Search in sources :

Example 1 with EventAuditRecord

use of org.cloudfoundry.credhub.entity.EventAuditRecord in project credhub by cloudfoundry-incubator.

the class EventAuditLogService method writeAuditRecords.

private void writeAuditRecords(List<EventAuditRecordParameters> eventAuditRecordParametersList, boolean success, TransactionStatus transaction) {
    try {
        if (!success) {
            transactionManager.rollback(transaction);
            transaction = transactionManager.getTransaction(new DefaultTransactionDefinition());
        }
        final UUID uuid = requestUuid.getUuid();
        final List<EventAuditRecord> eventAuditRecords = eventAuditRecordParametersList.stream().map(parameters -> AuditLogFactory.createEventAuditRecord(parameters, userContextHolder.getUserContext(), uuid, success)).collect(Collectors.toList());
        eventAuditRecordDataService.save(eventAuditRecords);
        transactionManager.commit(transaction);
    } catch (Exception e) {
        throw new AuditSaveFailureException("error.audit_save_failure", e);
    } finally {
        if (!transaction.isCompleted()) {
            transactionManager.rollback(transaction);
        }
    }
}
Also used : EventAuditRecordDataService(org.cloudfoundry.credhub.data.EventAuditRecordDataService) Autowired(org.springframework.beans.factory.annotation.Autowired) EventAuditRecord(org.cloudfoundry.credhub.entity.EventAuditRecord) UUID(java.util.UUID) Function(java.util.function.Function) Collectors(java.util.stream.Collectors) UserContextHolder(org.cloudfoundry.credhub.auth.UserContextHolder) List(java.util.List) Lists.newArrayList(com.google.common.collect.Lists.newArrayList) Service(org.springframework.stereotype.Service) TransactionStatus(org.springframework.transaction.TransactionStatus) AuditSaveFailureException(org.cloudfoundry.credhub.exceptions.AuditSaveFailureException) DefaultTransactionDefinition(org.springframework.transaction.support.DefaultTransactionDefinition) DefaultTransactionDefinition(org.springframework.transaction.support.DefaultTransactionDefinition) EventAuditRecord(org.cloudfoundry.credhub.entity.EventAuditRecord) AuditSaveFailureException(org.cloudfoundry.credhub.exceptions.AuditSaveFailureException) UUID(java.util.UUID) AuditSaveFailureException(org.cloudfoundry.credhub.exceptions.AuditSaveFailureException)

Example 2 with EventAuditRecord

use of org.cloudfoundry.credhub.entity.EventAuditRecord in project credhub by cloudfoundry-incubator.

the class AuditTest method when_event_fails_it_logs_correct_success_flag_and_status_code.

@Test
public void when_event_fails_it_logs_correct_success_flag_and_status_code() throws Exception {
    long initialRequestAuditCount = requestAuditRecordRepository.count();
    long initialEventAuditCount = eventAuditRecordRepository.count();
    String credentialName = "/TEST/SECRET";
    mockMvc.perform(get("/api/v1/data?name=" + credentialName).header("Authorization", "Bearer " + AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN).accept(APPLICATION_JSON).contentType(APPLICATION_JSON)).andExpect(status().isNotFound());
    assertThat(requestAuditRecordRepository.count(), equalTo(initialRequestAuditCount + 1L));
    assertThat(eventAuditRecordRepository.count(), equalTo(initialEventAuditCount + 1));
    RequestAuditRecord requestAuditRecord = requestAuditRecordRepository.findAll(sortByDate).get(0);
    assertThat(requestAuditRecord.getStatusCode(), equalTo(404));
    ArgumentCaptor<String> captor = ArgumentCaptor.forClass(String.class);
    verify(logger, times(1)).info(captor.capture());
    assertThat(captor.getValue(), containsString("cs4=404"));
    EventAuditRecord eventAuditRecord = eventAuditRecordRepository.findAll(sortByDate).get(0);
    assertThat(eventAuditRecord.isSuccess(), equalTo(false));
    assertThat(eventAuditRecord.getActor(), equalTo(AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID));
}
Also used : EventAuditRecord(org.cloudfoundry.credhub.entity.EventAuditRecord) RequestAuditRecord(org.cloudfoundry.credhub.entity.RequestAuditRecord) CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString) Test(org.junit.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Example 3 with EventAuditRecord

use of org.cloudfoundry.credhub.entity.EventAuditRecord in project credhub by cloudfoundry-incubator.

the class AuditTest method normally_logs_event_and_request.

