6 +275,13 @@ func APIContexter() func(http.Handler) http.Handler {
 			ctx.Data["CsrfToken"] = html.EscapeString(ctx.csrf.GetToken())
 
 			next.ServeHTTP(ctx.Resp, ctx.Req)
+
+			// Handle adding signedUserName to the context for the AccessLogger
+			username := ctx.Data["SignedUserName"].(string)
+			identityPtr := ctx.Req.Context().Value(signedUserNameStringPointerKey).(*string)
+			if identityPtr != nil && username != "" {
+				*identityPtr = username
+			}
 		})
 	}
 }
diff --git a/modules/context/context.go b/modules/context/context.go
@@ -770,6 +770,14 @@ func Contexter() func(next http.Handler) http.Handler {
 			}
 
 			next.ServeHTTP(ctx.Resp, ctx.Req)
+
+			// Handle adding signedUserName to the context for the AccessLogger
+			username := ctx.Data["SignedUserName"].(string)
+			identityPtr := ctx.Req.Context().Value(signedUserNameStringPointerKey).(*string)
+			if identityPtr != nil && username != "" {
+				*identityPtr = username
+			}
+
 		})
 	}
 }

Original file line number	Diff line number	Diff line change
`@@ -275,6 +275,13 @@ func APIContexter() func(http.Handler) http.Handler {`
`275`	`275`	`ctx.Data["CsrfToken"] = html.EscapeString(ctx.csrf.GetToken())`
`276`	`276`
`277`	`277`	`next.ServeHTTP(ctx.Resp, ctx.Req)`
	`278`	`+`
	`279`	`+ // Handle adding signedUserName to the context for the AccessLogger`
	`280`	`+ username := ctx.Data["SignedUserName"].(string)`
	`281`	`+ identityPtr := ctx.Req.Context().Value(signedUserNameStringPointerKey).(*string)`
	`282`	`+ if identityPtr != nil && username != "" {`
	`283`	`+ *identityPtr = username`
	`284`	`+ }`
`278`	`285`	`})`
`279`	`286`	`}`
`280`	`287`	`}`
Original file line number	Diff line number	Diff line change
`@@ -770,6 +770,14 @@ func Contexter() func(next http.Handler) http.Handler {`
`770`	`770`	`}`
`771`	`771`
`772`	`772`	`next.ServeHTTP(ctx.Resp, ctx.Req)`
	`773`	`+`
	`774`	`+ // Handle adding signedUserName to the context for the AccessLogger`
	`775`	`+ username := ctx.Data["SignedUserName"].(string)`
	`776`	`+ identityPtr := ctx.Req.Context().Value(signedUserNameStringPointerKey).(*string)`
	`777`	`+ if identityPtr != nil && username != "" {`
	`778`	`+ *identityPtr = username`
	`779`	`+ }`
	`780`	`+`
`773`	`781`	`})`
`774`	`782`	`}`
`775`	`783`	`}`