use of datawave.webservice.common.audit.Auditor.AuditType in project datawave by NationalSecurityAgency.
the class QueryExecutorBean method updateQuery.
private void updateQuery(GenericResponse<String> response, RunningQuery runningQuery, String queryLogicName, String query, Date beginDate, Date endDate, String queryAuthorizations, Date expirationDate, Integer pagesize, Integer pageTimeout, Long maxResultsOverride, QueryPersistence persistenceMode, String parameters) throws Exception {
// Find out who/what called this method
Principal p = ctx.getCallerPrincipal();
String userid = p.getName();
Collection<Collection<String>> cbAuths = new HashSet<>();
if (p instanceof DatawavePrincipal) {
DatawavePrincipal dp = (DatawavePrincipal) p;
userid = dp.getShortName();
cbAuths.addAll(dp.getAuthorizations());
}
log.trace(userid + " has authorizations " + cbAuths);
Query q = runningQuery.getSettings();
// validate persistence mode first
if (persistenceMode != null) {
switch(persistenceMode) {
case PERSISTENT:
if (q.getQueryName() == null)
throw new BadRequestQueryException(DatawaveErrorCode.QUERY_NAME_REQUIRED);
break;
case TRANSIENT:
break;
default:
throw new BadRequestQueryException(DatawaveErrorCode.UNKNOWN_PERSISTENCE_MODE, MessageFormat.format("Mode = {0}", persistenceMode));
}
}
// test for any auditable updates
if (query != null || beginDate != null || endDate != null || queryAuthorizations != null) {
// must clone/audit attempt first
Query duplicate = q.duplicate(q.getQueryName());
duplicate.setId(q.getId());
updateQueryParams(duplicate, queryLogicName, query, beginDate, endDate, queryAuthorizations, expirationDate, pagesize, pageTimeout, maxResultsOverride, parameters);
// Fire off an audit prior to updating
AuditType auditType = runningQuery.getLogic().getAuditType(runningQuery.getSettings());
if (!auditType.equals(AuditType.NONE)) {
try {
MultivaluedMap<String, String> queryParameters = new MultivaluedMapImpl<>();
queryParameters.putAll(duplicate.toMap());
// if the user didn't set an audit id, use the query id
if (!queryParameters.containsKey(AuditParameters.AUDIT_ID)) {
queryParameters.putSingle(AuditParameters.AUDIT_ID, q.getId().toString());
}
auditor.audit(queryParameters);
} catch (IllegalArgumentException e) {
log.error("Error validating audit parameters", e);
BadRequestQueryException qe = new BadRequestQueryException(DatawaveErrorCode.MISSING_REQUIRED_PARAMETER, e);
response.addException(qe);
throw new BadRequestException(qe, response);
} catch (Exception e) {
QueryException qe = new QueryException(DatawaveErrorCode.QUERY_AUDITING_ERROR, e);
log.error(qe, e);
response.addException(qe.getBottomQueryException());
throw e;
}
}
}
// update the actual running query
updateQueryParams(q, queryLogicName, query, beginDate, endDate, queryAuthorizations, expirationDate, pagesize, pageTimeout, maxResultsOverride, parameters);
// update the persistenceMode post audit
if (persistenceMode != null) {
switch(persistenceMode) {
case PERSISTENT:
persister.update(q);
break;
case TRANSIENT:
persister.remove(q);
break;
}
}
// Put in the cache by id
queryCache.put(q.getId().toString(), runningQuery);
}
use of datawave.webservice.common.audit.Auditor.AuditType in project datawave by NationalSecurityAgency.
the class QueryExecutorBean method planQuery.
