Skip to content

Commit ce2ec87

Browse files
joelverhagenjoelverhagen
authored
Restore username to Application Insights telemetry (#10664)
1 parent de4de3c commit ce2ec87

5 files changed

Lines changed: 42 additions & 132 deletions

File tree

src/NuGetGallery.Services/Telemetry/Obfuscator.cs

Lines changed: 3 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
// Copyright (c) .NET Foundation. All rights reserved.
1+
// Copyright (c) .NET Foundation. All rights reserved.
22
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
33

44
using System;
@@ -12,48 +12,33 @@ public static class Obfuscator
1212
/// Default user name that will replace the real user name.
1313
/// This value will be saved in AI instead of the real value.
1414
/// </summary>
15-
public const string DefaultTelemetryUserName = "ObfuscatedUserName";
1615
public const string DefaultTelemetryReturnUrl = "ObfuscatedReturnUrl";
1716
public const string DefaultTelemetryToken = "ObfuscatedToken";
1817

1918
public static readonly HashSet<string> ObfuscatedActions = new HashSet<string>(StringComparer.OrdinalIgnoreCase)
2019
{
21-
"Organizations/AddCertificate",
22-
"Organizations/AddMember",
23-
"Organizations/CancelMemberRequest",
24-
"Organizations/ChangeEmailSubscription",
2520
"Organizations/ConfirmMemberRequest",
2621
"Organizations/ConfirmMemberRequestRedirect",
27-
"Organizations/DeleteCertificate",
28-
"Organizations/DeleteMember",
29-
"Organizations/GetCertificate",
30-
"Organizations/GetCertificates",
31-
"Organizations/ManageOrganization",
3222
"Organizations/RejectMemberRequest",
3323
"Organizations/RejectMemberRequestRedirect",
34-
"Organizations/UpdateMember",
3524
"Packages/CancelPendingOwnershipRequest",
3625
"Packages/ConfirmPendingOwnershipRequest",
3726
"Packages/ConfirmPendingOwnershipRequestRedirect",
3827
"Packages/RejectPendingOwnershipRequest",
3928
"Packages/RejectPendingOwnershipRequestRedirect",
40-
"Packages/SetRequiredSigner",
4129
"Users/CancelTransformToOrganization",
4230
"Users/CancelTransformToOrganizationRedirect",
4331
"Users/Confirm",
4432
"Users/ConfirmTransformToOrganization",
4533
"Users/ConfirmTransformToOrganizationRedirect",
46-
"Users/Delete",
47-
"Users/Profiles",
48-
"Users/GetAvatar",
4934
"Users/RejectTransformToOrganization",
5035
"Users/RejectTransformToOrganizationRedirect",
5136
"Users/ResetPassword",
5237
};
5338

5439
public static string DefaultObfuscatedUrl(Uri url)
5540
{
56-
return url == null ? string.Empty : $"{url.Scheme}://{url.Host}/{DefaultTelemetryUserName}";
41+
return url == null ? string.Empty : $"{url.Scheme}://{url.Host}/ObfuscatedPath";
5742
}
5843
}
59-
}
44+
}

src/NuGetGallery/App_Start/Routes.cs

Lines changed: 18 additions & 68 deletions
Original file line numberDiff line numberDiff line change
@@ -160,8 +160,7 @@ public static void RegisterUIRoutes(RouteCollection routes, bool adminPanelEnabl
160160
RouteName.SetRequiredSigner,
161161
"packages/{id}/required-signer/{username}",
162162
new { controller = "Packages", action = RouteName.SetRequiredSigner, username = UrlParameter.Optional },
163-
constraints: new { httpMethod = new HttpMethodConstraint("POST") },
164-
obfuscationMetadata: new RouteExtensions.ObfuscatedPathMetadata(3, Obfuscator.DefaultTelemetryUserName));
163+
constraints: new { httpMethod = new HttpMethodConstraint("POST") });
165164

166165
routes.MapRoute(
167166
RouteName.PackageOwnerConfirmationRedirect,
@@ -170,7 +169,6 @@ public static void RegisterUIRoutes(RouteCollection routes, bool adminPanelEnabl
170169
constraints: new { httpMethod = new HttpMethodConstraint("GET") },
171170
obfuscationMetadatas: new[]
172171
{
173-
new RouteExtensions.ObfuscatedPathMetadata(3, Obfuscator.DefaultTelemetryUserName),
174172
new RouteExtensions.ObfuscatedPathMetadata(5, Obfuscator.DefaultTelemetryToken)
175173
});
176174

