remove enriching 405 in rbaac filter (#335)

Ferdudas97 · web-flow · commit 558fc7f34093 · 2022-09-23T12:17:33.000+02:00
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -7,6 +7,12 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/).
 
 ## [Unreleased]
 
+
+## [0.19.21]
+
+### Changed
+- Remove enriching (with wrong destination) responses with 405 status code in lua
+
 ### Changed
 
 ## [0.19.20]
diff --git a/envoy-control-core/src/main/resources/lua/ingress_rbac_logging.lua b/envoy-control-core/src/main/resources/lua/ingress_rbac_logging.lua
@@ -77,9 +77,6 @@ function envoy_on_response(handle)
             rbac_action = "denied"
         end
         log_request(lua_metadata, handle, rbac_action)
-        if status_code == "405" then
-            enrichResponseForWrongDestination(handle, lua_metadata)
-        end
     end
 end
 
@@ -110,15 +107,6 @@ function log_request(lua_metadata, handle, rbac_action)
         ", \"rbacAction\": \""..rbac_action.."\" }")
 end
 
-function enrichResponseForWrongDestination(handle, lua_metadata)
-    local currentService = handle:metadata():get("service_name") or ""
-    local lua_destination_authority = lua_metadata["request.info.lua_destination_authority"] or ""
-    local authority = lua_metadata["request.info.authority"] or ""
-    handle:headers():add("x-envoy-wrong-destination-reached", currentService)
-    handle:headers():add("x-envoy-wrong-destination-target", authority)
-    handle:headers():add("x-envoy-wrong-lua-destination-target", lua_destination_authority)
-end
-
 escapeList = {
     ["\\"] = "\\\\",
     ["\""] = "\\\"",
diff --git a/envoy-control-tests/src/main/resources/lua_spec/ingress_rbac_logging_spec.lua b/envoy-control-tests/src/main/resources/lua_spec/ingress_rbac_logging_spec.lua
@@ -438,41 +438,6 @@ describe("envoy_on_response:", function()
             assert.spy(handle.logInfo).was_called(1)
         end)
 
-        it("as logged when status code is 405 and proper headers should be set", function ()
-            -- given
-            headers[':status'] = "405"
-
-            local filter_metadata = {
-                ['service_name'] = "service",
-            }
-
-            local handle = handlerMock(headers, metadata, ssl, filter_metadata)
-
-            -- when
-            envoy_on_response(handle)
-
-            -- then
-            assert.spy(handle.logInfo).was_called_with(_, formatLog(
-                "POST",
-                "/path?query=val",
-                "127.1.1.3",
-                "service-first",
-                "https",
-                "",
-                "405",
-                false,
-                false,
-                "shadow_denied",
-                "authority",
-                "lua_authority"
-            ))
-            assert.are.equal(headers["x-envoy-wrong-destination-reached"], "service")
-            assert.are.equal(headers["x-envoy-wrong-destination-target"], "authority")
-            assert.are.equal(headers["x-envoy-wrong-lua-destination-target"], "lua_authority")
-
-            assert.spy(handle.logInfo).was_called(1)
-        end)
-
         it("allowed & logged request", function ()
             -- given
             headers[':status'] = '200'