/**
* @param queryLogicName
* @param queryParameters
* @return
*/
@POST
@Produces({ "application/xml", "text/xml", "application/json", "text/yaml", "text/x-yaml", "application/x-yaml", "application/x-protobuf", "application/x-protostuff" })
@Path("/{logicName}/plan")
@Interceptors({ RequiredInterceptor.class, ResponseInterceptor.class })
@Timed(name = "dw.query.planQuery", absolute = true)
public GenericResponse<String> planQuery(@Required("logicName") @PathParam("logicName") String queryLogicName, MultivaluedMap<String, String> queryParameters) {
QueryData qd = validateQuery(queryLogicName, queryParameters, null);
GenericResponse<String> response = new GenericResponse<>();
Query q = null;
Connector connection = null;
AccumuloConnectionFactory.Priority priority;
try {
// Default hasResults to true.
response.setHasResults(true);
// by default we will expand the fields but not the values.
boolean expandFields = true;
boolean expandValues = false;
if (queryParameters.containsKey(EXPAND_FIELDS)) {
expandFields = Boolean.valueOf(queryParameters.getFirst(EXPAND_FIELDS));
}
if (queryParameters.containsKey(EXPAND_VALUES)) {
expandValues = Boolean.valueOf(queryParameters.getFirst(EXPAND_VALUES));
}
AuditType auditType = qd.logic.getAuditType(null);
try {
MultivaluedMap<String, String> optionalQueryParameters = new MultivaluedMapImpl<>();
optionalQueryParameters.putAll(qp.getUnknownParameters(queryParameters));
q = persister.create(qd.userDn, qd.dnList, marking, queryLogicName, qp, optionalQueryParameters);
auditType = qd.logic.getAuditType(q);
} finally {
queryParameters.add(PrivateAuditConstants.AUDIT_TYPE, auditType.name());
// on audit if needed, and we are using the index to expand the values
if (expandValues && !auditType.equals(AuditType.NONE)) {
// audit the query before its executed.
try {
try {
List<String> selectors = qd.logic.getSelectors(q);
if (selectors != null && !selectors.isEmpty()) {
queryParameters.put(PrivateAuditConstants.SELECTORS, selectors);
}
} catch (Exception e) {
log.error("Error accessing query selector", e);
}
// if the user didn't set an audit id, use the query id
if (!queryParameters.containsKey(AuditParameters.AUDIT_ID)) {
queryParameters.putSingle(AuditParameters.AUDIT_ID, q.getId().toString());
}
auditor.audit(queryParameters);
} catch (IllegalArgumentException e) {
log.error("Error validating audit parameters", e);
BadRequestQueryException qe = new BadRequestQueryException(DatawaveErrorCode.MISSING_REQUIRED_PARAMETER, e);
response.addException(qe);
throw new BadRequestException(qe, response);
} catch (Exception e) {
log.error("Error auditing query", e);
QueryException qe = new QueryException(DatawaveErrorCode.QUERY_AUDITING_ERROR, e);
response.addException(qe);
throw qe;
}
}
}
priority = qd.logic.getConnectionPriority();
Map<String, String> trackingMap = connectionFactory.getTrackingMap(Thread.currentThread().getStackTrace());
addQueryToTrackingMap(trackingMap, q);
accumuloConnectionRequestBean.requestBegin(q.getId().toString());
try {
connection = connectionFactory.getConnection(qd.logic.getConnPoolName(), priority, trackingMap);
} finally {
accumuloConnectionRequestBean.requestEnd(q.getId().toString());
}
Set<Authorizations> calculatedAuths = AuthorizationsUtil.getDowngradedAuthorizations(qp.getAuths(), qd.p);
String plan = qd.logic.getPlan(connection, q, calculatedAuths, expandFields, expandValues);
response.setResult(plan);
return response;
} catch (Throwable t) {
response.setHasResults(false);
/*
* Allow web services to throw their own WebApplicationExceptions
*/
if (t instanceof Error && !(t instanceof TokenMgrError)) {
log.error(t.getMessage(), t);
throw (Error) t;
} else if (t instanceof WebApplicationException) {
log.error(t.getMessage(), t);
throw ((WebApplicationException) t);
} else {
log.error(t.getMessage(), t);
QueryException qe = new QueryException(DatawaveErrorCode.QUERY_PLAN_ERROR, t);
response.addException(qe.getBottomQueryException());
int statusCode = qe.getBottomQueryException().getStatusCode();
throw new DatawaveWebApplicationException(qe, response, statusCode);
}
} finally {
if (connection != null) {
try {
connectionFactory.returnConnection(connection);
} catch (Exception e) {
log.error("Failed to close connection for " + q.getId(), e);
}
}
// close the logic on exception
try {
if (null != qd.logic) {
qd.logic.close();
}
} catch (Exception e) {
log.error("Exception occured while closing query logic; may be innocuous if scanners were running.", e);
}
if (null != connection) {
try {
connectionFactory.returnConnection(connection);
} catch (Exception e) {
log.error("Error returning connection on failed create", e);
}
}
}
}
use of datawave.webservice.common.audit.Auditor.AuditType in project datawave by NationalSecurityAgency.