@Test
public void normally_logs_event_and_request() throws Exception {
    String credentialName = "/TEST/SECRET";
    String credentialType = "password";
    long initialRequestAuditCount = requestAuditRecordRepository.count();
    long initialEventAuditCount = eventAuditRecordRepository.count();
    mockMvc.perform(post("/api/v1/data").header("Authorization", "Bearer " + AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN).accept(APPLICATION_JSON).contentType(APPLICATION_JSON).content("{" + "\"name\":\"" + credentialName + "\"," + "\"type\":\"" + credentialType + "\"" + "}")).andExpect(status().isOk());
    assertThat(requestAuditRecordRepository.count(), equalTo(1L + initialRequestAuditCount));
    assertThat(eventAuditRecordRepository.count(), equalTo(6L + initialEventAuditCount));
    RequestAuditRecord requestAuditRecord = requestAuditRecordRepository.findAll(sortByDate).get(0);
    assertThat(requestAuditRecord.getAuthMethod(), equalTo("uaa"));
    assertThat(requestAuditRecord.getPath(), equalTo("/api/v1/data"));
    ArgumentCaptor<String> captor = ArgumentCaptor.forClass(String.class);
    verify(logger, times(1)).info(captor.capture());
    assertThat(captor.getValue(), containsString("cs4=200"));
    EventAuditRecord eventAuditRecord = eventAuditRecordRepository.findAll(sortByDate).get(0);
    assertThat(eventAuditRecord.getCredentialName(), equalTo("/TEST/SECRET"));
    assertThat(eventAuditRecord.getActor(), equalTo(AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID));
}
Also used : EventAuditRecord(org.cloudfoundry.credhub.entity.EventAuditRecord) RequestAuditRecord(org.cloudfoundry.credhub.entity.RequestAuditRecord) CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString) Test(org.junit.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Example 4 with EventAuditRecord

use of org.cloudfoundry.credhub.entity.EventAuditRecord in project credhub by cloudfoundry-incubator.

the class AuditingHelper method verifyAuditing.

public void verifyAuditing(AuditingOperationCode auditingOperationCode, String credentialName, String actor, String path, int statusCode) {
    RequestAuditRecord requestAuditRecord = requestAuditRecordRepository.findAll(new Sort(DESC, "now")).get(0);
    assertThat(requestAuditRecord.getPath(), equalTo(path));
    assertThat(requestAuditRecord.getStatusCode(), equalTo(statusCode));
    List<EventAuditRecord> auditRecords = eventAuditRecordRepository.findAll(new Sort(DESC, "now"));
    EventAuditRecord eventAuditRecord = auditRecords.get(0);
    assertThat(eventAuditRecord.getOperation(), equalTo(auditingOperationCode.toString()));
    assertThat(eventAuditRecord.getCredentialName(), equalTo(credentialName));
    assertThat(eventAuditRecord.isSuccess(), equalTo(HttpStatus.valueOf(statusCode).is2xxSuccessful()));
    assertThat(eventAuditRecord.getActor(), equalTo(actor));
    assertThat(requestAuditRecord.getUuid(), equalTo(eventAuditRecord.getRequestUuid()));
}
Also used : EventAuditRecord(org.cloudfoundry.credhub.entity.EventAuditRecord) RequestAuditRecord(org.cloudfoundry.credhub.entity.RequestAuditRecord) Sort(org.springframework.data.domain.Sort)

Example 5 with EventAuditRecord

use of org.cloudfoundry.credhub.entity.EventAuditRecord in project credhub by cloudfoundry-incubator.

the class AuditingHelper method verifyAuditing.

