Fjerner sporing av bruker helt, i saksbehandling logger vi saksbehandler-ident

Author: blommish

log/main/no/nav/tilleggsstonader/libs/log/filter/LogFilter.kt

@@ -1,7 +1,6 @@
 package no.nav.tilleggsstonader.libs.log.filter
 
 import jakarta.servlet.FilterChain
-import jakarta.servlet.http.Cookie
 import jakarta.servlet.http.HttpFilter
 import jakarta.servlet.http.HttpServletRequest
 import jakarta.servlet.http.HttpServletResponse
@@ -18,14 +17,13 @@ import java.io.EOFException
 /**
  * @param sporBruker settes hvis vi skal sette cookie som sporer brukeren for å hjelpe ved feilsøing
  */
-class LogFilter(val sporBruker: Boolean) : HttpFilter() {
+class LogFilter : HttpFilter() {
 
     override fun doFilter(
         request: HttpServletRequest,
         response: HttpServletResponse,
         filterChain: FilterChain,
     ) {
-        sporBruker(request, response)
         val consumerId = request.getHeader(NavHttpHeaders.NAV_CONSUMER_ID.asString())
         val callId = resolveCallId(request)
         MDC.put(MDC_CALL_ID, callId)
@@ -43,24 +41,6 @@ class LogFilter(val sporBruker: Boolean) : HttpFilter() {
         }
     }
 
-    private fun sporBruker(
-        request: HttpServletRequest,
-        response: HttpServletResponse,
-    ) {
-        if (!sporBruker) {
-            return
-        }
-        var userId = resolveUserId(request)
-        if (userId.isNullOrEmpty()) {
-            // user-id tracking only works if the client is stateful and supports cookies.
-            // if no user-id is found, generate one for any following requests but do not use it on the
-            // current request to avoid generating large numbers of useless user-ids.
-            userId = IdUtils.generateId()
-            generateUserIdCookie(response, userId)
-        }
-        MDC.put(MDC_USER_ID, userId)
-    }
-
     private fun filterWithErrorHandling(
         request: HttpServletRequest,
         response: HttpServletResponse,
@@ -96,20 +76,6 @@ class LogFilter(val sporBruker: Boolean) : HttpFilter() {
             ?: IdUtils.generateId()
     }
 
-    private fun generateUserIdCookie(response: HttpServletResponse, userId: String) {
-        val cookie = Cookie(RANDOM_USER_ID_COOKIE_NAME, userId).apply {
-            path = "/"
-            maxAge = ONE_MONTH_IN_SECONDS
-            isHttpOnly = true
-            secure = true
-        }
-        response.addCookie(cookie)
-    }
-
-    private fun resolveUserId(request: HttpServletRequest): String? {
-        return request.cookies?.firstOrNull { it -> RANDOM_USER_ID_COOKIE_NAME == it.name }?.value
-    }
-
     companion object {
         // there is no consensus in NAV about header-names for correlation ids, so we support 'em all!
         // https://nav-it.slack.com/archives/C9UQ16AH4/p1538488785000100
@@ -127,7 +93,5 @@ class LogFilter(val sporBruker: Boolean) : HttpFilter() {
                 "X-Request-Id",
             )
         private val LOG = LoggerFactory.getLogger(LogFilter::class.java)
-        private const val RANDOM_USER_ID_COOKIE_NAME = "RUIDC"
-        private const val ONE_MONTH_IN_SECONDS = 60 * 60 * 24 * 30
     }
 }

log/main/no/nav/tilleggsstonader/libs/log/filter/LogFilterConfiguration.kt

@@ -1,24 +1,20 @@
 package no.nav.tilleggsstonader.libs.log.filter
 
 import org.slf4j.LoggerFactory
-import org.springframework.beans.factory.annotation.Value
 import org.springframework.boot.web.servlet.FilterRegistrationBean
 import org.springframework.context.annotation.Bean
 import org.springframework.context.annotation.Configuration
 
 @Configuration
-class LogFilterConfiguration(
-    @Value("\${log.sporBruker:false}")
-    private val sporBruker: Boolean,
-) {
+class LogFilterConfiguration {
 
     private val logger = LoggerFactory.getLogger(javaClass)
 
     @Bean
     fun logFilter(): FilterRegistrationBean<LogFilter> {
         logger.info("Registering LogFilter filter")
         val filterRegistration = FilterRegistrationBean<LogFilter>()
-        filterRegistration.filter = LogFilter(sporBruker = sporBruker)
+        filterRegistration.filter = LogFilter()
         filterRegistration.order = 1
         return filterRegistration
     }

log/test/no/nav/tilleggsstonader/libs/log/filter/LogFilterTest.kt

@@ -5,7 +5,6 @@ import io.mockk.mockk
 import jakarta.servlet.http.HttpServletRequest
 import jakarta.servlet.http.HttpServletResponse
 import no.nav.tilleggsstonader.libs.log.NavHttpHeaders
-import no.nav.tilleggsstonader.libs.log.mdc.MDCConstants
 import org.assertj.core.api.Assertions.assertThat
 import org.junit.jupiter.api.BeforeEach
 import org.junit.jupiter.api.Test
@@ -15,7 +14,7 @@ class LogFilterTest {
 
     private lateinit var httpServletRequest: HttpServletRequest
     private lateinit var httpServletResponse: HttpServletResponse
-    private val logFilter = LogFilter(true)
+    private val logFilter = LogFilter()
 
     @BeforeEach
     fun setup() {
@@ -53,22 +52,6 @@ class LogFilterTest {
             .isEqualTo(HttpServletResponse.SC_INTERNAL_SERVER_ERROR)
     }
 
-    @Test
-    fun `skal ikke logge bruker hvis sporBruker=true`() {
-        logFilter.doFilter(httpServletRequest, httpServletResponse) { _, _ ->
-            assertThat(MDC.get(MDCConstants.MDC_USER_ID)).isNotNull()
-        }
-    }
-
-    @Test
-    fun `skal ikke logge bruker hvis sporBruker=false`() {
-        val logFilter = LogFilter(sporBruker = false)
-
-        logFilter.doFilter(httpServletRequest, httpServletResponse) { _, _ ->
-            assertThat(MDC.get(MDCConstants.MDC_USER_ID)).isNull()
-        }
-    }
-
     private val mockHttpServletRequest = mockk<HttpServletRequest>(relaxed = true).also {
         every { it.method } returns "GET"
         every { it.requestURI } returns "/test/path"