the class QueryExecutorBean method createQuery.
/**
* @param queryLogicName
* @param queryParameters
* @return
*/
@POST
@Produces({ "application/xml", "text/xml", "application/json", "text/yaml", "text/x-yaml", "application/x-yaml", "application/x-protobuf", "application/x-protostuff" })
@Path("/{logicName}/create")
@GZIP
@GenerateQuerySessionId(cookieBasePath = "/DataWave/Query/")
@EnrichQueryMetrics(methodType = MethodType.CREATE)
@Interceptors({ RequiredInterceptor.class, ResponseInterceptor.class })
@Timed(name = "dw.query.createQuery", absolute = true)
public GenericResponse<String> createQuery(@Required("logicName") @PathParam("logicName") String queryLogicName, MultivaluedMap<String, String> queryParameters, @Context HttpHeaders httpHeaders) {
CreateQuerySessionIDFilter.QUERY_ID.set(null);
QueryData qd = validateQuery(queryLogicName, queryParameters, httpHeaders);
GenericResponse<String> response = new GenericResponse<>();
Query q = null;
Connector connection = null;
AccumuloConnectionFactory.Priority priority;
Span createSpan = null;
RunningQuery rq = null;
try {
// Default hasResults to true. If a query logic is actually able to set this value,
// then their value will overwrite this one. Otherwise, we return true so that
// callers know they have to call next (even though next may not return results).
response.setHasResults(true);
AuditType auditType = qd.logic.getAuditType(null);
try {
MultivaluedMap<String, String> optionalQueryParameters = new MultivaluedMapImpl<>();
optionalQueryParameters.putAll(qp.getUnknownParameters(queryParameters));
q = persister.create(qd.userDn, qd.dnList, marking, queryLogicName, qp, optionalQueryParameters);
auditType = qd.logic.getAuditType(q);
} finally {
queryParameters.add(PrivateAuditConstants.AUDIT_TYPE, auditType.name());
if (!auditType.equals(AuditType.NONE)) {
// audit the query before its executed.
try {
try {
List<String> selectors = qd.logic.getSelectors(q);
if (selectors != null && !selectors.isEmpty()) {
queryParameters.put(PrivateAuditConstants.SELECTORS, selectors);
}
} catch (Exception e) {
log.error("Error accessing query selector", e);
}
// if the user didn't set an audit id, use the query id
if (!queryParameters.containsKey(AuditParameters.AUDIT_ID)) {
queryParameters.putSingle(AuditParameters.AUDIT_ID, q.getId().toString());
}
auditor.audit(queryParameters);
} catch (IllegalArgumentException e) {
log.error("Error validating audit parameters", e);
BadRequestQueryException qe = new BadRequestQueryException(DatawaveErrorCode.MISSING_REQUIRED_PARAMETER, e);
response.addException(qe);
throw new BadRequestException(qe, response);
} catch (Exception e) {
log.error("Error auditing query", e);
QueryException qe = new QueryException(DatawaveErrorCode.QUERY_AUDITING_ERROR, e);
response.addException(qe);
throw qe;
}
}
}
priority = qd.logic.getConnectionPriority();
Map<String, String> trackingMap = connectionFactory.getTrackingMap(Thread.currentThread().getStackTrace());
addQueryToTrackingMap(trackingMap, q);
accumuloConnectionRequestBean.requestBegin(q.getId().toString());
try {
connection = connectionFactory.getConnection(qd.logic.getConnPoolName(), priority, trackingMap);
} finally {
accumuloConnectionRequestBean.requestEnd(q.getId().toString());
}
// If we're supposed to trace this query, then turn tracing on and set information about the query
// onto the span so that it is saved in the trace table.
