http://git-wip-us.apache.org/repos/asf/ambari/blob/565c2ea2/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/RepositoryVersionEventCreator.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/RepositoryVersionEventCreator.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/RepositoryVersionEventCreator.java new file mode 100644 index 0000000..2f71237 --- /dev/null +++ b/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/RepositoryVersionEventCreator.java @@ -0,0 +1,216 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.ambari.server.audit.request.eventcreator; + +import java.util.HashMap; +import java.util.LinkedList; +import java.util.List; +import java.util.Map; +import java.util.Set; + +import org.apache.ambari.server.api.services.Request; +import org.apache.ambari.server.api.services.Result; +import org.apache.ambari.server.api.services.ResultStatus; +import org.apache.ambari.server.audit.event.AuditEvent; +import org.apache.ambari.server.audit.event.request.AddRepositoryVersionRequestAuditEvent; +import org.apache.ambari.server.audit.event.request.ChangeRepositoryVersionRequestAuditEvent; +import org.apache.ambari.server.audit.event.request.DeleteRepositoryVersionRequestAuditEvent; +import org.apache.ambari.server.audit.request.RequestAuditEventCreator; +import org.apache.ambari.server.controller.spi.Resource; +import org.apache.ambari.server.controller.utilities.PropertyHelper; +import org.joda.time.DateTime; +import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.security.core.userdetails.User; + +import com.google.common.collect.ImmutableSet; + +/** + * This creator handles privilege requests + * For resource type {@link Resource.Type#Repository} + * and request types {@link Request.Type#POST}, {@link Request.Type#PUT} and {@link Request.Type#DELETE} + */ +public class RepositoryVersionEventCreator implements RequestAuditEventCreator { + + /** + * Set of {@link Request.Type}s that are handled by this plugin + */ + private Set<Request.Type> requestTypes = ImmutableSet.<Request.Type>builder().add(Request.Type.PUT, Request.Type.POST, Request.Type.DELETE).build(); + + /** + * Set of {@link Resource.Type}s that are handled by this plugin + */ + private Set<Resource.Type> resourceTypes = ImmutableSet.<Resource.Type>builder().add(Resource.Type.RepositoryVersion).build(); + + /** + * {@inheritDoc} + */ + @Override + public Set<Request.Type> getRequestTypes() { + return requestTypes; + } + + /** + * {@inheritDoc} + */ + @Override + public Set<Resource.Type> getResourceTypes() { + return resourceTypes; + } + + /** + * {@inheritDoc} + */ + @Override + public Set<ResultStatus.STATUS> getResultStatuses() { + return null; + } + + /** + * {@inheritDoc} + */ + @Override + public AuditEvent createAuditEvent(Request request, Result result) { + String username = ((User) SecurityContextHolder.getContext().getAuthentication().getPrincipal()).getUsername(); + + switch (request.getRequestType()) { + case POST: + return AddRepositoryVersionRequestAuditEvent.builder() + .withTimestamp(DateTime.now()) + .withRequestType(request.getRequestType()) + .withResultStatus(result.getStatus()) + .withUrl(request.getURI()) + .withRemoteIp(request.getRemoteAddress()) + .withUserName(username) + .withStackName(getProperty(request, PropertyHelper.getPropertyId("RepositoryVersions", "stack_name"))) + .withStackVersion(getProperty(request, PropertyHelper.getPropertyId("RepositoryVersions", "stack_version"))) + .withDisplayName(getProperty(request, PropertyHelper.getPropertyId("RepositoryVersions", "display_name"))) + .withRepoVersion(getProperty(request, PropertyHelper.getPropertyId("RepositoryVersions", "repository_version"))) + .withRepos(getRepos(request)) + .build(); + case PUT: + return ChangeRepositoryVersionRequestAuditEvent.builder() + .withTimestamp(DateTime.now()) + .withRequestType(request.getRequestType()) + .withResultStatus(result.getStatus()) + .withUrl(request.getURI()) + .withRemoteIp(request.getRemoteAddress()) + .withUserName(username) + .withStackName(getProperty(request, PropertyHelper.getPropertyId("RepositoryVersions", "stack_name"))) + .withStackVersion(getProperty(request, PropertyHelper.getPropertyId("RepositoryVersions", "stack_version"))) + .withDisplayName(getProperty(request, PropertyHelper.getPropertyId("RepositoryVersions", "display_name"))) + .withRepoVersion(getProperty(request, PropertyHelper.getPropertyId("RepositoryVersions", "repository_version"))) + .withRepos(getRepos(request)) + .build(); + case DELETE: + return DeleteRepositoryVersionRequestAuditEvent.builder() + .withTimestamp(DateTime.now()) + .withRequestType(request.getRequestType()) + .withResultStatus(result.getStatus()) + .withUrl(request.getURI()) + .withRemoteIp(request.getRemoteAddress()) + .withUserName(username) + .withStackName(request.getResource().getKeyValueMap().get(Resource.Type.Stack)) + .withStackVersion(request.getResource().getKeyValueMap().get(Resource.Type.StackVersion)) + .withRepoVersion(request.getResource().getKeyValueMap().get(Resource.Type.RepositoryVersion)) + .build(); + default: + return null; + } + } + + /** + * Assembles repositories from the request + * operating system -> list of repositories where the repository is a map of properties (repo_id, repo_name, base_url) + * @param request + * @return a map of repositories + */ + private Map<String, List<Map<String, String>>> getRepos(Request request) { + + Map<String, List<Map<String, String>>> result = new HashMap<String, List<Map<String, String>>>(); + + if (!request.getBody().getPropertySets().isEmpty()) { + if (request.getBody().getPropertySets().iterator().next().get("operating_systems") instanceof Set) { + Set<Object> set = (Set<Object>) request.getBody().getPropertySets().iterator().next().get("operating_systems"); + + result = createResultForOperationSystems(set); + } + } + return result; + } + + /** + * Returns repos for the set of operating systems + * @param set + * @return + */ + private Map<String, List<Map<String, String>>> createResultForOperationSystems(Set<Object> set) { + Map<String, List<Map<String, String>>> result = new HashMap<String, List<Map<String, String>>>(); + for (Object entry : set) { + if (entry instanceof Map) { + Map<String, Object> map = (Map<String, Object>) entry; + String osType = (String) map.get(PropertyHelper.getPropertyId("OperatingSystems", "os_type")); + if (!result.containsKey(osType)) { + result.put(osType, new LinkedList<Map<String, String>>()); + } + if (map.get("repositories") instanceof Set) { + Set<Object> repos = (Set<Object>) map.get("repositories"); + for (Object repo : repos) { + if (repo instanceof Map) { + Map<String, String> resultMap = buildResultRepo((Map<String, String>) repo); + result.get(osType).add(resultMap); + } + } + } + } + } + return result; + } + + /** + * Returns a map with the repository properties (repo_id, repo_name, base_url) + * @param repo + * @return + */ + private Map<String, String> buildResultRepo(Map<String, String> repo) { + Map<String, String> m = repo; + String repoId = m.get(PropertyHelper.getPropertyId("Repositories", "repo_id")); + String repo_name = m.get(PropertyHelper.getPropertyId("Repositories", "repo_name")); + String baseUrl = m.get(PropertyHelper.getPropertyId("Repositories", "base_url")); + Map<String, String> resultMap = new HashMap<>(); + resultMap.put("repo_id", repoId); + resultMap.put("repo_name", repo_name); + resultMap.put("base_url", baseUrl); + return resultMap; + } + + /** + * Returns property from the request based on the propertyId parameter + * @param request + * @param properyId + * @return + */ + private String getProperty(Request request, String properyId) { + if (!request.getBody().getPropertySets().isEmpty()) { + return String.valueOf(request.getBody().getPropertySets().iterator().next().get(properyId)); + } + return null; + } + + +}
http://git-wip-us.apache.org/repos/asf/ambari/blob/565c2ea2/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/RequestEventCreator.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/RequestEventCreator.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/RequestEventCreator.java new file mode 100644 index 0000000..9610e4f --- /dev/null +++ b/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/RequestEventCreator.java @@ -0,0 +1,102 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.ambari.server.audit.request.eventcreator; + +import java.util.Set; + +import org.apache.ambari.server.api.services.Request; +import org.apache.ambari.server.api.services.Result; +import org.apache.ambari.server.api.services.ResultStatus; +import org.apache.ambari.server.audit.event.AuditEvent; +import org.apache.ambari.server.audit.event.request.AddRequestRequestAuditEvent; +import org.apache.ambari.server.audit.request.RequestAuditEventCreator; +import org.apache.ambari.server.controller.internal.RequestOperationLevel; +import org.apache.ambari.server.controller.spi.Resource; +import org.joda.time.DateTime; +import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.security.core.userdetails.User; + +import com.google.common.collect.ImmutableSet; + +/** + * This creator handles request type requests + * For resource type {@link Resource.Type#Request} + * and request types {@link Request.Type#POST} + */ +public class RequestEventCreator implements RequestAuditEventCreator { + + /** + * Set of {@link Request.Type}s that are handled by this plugin + */ + private Set<Request.Type> requestTypes = ImmutableSet.<Request.Type>builder().add(Request.Type.POST).build(); + + /** + * Set of {@link Resource.Type}s that are handled by this plugin + */ + private Set<Resource.Type> resourceTypes = ImmutableSet.