@@ -181,7 +179,6 @@ public static void RegisterUIRoutes(RouteCollection routes, bool adminPanelEnabl
181179
constraints: new { httpMethod = new HttpMethodConstraint("POST") },
182180
obfuscationMetadatas: new[]
183181
{
184-
new RouteExtensions.ObfuscatedPathMetadata(3, Obfuscator.DefaultTelemetryUserName),
185182
new RouteExtensions.ObfuscatedPathMetadata(5, Obfuscator.DefaultTelemetryToken)
186183
});
187184

@@ -192,7 +189,6 @@ public static void RegisterUIRoutes(RouteCollection routes, bool adminPanelEnabl
192189
constraints: new { httpMethod = new HttpMethodConstraint("GET") },
193190
obfuscationMetadatas: new[]
194191
{
195-
new RouteExtensions.ObfuscatedPathMetadata(3, Obfuscator.DefaultTelemetryUserName),
196192
new RouteExtensions.ObfuscatedPathMetadata(5, Obfuscator.DefaultTelemetryToken)
197193
});
198194

@@ -203,7 +199,6 @@ public static void RegisterUIRoutes(RouteCollection routes, bool adminPanelEnabl
203199
constraints: new { httpMethod = new HttpMethodConstraint("POST") },
204200
obfuscationMetadatas: new[]
205201
{
206-
new RouteExtensions.ObfuscatedPathMetadata(3, Obfuscator.DefaultTelemetryUserName),
207202
new RouteExtensions.ObfuscatedPathMetadata(5, Obfuscator.DefaultTelemetryToken)
208203
});
209204

@@ -213,7 +208,6 @@ public static void RegisterUIRoutes(RouteCollection routes, bool adminPanelEnabl
213208
new { controller = "Packages", action = "CancelPendingOwnershipRequest" },
214209
new[]
215210
{
216-
new RouteExtensions.ObfuscatedPathMetadata(3, Obfuscator.DefaultTelemetryUserName),
217211
new RouteExtensions.ObfuscatedPathMetadata(5, Obfuscator.DefaultTelemetryToken)
218212
});
219213

@@ -363,14 +357,12 @@ public static void RegisterUIRoutes(RouteCollection routes, bool adminPanelEnabl
363357
routes.MapRoute(
364358
RouteName.Profile,
365359
"profiles/{username}",
366-
new { controller = "Users", action = "Profiles" },
367-
new RouteExtensions.ObfuscatedPathMetadata(1, Obfuscator.DefaultTelemetryUserName));
360+
new { controller = "Users", action = "Profiles" });
368361

369362
routes.MapRoute(
370363
RouteName.GetAccountAvatar,
371364
"profiles/{accountName}/avatar",
372-
new { controller = "Users", action = "GetAvatar" },
373-
new RouteExtensions.ObfuscatedPathMetadata(1, Obfuscator.DefaultTelemetryUserName));
365+
new { controller = "Users", action = "GetAvatar" });
374366

375367
routes.MapRoute(
376368
RouteName.GetUserCertificate,
@@ -418,7 +410,6 @@ public static void RegisterUIRoutes(RouteCollection routes, bool adminPanelEnabl
418410
new { controller = "Users", action = "ResetPassword", forgot = true },
419411
new[]
420412
{
421-
new RouteExtensions.ObfuscatedPathMetadata(2, Obfuscator.DefaultTelemetryUserName),
422413
new RouteExtensions.ObfuscatedPathMetadata(3, Obfuscator.DefaultTelemetryToken)
423414
});
424415

@@ -428,7 +419,6 @@ public static void RegisterUIRoutes(RouteCollection routes, bool adminPanelEnabl
428419
new { controller = "Users", action = "ResetPassword", forgot = false },
429420
new[]
430421
{
431-
new RouteExtensions.ObfuscatedPathMetadata(2, Obfuscator.DefaultTelemetryUserName),
432422
new RouteExtensions.ObfuscatedPathMetadata(3, Obfuscator.DefaultTelemetryToken)
433423
});
434424