TInfo traceInfo = null;
boolean shouldTraceQuery = shouldTraceQuery(qp.getQuery(), qd.userid, qp.isTrace());
if (shouldTraceQuery) {
Span span = Trace.on("query:" + q.getId());
log.debug("Tracing query " + q.getId() + " [" + qp.getQuery() + "] on trace ID " + Long.toHexString(span.traceId()));
for (Entry<String, List<String>> param : queryParameters.entrySet()) {
span.data(param.getKey(), param.getValue().get(0));
}
traceInfo = Tracer.traceInfo();
createSpan = Trace.start("query:create");
}
// hold on to a reference of the query logic so we cancel it if need be.
qlCache.add(q.getId().toString(), qd.userid, qd.logic, connection);
rq = new RunningQuery(metrics, null, priority, qd.logic, q, qp.getAuths(), qd.p, new RunningQueryTimingImpl(queryExpirationConf, qp.getPageTimeout()), this.executor, this.predictor, this.metricFactory);
rq.setActiveCall(true);
rq.setTraceInfo(traceInfo);
rq.getMetric().setProxyServers(qd.proxyServers);
rq.setConnection(connection);
// Put in the cache by id. Don't put the cache in by name because multiple users may use the same name
// and only the last one will be in the cache.
queryCache.put(q.getId().toString(), rq);
response.setResult(q.getId().toString());
rq.setActiveCall(false);
CreateQuerySessionIDFilter.QUERY_ID.set(q.getId().toString());
return response;
} catch (Throwable t) {
response.setHasResults(false);
if (rq != null) {
rq.getMetric().setError(t);
}
// close the logic on exception
try {
if (null != qd.logic) {
qd.logic.close();
}
} catch (Exception e) {
log.error("Exception occured while closing query logic; may be innocuous if scanners were running.", e);
}
if (null != connection) {
try {
connectionFactory.returnConnection(connection);
} catch (Exception e) {
log.error("Error returning connection on failed create", e);
}
}
try {
if (null != q)
persister.remove(q);
} catch (Exception e) {
response.addException(new QueryException(DatawaveErrorCode.DEPERSIST_ERROR, e).getBottomQueryException());
}
/*
* Allow web services to throw their own WebApplicationExceptions
*/
if (t instanceof Error && !(t instanceof TokenMgrError)) {
log.error(t.getMessage(), t);
throw (Error) t;
} else if (t instanceof WebApplicationException) {
log.error(t.getMessage(), t);
throw ((WebApplicationException) t);
} else if (t instanceof InterruptedException) {
if (rq != null) {
rq.getMetric().setLifecycle(QueryMetric.Lifecycle.CANCELLED);
}
log.info("Query " + q.getId() + " canceled on request");
QueryException qe = new QueryException(DatawaveErrorCode.QUERY_CANCELED, t);
response.addException(qe.getBottomQueryException());
int statusCode = qe.getBottomQueryException().getStatusCode();
throw new DatawaveWebApplicationException(qe, response, statusCode);
} else {
log.error(t.getMessage(), t);
QueryException qe = new QueryException(DatawaveErrorCode.RUNNING_QUERY_CACHE_ERROR, t);
response.addException(qe.getBottomQueryException());
int statusCode = qe.getBottomQueryException().getStatusCode();
throw new DatawaveWebApplicationException(qe, response, statusCode);
}
} finally {
if (createSpan != null) {
createSpan.stop();
// TODO: not sure this makes any sense anymore in Accumulo 1.8.1
// Stop the main query span since we're done working with it on this thread.
// We'll continue it later.
// createSpan.parent().stop();
}
if (null != q) {
// - Remove the logic from the cache
qlCache.poll(q.getId().toString());
}
}
}
use of datawave.webservice.common.audit.Auditor.AuditType in project datawave by NationalSecurityAgency.
the class DatawaveCommonConfigPropertyProducer method produceStringAuditTypeMapConfiguration.