public void verifyAuditing(String actor, String path, int statusCode, List<EventAuditRecordParameters> eventAuditRecordParametersList) {
    RequestAuditRecord requestAuditRecord = requestAuditRecordRepository.findAll(new Sort(DESC, "now")).get(0);
    assertThat(requestAuditRecord.getPath(), equalTo(path));
    assertThat(requestAuditRecord.getStatusCode(), equalTo(statusCode));
    List<EventAuditRecord> eventAuditRecords = eventAuditRecordRepository.findAll(new Sort(DESC, "now"));
    assertThat(eventAuditRecords, hasSize(greaterThanOrEqualTo(eventAuditRecordParametersList.size())));
    boolean expectedSuccess = HttpStatus.valueOf(statusCode).is2xxSuccessful();
    assertThat(eventAuditRecords.subList(0, eventAuditRecordParametersList.size()), containsInAnyOrder(eventAuditRecordParametersList.stream().map(parameters -> matchesExpectedEvent(parameters, actor, expectedSuccess, requestAuditRecord.getUuid())).collect(Collectors.toList())));
}
Also used : Description(org.hamcrest.Description) Matchers.greaterThanOrEqualTo(org.hamcrest.Matchers.greaterThanOrEqualTo) IsEqual.equalTo(org.hamcrest.core.IsEqual.equalTo) EventAuditRecord(org.cloudfoundry.credhub.entity.EventAuditRecord) UUID(java.util.UUID) StringUtils(org.apache.commons.lang3.StringUtils) Collectors(java.util.stream.Collectors) BaseMatcher(org.hamcrest.BaseMatcher) HttpStatus(org.springframework.http.HttpStatus) List(java.util.List) EventAuditRecordParameters(org.cloudfoundry.credhub.audit.EventAuditRecordParameters) RequestAuditRecord(org.cloudfoundry.credhub.entity.RequestAuditRecord) Matchers.containsInAnyOrder(org.hamcrest.Matchers.containsInAnyOrder) AuditingOperationCode(org.cloudfoundry.credhub.audit.AuditingOperationCode) Matcher(org.hamcrest.Matcher) RequestAuditRecordRepository(org.cloudfoundry.credhub.repository.RequestAuditRecordRepository) Matchers.hasSize(org.hamcrest.Matchers.hasSize) Sort(org.springframework.data.domain.Sort) EventAuditRecordRepository(org.cloudfoundry.credhub.repository.EventAuditRecordRepository) MatcherAssert.assertThat(org.hamcrest.MatcherAssert.assertThat) DESC(org.springframework.data.domain.Sort.Direction.DESC) EventAuditRecord(org.cloudfoundry.credhub.entity.EventAuditRecord) RequestAuditRecord(org.cloudfoundry.credhub.entity.RequestAuditRecord) Sort(org.springframework.data.domain.Sort)

Aggregations

EventAuditRecord (org.cloudfoundry.credhub.entity.EventAuditRecord)19 Test (org.junit.Test)14 UUID (java.util.UUID)9 List (java.util.List)7 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)7 UserContext (org.cloudfoundry.credhub.auth.UserContext)6 RequestAuditRecord (org.cloudfoundry.credhub.entity.RequestAuditRecord)4 Sort (org.springframework.data.domain.Sort)4 PasswordCredentialVersion (org.cloudfoundry.credhub.domain.PasswordCredentialVersion)3 MockHttpServletRequestBuilder (org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder)3 Collectors (java.util.stream.Collectors)2 BaseMatcher (org.hamcrest.BaseMatcher)2 CoreMatchers.containsString (org.hamcrest.CoreMatchers.containsString)2 Description (org.hamcrest.Description)2 Lists.newArrayList (com.google.common.collect.Lists.newArrayList)1 Function (java.util.function.Function)1 StringUtils (org.apache.commons.lang3.StringUtils)1 AuditingOperationCode (org.cloudfoundry.credhub.audit.AuditingOperationCode)1 EventAuditRecordParameters (org.cloudfoundry.credhub.audit.EventAuditRecordParameters)1 UserContextHolder (org.cloudfoundry.credhub.auth.UserContextHolder)1