Closed trel closed 1 month ago
Would like to confirm (somehow) that PEPs which return errors that are not RULE_ENGINE_CONTINUE
or SYS_NOT_SUPPORTED
fall through appropriately to the audit plugin so that the events are logged.
For example, if I want to prevent uploads to a particular server via the Put API (for whatever reason) and I return SYS_NOT_ALLOWED
or something in pep_api_data_obj_put_pre
, would the audit plugin emit a message for such an event so that we can see that it was attempted?
If the audit plugin is first in the list, it should capture the PEP and allow the next REP to handle it (i.e. block it if desired) just fine.
I see. We will need to update our slides to reflect that if that's the requirement. If it "just works" then no need
Confirmed that everything is working. See https://github.com/irods/contrib/pull/43#issuecomment-2120536542. @trel: I think this is good for the closing.
this is no longer needed. we can just use pep_ now directly.