Merge remote-tracking branch 'origin' into release/v1.51.0

Umang01-hash · Umang01-hash · commit fe355176fa2c · 2025-12-27T15:17:02.000+05:30
diff --git a/docs/advanced-guide/rbac/page.md b/docs/advanced-guide/rbac/page.md
@@ -413,7 +413,7 @@ Or use role inheritance to avoid duplication:
 - **Never use header-based RBAC for public APIs** - Use JWT-based RBAC
 - **Always validate JWT tokens** - Use proper JWKS endpoints with HTTPS
 - **Use HTTPS in production** - Protect tokens and headers
-- **Monitor audit logs** - Track authorization decisions
+- **Monitor logs** - Track authorization decisions
 
 ### Configuration
 - **Use role inheritance** - Avoid duplicating permissions (only specify additional ones)
@@ -438,13 +438,13 @@ Or use role inheritance to avoid duplication:
 **Permission always denied**
 - Check role assignment - verify user's role has the required permission
 - Review role permissions - ensure `roles[].permissions` includes the required permission
-- Enable debug logging - check audit logs for authorization decisions
+- Enable debug logging - check debug logs for authorization decisions
 
 **Permission always allowed**
 - Check if endpoint is in RBAC config - routes not in config are allowed to proceed
 - Check public endpoints - verify endpoint is not marked as `public: true`
 - Review endpoint configuration - ensure `endpoints[].requiredPermissions` is set correctly
-- Verify permission check - check audit logs to see if permission check is being performed
+- Verify permission check - check logs to see if permission check is being performed
 
 **JWT role extraction failing**
 - Ensure OAuth middleware is enabled before RBAC
@@ -519,7 +519,7 @@ RBAC middleware implements industry-standard security practices to protect sensi
 - ✅ Status (allowed/denied) included
 - ❌ Roles excluded (avoid high cardinality and PII concerns)
 
-**Audit Logs:**
+**Logs:**
 - ✅ Roles included (required for compliance: SOC 2, PCI-DSS, NIST)
 - ✅ HTTP method, route, status, and reason included
 - ❌ No authorization tokens, headers, or request bodies logged
diff --git a/pkg/gofr/rbac/config.go b/pkg/gofr/rbac/config.go
@@ -163,11 +163,6 @@ func LoadPermissions(path string, logger datasource.Logger, metrics container.Me
 	// Use StrictSlash(false) to match the application router's behavior
 	config.muxRouter = mux.NewRouter().StrictSlash(false)
 
-	// Register metrics if provided
-	if metrics != nil {
-		registerMetrics(metrics)
-	}
-
 	// Validate config before processing
 	if err := config.validate(); err != nil {
 		return nil, fmt.Errorf("invalid RBAC config: %w", err)
@@ -181,18 +176,6 @@ func LoadPermissions(path string, logger datasource.Logger, metrics container.Me
 	return &config, nil
 }
 
-// registerMetrics registers RBAC metrics with the metrics instance.
-func registerMetrics(metrics container.Metrics) {
-	buckets := []float64{0.0001, 0.0005, 0.001, 0.005, 0.01, 0.05, 0.1, 0.5, 1}
-	metrics.NewHistogram(
-		"rbac_authorization_duration",
-		"Duration of RBAC authorization checks",
-		buckets...,
-	)
-	metrics.NewCounter("rbac_authorization_decisions", "Number of RBAC authorization decisions")
-	metrics.NewCounter("rbac_role_extraction_failures", "Number of failed role extractions")
-}
-
 // validate validates the RBAC configuration.
 func (c *Config) validate() error {
 	// Validate endpoints: non-public endpoints must have RequiredPermissions
diff --git a/pkg/gofr/rbac/config_test.go b/pkg/gofr/rbac/config_test.go
@@ -1,7 +1,6 @@
 package rbac
 
 import (
-	"context"
 	"os"
 	"path/filepath"
 	"testing"
@@ -538,50 +537,6 @@ func TestConfig_MatchesKey(t *testing.T) {
 	})
 }
 
