Commit b0dc1d01 authored by Riabokon Stanislav(EPAM)[GCP]'s avatar Riabokon Stanislav(EPAM)[GCP]
Browse files

Merge branch 'feature/GONRG-1734_Audit_Impl' into 'integration-master'

GONRG-1734 Audit Implementation

See merge request go3-nrg/platform/deployment-and-operations/backup-service!18
parents 51b1f8f1 68626278
......@@ -17,9 +17,11 @@
package org.opengroup.osdu.backup.api;
import java.util.Collections;
import java.util.List;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.opengroup.osdu.backup.logging.AuditLogger;
import org.opengroup.osdu.backup.model.BackupCollection;
import org.opengroup.osdu.backup.model.BackupRole;
import org.opengroup.osdu.backup.model.CollectionState;
......@@ -53,10 +55,13 @@ public class BackupCollectionApi {
private final BackupCollectionService collectionService;
private final AuditLogger auditLogger;
@PostMapping
public ResponseEntity<BackupCollection> createCollection(
@Validated(CreateCollection.class) @RequestBody BackupCollection collection) {
BackupCollection backupCollection = collectionService.saveCollection(collection);
this.auditLogger.createCollectionSuccess(Collections.singletonList(backupCollection.toString()));
return new ResponseEntity<>(backupCollection, HttpStatus.CREATED);
}
......@@ -65,24 +70,28 @@ public class BackupCollectionApi {
@PathVariable String collectionName,
@Validated(UpdateCollection.class) @RequestBody BackupCollection collection) {
BackupCollection backupCollection = collectionService.update(collection, collectionName);
this.auditLogger.updateCollectionSuccess(Collections.singletonList(backupCollection.toString()));
return new ResponseEntity<>(backupCollection, HttpStatus.ACCEPTED);
}
@GetMapping("/{collectionName}")
public ResponseEntity<BackupCollection> getCollectionConfig(@PathVariable String collectionName) {
BackupCollection collection = collectionService.getCollectionConfiguration(collectionName);
this.auditLogger.readCollectionConfigurationSuccess(Collections.singletonList(collection.toString()));
return new ResponseEntity<>(collection, HttpStatus.OK);
}
@DeleteMapping("/{collectionName}")
public ResponseEntity deleteCollection(@PathVariable String collectionName) {
collectionService.deleteCollectionConfiguration(collectionName);
this.auditLogger.deleteCollectionSuccess(Collections.singletonList(collectionName));
return new ResponseEntity<>(HttpStatus.NO_CONTENT);
}
@GetMapping("/list")
public ResponseEntity<List<BackupCollection>> listCollections() {
List<BackupCollection> collectionList = collectionService.listCollectionsConfigurations();
this.auditLogger.readListCollectionsSuccess(Collections.singletonList(collectionList.toString()));
return new ResponseEntity<>(collectionList, HttpStatus.OK);
}
......@@ -90,12 +99,14 @@ public class BackupCollectionApi {
public ResponseEntity<List<CollectionState>> getCollectionStates(@PathVariable String collectionName,
@RequestParam(required = false) String success) {
List<CollectionState> collectionStates = collectionService.getCollectionStates(collectionName);
this.auditLogger.readCollectionStatesSuccess(Collections.singletonList(collectionStates.toString()));
return new ResponseEntity<>(collectionStates, HttpStatus.OK);
}
@PatchMapping("/restore/{stateId}")
public ResponseEntity<CollectionState> restoreCollection(@PathVariable String stateId) {
CollectionState collectionState = collectionService.restoreCollection(stateId);
this.auditLogger.restoreCollectionSuccess(Collections.singletonList(collectionState.toString()));
return new ResponseEntity<>(collectionState, HttpStatus.ACCEPTED);
}
......
