Commit 3cd87671 authored by SGupta79's avatar SGupta79
Browse files

Added audit and request logs

parent 40208dd3
Pipeline #24159 passed with stages
in 27 minutes and 44 seconds
package org.opengroup.osdu.schema.logging;
import java.util.List;
import org.opengroup.osdu.core.common.logging.audit.AuditAction;
import org.opengroup.osdu.core.common.logging.audit.AuditPayload;
import org.opengroup.osdu.core.common.logging.audit.AuditStatus;
import com.google.common.base.Strings;
public class AuditEvents {
private static final String CREATE_SCHEMA_ACTION_ID = "SC001";
private static final String CREATE_SCHEMA_MESSAGE = "Schema created";
private static final String UPDATE_SCHEMA_ACTION_ID = "SC002";
private static final String UPDATE_SCHEMA_MESSAGE = "Schema updated";
private static final String READ_SCHEMA_ACTION_ID = "SC003";
private static final String READ_SCHEMA_MESSAGE = "Schema read";
private static final String READ_SCHEMA_LIST_ACTION_ID = "SC004";
private static final String READ_SCHEMA_LIST_MESSAGE = "Read list of schemas";
private final String user;
public AuditEvents(String user) {
if (Strings.isNullOrEmpty(user)) {
throw new IllegalArgumentException("User not provided for audit events.");
}
this.user = user;
}
public AuditPayload getCreateSchemaEventSuccess(List<String> resources) {
return AuditPayload.builder().action(AuditAction.CREATE).status(AuditStatus.SUCCESS)
.actionId(CREATE_SCHEMA_ACTION_ID).message(CREATE_SCHEMA_MESSAGE).resources(resources).user(user)
.build();
}
public AuditPayload getCreateSchemaEventFailure(List<String> resources) {
return AuditPayload.builder().action(AuditAction.CREATE).status(AuditStatus.FAILURE)
.actionId(CREATE_SCHEMA_ACTION_ID).message(CREATE_SCHEMA_MESSAGE).resources(resources).user(user)
.build();
}
public AuditPayload getUpdateSchemaEventSuccess(List<String> resources) {
return AuditPayload.builder().action(AuditAction.UPDATE).status(AuditStatus.SUCCESS)
.actionId(UPDATE_SCHEMA_ACTION_ID).message(UPDATE_SCHEMA_MESSAGE).resources(resources).user(user)
.build();
}
public AuditPayload getUpdateSchemaEventFailure(List<String> resources) {
return AuditPayload.builder().action(AuditAction.UPDATE).status(AuditStatus.FAILURE)
.actionId(UPDATE_SCHEMA_ACTION_ID).message(UPDATE_SCHEMA_MESSAGE).resources(resources).user(user)
.build();
}
public AuditPayload getReadSchemaEventSuccess(List<String> resources) {
return AuditPayload.builder().action(AuditAction.READ).status(AuditStatus.SUCCESS)
.actionId(READ_SCHEMA_ACTION_ID).message(READ_SCHEMA_MESSAGE).resources(resources).user(user).build();
}
public AuditPayload getReadSchemaEventFailure(List<String> resources) {
return AuditPayload.builder().action(AuditAction.READ).status(AuditStatus.FAILURE)
.actionId(READ_SCHEMA_ACTION_ID).message(READ_SCHEMA_MESSAGE).resources(resources).user(user).build();
}
public AuditPayload getReadSchemaListEventSuccess(List<String> resources) {
return AuditPayload.builder().action(AuditAction.READ).status(AuditStatus.SUCCESS)
.actionId(READ_SCHEMA_LIST_ACTION_ID).message(READ_SCHEMA_LIST_MESSAGE).resources(resources).user(user)
.build();
}
public AuditPayload getReadSchemaListEventFailure(List<String> resources) {
return AuditPayload.builder().action(AuditAction.READ).status(AuditStatus.FAILURE)
.actionId(READ_SCHEMA_LIST_ACTION_ID).message(READ_SCHEMA_LIST_MESSAGE).resources(resources).user(user)
.build();
}
}
package org.opengroup.osdu.schema.logging;
import java.util.List;
import org.opengroup.osdu.core.common.logging.JaxRsDpsLog;
import org.opengroup.osdu.core.common.logging.audit.AuditPayload;
import org.opengroup.osdu.core.common.model.http.DpsHeaders;
import org.springframework.beans.factory.annotation.Autowired;
public class AuditLogger {
@Autowired
private JaxRsDpsLog logger;
@Autowired
private DpsHeaders dpsHeaders;
private AuditEvents events = null;
private AuditEvents getAuditEvents() {
if (this.events == null) {
this.events = new AuditEvents(this.dpsHeaders.getUserEmail());
}
return this.events;
}
public void createSchemaSuccess(List<String> resource) {