<Resource.Type>builder().add(Resource.Type.Request).build(); + + /** + * {@inheritDoc} + */ + @Override + public Set<Request.Type> getRequestTypes() { + return requestTypes; + } + + /** + * {@inheritDoc} + */ + @Override + public Set<Resource.Type> getResourceTypes() { + return resourceTypes; + } + + /** + * {@inheritDoc} + */ + @Override + public Set<ResultStatus.STATUS> getResultStatuses() { + // null makes this default + return null; + } + + /** + * {@inheritDoc} + */ + @Override + public AuditEvent createAuditEvent(Request request, Result result) { + String username = ((User) SecurityContextHolder.getContext().getAuthentication().getPrincipal()).getUsername(); + + switch (request.getRequestType()) { + case POST: + return AddRequestRequestAuditEvent.builder() + .withTimestamp(DateTime.now()) + .withRequestType(request.getRequestType()) + .withResultStatus(result.getStatus()) + .withUrl(request.getURI()) + .withRemoteIp(request.getRemoteAddress()) + .withUserName(username) + .withCommand(request.getBody().getRequestInfoProperties().get("command")) + .withClusterName(request.getBody().getRequestInfoProperties().get(RequestOperationLevel.OPERATION_CLUSTER_ID)) + .build(); + default: + return null; + } + } +} http://git-wip-us.apache.org/repos/asf/ambari/blob/565c2ea2/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/ServiceConfigDownloadEventCreator.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/ServiceConfigDownloadEventCreator.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/ServiceConfigDownloadEventCreator.java new file mode 100644 index 0000000..694be24 --- /dev/null +++ b/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/ServiceConfigDownloadEventCreator.java @@ -0,0 +1,93 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.ambari.server.audit.request.eventcreator; + +import java.util.Set; + +import org.apache.ambari.server.api.services.Request; +import org.apache.ambari.server.api.services.Result; +import org.apache.ambari.server.api.services.ResultStatus; +import org.apache.ambari.server.audit.event.AuditEvent; +import org.apache.ambari.server.audit.event.request.ClientConfigDownloadRequestAuditEvent; +import org.apache.ambari.server.audit.request.RequestAuditEventCreator; +import org.apache.ambari.server.controller.spi.Resource; +import org.joda.time.DateTime; +import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.security.core.userdetails.User; + +import com.google.common.collect.ImmutableSet; + +/** + * This creator handles service config download requests + * For resource type {@link Resource.Type#Service} + * and request types {@link Request.Type#GET} + */ +public class ServiceConfigDownloadEventCreator implements RequestAuditEventCreator { + + /** + * Set of {@link Request.Type}s that are handled by this plugin + */ + private Set<Request.Type> requestTypes = ImmutableSet.<Request.Type>builder().add(Request.Type.GET).build(); + + /** + * Set of {@link Resource.Type}s that are handled by this plugin + */ + private Set<Resource.Type> resourceTypes = ImmutableSet.<Resource.Type>builder().add(Resource.Type.ClientConfig).build(); + /** + * {@inheritDoc} + */ + @Override + public Set<Request.Type> getRequestTypes() { + return requestTypes; + } + + /** + * {@inheritDoc} + */ + @Override + public Set<Resource.Type> getResourceTypes() { + return resourceTypes; + } + + /** + * {@inheritDoc} + */ + @Override + public Set<ResultStatus.STATUS> getResultStatuses() { + return null; + } + + /** + * {@inheritDoc} + */ + @Override + public AuditEvent createAuditEvent(Request request, Result result) { + String username = ((User) SecurityContextHolder.getContext().getAuthentication().getPrincipal()).getUsername(); + return ClientConfigDownloadRequestAuditEvent.builder() + .withTimestamp(DateTime.now()) + .withRequestType(request.getRequestType()) + .withResultStatus(result.getStatus()) + .withUrl(request.getURI()) + .withRemoteIp(request.getRemoteAddress()) + .withUserName(username) + .withService(request.getResource().getKeyValueMap().get(Resource.Type.Service)) + .withComponent(request.getResource().getKeyValueMap().get(Resource.Type.Component)) + .build(); + } +} http://git-wip-us.apache.org/repos/asf/ambari/blob/565c2ea2/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/ServiceEventCreator.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/ServiceEventCreator.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/ServiceEventCreator.java new file mode 100644 index 0000000..327dc3c --- /dev/null +++ b/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/ServiceEventCreator.java @@ -0,0 +1,180 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.ambari.server.audit.request.eventcreator; + +import java.util.Map; +import java.util.Set; + +import org.apache.ambari.server.api.services.Request; +import org.apache.ambari.server.api.services.Result; +import org.apache.ambari.server.api.services.ResultStatus; +import org.apache.ambari.server.audit.event.AuditEvent; +import org.apache.ambari.server.audit.event.request.DeleteServiceRequestAuditEvent; +import org.apache.ambari.server.audit.event.request.StartOperationRequestAuditEvent; +import org.apache.ambari.server.audit.request.RequestAuditEventCreator; +import org.apache.ambari.server.controller.internal.RequestOperationLevel; +import org.apache.ambari.server.controller.spi.Resource; +import org.apache.ambari.server.controller.utilities.PropertyHelper; +import org.joda.time.DateTime; +import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.security.core.userdetails.User; + +import com.google.common.collect.ImmutableSet; + +/** + * This creator handles operation requests (start, stop, install, etc) + * For resource type {@link Resource.Type#Service} + * and request types {@link Request.Type#POST}, {@link Request.Type#PUT} and {@link Request.Type#DELETE} + */ +public class ServiceEventCreator implements RequestAuditEventCreator { + + /** + * Set of {@link Request.Type}s that are handled by this plugin + */ + private Set<Request.Type> requestTypes = ImmutableSet.<Request.Type>builder().add(Request.Type.PUT, Request.Type.POST, Request.Type.DELETE).build(); + + /** + * Set of {@link Resource.Type}s that are handled by this plugin + */ + private Set<Resource.Type> resourceTypes = ImmutableSet.<Resource.Type>builder().add(Resource.Type.Service).build(); + + /** + * {@inheritDoc} + */ + @Override + public Set<Request.Type> getRequestTypes() { + return requestTypes; + } + + /** + * {@inheritDoc} + */ + @Override + public Set<Resource.Type> getResourceTypes() { + return resourceTypes; + } + + /** + * {@inheritDoc} + */ + @Override + public Set<ResultStatus.STATUS> getResultStatuses() { + // null makes this default + return null; + } + + /** + * {@inheritDoc} + */ + @Override + public AuditEvent createAuditEvent(Request request, Result result) { + String username = ((User) SecurityContextHolder.getContext().getAuthentication().getPrincipal()).getUsername(); + + if (request.getRequestType() == Request.Type.DELETE) { + return DeleteServiceRequestAuditEvent.builder() + .withTimestamp(DateTime.now()) + .withRequestType(request.getRequestType()) + .withResultStatus(result.getStatus()) + .withUrl(request.getURI()) + .withRemoteIp(request.getRemoteAddress()) + .withUserName(username) + .withService(request.getResource().getKeyValueMap().get(Resource.Type.Service)) + .build(); + } + + String operation = getOperation(request); + + Long requestId = null; + if (containsRequestId(result)) { + requestId = getRequestId(result); + } + + StartOperationRequestAuditEvent.StartOperationAuditEventBuilder auditEventBuilder = StartOperationRequestAuditEvent.builder() + .withOperation(operation) + .withUserName(username) + .withRemoteIp(request.getRemoteAddress()) + .withTimestamp(DateTime.now()) + .withRequestId(String.valueOf(requestId)); + + if (result.getStatus().isErrorState()) { + auditEventBuilder.withReasonOfFailure(result.getStatus().getMessage()); + } + + return auditEventBuilder.build(); + } + + /** + * Generates operation name based on the request. It checks the operation level, the host name, the service name, the status + * and whether this is a maintenance mode switch change. + * @param request + * @return + */ + private String getOperation(Request request) { + if (request.getBody().getRequestInfoProperties().containsKey(RequestOperationLevel.OPERATION_LEVEL_ID)) { + String operation = ""; + if ("CLUSTER".equals(request.getBody().getRequestInfoProperties().get(RequestOperationLevel.OPERATION_LEVEL_ID))) { + for (Map<String, Object> map : request.getBody().getPropertySets()) { + if (map.containsKey(PropertyHelper.getPropertyId("ServiceInfo", "state"))) { + operation = String.valueOf(map.get(PropertyHelper.getPropertyId("ServiceInfo", "state"))) + ": all services" + + " (" + request.getBody().getRequestInfoProperties().get(RequestOperationLevel.OPERATION_CLUSTER_ID) + ")"; + break; + } + } + } + if ("SERVICE".equals(request.getBody().getRequestInfoProperties().get(RequestOperationLevel.OPERATION_LEVEL_ID))) { + for (Map<String, Object> map : request.getBody().getPropertySets()) { + if (map.containsKey(PropertyHelper.getPropertyId("ServiceInfo", "state"))) { + operation = String.valueOf(map.get(PropertyHelper.getPropertyId("ServiceInfo", "state"))) + ": " + map.get(PropertyHelper.getPropertyId("ServiceInfo", "service_name")) + + " (" + request.getBody().getRequestInfoProperties().get(RequestOperationLevel.OPERATION_CLUSTER_ID) + ")"; + break; + } + } + } + return operation; + } + + for (Map<String, Object> map : request.getBody().getPropertySets()) { + if (map.containsKey(PropertyHelper.getPropertyId("ServiceInfo", "maintenance_state"))) { + return "Turn " + map.get(PropertyHelper.getPropertyId("ServiceInfo", "maintenance_state")) + " Maintenance Mode for " + map.get(PropertyHelper.getPropertyId("ServiceInfo", "service_name")); + } + } + return null; + } + + /** + * Returns request id from the result + * @param result + * @return + */ + private Long getRequestId(Result result) { + return (Long) result.getResultTree().getChild("request").getObject().getPropertiesMap().get("Requests").get("id"); + } + + /** + * Checks if request id can be found in the result + * @param result + * @return + */ + private boolean containsRequestId(Result result) { + return result.getResultTree().getChild("request") != null + && result.getResultTree().getChild("request").getObject() != null + && result.getResultTree().getChild("request").getObject().getPropertiesMap().get("Requests") != null + && result.getResultTree().getChild("request").getObject().getPropertiesMap().get("Requests").get("id") != null; + } +} http://git-wip-us.apache.org/repos/asf/ambari/blob/565c2ea2/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/UnauthorizedEventCreator.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/UnauthorizedEventCreator.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/UnauthorizedEventCreator.java new file mode 100644 index 0000000..2396376 --- /dev/null +++ b/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/UnauthorizedEventCreator.java @@ -0,0 +1,87 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.ambari.server.audit.request.eventcreator; + +import java.util.Set; + +import org.apache.ambari.server.api.services.Request; +import org.apache.ambari.server.api.services.Result; +import org.apache.ambari.server.api.services.ResultStatus; +import org.apache.ambari.server.audit.event.AccessUnauthorizedAuditEvent; +import org.apache.ambari.server.audit.event.AuditEvent; +import org.apache.ambari.server.audit.request.RequestAuditEventCreator; +import org.apache.ambari.server.controller.spi.Resource; +import org.joda.time.DateTime; +import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.security.core.userdetails.User; + +import com.google.common.collect.ImmutableSet; + +/** + * This creator handles unauthorized actions + * For result status {@link ResultStatus.STATUS#UNAUTHORIZED} and {@link ResultStatus.STATUS#FORBIDDEN} + */ +public class UnauthorizedEventCreator implements RequestAuditEventCreator { + + /** + * Set of {@link Request.Type}s that are handled by this plugin + */ + private Set<ResultStatus.STATUS> statuses = ImmutableSet.<ResultStatus.STATUS>builder().add(ResultStatus.STATUS.UNAUTHORIZED, ResultStatus.STATUS.FORBIDDEN).build(); + + /** + * {@inheritDoc} + */ + @Override + public Set<Request.Type> getRequestTypes() { + return null; + } + + /** + * {@inheritDoc} + */ + @Override + public Set<Resource.Type> getResourceTypes() { + return null; + } + + /** + * {@inheritDoc} + */ + @Override + public Set<ResultStatus.STATUS> getResultStatuses() { + return statuses; + } + + /** + * {@inheritDoc} + */ + @Override + public AuditEvent createAuditEvent(Request request, Result result) { + + String username = ((User) SecurityContextHolder.getContext().getAuthentication().getPrincipal()).getUsername(); + AccessUnauthorizedAuditEvent ae = AccessUnauthorizedAuditEvent.builder() + .withRemoteIp(request.getRemoteAddress()) + .withResourcePath(request.getURI()) + .withTimestamp(DateTime.now()) + .withUserName(username) + .build(); + + return ae; + } +} http://git-wip-us.apache.org/repos/asf/ambari/blob/565c2ea2/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/UpgradeEventCreator.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/UpgradeEventCreator.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/UpgradeEventCreator.java new file mode 100644 index 0000000..c7be302 --- /dev/null +++ b/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/UpgradeEventCreator.java @@ -0,0 +1,111 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.ambari.server.audit.request.eventcreator; + +import java.util.Set; + +import org.apache.ambari.server.api.services.Request; +import org.apache.ambari.server.api.services.Result; +import org.apache.ambari.server.api.services.ResultStatus; +import org.apache.ambari.server.audit.event.AuditEvent; +import org.apache.ambari.server.audit.event.request.AddUpgradeRequestAuditEvent; +import org.apache.ambari.server.audit.request.RequestAuditEventCreator; +import org.apache.ambari.server.controller.spi.Resource; +import org.apache.ambari.server.controller.utilities.PropertyHelper; +import org.joda.time.DateTime; +import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.security.core.userdetails.User; + +import com.google.common.collect.ImmutableSet; + +/** + * This creator handles upgrade requests + * For resource type {@link Resource.Type#Upgrade} + * and request types {@link Request.Type#POST} + */ +public class UpgradeEventCreator implements RequestAuditEventCreator { + + /** + * Set of {@link Request.Type}s that are handled by this plugin + */ + private Set<Request.Type> requestTypes = ImmutableSet.<Request.Type>builder().add(Request.Type.POST).build(); + + /** + * Set of {@link Resource.Type}s that are handled by this plugin + */ + private Set<Resource.Type> resourceTypes = ImmutableSet.<Resource.Type>builder().add(Resource.Type.Upgrade).build(); + + /** + * {@inheritDoc} + */ + @Override + public Set<Request.Type> getRequestTypes() { + return requestTypes; + } + + /** + * {@inheritDoc} + */ + @Override + public Set<Resource.Type> getResourceTypes() { + return resourceTypes; + } + + /** + * {@inheritDoc} + */ + @Override + public Set<ResultStatus.STATUS> getResultStatuses() { + return null; + } + + /** + * {@inheritDoc} + */ + @Override + public AuditEvent createAuditEvent(Request request, Result result) { + String username = ((User) SecurityContextHolder.getContext().getAuthentication().getPrincipal()).getUsername(); + + return AddUpgradeRequestAuditEvent.builder() + .withTimestamp(DateTime.now()) + .withRequestType(request.getRequestType()) + .withResultStatus(result.getStatus()) + .withUrl(request.getURI()) + .withRemoteIp(request.getRemoteAddress()) + .withUserName(username) + .withRepositoryVersion(getProperty(request, "repository_version")) + .withUpgradeType(getProperty(request, "upgrade_type")) + .withClusterName(getProperty(request, "cluster_name")) + .build(); + + } + + /** + * Returns property from the request based on the propertyName parameter + * @param request + * @param propertyName + * @return + */ + private String getProperty(Request request, String propertyName) { + if (!request.getBody().getPropertySets().isEmpty()) { + return String.valueOf(request.getBody().getPropertySets().iterator().next().get(PropertyHelper.getPropertyId("Upgrade", propertyName))); + } + return null; + } +} http://git-wip-us.apache.org/repos/asf/ambari/blob/565c2ea2/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/UpgradeItemEventCreator.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/UpgradeItemEventCreator.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/UpgradeItemEventCreator.java new file mode 100644 index 0000000..5eb0688 --- /dev/null +++ b/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/UpgradeItemEventCreator.java @@ -0,0 +1,111 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.ambari.server.audit.request.eventcreator; + +import java.util.Set; + +import org.apache.ambari.server.api.services.Request; +import org.apache.ambari.server.api.services.Result; +import org.apache.ambari.server.api.services.ResultStatus; +import org.apache.ambari.server.audit.event.AuditEvent; +import org.apache.ambari.server.audit.event.request.UpdateUpgradeItemRequestAuditEvent; +import org.apache.ambari.server.audit.request.RequestAuditEventCreator; +import org.apache.ambari.server.controller.spi.Resource; +import org.apache.ambari.server.controller.utilities.PropertyHelper; +import org.joda.time.DateTime; +import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.security.core.userdetails.User; + +import com.google.common.collect.ImmutableSet; + +/** + * This creator handles upgrade requests + * For resource type {@link Resource.Type#Upgrade} + * and request types {@link Request.Type#PUT} + */ +public class UpgradeItemEventCreator implements RequestAuditEventCreator { + + /** + * Set of {@link Request.Type}s that are handled by this plugin + */ + private Set<Request.Type> requestTypes = ImmutableSet.<Request.Type>builder().add(Request.Type.PUT).build(); + + /** + * Set of {@link Resource.Type}s that are handled by this plugin + */ + private Set<Resource.Type> resourceTypes = ImmutableSet.<Resource.Type>builder().add(Resource.Type.UpgradeItem).build(); + + /** + * {@inheritDoc} + */ + @Override + public Set<Request.Type> getRequestTypes() { + return requestTypes; + } + + /** + * {@inheritDoc} + */ + @Override + public Set<Resource.Type> getResourceTypes() { + return resourceTypes; + } + + /** + * {@inheritDoc} + */ + @Override + public Set<ResultStatus.STATUS> getResultStatuses() { + return null; + } + + /** + * {@inheritDoc} + */ + @Override + public AuditEvent createAuditEvent(Request request, Result result) { + String username = ((User) SecurityContextHolder.getContext().getAuthentication().getPrincipal()).getUsername(); + + return UpdateUpgradeItemRequestAuditEvent.builder() + .withTimestamp(DateTime.now()) + .withRequestType(request.getRequestType()) + .withResultStatus(result.getStatus()) + .withUrl(request.getURI()) + .withRemoteIp(request.getRemoteAddress()) + .withUserName(username) + .withStatus(getProperty(request, "status")) + .withStageId(getProperty(request, "stage_id")) + .withRequestId(getProperty(request, "request_id")) + .build(); + + } + + /** + * Returns property from the request based on the propertyName parameter + * @param request + * @param propertyName + * @return + */ + private String getProperty(Request request, String propertyName) { + if (!request.getBody().getPropertySets().isEmpty()) { + return String.valueOf(request.getBody().getPropertySets().iterator().next().get(PropertyHelper.getPropertyId("UpgradeItem", propertyName))); + } + return null; + } +} http://git-wip-us.apache.org/repos/asf/ambari/blob/565c2ea2/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/UserEventCreator.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/UserEventCreator.