Examples with AuditedMethod - alien4cloud.audit.model.AuditedMethod

Example 1 with AuditedMethod

use of alien4cloud.audit.model.AuditedMethod in project alien4cloud by alien4cloud.

the class AuditController method enableMethodAudit.

@ApiOperation(value = "Enable/Disable audit on a list of methods", notes = "Audit configuration update is only accessible to user with role [ ADMIN ]")
@RequestMapping(value = "/configuration/audited-methods", method = RequestMethod.POST, consumes = MediaType.APPLICATION_JSON_VALUE, produces = MediaType.APPLICATION_JSON_VALUE)
@PreAuthorize("hasAuthority('ADMIN')")
public RestResponse<Void> enableMethodAudit(@RequestBody AuditedMethod[] methods) {
    AuditConfiguration auditConfiguration = auditService.getMandatoryAuditConfiguration();
    Map<Method, Boolean> auditedMethodsMap = auditConfiguration.getAuditedMethodsMap();
    for (AuditedMethod method : methods) {
        enableMethodAudit(auditedMethodsMap, method);
    }
    auditConfiguration.setAuditedMethodsMap(auditedMethodsMap);
    auditService.saveAuditConfiguration(auditConfiguration);
    return RestResponseBuilder.<Void>builder().build();
}

Also used : AuditConfiguration(alien4cloud.audit.model.AuditConfiguration) AuditedMethod(alien4cloud.audit.model.AuditedMethod) Method(alien4cloud.audit.model.Method) AuditedMethod(alien4cloud.audit.model.AuditedMethod) HandlerMethod(org.springframework.web.method.HandlerMethod) RequestMethod(org.springframework.web.bind.annotation.RequestMethod) ApiOperation(io.swagger.annotations.ApiOperation) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 2 with AuditedMethod

use of alien4cloud.audit.model.AuditedMethod in project alien4cloud by alien4cloud.

the class AuditController method getAuditConfiguration.

@ApiOperation(value = "Get audit configuration", notes = "Get the audit configuration object. Audit configuration is only accessible to user with role [ ADMIN ]")
@RequestMapping(value = "/configuration", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE)
@PreAuthorize("hasAuthority('ADMIN')")
public RestResponse<AuditConfigurationDTO> getAuditConfiguration() {
    AuditConfiguration currentConfiguration = auditService.getMandatoryAuditConfiguration();
    boolean auditEnabled = currentConfiguration.isEnabled();
    Map<String, List<AuditedMethod>> methodsConfigurationDTO = Maps.newHashMap();
    for (AuditedMethod methodDTO : currentConfiguration.getAuditedMethods()) {
        List<AuditedMethod> currentMethodsForCategory = methodsConfigurationDTO.get(methodDTO.getCategory());
        if (currentMethodsForCategory == null) {
            currentMethodsForCategory = Lists.newArrayList();
            methodsConfigurationDTO.put(methodDTO.getCategory(), currentMethodsForCategory);
        }
        currentMethodsForCategory.add(methodDTO);
    }
    AuditConfigurationDTO auditConfigurationDTO = new AuditConfigurationDTO(auditEnabled, methodsConfigurationDTO);
    return RestResponseBuilder.<AuditConfigurationDTO>builder().data(auditConfigurationDTO).build();
}

Also used : AuditConfiguration(alien4cloud.audit.model.AuditConfiguration) AuditedMethod(alien4cloud.audit.model.AuditedMethod) List(java.util.List) ApiOperation(io.swagger.annotations.ApiOperation) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 3 with AuditedMethod

use of alien4cloud.audit.model.AuditedMethod in project alien4cloud by alien4cloud.

the class AuditController method getAllAvailableMethodsForAudit.