this.writeLog(this.getAuditEvents().getCreateSchemaEventSuccess(resource));
}
public void createSchemaFailure(List<String> resource) {
this.writeLog(this.getAuditEvents().getCreateSchemaEventFailure(resource));
}
public void updateSchemaSuccess(List<String> resource) {
this.writeLog(this.getAuditEvents().getUpdateSchemaEventSuccess(resource));
}
public void updateSchemaFailure(List<String> resource) {
this.writeLog(this.getAuditEvents().getUpdateSchemaEventFailure(resource));
}
public void readSchemaSuccess(List<String> resource) {
this.writeLog(this.getAuditEvents().getReadSchemaEventSuccess(resource));
}
public void readSchemaFailure(List<String> resource) {
this.writeLog(this.getAuditEvents().getReadSchemaEventFailure(resource));
}
public void readSchemaListSuccess(List<String> resource) {
this.writeLog(this.getAuditEvents().getReadSchemaListEventSuccess(resource));
}
public void readSchemaListFailure(List<String> resource) {
this.writeLog(this.getAuditEvents().getReadSchemaListEventFailure(resource));
}
private void writeLog(AuditPayload log) {
this.logger.audit(log);
}
}
......@@ -20,6 +20,7 @@ import org.opengroup.osdu.schema.exceptions.ApplicationException;
import org.opengroup.osdu.schema.exceptions.BadRequestException;
import org.opengroup.osdu.schema.exceptions.NoSchemaFoundException;
import org.opengroup.osdu.schema.exceptions.NotFoundException;
import org.opengroup.osdu.schema.logging.AuditLogger;
import org.opengroup.osdu.schema.model.QueryParams;
import org.opengroup.osdu.schema.model.SchemaIdentity;
import org.opengroup.osdu.schema.model.SchemaInfo;
......@@ -42,6 +43,8 @@ import com.fasterxml.jackson.core.JsonParseException;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.JsonMappingException;
import com.google.gson.Gson;
import static java.util.Collections.singletonList;
/**
* Schema Service to register, get and update schema.
......@@ -80,6 +83,10 @@ public class SchemaService implements ISchemaService {
@Autowired
DpsHeaders headers;
@Autowired
private AuditLogger auditLogger;
/**
* Method to get schema
*
......@@ -98,7 +105,12 @@ public class SchemaService implements ISchemaService {
} catch (NotFoundException e) {
schema = schemaStore.getSchema(sharedTenant, schemaId);
}
if (schema != null) {
auditLogger.readSchemaSuccess(singletonList(schemaId));
} else {
auditLogger.readSchemaFailure(singletonList(schemaId));
}
return schema;
}
......@@ -144,9 +156,11 @@ public class SchemaService implements ISchemaService {
try {
SchemaInfo schemaInfo = schemaInfoStore.createSchemaInfo(schemaRequest);
schemaStore.createSchema(schemaId, schema);
auditLogger.createSchemaSuccess(singletonList(schemaId));
return schemaInfo;
} catch (ApplicationException ex) {
log.warning(SchemaConstants.SCHEMA_CREATION_FAILED);
auditLogger.createSchemaFailure(singletonList(schemaId));
schemaInfoStore.cleanSchema(schemaId);
schemaStore.cleanSchemaProject(schemaId);
log.info(SchemaConstants.SCHEMA_CREATE_CLEAN);
......@@ -154,9 +168,11 @@ public class SchemaService implements ISchemaService {
}
} else {
log.error("The schema could not be created due invalid authority,source or entityType");
auditLogger.createSchemaFailure(singletonList(schemaId));
throw new ApplicationException(SchemaConstants.INTERNAL_SERVER_ERROR);
}
} else {
auditLogger.createSchemaFailure(singletonList(schemaId));
throw new BadRequestException(SchemaConstants.SCHEMA_ID_EXISTS);
}
}
......@@ -184,7 +200,8 @@ public class SchemaService implements ISchemaService {
} catch (NotFoundException e) {
log.error(SchemaConstants.INVALID_SCHEMA_UPDATE);
auditLogger.updateSchemaFailure(singletonList(schemaRequest.getSchemaInfo().getSchemaIdentity().getId()));
if (!SchemaStatus.DEVELOPMENT.equals(schemaRequest.getSchemaInfo().getStatus()))
throw new BadRequestException(SchemaConstants.SCHEMA_PUT_CREATE_EXCEPTION);
......@@ -199,9 +216,11 @@ public class SchemaService implements ISchemaService {
SchemaInfo schInfo = schemaInfoStore.updateSchemaInfo(schemaRequest);
schemaStore.createSchema(schemaRequest.getSchemaInfo().getSchemaIdentity().getId(), schema);
log.info(SchemaConstants.SCHEMA_UPDATED);
auditLogger.updateSchemaSuccess(singletonList(schInfo.getSchemaIdentity().getId()));
return schInfo;
} else {
log.error(SchemaConstants.SCHEMA_UPDATE_ERROR);
auditLogger.updateSchemaFailure(singletonList(schemaRequest.getSchemaInfo().getSchemaIdentity().getId()));
throw new BadRequestException(SchemaConstants.SCHEMA_UPDATE_EXCEPTION);
}
......@@ -258,6 +277,13 @@ public class SchemaService implements ISchemaService {
.sorted(compareByCreatedDate)
.limit(queryParams.getLimit()).collect(Collectors.toList());
if (!schemaFinalList.isEmpty()) {
auditLogger.readSchemaListSuccess(schemaFinalList.stream()
.map(schemaInfo -> schemaInfo.getSchemaIdentity().getId()).collect(Collectors.toList()));
} else {
auditLogger.readSchemaListFailure(singletonList(Integer.toString(0)));
}
return SchemaInfoResponse.builder().schemaInfos(schemaFinalList).count(schemaFinalList.size())
.offset(queryParams.getOffset()).totalCount(schemaList.size()).build();
}
......@@ -269,13 +295,18 @@ public class SchemaService implements ISchemaService {
SchemaUpsertResponse.SchemaUpsertResponseBuilder upsertBuilder = SchemaUpsertResponse.builder();
try {
response = updateSchema(schemaRequest);
httpCode = HttpStatus.OK;
auditLogger.updateSchemaSuccess(singletonList(response.getSchemaIdentity().getId()));
httpCode = HttpStatus.OK;
} catch (NoSchemaFoundException noSchemaFound) {
try {
response = createSchema(schemaRequest);
httpCode = HttpStatus.CREATED;
auditLogger.createSchemaSuccess(singletonList(response.getSchemaIdentity().getId()));
httpCode = HttpStatus.CREATED;
}catch (BadRequestException badreqEx) {
//If there is same schema-id for other tenant then throw different error message
auditLogger.createSchemaFailure(singletonList(schemaRequest.getSchemaInfo().getSchemaIdentity().getId()));
if(SchemaConstants.SCHEMA_ID_EXISTS.equals(badreqEx.getMessage()))
throw new BadRequestException(SchemaConstants.INVALID_UPDATE_OPERATION);
......
package org.opengroup.osdu.schema.util;
import java.io.IOException;
import java.time.Duration;
import java.time.Instant;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
......@@ -15,6 +17,7 @@ import org.json.JSONArray;
import org.json.JSONException;
import org.json.JSONObject;
import org.opengroup.osdu.core.common.logging.JaxRsDpsLog;
import org.opengroup.osdu.core.common.model.http.Request;
import org.opengroup.osdu.schema.constants.SchemaConstants;
import org.opengroup.osdu.schema.exceptions.ApplicationException;
import org.opengroup.osdu.schema.exceptions.BadRequestException;
......@@ -166,9 +169,14 @@ public class SchemaResolver {
CloseableHttpClient httpClient = HttpClientBuilder.create().build();
HttpGet getRequest = new HttpGet(url);
getRequest.addHeader("accept", "application/json");
Instant startTime = Instant.now();
HttpResponse response = httpClient.execute(getRequest);
Instant endTime = Instant.now();
int statusCode = response.getStatusLine().getStatusCode();
log.request(Request.builder().requestMethod(getRequest.getMethod()).Status(statusCode).latency(Duration.between(startTime, endTime))
.requestUrl(url).build());
if (statusCode != HttpStatus.SC_OK) {
log.error(String.format("Response code while fetching schema from %s , %d", url, statusCode));
log.error(String.format("Response received while fetching schema from %s , %s", url,
......
......@@ -29,6 +29,7 @@ import org.opengroup.osdu.schema.exceptions.ApplicationException;
import org.opengroup.osdu.schema.exceptions.BadRequestException;
import org.opengroup.osdu.schema.exceptions.NoSchemaFoundException;
import org.opengroup.osdu.schema.exceptions.NotFoundException;
import org.opengroup.osdu.schema.logging.AuditLogger;
import org.opengroup.osdu.schema.model.QueryParams;
import org.opengroup.osdu.schema.model.SchemaIdentity;
import org.opengroup.osdu.schema.model.SchemaInfo;
......@@ -84,6 +85,9 @@ public class SchemaServiceTest {
@Value("${shared.tenant.name:common}")
private String sharedTenant;
@Mock
AuditLogger auditLogger;
private Date currDate = new Date();
@Rule
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment