use of org.graylog2.audit.jersey.NoAuditEvent in project graylog2-server by Graylog2.
the class MessagesResource method retrieveForSearchType.
@ApiOperation(value = "Export a message table as CSV")
@POST
@Path("{searchId}/{searchTypeId}")
@NoAuditEvent("Has custom audit events")
public ChunkedOutput<SimpleMessageChunk> retrieveForSearchType(@ApiParam(value = "ID of an existing Search", name = "searchId") @PathParam("searchId") String searchId, @ApiParam(value = "ID of a Message Table contained in the Search", name = "searchTypeId") @PathParam("searchTypeId") String searchTypeId, @ApiParam(value = "Optional overrides") @Valid ResultFormat formatFromClient, @Context SearchUser searchUser) {
ResultFormat format = fillInIfNecessary(emptyIfNull(formatFromClient), searchUser);
Search search = loadSearch(searchId, format.executionState(), searchUser);
ExportMessagesCommand command = commandFactory.buildWithMessageList(search, searchTypeId, format);
return asyncRunner.apply(chunkConsumer -> exporter(searchId, searchTypeId).export(command, chunkConsumer));
}
use of org.graylog2.audit.jersey.NoAuditEvent in project graylog2-server by Graylog2.
the class MessagesResource method retrieve.
@ApiOperation(value = "Export messages as CSV", notes = "Use this endpoint, if you want to configure export parameters freely instead of relying on an existing Search")
@POST
@Produces(MoreMediaTypes.TEXT_CSV)
@NoAuditEvent("Has custom audit events")
public ChunkedOutput<SimpleMessageChunk> retrieve(@ApiParam @Valid MessagesRequest rawrequest, @Context SearchUser searchUser) {
final MessagesRequest request = fillInIfNecessary(rawrequest, searchUser);
final ValidationRequest.Builder validationReq = ValidationRequest.builder();
Optional.ofNullable(rawrequest.queryString()).ifPresent(validationReq::query);
Optional.ofNullable(rawrequest.timeRange()).ifPresent(validationReq::timerange);
Optional.ofNullable(rawrequest.streams()).ifPresent(validationReq::streams);
final ValidationResponse validationResponse = queryValidationService.validate(validationReq.build());
if (validationResponse.status().equals(ValidationStatus.ERROR)) {
validationResponse.explanations().stream().findFirst().map(ValidationMessage::errorMessage).ifPresent(message -> {
throw new BadRequestException("Request validation failed: " + message);
});
}
executionGuard.checkUserIsPermittedToSeeStreams(request.streams(), searchUser::canReadStream);
ExportMessagesCommand command = commandFactory.buildFromRequest(request);
return asyncRunner.apply(chunkConsumer -> exporter().export(command, chunkConsumer));
}
use of org.graylog2.audit.jersey.NoAuditEvent in project graylog2-server by Graylog2.
the class SearchResource method executeQuery.
@POST
@ApiOperation(value = "Execute the referenced search query asynchronously", notes = "Starts a new search, irrespective whether or not another is already running", response = SearchJobDTO.class)
@Path("{id}/execute")
@NoAuditEvent("Creating audit event manually in method body.")
@Produces({ MediaType.APPLICATION_JSON, SEARCH_FORMAT_V1 })
public Response executeQuery(@ApiParam(name = "id") @PathParam("id") String id, @ApiParam ExecutionState executionState, @Context SearchUser searchUser) {
final SearchJob searchJob = searchExecutor.execute(id, searchUser, executionState);
postAuditEvent(searchJob);
final SearchJobDTO searchJobDTO = SearchJobDTO.fromSearchJob(searchJob);
return Response.created(URI.create(BASE_PATH + "/status/" + searchJobDTO.id())).entity(searchJob).build();
}
use of org.graylog2.audit.jersey.NoAuditEvent in project graylog2-server by Graylog2.
the class EntitySharesResource method prepareShare.
@POST
@ApiOperation(value = "Prepare shares for an entity or collection")
@Path("entities/{entityGRN}/prepare")
@NoAuditEvent("This does not change any data")
public EntityShareResponse prepareShare(@ApiParam(name = "entityGRN", required = true) @PathParam("entityGRN") @NotBlank String entityGRN, @ApiParam(name = "JSON Body", required = true) @NotNull @Valid EntityShareRequest request) {
final GRN grn = grnRegistry.parse(entityGRN);
checkOwnership(grn);
// This should probably be a POST request with a JSON payload.
return entitySharesService.prepareShare(grn, request, getCurrentUser(), getSubject());
}
use of org.graylog2.audit.jersey.NoAuditEvent in project graylog2-server by Graylog2.
the class AuditEventModelProcessor method checkResources.
private void checkResources(List<Resource> resources) {
for (Resource resource : resources) {
for (ResourceMethod method : resource.getResourceMethods()) {
final Method m = method.getInvocable().getDefinitionMethod();
if (m.isAnnotationPresent(POST.class) || m.isAnnotationPresent(PUT.class) || m.isAnnotationPresent(DELETE.class)) {
if (!m.isAnnotationPresent(AuditEvent.class) && !m.isAnnotationPresent(NoAuditEvent.class)) {
LOG.warn("REST endpoint not included in audit trail: {}", String.format(Locale.US, "%6s %s", method.getHttpMethod(), getPathFromResource(resource)));
LOG.debug("Missing @AuditEvent or @NoAuditEvent annotation: {}#{}", m.getDeclaringClass().getCanonicalName(), m.getName());
} else {
if (m.isAnnotationPresent(AuditEvent.class)) {
final AuditEvent annotation = m.getAnnotation(AuditEvent.class);
if (!auditEventTypes.contains(annotation.type())) {
LOG.warn("REST endpoint does not use a registered audit type: {} (type: \"{}\")", String.format(Locale.US, "%6s %s", method.getHttpMethod(), getPathFromResource(resource)), annotation.type());
LOG.debug("Make sure the audit event types are registered in a class that implements PluginAuditEventTypes: {}#{}", m.getDeclaringClass().getCanonicalName(), m.getName());
}
} else if (m.isAnnotationPresent(NoAuditEvent.class)) {
final NoAuditEvent annotation = m.getAnnotation(NoAuditEvent.class);
if (isNullOrEmpty(annotation.value())) {
LOG.warn("REST endpoint uses @NoAuditEvent annotation with an empty value: {}", String.format(Locale.US, "%6s %s", method.getHttpMethod(), getPathFromResource(resource)));
}
}
}
}
}
// Make sure to also check all child resources! Otherwise some resources will not be checked.
checkResources(resource.getChildResources());
}
}
Aggregations