private <T extends Method> Map<T, Boolean> getAllAvailableMethodsForAudit(RequestMappingHandlerMapping requestMappingHandlerMapping, IAuditedMethodFactory<T> methodFactory) {
    Map<RequestMappingInfo, HandlerMethod> handlerMethods = requestMappingHandlerMapping.getHandlerMethods();
    Map<T, Boolean> allMethods = Maps.newHashMap();
    for (Map.Entry<RequestMappingInfo, HandlerMethod> handlerMethodEntry : handlerMethods.entrySet()) {
        HandlerMethod method = handlerMethodEntry.getValue();
        Method auditedMethod = auditService.getAuditedMethod(method);
        if (auditedMethod != null) {
            Audit audit = method.getMethodAnnotation(Audit.class);
            boolean enabledByDefault = audit != null && audit.enabledByDefault();
            allMethods.put(methodFactory.buildAuditedMethod(auditedMethod, method), enabledByDefault);
        }
    }
    return allMethods;
}

Also used : Audit(alien4cloud.audit.annotation.Audit) RequestMappingInfo(org.springframework.web.servlet.mvc.method.RequestMappingInfo) Method(alien4cloud.audit.model.Method) AuditedMethod(alien4cloud.audit.model.AuditedMethod) HandlerMethod(org.springframework.web.method.HandlerMethod) RequestMethod(org.springframework.web.bind.annotation.RequestMethod) Map(java.util.Map) HandlerMethod(org.springframework.web.method.HandlerMethod)

Example 4 with AuditedMethod

use of alien4cloud.audit.model.AuditedMethod in project alien4cloud by alien4cloud.

the class AuditController method enableMethodAudit.

private void enableMethodAudit(Map<Method, Boolean> auditedMethodsMap, AuditedMethod method) {
    if (method.getMethod() == null) {
        throw new InvalidArgumentException("Method's path or http method is null");
    }
    Method auditedMethodKey = new Method(method.getSignature(), method.getMethod(), method.getCategory(), method.getAction(), method.getBodyHiddenFields());
    if (!auditedMethodsMap.containsKey(auditedMethodKey)) {
        throw new NotFoundException("Method " + method + " does not exist ");
    }
    auditedMethodsMap.put(auditedMethodKey, method.isEnabled());
}

Also used : InvalidArgumentException(alien4cloud.exception.InvalidArgumentException) NotFoundException(alien4cloud.exception.NotFoundException) Method(alien4cloud.audit.model.Method) AuditedMethod(alien4cloud.audit.model.AuditedMethod) HandlerMethod(org.springframework.web.method.HandlerMethod) RequestMethod(org.springframework.web.bind.annotation.RequestMethod)

Example 5 with AuditedMethod

use of alien4cloud.audit.model.AuditedMethod in project alien4cloud by alien4cloud.

the class AuditLogStepsDefinitions method enableMethods.

private void enableMethods(DataTable rawMethods, boolean enable) throws IOException {
    List<AuditedMethod> methodsToEnableDisable = Lists.newArrayList();
    for (List<String> row : rawMethods.raw()) {
        String category = row.get(0);
        String action = row.get(1);
        AuditedMethod method = getMethod(currentAuditConfiguration.getMethodsConfiguration().get(category), action, !enable);
        method.setEnabled(enable);
        Assert.assertNotNull(method);
        methodsToEnableDisable.add(method);
    }
    Context.getRestClientInstance().postJSon("/rest/v1/audit/configuration/audited-methods", JsonUtil.toString(methodsToEnableDisable));
}

Also used : AuditedMethod(alien4cloud.audit.model.AuditedMethod)

Aggregations

AuditedMethod (alien4cloud.audit.model.AuditedMethod)5 Method (alien4cloud.audit.model.Method)3 RequestMethod (org.springframework.web.bind.annotation.RequestMethod)3 HandlerMethod (org.springframework.web.method.HandlerMethod)3 AuditConfiguration (alien4cloud.audit.model.AuditConfiguration)2 ApiOperation (io.swagger.annotations.ApiOperation)2 PreAuthorize (org.springframework.security.access.prepost.PreAuthorize)2 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)2 Audit (alien4cloud.audit.annotation.Audit)1 InvalidArgumentException (alien4cloud.exception.InvalidArgumentException)1 NotFoundException (alien4cloud.exception.NotFoundException)1 List (java.util.List)1 Map (java.util.Map)1 RequestMappingInfo (org.springframework.web.servlet.mvc.method.RequestMappingInfo)1