@Produces
@Dependent
@ConfigProperty(name = "ignored")
public // we actually don't need the name
Map<String, AuditType> produceStringAuditTypeMapConfiguration(InjectionPoint injectionPoint) {
String propertyValue = getStringPropertyValue(injectionPoint);
String[] pairs = StringUtils.split(propertyValue, "|");
Map<String, AuditType> map = new LinkedHashMap<>();
if (pairs != null) {
for (String pair : pairs) {
String[] keyValue = StringUtils.split(pair, ";");
if (keyValue != null && keyValue.length == 2) {
map.put(keyValue[0], AuditType.valueOf(keyValue[1]));
} else {
ConfigProperty configProperty = getAnnotation(injectionPoint, ConfigProperty.class);
throw new RuntimeException("Error while converting Map<String,AuditType> property '" + configProperty.name() + "' pair: " + pair + " of " + propertyValue + " happening in bean " + injectionPoint.getBean());
}
}
}
return map;
}
use of datawave.webservice.common.audit.Auditor.AuditType in project datawave by NationalSecurityAgency.
the class QueryExecutorBean method reset.
/**
* Resets the query named by {@code id}. If the query is not alive, meaning that the current session has expired (due to either timeout, or server failure),
* then this will reload the query and start it over. If the query is alive, it closes it and starts the query over.
*
* @param id
* the ID of the query to reload/reset
* @return an empty response
*
* @return datawave.webservice.result.VoidResponse
* @RequestHeader X-ProxiedEntitiesChain use when proxying request for user, by specifying a chain of DNs of the identities to proxy
* @RequestHeader X-ProxiedIssuersChain required when using X-ProxiedEntitiesChain, specify one issuer DN per subject DN listed in X-ProxiedEntitiesChain
* @ResponseHeader query-session-id this header and value will be in the Set-Cookie header, subsequent calls for this session will need to supply the
* query-session-id header in the request in a Cookie header or as a query parameter
* @ResponseHeader X-OperationTimeInMS time spent on the server performing the operation, does not account for network or result serialization
*
* @HTTP 200 success
* @HTTP 400 invalid or missing parameter
* @HTTP 500 internal server error
*/
@PUT
@POST
@Path("/{id}/reset")
@Produces({ "application/xml", "text/xml", "application/json", "text/yaml", "text/x-yaml", "application/x-yaml", "application/x-protobuf", "application/x-protostuff" })
@GZIP
@GenerateQuerySessionId(cookieBasePath = "/DataWave/Query/")
@Interceptors({ ResponseInterceptor.class, RequiredInterceptor.class })
@TransactionAttribute(TransactionAttributeType.REQUIRES_NEW)
@Override
@Timed(name = "dw.query.reset", absolute = true)
public VoidResponse reset(@Required("id") @PathParam("id") String id) {
CreateQuerySessionIDFilter.QUERY_ID.set(null);
VoidResponse response = new VoidResponse();
AccumuloConnectionFactory.Priority priority;
Connector connection = null;
RunningQuery query = null;
Span span = null;
try {
ctx.getUserTransaction().begin();
query = getQueryById(id);
// If we're tracing this query, then continue the trace for the reset call.
TInfo traceInfo = query.getTraceInfo();
if (traceInfo != null) {
span = Trace.trace(traceInfo, "query:reset");
}
// The lock should be released at the end of the method call.
if (!queryCache.lock(id))
throw new QueryException(DatawaveErrorCode.QUERY_LOCKED_ERROR);
// restarting the query, so we should re-audit ().