package org.opengroup.osdu.backup.logging;
import static java.lang.String.format;
import com.google.common.base.Strings;
import java.util.List;
import org.opengroup.osdu.core.common.logging.audit.AuditAction;
import org.opengroup.osdu.core.common.logging.audit.AuditPayload;
import org.opengroup.osdu.core.common.logging.audit.AuditStatus;
public class AuditEvents {
private static final String CREATE_COLLECTION_ACTION_ID = "BU001";
private static final String CREATE_COLLECTION_MESSAGE = "Create collection";
private static final String UPDATE_COLLECTION_ACTION_ID = "BU002";
private static final String UPDATE_COLLECTION_MESSAGE = "Update collection";
private static final String READ_COLLECTION_CONFIG_ACTION_ID = "BU003";
private static final String READ_COLLECTION_CONFIG_MESSAGE = "Read collection configuration";
private static final String DELETE_COLLECTION_ACTION_ID = "BU004";
private static final String DELETE_COLLECTION_MESSAGE = "Delete collection";
private static final String READ_LIST_COLLECTIONS_ACTION_ID = "BU005";
private static final String READ_LIST_COLLECTIONS_MESSAGE = "Read list collections";
private static final String READ_COLLECTION_STATES_ACTION_ID = "BU006";
private static final String READ_COLLECTION_STATES_MESSAGE = "Read collection states";
private static final String RESTORE_COLLECTION_ACTION_ID = "BU007";
private static final String RESTORE_COLLECTION_MESSAGE = "Restore collection";
private final String user;
public AuditEvents(String user) {
if (Strings.isNullOrEmpty(user)) {
throw new IllegalArgumentException("User not provided for audit events.");
}
this.user = user;
}
public AuditPayload getCreateCollectionEvent(AuditStatus status, List<String> resources) {
return AuditPayload.builder()
.action(AuditAction.CREATE)
.status(status)
.user(this.user)
.actionId(CREATE_COLLECTION_ACTION_ID)
.message(getStatusMessage(status, CREATE_COLLECTION_MESSAGE))
.resources(resources)
.build();
}
public AuditPayload getUpdateCollectionEvent(AuditStatus status, List<String> resources) {
return AuditPayload.builder()
.action(AuditAction.UPDATE)
.status(status)
.user(this.user)
.actionId(UPDATE_COLLECTION_ACTION_ID)
.message(getStatusMessage(status, UPDATE_COLLECTION_MESSAGE))
.resources(resources)
.build();
}
public AuditPayload getReadCollectionConfigEvent(AuditStatus status, List<String> resources) {
return AuditPayload.builder()
.action(AuditAction.READ)
.status(status)
.user(this.user)
.actionId(READ_COLLECTION_CONFIG_ACTION_ID)
.message(getStatusMessage(status, READ_COLLECTION_CONFIG_MESSAGE))
.resources(resources)
.build();
}
public AuditPayload getDeleteCollectionEvent(AuditStatus status, List<String> resources) {
return AuditPayload.builder()
.action(AuditAction.DELETE)
.status(status)
.user(this.user)
.actionId(DELETE_COLLECTION_ACTION_ID)
.message(getStatusMessage(status, DELETE_COLLECTION_MESSAGE))
.resources(resources)
.build();
}
public AuditPayload getReadListCollectionsEvent(AuditStatus status, List<String> resources) {
return AuditPayload.builder()
.action(AuditAction.READ)
.status(status)
.user(this.user)
.actionId(READ_LIST_COLLECTIONS_ACTION_ID)
.message(getStatusMessage(status, READ_LIST_COLLECTIONS_MESSAGE))
.resources(resources)
.build();
}
public AuditPayload getReadCollectionStatesEvent(AuditStatus status, List<String> resources) {
return AuditPayload.builder()
.action(AuditAction.READ)
.status(status)
.user(this.user)
.actionId(READ_COLLECTION_STATES_ACTION_ID)
.message(getStatusMessage(status, READ_COLLECTION_STATES_MESSAGE))
.resources(resources)
.build();
}
public AuditPayload getRestoreCollectionEvent(AuditStatus status, List<String> resources) {
return AuditPayload.builder()
.action(AuditAction.UPDATE)
.status(status)
.user(this.user)
.actionId(RESTORE_COLLECTION_ACTION_ID)
.message(getStatusMessage(status, RESTORE_COLLECTION_MESSAGE))
.resources(resources)
.build();
}
private String getStatusMessage(AuditStatus status, String message) {
return format("%s - %s", message, status.name().toLowerCase());
}
}
\ No newline at end of file
package org.opengroup.osdu.backup.logging;
import java.util.List;
import lombok.RequiredArgsConstructor;
import org.opengroup.osdu.core.common.logging.JaxRsDpsLog;
import org.opengroup.osdu.core.common.logging.audit.AuditPayload;
import org.opengroup.osdu.core.common.logging.audit.AuditStatus;
import org.opengroup.osdu.core.common.model.http.DpsHeaders;
import org.springframework.stereotype.Component;
import org.springframework.web.context.annotation.RequestScope;
@Component
@RequestScope
@RequiredArgsConstructor
public class AuditLogger {
private final JaxRsDpsLog logger;
private final DpsHeaders headers;
private AuditEvents auditEvents = null;
private AuditEvents getAuditEvents() {
if (this.auditEvents == null) {
this.auditEvents = new AuditEvents(this.headers.getUserEmail());
}
return auditEvents;
}
public void createCollectionSuccess(List<String> resources) {
writeLog(getAuditEvents().getCreateCollectionEvent(AuditStatus.SUCCESS, resources));
}
public void createCollectionFailure(List<String> resources) {
writeLog(getAuditEvents().getCreateCollectionEvent(AuditStatus.FAILURE, resources));
}
public void updateCollectionSuccess(List<String> resources) {
writeLog(getAuditEvents().getUpdateCollectionEvent(AuditStatus.SUCCESS, resources));
}
public void updateCollectionFailure(List<String> resources) {
writeLog(getAuditEvents().getUpdateCollectionEvent(AuditStatus.FAILURE, resources));
}
public void readCollectionConfigurationSuccess(List<String> resources) {
writeLog(getAuditEvents().getReadCollectionConfigEvent(AuditStatus.SUCCESS, resources));
}
public void readCollectionConfigurationFailure(List<String> resources) {
writeLog(getAuditEvents().getReadCollectionConfigEvent(AuditStatus.FAILURE, resources));
}
public void deleteCollectionSuccess(List<String> resources) {
writeLog(getAuditEvents().getDeleteCollectionEvent(AuditStatus.SUCCESS, resources));
}
public void deleteCollectionFailure(List<String> resources) {
writeLog(getAuditEvents().getDeleteCollectionEvent(AuditStatus.FAILURE, resources));
}
public void readListCollectionsSuccess(List<String> resources) {
writeLog(getAuditEvents().getReadListCollectionsEvent(AuditStatus.SUCCESS, resources));
}
public void readListCollectionsFailure(List<String> resources) {
writeLog(getAuditEvents().getReadListCollectionsEvent(AuditStatus.FAILURE, resources));
}
public void readCollectionStatesSuccess(List<String> resources) {
writeLog(getAuditEvents().getReadCollectionStatesEvent(AuditStatus.SUCCESS, resources));
}
public void readCollectionStatesFailure(List<String> resources) {
writeLog(getAuditEvents().getReadCollectionStatesEvent(AuditStatus.FAILURE, resources));
}
public void restoreCollectionSuccess(List<String> resources) {
writeLog(getAuditEvents().getRestoreCollectionEvent(AuditStatus.SUCCESS, resources));
}
public void restoreCollectionFailure(List<String> resources) {
writeLog(getAuditEvents().getRestoreCollectionEvent(AuditStatus.FAILURE, resources));
}
private void writeLog(AuditPayload log) {
this.logger.audit(log);
}
}
\ No newline at end of file
package org.opengroup.osdu.backup.logging;
import static org.mockito.Matchers.any;
import static org.mockito.Mockito.times;
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.when;
import java.util.Collections;
import java.util.List;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.mockito.InjectMocks;
import org.mockito.Mock;
import org.mockito.runners.MockitoJUnitRunner;
import org.opengroup.osdu.core.common.logging.JaxRsDpsLog;
import org.opengroup.osdu.core.common.model.http.DpsHeaders;
@RunWith(MockitoJUnitRunner.class)
public class AuditLoggerTest {
@Mock
private JaxRsDpsLog log;
@Mock
private DpsHeaders headers;
@InjectMocks
private AuditLogger sut;
private List<String> resources;
@Before
public void setup() {
when(this.headers.getUserEmail()).thenReturn("test_user@email.com");
resources = Collections.singletonList("resources");
}
@Test
public void should_writeCreateCollectionSuccessEvent() {
this.sut.createCollectionSuccess(this.resources);
verify(this.log, times(1)).audit(any());
}
@Test
public void should_writeCreateCollectionFailureEvent() {
this.sut.createCollectionFailure(this.resources);
verify(this.log, times(1)).audit(any());
}
@Test
public void should_writeUpdateCollectionSuccessEvent() {
this.sut.updateCollectionSuccess(this.resources);
verify(this.log, times(1)).audit(any());
}
@Test
public void should_writeUpdateCollectionFailureEvent() {
this.sut.updateCollectionFailure(this.resources);
verify(this.log, times(1)).audit(any());
}
@Test
public void should_writeReadCollectionConfigurationSuccessEvent() {
this.sut.readCollectionConfigurationSuccess(this.resources);
verify(this.log, times(1)).audit(any());
}
@Test
public void should_writeReadCollectionConfigurationFailureEvent() {
this.sut.readCollectionConfigurationFailure(this.resources);
verify(this.log, times(1)).audit(any());
}
@Test
public void should_writeDeleteCollectionSuccessEvent() {
this.sut.deleteCollectionSuccess(this.resources);
verify(this.log, times(1)).audit(any());
}
@Test
public void should_writeDeleteCollectionFailureEvent() {
this.sut.deleteCollectionFailure(this.resources);
verify(this.log, times(1)).audit(any());
}
@Test
public void should_writeReadListCollectionsSuccessEvent() {
this.sut.readListCollectionsSuccess(this.resources);
verify(this.log, times(1)).audit(any());
}
@Test
public void should_writeReadListCollectionsFailureEvent() {
this.sut.readListCollectionsFailure(this.resources);
verify(this.log, times(1)).audit(any());
}
@Test
public void should_writeReadCollectionStatesSuccessEvent() {
this.sut.readCollectionStatesSuccess(this.resources);
verify(this.log, times(1)).audit(any());
}
@Test
public void should_writeReadCollectionStatesFailureEvent() {
this.sut.readCollectionStatesFailure(this.resources);
verify(this.log, times(1)).audit(any());
}
@Test
public void should_writeRestoreCollectionSuccessEvent() {
this.sut.restoreCollectionSuccess(this.resources);
verify(this.log, times(1)).audit(any());
}
@Test
public void should_writeRestoreCollectionFailureEvent() {
this.sut.restoreCollectionFailure(this.resources);
verify(this.log, times(1)).audit(any());
}
}
\ No newline at end of file
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment