Module: Datadog::Kit::Identity

Defined in:
lib/datadog/kit/identity.rb

Overview

Tracking identity via traces

Class Method Summary collapse

Class Method Details

.set_user(trace, id:, email: nil, name: nil, session_id: nil, role: nil, scope: nil, **others) ⇒ Object

Attach user information to the trace

rubocop:disable Metrics/CyclomaticComplexity rubocop:disable Metrics/PerceivedComplexity

Parameters:

  • trace (TraceOperation)

    Trace to attach data to.

  • id (String)

    Mandatory. Username or client id extracted from the access token or Authorization header in the inbound request from outside the system.

  • email (String) (defaults to: nil)

    Email of the authenticated user associated to the trace.

  • name (String) (defaults to: nil)

    User-friendly name. To be displayed in the UI if set.

  • session_id (String) (defaults to: nil)

    Session ID of the authenticated user.

  • role (String) (defaults to: nil)

    Actual/assumed role the client is making the request under extracted from token or application security context.

  • scope (String) (defaults to: nil)

    Scopes or granted authorities the client currently possesses extracted from token or application security context. The value would come from the scope associated with an OAuth 2.0 Access Token or an attribute value in a SAML 2.0 Assertion.

  • others (Hash<Symbol, String>)

    Additional free-form user information to attach to the trace.

Raises:

  • (ArgumentError) 


32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
 
# File 'lib/datadog/kit/identity.rb', line 32

def self.set_user(trace, id:, email: nil, name: nil, session_id: nil, role: nil, scope: nil, **others)
  raise ArgumentError, 'missing required key: :id' if id.nil?

  # enforce types

  raise TypeError, ':id must be a String'         unless id.is_a?(String)
  raise TypeError, ':email must be a String'      unless email.nil? || email.is_a?(String)
  raise TypeError, ':name must be a String'       unless name.nil? || name.is_a?(String)
  raise TypeError, ':session_id must be a String' unless session_id.nil? || session_id.is_a?(String)
  raise TypeError, ':role must be a String'       unless role.nil? || role.is_a?(String)
  raise TypeError, ':scope must be a String'      unless scope.nil? || scope.is_a?(String)

  others.each do |k, v|
    raise TypeError, "#{k.inspect} must be a String" unless v.nil? || v.is_a?(String)
  end

  # set tags once data is known consistent

  trace.set_tag('usr.id', id)
  trace.set_tag('usr.email', email)           unless email.nil?
  trace.set_tag('usr.name', name)             unless name.nil?
  trace.set_tag('usr.session_id', session_id) unless session_id.nil?
  trace.set_tag('usr.role', role)             unless role.nil?
  trace.set_tag('usr.scope', scope)           unless scope.nil?

  others.each do |k, v|
    trace.set_tag("usr.#{k}", v) unless v.nil?
  end

  if Datadog.configuration.appsec.enabled
    user = ::Datadog::AppSec::Instrumentation::Gateway::User.new(id)
    ::Datadog::AppSec::Instrumentation.gateway.push('identity.set_user', user)
  end
end