@@ -438,7 +428,6 @@ public static void RegisterUIRoutes(RouteCollection routes, bool adminPanelEnabl
438428
new { controller = "Users", action = "Confirm" },
439429
new[]
440430
{
441-
new RouteExtensions.ObfuscatedPathMetadata(2, Obfuscator.DefaultTelemetryUserName),
442431
new RouteExtensions.ObfuscatedPathMetadata(3, Obfuscator.DefaultTelemetryToken)
443432
});
444433

@@ -457,8 +446,7 @@ public static void RegisterUIRoutes(RouteCollection routes, bool adminPanelEnabl
457446
routes.MapRoute(
458447
RouteName.AdminDeleteAccount,
459448
"account/delete/{accountName}",
460-
new { controller = "Users", action = "Delete" },
461-
new RouteExtensions.ObfuscatedPathMetadata(2, Obfuscator.DefaultTelemetryUserName));
449+
new { controller = "Users", action = "Delete" });
462450
}
463451

464452
routes.MapRoute(
@@ -478,7 +466,6 @@ public static void RegisterUIRoutes(RouteCollection routes, bool adminPanelEnabl
478466
new { httpMethod = new HttpMethodConstraint("GET") },
479467
new[]
480468
{
481-
new RouteExtensions.ObfuscatedPathMetadata(3, Obfuscator.DefaultTelemetryUserName),
482469
new RouteExtensions.ObfuscatedPathMetadata(4, Obfuscator.DefaultTelemetryToken)
483470
});
484471

@@ -489,7 +476,6 @@ public static void RegisterUIRoutes(RouteCollection routes, bool adminPanelEnabl
489476
new { httpMethod = new HttpMethodConstraint("POST") },
490477
new[]
491478
{
492-
new RouteExtensions.ObfuscatedPathMetadata(3, Obfuscator.DefaultTelemetryUserName),
493479
new RouteExtensions.ObfuscatedPathMetadata(4, Obfuscator.DefaultTelemetryToken)
494480
});
495481

@@ -500,7 +486,6 @@ public static void RegisterUIRoutes(RouteCollection routes, bool adminPanelEnabl
500486
new { httpMethod = new HttpMethodConstraint("GET") },
501487
new[]
502488
{
503-
new RouteExtensions.ObfuscatedPathMetadata(3, Obfuscator.DefaultTelemetryUserName),
504489
new RouteExtensions.ObfuscatedPathMetadata(4, Obfuscator.DefaultTelemetryToken)
505490
});
506491

@@ -511,7 +496,6 @@ public static void RegisterUIRoutes(RouteCollection routes, bool adminPanelEnabl
511496
new { httpMethod = new HttpMethodConstraint("POST") },
512497
new[]
513498
{
514-
new RouteExtensions.ObfuscatedPathMetadata(3, Obfuscator.DefaultTelemetryUserName),
515499
new RouteExtensions.ObfuscatedPathMetadata(4, Obfuscator.DefaultTelemetryToken)
516500
});
517501

@@ -553,45 +537,35 @@ public static void RegisterUIRoutes(RouteCollection routes, bool adminPanelEnabl
553537
RouteName.GetOrganizationCertificate,
554538
"organization/{accountName}/certificates/{thumbprint}",
555539
new { controller = "Organizations", action = "GetCertificate" },
556-
constraints: new { httpMethod = new HttpMethodConstraint("GET") },
557-
obfuscationMetadata: new RouteExtensions.ObfuscatedPathMetadata(1, Obfuscator.DefaultTelemetryUserName));
540+
constraints: new { httpMethod = new HttpMethodConstraint("GET") });
558541

559542
routes.MapRoute(
560543
RouteName.DeleteOrganizationCertificate,
561544
"organization/{accountName}/certificates/{thumbprint}",
562545
new { controller = "Organizations", action = "DeleteCertificate" },
563-
constraints: new { httpMethod = new HttpMethodConstraint("DELETE") },
564-
obfuscationMetadata: new RouteExtensions.ObfuscatedPathMetadata(1, Obfuscator.DefaultTelemetryUserName));
546+
constraints: new { httpMethod = new HttpMethodConstraint("DELETE") });
565547

566548
routes.MapRoute(
567549
RouteName.GetOrganizationCertificates,
568550
"organization/{accountName}/certificates",
569551
new { controller = "Organizations", action = "GetCertificates" },
570-
constraints: new { httpMethod = new HttpMethodConstraint("GET") },
571-
obfuscationMetadata: new RouteExtensions.ObfuscatedPathMetadata(1, Obfuscator.DefaultTelemetryUserName));
552+
constraints: new { httpMethod = new HttpMethodConstraint("GET") });
572553

573554
routes.MapRoute(
574555
RouteName.AddOrganizationCertificate,
575556
"organization/{accountName}/certificates",
576557
new { controller = "Organizations", action = "AddCertificate" },
577-
constraints: new { httpMethod = new HttpMethodConstraint("POST") },
578-
obfuscationMetadata: new RouteExtensions.ObfuscatedPathMetadata(1, Obfuscator.DefaultTelemetryUserName));
558+
constraints: new { httpMethod = new HttpMethodConstraint("POST") });
579559

580560
routes.MapRoute(
581561
RouteName.OrganizationMemberAddAjax,
582562
"organization/{accountName}/members/add",
583-
new { controller = "Organizations", action = nameof(OrganizationsController.AddMember) },
584-
new RouteExtensions.ObfuscatedPathMetadata(1, Obfuscator.DefaultTelemetryUserName));
563+
new { controller = "Organizations", action = nameof(OrganizationsController.AddMember) });
585564

586565
routes.MapRoute(
587566
RouteName.OrganizationMemberAdd,
588567
"organization/{accountName}/members/add/{memberName}/{isAdmin}",
589-
new { controller = "Organizations", action = nameof(OrganizationsController.AddMember) },
590-
new[]
591-
{
592-
new RouteExtensions.ObfuscatedPathMetadata(1, Obfuscator.DefaultTelemetryUserName),
593-
new RouteExtensions.ObfuscatedPathMetadata(4, Obfuscator.DefaultTelemetryUserName)
594-
});
568+
new { controller = "Organizations", action = nameof(OrganizationsController.AddMember) });
595569

596570
routes.MapRoute(
597571
RouteName.OrganizationMemberConfirmRedirect,
@@ -600,7 +574,6 @@ public static void RegisterUIRoutes(RouteCollection routes, bool adminPanelEnabl
600574
new { httpMethod = new HttpMethodConstraint("GET") },
601575
new[]
602576
{
603-
new RouteExtensions.ObfuscatedPathMetadata(1, Obfuscator.DefaultTelemetryUserName),
604577
new RouteExtensions.ObfuscatedPathMetadata(4, Obfuscator.DefaultTelemetryToken)
605578
});
606579

@@ -611,7 +584,6 @@ public static void RegisterUIRoutes(RouteCollection routes, bool adminPanelEnabl
611584
new { httpMethod = new HttpMethodConstraint("POST") },
612585
new[]
613586
{
614-
new RouteExtensions.ObfuscatedPathMetadata(1, Obfuscator.DefaultTelemetryUserName),
615587
new RouteExtensions.ObfuscatedPathMetadata(4, Obfuscator.DefaultTelemetryToken)
616588
});
617589

@@ -622,7 +594,6 @@ public static void RegisterUIRoutes(RouteCollection routes, bool adminPanelEnabl
622594
new { httpMethod = new HttpMethodConstraint("GET") },
623595
new[]
624596
{
625-
new RouteExtensions.ObfuscatedPathMetadata(1, Obfuscator.DefaultTelemetryUserName),
626597
new RouteExtensions.ObfuscatedPathMetadata(4, Obfuscator.DefaultTelemetryToken)
627598
});
628599

@@ -633,69 +604,48 @@ public static void RegisterUIRoutes(RouteCollection routes, bool adminPanelEnabl
633604
new { httpMethod = new HttpMethodConstraint("POST") },
634605
new[]
635606
{
636-
new RouteExtensions.ObfuscatedPathMetadata(1, Obfuscator.DefaultTelemetryUserName),
637607
new RouteExtensions.ObfuscatedPathMetadata(4, Obfuscator.DefaultTelemetryToken)
638608
});
639609

640610
routes.MapRoute(
641611
RouteName.OrganizationMemberCancelAjax,
642612
"organization/{accountName}/members/cancel",
643-
new { controller = "Organizations", action = RouteName.OrganizationMemberCancelAjax },
644-
new RouteExtensions.ObfuscatedPathMetadata(1, Obfuscator.DefaultTelemetryUserName));
613+
new { controller = "Organizations", action = RouteName.OrganizationMemberCancelAjax });
645614

646615
routes.MapRoute(
647616
RouteName.OrganizationMemberCancel,
648617
"organization/{accountName}/members/cancel/{memberName}",
649-
new { controller = "Organizations", action = RouteName.OrganizationMemberCancelAjax },
650-
new[]
651-
{
652-
new RouteExtensions.ObfuscatedPathMetadata(1, Obfuscator.DefaultTelemetryUserName),
653-
new RouteExtensions.ObfuscatedPathMetadata(4, Obfuscator.DefaultTelemetryUserName)
654-
});
618+
new { controller = "Organizations", action = RouteName.OrganizationMemberCancelAjax });
655619

656620
routes.MapRoute(
657621
RouteName.OrganizationMemberUpdateAjax,
658622
"organization/{accountName}/members/update",
659-
new { controller = "Organizations", action = RouteName.OrganizationMemberUpdateAjax },
660-
new RouteExtensions.ObfuscatedPathMetadata(1, Obfuscator.DefaultTelemetryUserName));
623+
new { controller = "Organizations", action = RouteName.OrganizationMemberUpdateAjax });
661624

662625
routes.MapRoute(
663626
RouteName.OrganizationMemberUpdate,
664627
"organization/{accountName}/members/update/{memberName}/{isAdmin}",
665-
new { controller = "Organizations", action = RouteName.OrganizationMemberUpdateAjax },
666-
new[]
667-
{
668-
new RouteExtensions.ObfuscatedPathMetadata(1, Obfuscator.DefaultTelemetryUserName),
669-
new RouteExtensions.ObfuscatedPathMetadata(4, Obfuscator.DefaultTelemetryUserName)
670-
});
628+
new { controller = "Organizations", action = RouteName.OrganizationMemberUpdateAjax });
671629

672630
routes.MapRoute(
673631
RouteName.OrganizationMemberDeleteAjax,
674632
"organization/{accountName}/members/delete",
675-
new { controller = "Organizations", action = RouteName.OrganizationMemberDeleteAjax },
676-
new RouteExtensions.ObfuscatedPathMetadata(1, Obfuscator.DefaultTelemetryUserName));
633+
new { controller = "Organizations", action = RouteName.OrganizationMemberDeleteAjax });
677634

678635
routes.MapRoute(
679636
RouteName.OrganizationMemberDelete,
680637
"organization/{accountName}/members/delete/{memberName}",
681-
new { controller = "Organizations", action = RouteName.OrganizationMemberDeleteAjax },
682-
new[]
683-
{
684-
new RouteExtensions.ObfuscatedPathMetadata(1, Obfuscator.DefaultTelemetryUserName),
685-
new RouteExtensions.ObfuscatedPathMetadata(4, Obfuscator.DefaultTelemetryUserName)
686-
});
638+
new { controller = "Organizations", action = RouteName.OrganizationMemberDeleteAjax });
687639

688640
routes.MapRoute(
689641
RouteName.OrganizationAccount,
690642
"organization/{accountName}/{action}",
691-
new { controller = "Organizations", action = "ManageOrganization" },
692-
new RouteExtensions.ObfuscatedPathMetadata(1, Obfuscator.DefaultTelemetryUserName));
643+
new { controller = "Organizations", action = "ManageOrganization" });
693644

694645
routes.MapRoute(
695646
RouteName.ChangeOrganizationEmailSubscription,
696647
"organization/{accountName}/subscription/change",
697-
new { controller = "Organizations", action = "ChangeEmailSubscription" },
698-
new RouteExtensions.ObfuscatedPathMetadata(1, Obfuscator.DefaultTelemetryUserName));
648+
new { controller = "Organizations", action = "ChangeEmailSubscription" });
699649

700650
routes.MapRoute(
701651
RouteName.Downloads,

0 commit comments

Comments
 (0)