-func TestLoadPermissions_RegisterMetrics(t *testing.T) {
-	t.Run("registers metrics when metrics is provided", func(t *testing.T) {
-		mockMetrics := &configMockMetrics{
-			histogramCreated: false,
-			counterCreated:   false,
-		}
-
-		fileContent := `{
-			"roles": [{"name": "admin", "permissions": ["admin:read"]}],
-			"endpoints": [{"path": "/api", "methods": ["GET"], "requiredPermissions": ["admin:read"]}]
-		}`
-		path, err := createTestConfigFile("test_metrics.json", fileContent)
-		require.NoError(t, err)
-
-		defer os.Remove(path)
-
-		_, err = LoadPermissions(path, nil, mockMetrics, nil)
-		require.NoError(t, err)
-
-		assert.True(t, mockMetrics.histogramCreated, "histogram should be created")
-		assert.True(t, mockMetrics.counterCreated, "counter should be created")
-	})
-}
-
-// configMockMetrics for config tests.
-type configMockMetrics struct {
-	histogramCreated bool
-	counterCreated   bool
-}
-
-func (m *configMockMetrics) NewHistogram(_, _ string, _ ...float64) {
-	m.histogramCreated = true
-}
-
-func (*configMockMetrics) RecordHistogram(_ context.Context, _ string, _ float64, _ ...string) {}
-func (m *configMockMetrics) NewCounter(_, _ string) {
-	m.counterCreated = true
-}
-func (*configMockMetrics) IncrementCounter(_ context.Context, _ string, _ ...string)              {}
-func (*configMockMetrics) NewUpDownCounter(_, _ string)                                           {}
-func (*configMockMetrics) NewGauge(_, _ string)                                                   {}
-func (*configMockMetrics) DeltaUpDownCounter(_ context.Context, _ string, _ float64, _ ...string) {}
-func (*configMockMetrics) SetGauge(_ string, _ float64, _ ...string)                              {}
-
 func TestConfig_getEffectivePermissions(t *testing.T) {
 	testCases := []struct {
 		desc          string
diff --git a/pkg/gofr/rbac/middleware.go b/pkg/gofr/rbac/middleware.go
@@ -144,24 +144,11 @@ func Middleware(config *Config) func(handler http.Handler) http.Handler {
 			// Check authorization using unified endpoint-based authorization
 			authorized, _ := checkEndpointAuthorization(role, endpoint, config)
 			if !authorized {
-				// Role not included in metrics to avoid high cardinality and PII concerns
-				// Only include status (allowed/denied) for aggregation
-				if config.Metrics != nil {
-					config.Metrics.IncrementCounter(r.Context(), "rbac_authorization_decisions", "status", "denied")
-				}
-
 				handleAuthError(w, r, config, role, routeLabel, ErrAccessDenied)
 
 				return
 			}
 
-			// Record metrics and update span
-			// Role not included in metrics to avoid high cardinality and PII concerns
-			// Only include status (allowed/denied) for aggregation
-			if config.Metrics != nil {
-				config.Metrics.IncrementCounter(r.Context(), "rbac_authorization_decisions", "status", "allowed")
-			}
-
 			if config.Tracer != nil {
 				trace.SpanFromContext(r.Context()).SetAttributes(attribute.Bool("rbac.authorized", true))
 			}
diff --git a/pkg/gofr/rbac/middleware_test.go b/pkg/gofr/rbac/middleware_test.go
@@ -923,186 +923,6 @@ func TestMiddleware_WithTracing(t *testing.T) {
 	})
 }
 
-func TestMiddleware_WithMetrics(t *testing.T) {
-	t.Run("records metrics when metrics is available", func(t *testing.T) {
-		mockMetrics := &mockMetrics{
-			counterIncremented: make(map[string]bool),
-		}
-
-		config := &Config{
-			Endpoints: []EndpointMapping{
-				{Path: "/api", Methods: []string{"GET"}, RequiredPermissions: []string{"admin:read"}},
-			},
-			RoleHeader: "X-User-Role",
-			Metrics:    mockMetrics,
-		}
-		err := config.processUnifiedConfig()
-		require.NoError(t, err)
-
-		middlewareFunc := Middleware(config)
-		handler := http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) {
-			w.WriteHeader(http.StatusOK)
-		})
-
-		wrapped := middlewareFunc(handler)
-		w := httptest.NewRecorder()
-		req := httptest.NewRequest(http.MethodGet, "/api", http.NoBody)
-		req.Header.Set("X-User-Role", "admin")
-
-		// Setup role permissions
-		config.rolePermissionsMap = map[string][]string{
-			"admin": {"admin:read"},
-		}
-
-		wrapped.ServeHTTP(w, req)
-
-		assert.Equal(t, http.StatusOK, w.Code)
-		// Metrics should be recorded
-		assert.True(t, mockMetrics.counterIncremented["rbac_authorization_decisions"])
-	})
-}
-
-// mockMetrics implements the Metrics interface for testing.
-type mockMetrics struct {
-	histogramCreated   bool
-	counterCreated     bool
-	counterIncremented map[string]bool
-	counterLabels      map[string][]string // Track labels for each counter call
-}
-
-func (m *mockMetrics) NewHistogram(_, _ string, _ ...float64) {
-	m.histogramCreated = true
-}
-
-func (*mockMetrics) RecordHistogram(_ context.Context, _ string, _ float64, _ ...string) {
-	// Mock implementation
-}
-
-func (m *mockMetrics) NewCounter(_, _ string) {
-	m.counterCreated = true
-}
-
-func (m *mockMetrics) IncrementCounter(_ context.Context, name string, labels ...string) {
-	if m.counterIncremented == nil {
-		m.counterIncremented = make(map[string]bool)
-	}
-
-	if m.counterLabels == nil {
-		m.counterLabels = make(map[string][]string)
-	}
-
-	m.counterIncremented[name] = true
-	m.counterLabels[name] = labels
-}
-
-func (*mockMetrics) NewUpDownCounter(_, _ string) {
-	// Mock implementation
-}
-
-func (*mockMetrics) NewGauge(_, _ string) {
-	// Mock implementation
-}
-
-func (*mockMetrics) DeltaUpDownCounter(_ context.Context, _ string, _ float64, _ ...string) {
-	// Mock implementation
-}
-
-func (*mockMetrics) SetGauge(_ string, _ float64, _ ...string) {
-	// Mock implementation
-}
-
-func TestMiddleware_RoleNotInMetrics(t *testing.T) {
-	t.Run("role is not included in metric labels", func(t *testing.T) {
-		mockMetrics := &mockMetrics{
-			counterIncremented: make(map[string]bool),
-			counterLabels:      make(map[string][]string),
-		}
-
-		config := &Config{
-			Endpoints: []EndpointMapping{
-				{Path: "/api", Methods: []string{"GET"}, RequiredPermissions: []string{"admin:read"}},
-			},
-			RoleHeader: "X-User-Role",
-			Metrics:    mockMetrics,
-		}
-		err := config.processUnifiedConfig()
-		require.NoError(t, err)
-
-		middlewareFunc := Middleware(config)
-		handler := http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) {
-			w.WriteHeader(http.StatusOK)
-		})
-
-		wrapped := middlewareFunc(handler)
-		w := httptest.NewRecorder()
-		req := httptest.NewRequest(http.MethodGet, "/api", http.NoBody)
-		req.Header.Set("X-User-Role", "admin")
-
-		// Setup role permissions
-		config.rolePermissionsMap = map[string][]string{
-			"admin": {"admin:read"},
-		}
-
-		wrapped.ServeHTTP(w, req)
-
-		assert.Equal(t, http.StatusOK, w.Code)
-		// Verify metrics were recorded
-		assert.True(t, mockMetrics.counterIncremented["rbac_authorization_decisions"])
-		// Verify role is NOT in labels (only status should be present)
-		labels := mockMetrics.counterLabels["rbac_authorization_decisions"]
-		assert.Contains(t, labels, "status", "status label should be present")
-		assert.Contains(t, labels, "allowed", "allowed status should be present")
-		// Verify role is NOT in labels
-		assert.NotContains(t, labels, "role", "role should not be in metric labels")
-		assert.NotContains(t, labels, "admin", "role value should not be in metric labels")
-	})
-
-	t.Run("role is not included in metric labels for denied requests", func(t *testing.T) {
-		mockMetrics := &mockMetrics{
-			counterIncremented: make(map[string]bool),
-			counterLabels:      make(map[string][]string),
-		}
-
-		config := &Config{
-			Endpoints: []EndpointMapping{
-				{Path: "/api", Methods: []string{"GET"}, RequiredPermissions: []string{"admin:read"}},
-			},
-			RoleHeader: "X-User-Role",
-			Metrics:    mockMetrics,
-		}
-		err := config.processUnifiedConfig()
-		require.NoError(t, err)
-
-		middlewareFunc := Middleware(config)
-		handler := http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) {
-			w.WriteHeader(http.StatusOK)
-		})
-
-		wrapped := middlewareFunc(handler)
-		w := httptest.NewRecorder()
-		req := httptest.NewRequest(http.MethodGet, "/api", http.NoBody)
-		req.Header.Set("X-User-Role", "viewer") // Role without permission
-
-		// Setup role permissions
-		config.rolePermissionsMap = map[string][]string{
-			"viewer": {"viewer:read"}, // Different permission
-		}
-
-		wrapped.ServeHTTP(w, req)
-
-		assert.Equal(t, http.StatusForbidden, w.Code)
-		// Verify metrics were recorded
-		assert.True(t, mockMetrics.counterIncremented["rbac_authorization_decisions"])
-		// Verify role is NOT in labels (only status should be present)
-		labels := mockMetrics.counterLabels["rbac_authorization_decisions"]
-		assert.Contains(t, labels, "status", "status label should be present")
-		assert.Contains(t, labels, "denied", "denied status should be present")
-		// Verify role is NOT in labels
-		assert.NotContains(t, labels, "role", "role should not be in metric labels")
-		assert.NotContains(t, labels, "viewer", "role value should not be in metric labels")
-	})
-}
-
 func TestMiddleware_RoleInAuditLogs(t *testing.T) {
 	t.Run("role is included in audit logs", func(t *testing.T) {
 		mockLog := &mockLogger{