if (query.getConnection() != null) {
query.closeConnection(connectionFactory);
} else {
AuditType auditType = query.getLogic().getAuditType(query.getSettings());
MultivaluedMap<String, String> queryParameters = new MultivaluedMapImpl<>();
queryParameters.putAll(query.getSettings().toMap());
queryParameters.putSingle(PrivateAuditConstants.AUDIT_TYPE, auditType.name());
queryParameters.putSingle(PrivateAuditConstants.LOGIC_CLASS, query.getLogic().getLogicName());
queryParameters.putSingle(PrivateAuditConstants.USER_DN, query.getSettings().getUserDN());
queryParameters.putSingle(PrivateAuditConstants.COLUMN_VISIBILITY, query.getSettings().getColumnVisibility());
if (!auditType.equals(AuditType.NONE)) {
try {
try {
List<String> selectors = query.getLogic().getSelectors(query.getSettings());
if (selectors != null && !selectors.isEmpty()) {
queryParameters.put(PrivateAuditConstants.SELECTORS, selectors);
}
} catch (Exception e) {
log.error("Error accessing query selector", e);
}
// if the user didn't set an audit id, use the query id
if (!queryParameters.containsKey(AuditParameters.AUDIT_ID)) {
queryParameters.putSingle(AuditParameters.AUDIT_ID, id);
}
auditor.audit(queryParameters);
} catch (IllegalArgumentException e) {
BadRequestQueryException qe = new BadRequestQueryException(DatawaveErrorCode.MISSING_REQUIRED_PARAMETER, e);
response.addException(qe);
throw new BadRequestException(qe, response);
} catch (Exception e) {
log.error("Error auditing query", e);
QueryException qe = new QueryException(DatawaveErrorCode.QUERY_AUDITING_ERROR, e);
response.addException(qe);
throw qe;
}
}
}
// Allocate the connection for this query so we are ready to go when
// they call next.
priority = query.getConnectionPriority();
Map<String, String> trackingMap = connectionFactory.getTrackingMap(Thread.currentThread().getStackTrace());
addQueryToTrackingMap(trackingMap, query.getSettings());
accumuloConnectionRequestBean.requestBegin(id);
try {
connection = connectionFactory.getConnection(query.getLogic().getConnPoolName(), priority, trackingMap);
} finally {
accumuloConnectionRequestBean.requestEnd(id);
}
query.setConnection(connection);
response.addMessage(id + " reset.");
CreateQuerySessionIDFilter.QUERY_ID.set(id);
return response;
} catch (InterruptedException e) {
if (query != null) {
query.getMetric().setLifecycle(QueryMetric.Lifecycle.CANCELLED);
}
log.info("Query " + id + " canceled on request");
QueryException qe = new QueryException(DatawaveErrorCode.QUERY_CANCELED, e);
response.addException(qe.getBottomQueryException());
int statusCode = qe.getBottomQueryException().getStatusCode();
throw new DatawaveWebApplicationException(qe, response, statusCode);
} catch (Exception e) {
log.error("Exception caught on resetting query", e);
try {
if (null != connection) {
/*
* if the query exists, we need to make sure the connection isn't set on it because the "proper" work flow is to close and/or cancel the
* query after a failure. we don't want to purge it from the query cache, so setting the connector to null avoids having the connector
* returned multiple times to the connector pool.
*/
if (query != null) {
query.setConnection(null);
}
connectionFactory.returnConnection(connection);
}
} catch (Exception e2) {
log.error("Error returning connection on failed reset", e2);
}
QueryException qe = new QueryException(DatawaveErrorCode.QUERY_RESET_ERROR, e);
response.addException(qe.getBottomQueryException());
int statusCode = qe.getBottomQueryException().getStatusCode();
throw new DatawaveWebApplicationException(qe, response, statusCode);
} finally {
queryCache.unlock(id);
try {
if (ctx.getUserTransaction().getStatus() != Status.STATUS_NO_TRANSACTION) {
// no reason to commit if transaction not started, ie Query not found exception
ctx.getUserTransaction().commit();
}
} catch (Exception e) {
QueryException qe = new QueryException(DatawaveErrorCode.QUERY_TRANSACTION_ERROR, e);
response.addException(qe.getBottomQueryException());
throw new DatawaveWebApplicationException(qe, response);
} finally {
// Stop timing on this trace, if any
if (span != null) {
span.stop();
}
}
}
}
Aggregations