use of org.cloudfoundry.credhub.entity.EventAuditRecord in project credhub by cloudfoundry-incubator.
the class EventAuditLogService method writeAuditRecords.
private void writeAuditRecords(List<EventAuditRecordParameters> eventAuditRecordParametersList, boolean success, TransactionStatus transaction) {
try {
if (!success) {
transactionManager.rollback(transaction);
transaction = transactionManager.getTransaction(new DefaultTransactionDefinition());
}
final UUID uuid = requestUuid.getUuid();
final List<EventAuditRecord> eventAuditRecords = eventAuditRecordParametersList.stream().map(parameters -> AuditLogFactory.createEventAuditRecord(parameters, userContextHolder.getUserContext(), uuid, success)).collect(Collectors.toList());
eventAuditRecordDataService.save(eventAuditRecords);
transactionManager.commit(transaction);
} catch (Exception e) {
throw new AuditSaveFailureException("error.audit_save_failure", e);
} finally {
if (!transaction.isCompleted()) {
transactionManager.rollback(transaction);
}
}
}
use of org.cloudfoundry.credhub.entity.EventAuditRecord in project credhub by cloudfoundry-incubator.
the class AuditTest method when_event_fails_it_logs_correct_success_flag_and_status_code.
@Test
public void when_event_fails_it_logs_correct_success_flag_and_status_code() throws Exception {
long initialRequestAuditCount = requestAuditRecordRepository.count();
long initialEventAuditCount = eventAuditRecordRepository.count();
String credentialName = "/TEST/SECRET";
mockMvc.perform(get("/api/v1/data?name=" + credentialName).header("Authorization", "Bearer " + AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN).accept(APPLICATION_JSON).contentType(APPLICATION_JSON)).andExpect(status().isNotFound());
assertThat(requestAuditRecordRepository.count(), equalTo(initialRequestAuditCount + 1L));
assertThat(eventAuditRecordRepository.count(), equalTo(initialEventAuditCount + 1));
RequestAuditRecord requestAuditRecord = requestAuditRecordRepository.findAll(sortByDate).get(0);
assertThat(requestAuditRecord.getStatusCode(), equalTo(404));
ArgumentCaptor<String> captor = ArgumentCaptor.forClass(String.class);
verify(logger, times(1)).info(captor.capture());
assertThat(captor.getValue(), containsString("cs4=404"));
EventAuditRecord eventAuditRecord = eventAuditRecordRepository.findAll(sortByDate).get(0);
assertThat(eventAuditRecord.isSuccess(), equalTo(false));
assertThat(eventAuditRecord.getActor(), equalTo(AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID));
}
use of org.cloudfoundry.credhub.entity.EventAuditRecord in project credhub by cloudfoundry-incubator.
the class AuditTest method normally_logs_event_and_request.
@Test
public void normally_logs_event_and_request() throws Exception {
String credentialName = "/TEST/SECRET";
String credentialType = "password";
long initialRequestAuditCount = requestAuditRecordRepository.count();
long initialEventAuditCount = eventAuditRecordRepository.count();
mockMvc.perform(post("/api/v1/data").header("Authorization", "Bearer " + AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN).accept(APPLICATION_JSON).contentType(APPLICATION_JSON).content("{" + "\"name\":\"" + credentialName + "\"," + "\"type\":\"" + credentialType + "\"" + "}")).andExpect(status().isOk());
assertThat(requestAuditRecordRepository.count(), equalTo(1L + initialRequestAuditCount));
assertThat(eventAuditRecordRepository.count(), equalTo(6L + initialEventAuditCount));
RequestAuditRecord requestAuditRecord = requestAuditRecordRepository.findAll(sortByDate).get(0);
assertThat(requestAuditRecord.getAuthMethod(), equalTo("uaa"));
assertThat(requestAuditRecord.getPath(), equalTo("/api/v1/data"));
ArgumentCaptor<String> captor = ArgumentCaptor.forClass(String.class);
verify(logger, times(1)).info(captor.capture());
assertThat(captor.getValue(), containsString("cs4=200"));
EventAuditRecord eventAuditRecord = eventAuditRecordRepository.findAll(sortByDate).get(0);
assertThat(eventAuditRecord.getCredentialName(), equalTo("/TEST/SECRET"));
assertThat(eventAuditRecord.getActor(), equalTo(AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID));
}
use of org.cloudfoundry.credhub.entity.EventAuditRecord in project credhub by cloudfoundry-incubator.
the class AuditingHelper method verifyAuditing.
public void verifyAuditing(AuditingOperationCode auditingOperationCode, String credentialName, String actor, String path, int statusCode) {
RequestAuditRecord requestAuditRecord = requestAuditRecordRepository.findAll(new Sort(DESC, "now")).get(0);
assertThat(requestAuditRecord.getPath(), equalTo(path));
assertThat(requestAuditRecord.getStatusCode(), equalTo(statusCode));
List<EventAuditRecord> auditRecords = eventAuditRecordRepository.findAll(new Sort(DESC, "now"));
EventAuditRecord eventAuditRecord = auditRecords.get(0);
assertThat(eventAuditRecord.getOperation(), equalTo(auditingOperationCode.toString()));
assertThat(eventAuditRecord.getCredentialName(), equalTo(credentialName));
assertThat(eventAuditRecord.isSuccess(), equalTo(HttpStatus.valueOf(statusCode).is2xxSuccessful()));
assertThat(eventAuditRecord.getActor(), equalTo(actor));
assertThat(requestAuditRecord.getUuid(), equalTo(eventAuditRecord.getRequestUuid()));
}
use of org.cloudfoundry.credhub.entity.EventAuditRecord in project credhub by cloudfoundry-incubator.
the class AuditingHelper method verifyAuditing.
public void verifyAuditing(String actor, String path, int statusCode, List<EventAuditRecordParameters> eventAuditRecordParametersList) {
RequestAuditRecord requestAuditRecord = requestAuditRecordRepository.findAll(new Sort(DESC, "now")).get(0);
assertThat(requestAuditRecord.getPath(), equalTo(path));
assertThat(requestAuditRecord.getStatusCode(), equalTo(statusCode));
List<EventAuditRecord> eventAuditRecords = eventAuditRecordRepository.findAll(new Sort(DESC, "now"));
assertThat(eventAuditRecords, hasSize(greaterThanOrEqualTo(eventAuditRecordParametersList.size())));
boolean expectedSuccess = HttpStatus.valueOf(statusCode).is2xxSuccessful();
assertThat(eventAuditRecords.subList(0, eventAuditRecordParametersList.size()), containsInAnyOrder(eventAuditRecordParametersList.stream().map(parameters -> matchesExpectedEvent(parameters, actor, expectedSuccess, requestAuditRecord.getUuid())).collect(Collectors.toList())));
}
Aggregations