Search in sources :

Example 21 with NoAuditEvent

use of org.graylog2.audit.jersey.NoAuditEvent in project graylog2-server by Graylog2.

the class MessagesResource method retrieveForSearchType.

@ApiOperation(value = "Export a message table as CSV")
@POST
@Path("{searchId}/{searchTypeId}")
@NoAuditEvent("Has custom audit events")
public ChunkedOutput<SimpleMessageChunk> retrieveForSearchType(@ApiParam(value = "ID of an existing Search", name = "searchId") @PathParam("searchId") String searchId, @ApiParam(value = "ID of a Message Table contained in the Search", name = "searchTypeId") @PathParam("searchTypeId") String searchTypeId, @ApiParam(value = "Optional overrides") @Valid ResultFormat formatFromClient, @Context SearchUser searchUser) {
    ResultFormat format = fillInIfNecessary(emptyIfNull(formatFromClient), searchUser);
    Search search = loadSearch(searchId, format.executionState(), searchUser);
    ExportMessagesCommand command = commandFactory.buildWithMessageList(search, searchTypeId, format);
    return asyncRunner.apply(chunkConsumer -> exporter(searchId, searchTypeId).export(command, chunkConsumer));
}
Also used : Search(org.graylog.plugins.views.search.Search) ResultFormat(org.graylog.plugins.views.search.export.ResultFormat) ExportMessagesCommand(org.graylog.plugins.views.search.export.ExportMessagesCommand) Path(javax.ws.rs.Path) POST(javax.ws.rs.POST) ApiOperation(io.swagger.annotations.ApiOperation) NoAuditEvent(org.graylog2.audit.jersey.NoAuditEvent)

Example 22 with NoAuditEvent

use of org.graylog2.audit.jersey.NoAuditEvent in project graylog2-server by Graylog2.

the class MessagesResource method retrieve.

@ApiOperation(value = "Export messages as CSV", notes = "Use this endpoint, if you want to configure export parameters freely instead of relying on an existing Search")
@POST
@Produces(MoreMediaTypes.TEXT_CSV)
@NoAuditEvent("Has custom audit events")
public ChunkedOutput<SimpleMessageChunk> retrieve(@ApiParam @Valid MessagesRequest rawrequest, @Context SearchUser searchUser) {
    final MessagesRequest request = fillInIfNecessary(rawrequest, searchUser);
    final ValidationRequest.Builder validationReq = ValidationRequest.builder();
    Optional.ofNullable(rawrequest.queryString()).ifPresent(validationReq::query);
    Optional.ofNullable(rawrequest.timeRange()).ifPresent(validationReq::timerange);
    Optional.ofNullable(rawrequest.streams()).ifPresent(validationReq::streams);
    final ValidationResponse validationResponse = queryValidationService.validate(validationReq.build());
    if (validationResponse.status().equals(ValidationStatus.ERROR)) {
        validationResponse.explanations().stream().findFirst().map(ValidationMessage::errorMessage).ifPresent(message -> {
            throw new BadRequestException("Request validation failed: " + message);
        });
    }
    executionGuard.checkUserIsPermittedToSeeStreams(request.streams(), searchUser::canReadStream);
    ExportMessagesCommand command = commandFactory.buildFromRequest(request);
    return asyncRunner.apply(chunkConsumer -> exporter().export(command, chunkConsumer));
}
Also used : ValidationResponse(org.graylog.plugins.views.search.validation.ValidationResponse) ValidationRequest(org.graylog.plugins.views.search.validation.ValidationRequest) MessagesRequest(org.graylog.plugins.views.search.export.MessagesRequest) BadRequestException(javax.ws.rs.BadRequestException) ExportMessagesCommand(org.graylog.plugins.views.search.export.ExportMessagesCommand) POST(javax.ws.rs.POST) Produces(javax.ws.rs.Produces) ApiOperation(io.swagger.annotations.ApiOperation) NoAuditEvent(org.graylog2.audit.jersey.NoAuditEvent)

Example 23 with NoAuditEvent

use of org.graylog2.audit.jersey.NoAuditEvent in project graylog2-server by Graylog2.

the class SearchResource method executeQuery.

@POST
@ApiOperation(value = "Execute the referenced search query asynchronously", notes = "Starts a new search, irrespective whether or not another is already running", response = SearchJobDTO.class)
@Path("{id}/execute")
@NoAuditEvent("Creating audit event manually in method body.")
@Produces({ MediaType.APPLICATION_JSON, SEARCH_FORMAT_V1 })
public Response executeQuery(@ApiParam(name = "id") @PathParam("id") String id, @ApiParam ExecutionState executionState, @Context SearchUser searchUser) {
    final SearchJob searchJob = searchExecutor.execute(id, searchUser, executionState);
    postAuditEvent(searchJob);
    final SearchJobDTO searchJobDTO = SearchJobDTO.fromSearchJob(searchJob);
    return Response.created(URI.create(BASE_PATH + "/status/" + searchJobDTO.id())).entity(searchJob).build();
}
Also used : SearchJob(org.graylog.plugins.views.search.SearchJob) Path(javax.ws.rs.Path) POST(javax.ws.rs.POST) Produces(javax.ws.rs.Produces) ApiOperation(io.swagger.annotations.ApiOperation) NoAuditEvent(org.graylog2.audit.jersey.NoAuditEvent)

Example 24 with NoAuditEvent

use of org.graylog2.audit.jersey.NoAuditEvent in project graylog2-server by Graylog2.

the class EntitySharesResource method prepareShare.

@POST
@ApiOperation(value = "Prepare shares for an entity or collection")
@Path("entities/{entityGRN}/prepare")
@NoAuditEvent("This does not change any data")
public EntityShareResponse prepareShare(@ApiParam(name = "entityGRN", required = true) @PathParam("entityGRN") @NotBlank String entityGRN, @ApiParam(name = "JSON Body", required = true) @NotNull @Valid EntityShareRequest request) {
    final GRN grn = grnRegistry.parse(entityGRN);
    checkOwnership(grn);
    // This should probably be a POST request with a JSON payload.
    return entitySharesService.prepareShare(grn, request, getCurrentUser(), getSubject());
}
Also used : GRN(org.graylog.grn.GRN) Path(javax.ws.rs.Path) POST(javax.ws.rs.POST) ApiOperation(io.swagger.annotations.ApiOperation) NoAuditEvent(org.graylog2.audit.jersey.NoAuditEvent)

Example 25 with NoAuditEvent

use of org.graylog2.audit.jersey.NoAuditEvent in project graylog2-server by Graylog2.

the class AuditEventModelProcessor method checkResources.

private void checkResources(List<Resource> resources) {
    for (Resource resource : resources) {
        for (ResourceMethod method : resource.getResourceMethods()) {
            final Method m = method.getInvocable().getDefinitionMethod();
            if (m.isAnnotationPresent(POST.class) || m.isAnnotationPresent(PUT.class) || m.isAnnotationPresent(DELETE.class)) {
                if (!m.isAnnotationPresent(AuditEvent.class) && !m.isAnnotationPresent(NoAuditEvent.class)) {
                    LOG.warn("REST endpoint not included in audit trail: {}", String.format(Locale.US, "%6s %s", method.getHttpMethod(), getPathFromResource(resource)));
                    LOG.debug("Missing @AuditEvent or @NoAuditEvent annotation: {}#{}", m.getDeclaringClass().getCanonicalName(), m.getName());
                } else {
                    if (m.isAnnotationPresent(AuditEvent.class)) {
                        final AuditEvent annotation = m.getAnnotation(AuditEvent.class);
                        if (!auditEventTypes.contains(annotation.type())) {
                            LOG.warn("REST endpoint does not use a registered audit type: {} (type: \"{}\")", String.format(Locale.US, "%6s %s", method.getHttpMethod(), getPathFromResource(resource)), annotation.type());
                            LOG.debug("Make sure the audit event types are registered in a class that implements PluginAuditEventTypes: {}#{}", m.getDeclaringClass().getCanonicalName(), m.getName());
                        }
                    } else if (m.isAnnotationPresent(NoAuditEvent.class)) {
                        final NoAuditEvent annotation = m.getAnnotation(NoAuditEvent.class);
                        if (isNullOrEmpty(annotation.value())) {
                            LOG.warn("REST endpoint uses @NoAuditEvent annotation with an empty value: {}", String.format(Locale.US, "%6s %s", method.getHttpMethod(), getPathFromResource(resource)));
                        }
                    }
                }
            }
        }
        // Make sure to also check all child resources! Otherwise some resources will not be checked.
        checkResources(resource.getChildResources());
    }
}
Also used : DELETE(javax.ws.rs.DELETE) RestTools.getPathFromResource(org.graylog2.rest.RestTools.getPathFromResource) Resource(org.glassfish.jersey.server.model.Resource) ResourceMethod(org.glassfish.jersey.server.model.ResourceMethod) Method(java.lang.reflect.Method) ResourceMethod(org.glassfish.jersey.server.model.ResourceMethod)

Aggregations

ApiOperation (io.swagger.annotations.ApiOperation)33 NoAuditEvent (org.graylog2.audit.jersey.NoAuditEvent)33 POST (javax.ws.rs.POST)30 Path (javax.ws.rs.Path)27 Timed (com.codahale.metrics.annotation.Timed)14 ApiResponses (io.swagger.annotations.ApiResponses)10 Produces (javax.ws.rs.Produces)10 RequiresPermissions (org.apache.shiro.authz.annotation.RequiresPermissions)10 BadRequestException (javax.ws.rs.BadRequestException)9 Consumes (javax.ws.rs.Consumes)6 Stream (org.graylog2.plugin.streams.Stream)6 InternalServerErrorException (javax.ws.rs.InternalServerErrorException)5 PUT (javax.ws.rs.PUT)5 Search (org.graylog.plugins.views.search.Search)5 RequiresAuthentication (org.apache.shiro.authz.annotation.RequiresAuthentication)4 ValidationResult (org.graylog2.plugin.rest.ValidationResult)4 Api (io.swagger.annotations.Api)3 ApiParam (io.swagger.annotations.ApiParam)3 ArrayList (java.util.ArrayList)3 List (java.util.List)3