Search in sources :

Example 1 with AuditTrace

use of alien4cloud.audit.model.AuditTrace in project alien4cloud by alien4cloud.

the class AuditLogStepsDefinitions method searchAuditLogs.

private List<AuditTrace> searchAuditLogs(String query, Integer from, int numberOfResult, Map<String, String[]> filters, boolean checkResultSize) throws IOException {
    FilteredSearchRequest req = new FilteredSearchRequest(query, from, 10, filters);
    String jSon = JsonUtil.toString(req);
    String restResponse = Context.getRestClientInstance().postJSon("/rest/v1/audit/search", jSon);
    FacetedSearchResult searchResult = JsonUtil.read(restResponse, FacetedSearchResult.class).getData();
    if (checkResultSize) {
        Assert.assertEquals(numberOfResult, searchResult.getTotalResults());
    }
    Object[] searchData = searchResult.getData();
    List<AuditTrace> actualTraces = Lists.newArrayList();
    for (Object jsonData : searchData) {
        actualTraces.add(JsonUtil.readObject(JsonUtil.toString(jsonData), AuditTrace.class));
    }
    return actualTraces;
}
Also used : FilteredSearchRequest(alien4cloud.rest.model.FilteredSearchRequest) AuditTrace(alien4cloud.audit.model.AuditTrace) FacetedSearchResult(alien4cloud.dao.model.FacetedSearchResult)

Example 2 with AuditTrace

use of alien4cloud.audit.model.AuditTrace in project alien4cloud by alien4cloud.

the class AuditLogStepsDefinitions method auditContains.

private boolean auditContains(List<AuditTrace> traces, String userName, String category, String action) {
    for (AuditTrace trace : traces) {
        boolean userMatch = trace.getUserName().equals(userName);
        boolean categoryMatch = trace.getCategory().equals(category);
        boolean actionMatch = trace.getAction().equals(action);
        if (userMatch && categoryMatch && actionMatch) {
            return true;
        }
    }
    return false;
}
Also used : AuditTrace(alien4cloud.audit.model.AuditTrace)

Example 3 with AuditTrace

use of alien4cloud.audit.model.AuditTrace in project alien4cloud by alien4cloud.

the class AuditLogFilter method getAuditTrace.

private AuditTrace getAuditTrace(HttpServletRequest request, HttpServletResponse response, HandlerMethod handlerMethod, User user, boolean requestContainsJson, final AuditConfiguration configuration) throws IOException {
    final Method method = auditService.getAuditedMethod(handlerMethod);
    // trace user info only when he is logged
    AuditTrace auditTrace = new AuditTrace();
    auditTrace.setTimestamp(System.currentTimeMillis());
    auditTrace.setAction(method.getAction());
    ApiOperation apiDoc = getApiDoc(handlerMethod);
    if (apiDoc != null) {
        auditTrace.setActionDescription(apiDoc.value());
    }
    auditTrace.setCategory(method.getCategory());
    auditTrace.setUserName(user.getUsername());
    auditTrace.setUserFirstName(user.getFirstName());
    auditTrace.setUserLastName(user.getLastName());
    auditTrace.setUserEmail(user.getEmail());
    // request details
    auditTrace.setPath(request.getRequestURI());
    auditTrace.setVersion(getApiVersion(request.getRequestURI()));
    auditTrace.setUserAgent(request.getHeader(HttpHeaders.USER_AGENT));
    auditTrace.setAlien4CloudUI(!Strings.isNullOrEmpty(request.getHeader(A4C_UI_HEADER)));
    auditTrace.setMethod(request.getMethod());
    auditTrace.setRequestParameters(request.getParameterMap());
    auditTrace.setSourceIp(request.getRemoteAddr());
    // request body
    if (requestContainsJson) {
        String original = StreamUtils.copyToString(request.getInputStream(), Charsets.UTF_8);
        auditTrace.setRequestBody(filterRequestBody(original, method));
    }
    // response details
    auditTrace.setResponseStatus(response.getStatus());
    return auditTrace;
}
Also used : ApiOperation(io.swagger.annotations.ApiOperation) Method(alien4cloud.audit.model.Method) HandlerMethod(org.springframework.web.method.HandlerMethod) AuditTrace(alien4cloud.audit.model.AuditTrace)

Example 4 with AuditTrace

use of alien4cloud.audit.model.AuditTrace in project alien4cloud by alien4cloud.

the class AuditLogFilter method doFilterInternal.

@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
    AuditConfiguration configuration = auditService.getAuditConfiguration();
    if (configuration == null || !configuration.isEnabled()) {
        filterChain.doFilter(request, response);
        return;
    }
    User user = AuthorizationUtil.getCurrentUser();
    if (user == null) {
        filterChain.doFilter(request, response);
        return;
    }
    HandlerMethod method = getHandlerMethod(request);
    if (method == null) {
        filterChain.doFilter(request, response);
        return;
    }
    if (!auditService.isMethodAudited(configuration, method)) {
        filterChain.doFilter(request, response);
        return;
    }
    boolean requestContainsJson = isRequestContainingJson(request);
    if (requestContainsJson) {
        request = new MultiReadHttpServletRequest(request);
    }
    try {
        filterChain.doFilter(request, response);
    } finally {
        AuditTrace auditTrace = null;
        try {
            auditTrace = getAuditTrace(request, response, method, user, requestContainsJson, configuration);
        } catch (Exception e) {
            logger.warn("Unable to construct audit trace", e);
        }
        if (auditTrace != null) {
            if (logger.isDebugEnabled()) {
                logger.debug(auditTrace.toString());
            }
            try {
                auditService.saveAuditTrace(auditTrace);
            } catch (Exception e) {
                logger.warn("Unable to save audit trace " + auditTrace, e);
            }
        }
    }
}
Also used : AuditConfiguration(alien4cloud.audit.model.AuditConfiguration) User(alien4cloud.security.model.User) AuditTrace(alien4cloud.audit.model.AuditTrace) HandlerMethod(org.springframework.web.method.HandlerMethod) ServletException(javax.servlet.ServletException) IOException(java.io.IOException)

Aggregations

AuditTrace (alien4cloud.audit.model.AuditTrace)4 HandlerMethod (org.springframework.web.method.HandlerMethod)2 AuditConfiguration (alien4cloud.audit.model.AuditConfiguration)1 Method (alien4cloud.audit.model.Method)1 FacetedSearchResult (alien4cloud.dao.model.FacetedSearchResult)1 FilteredSearchRequest (alien4cloud.rest.model.FilteredSearchRequest)1 User (alien4cloud.security.model.User)1 ApiOperation (io.swagger.annotations.ApiOperation)1 IOException (java.io.IOException)1 ServletException (javax.servlet.ServletException)1