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/UserEventCreator.java new file mode 100644 index 0000000..11d1832 --- /dev/null +++ b/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/UserEventCreator.java @@ -0,0 +1,212 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.ambari.server.audit.request.eventcreator; + +import java.util.Set; + +import org.apache.ambari.server.api.services.Request; +import org.apache.ambari.server.api.services.Result; +import org.apache.ambari.server.api.services.ResultStatus; +import org.apache.ambari.server.audit.event.AuditEvent; +import org.apache.ambari.server.audit.event.request.ActivateUserRequestAuditEvent; +import org.apache.ambari.server.audit.event.request.AdminUserRequestAuditEvent; +import org.apache.ambari.server.audit.event.request.CreateUserRequestAuditEvent; +import org.apache.ambari.server.audit.event.request.DeleteUserRequestAuditEvent; +import org.apache.ambari.server.audit.event.request.UserPasswordChangeRequestAuditEvent; +import org.apache.ambari.server.audit.request.RequestAuditEventCreator; +import org.apache.ambari.server.controller.spi.Resource; +import org.apache.ambari.server.controller.utilities.PropertyHelper; +import org.joda.time.DateTime; +import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.security.core.userdetails.User; + +import com.google.common.collect.ImmutableSet; + +/** + * This creator handles user requests + * For resource type {@link Resource.Type#User} + * and request types {@link Request.Type#POST}, {@link Request.Type#PUT} and {@link Request.Type#DELETE} + */ +public class UserEventCreator implements RequestAuditEventCreator { + + /** + * Set of {@link Request.Type}s that are handled by this plugin + */ + private Set<Request.Type> requestTypes = ImmutableSet.<Request.Type>builder().add(Request.Type.PUT, Request.Type.POST, Request.Type.DELETE).build(); + + /** + * Set of {@link Resource.Type}s that are handled by this plugin + */ + private Set<Resource.Type> resourceTypes = ImmutableSet.<Resource.Type>builder().add(Resource.Type.User).build(); + + /** + * {@inheritDoc} + */ + @Override + public Set<Request.Type> getRequestTypes() { + return requestTypes; + } + + /** + * {@inheritDoc} + */ + @Override + public Set<Resource.Type> getResourceTypes() { + return resourceTypes; + } + + /** + * {@inheritDoc} + */ + @Override + public Set<ResultStatus.STATUS> getResultStatuses() { + return null; + } + + /** + * {@inheritDoc} + */ + @Override + public AuditEvent createAuditEvent(Request request, Result result) { + String username = ((User) SecurityContextHolder.getContext().getAuthentication().getPrincipal()).getUsername(); + + switch (request.getRequestType()) { + case POST: + return CreateUserRequestAuditEvent.builder() + .withTimestamp(DateTime.now()) + .withRequestType(request.getRequestType()) + .withResultStatus(result.getStatus()) + .withUrl(request.getURI()) + .withRemoteIp(request.getRemoteAddress()) + .withUserName(username) + .withCreatedUsername(getUsername(request)) + .withActive(isActive(request)) + .withAdmin(isAdmin(request)) + .build(); + case DELETE: + return DeleteUserRequestAuditEvent.builder() + .withTimestamp(DateTime.now()) + .withRequestType(request.getRequestType()) + .withResultStatus(result.getStatus()) + .withUrl(request.getURI()) + .withRemoteIp(request.getRemoteAddress()) + .withUserName(username) + .withDeletedUsername(request.getResource().getKeyValueMap().get(Resource.Type.User)) + .build(); + case PUT: + if (hasActive(request)) { + return ActivateUserRequestAuditEvent.builder() + .withTimestamp(DateTime.now()) + .withRequestType(request.getRequestType()) + .withResultStatus(result.getStatus()) + .withUrl(request.getURI()) + .withRemoteIp(request.getRemoteAddress()) + .withUserName(username) + .withAffectedUsername(getUsername(request)) + .withActive(isActive(request)) + .build(); + } + if (hasAdmin(request)) { + return AdminUserRequestAuditEvent.builder() + .withTimestamp(DateTime.now()) + .withRequestType(request.getRequestType()) + .withResultStatus(result.getStatus()) + .withUrl(request.getURI()) + .withRemoteIp(request.getRemoteAddress()) + .withUserName(username) + .withAffectedUsername(getUsername(request)) + .withAdmin(isAdmin(request)) + .build(); + } + if (hasOldPassword(request)) { + return UserPasswordChangeRequestAuditEvent.builder() + .withTimestamp(DateTime.now()) + .withRequestType(request.getRequestType()) + .withResultStatus(result.getStatus()) + .withUrl(request.getURI()) + .withRemoteIp(request.getRemoteAddress()) + .withUserName(username) + .withAffectedUsername(getUsername(request)) + .build(); + } + default: + break; + } + return null; + } + + + /** + * Returns fromt he request if the user has admin rights + * @param request + * @return + */ + private boolean isAdmin(Request request) { + return hasAdmin(request) && "true".equals(request.getBody().getPropertySets().iterator().next().get(PropertyHelper.getPropertyId("Users", "admin"))); + } + + /** + * Returns from the request if the user is active + * @param request + * @return + */ + private boolean isActive(Request request) { + return hasActive(request) && "true".equals(request.getBody().getPropertySets().iterator().next().get(PropertyHelper.getPropertyId("Users", "active"))); + } + + /** + * Returns if the request contains admin property + * @param request + * @return + */ + private boolean hasAdmin(Request request) { + return !request.getBody().getPropertySets().isEmpty() && request.getBody().getPropertySets().iterator().next().containsKey(PropertyHelper.getPropertyId("Users", "admin")); + } + + /** + * Returns if the request contains active property + * @param request + * @return + */ + private boolean hasActive(Request request) { + return !request.getBody().getPropertySets().isEmpty() && request.getBody().getPropertySets().iterator().next().containsKey(PropertyHelper.getPropertyId("Users", "active")); + } + + /** + * Returns if the request contains old password field + * @param request + * @return + */ + private boolean hasOldPassword(Request request) { + return !request.getBody().getPropertySets().isEmpty() && request.getBody().getPropertySets().iterator().next().containsKey(PropertyHelper.getPropertyId("Users", "old_password")); + } + + /** + * Returns the username from the request + * @param request + * @return + */ + private String getUsername(Request request) { + if (!request.getBody().getPropertySets().isEmpty()) { + return String.valueOf(request.getBody().getPropertySets().iterator().next().get(PropertyHelper.getPropertyId("Users", "user_name"))); + } + return null; + } + +} http://git-wip-us.apache.org/repos/asf/ambari/blob/565c2ea2/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/ValidationIgnoreEventCreator.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/ValidationIgnoreEventCreator.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/ValidationIgnoreEventCreator.java new file mode 100644 index 0000000..081f3d3 --- /dev/null +++ b/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/ValidationIgnoreEventCreator.java @@ -0,0 +1,81 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.ambari.server.audit.request.eventcreator; + +import java.util.Set; + +import org.apache.ambari.server.api.services.Request; +import org.apache.ambari.server.api.services.Result; +import org.apache.ambari.server.api.services.ResultStatus; +import org.apache.ambari.server.audit.event.AuditEvent; +import org.apache.ambari.server.audit.request.RequestAuditEventCreator; +import org.apache.ambari.server.controller.spi.Resource; + +import com.google.common.collect.ImmutableSet; + +/** + * This creator ignores validation post requests + * For resource type {@link Resource.Type#Validation} + * and request types {@link Request.Type#POST} + */ +public class ValidationIgnoreEventCreator implements RequestAuditEventCreator { + + /** + * Set of {@link Request.Type}s that are handled by this plugin + */ + private Set<Request.Type> requestTypes = ImmutableSet.<Request.Type>builder().add(Request.Type.POST).build(); + + /** + * Set of {@link Resource.Type}s that are handled by this plugin + */ + private Set<Resource.Type> resourceTypes = ImmutableSet.<Resource.Type>builder().add(Resource.Type.Validation).build(); + + /** + * {@inheritDoc} + */ + @Override + public Set<Request.Type> getRequestTypes() { + return requestTypes; + } + + /** + * {@inheritDoc} + */ + @Override + public Set<Resource.Type> getResourceTypes() { + return resourceTypes; + } + + /** + * {@inheritDoc} + */ + @Override + public Set<ResultStatus.STATUS> getResultStatuses() { + return null; + } + + /** + * {@inheritDoc} + */ + @Override + public AuditEvent createAuditEvent(Request request, Result result) { + // intentionally skipping this event + return null; + } +} http://git-wip-us.apache.org/repos/asf/ambari/blob/565c2ea2/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/ViewInstanceEventCreator.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/ViewInstanceEventCreator.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/ViewInstanceEventCreator.java new file mode 100644 index 0000000..4897401 --- /dev/null +++ b/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/ViewInstanceEventCreator.java @@ -0,0 +1,150 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.ambari.server.audit.request.eventcreator; + +import java.util.Set; + +import org.apache.ambari.server.api.services.Request; +import org.apache.ambari.server.api.services.Result; +import org.apache.ambari.server.api.services.ResultStatus; +import org.apache.ambari.server.audit.event.AuditEvent; +import org.apache.ambari.server.audit.event.request.AddViewInstanceRequestAuditEvent; +import org.apache.ambari.server.audit.event.request.ChangeViewInstanceRequestAuditEvent; +import org.apache.ambari.server.audit.event.request.DeleteViewInstanceRequestAuditEvent; +import org.apache.ambari.server.audit.request.RequestAuditEventCreator; +import org.apache.ambari.server.controller.spi.Resource; +import org.apache.ambari.server.controller.utilities.PropertyHelper; +import org.joda.time.DateTime; +import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.security.core.userdetails.User; + +import com.google.common.collect.ImmutableSet; + +/** + * This creator handles view instance requests + * For resource type {@link Resource.Type#ViewInstance} + * and request types {@link Request.Type#POST}, {@link Request.Type#PUT} and {@link Request.Type#DELETE} + */ +public class ViewInstanceEventCreator implements RequestAuditEventCreator { + + /** + * Set of {@link Request.Type}s that are handled by this plugin + */ + private Set<Request.Type> requestTypes = ImmutableSet.<Request.Type>builder().add(Request.Type.PUT, Request.Type.POST, Request.Type.DELETE).build(); + + /** + * Set of {@link Resource.Type}s that are handled by this plugin + */ + private Set<Resource.Type> resourceTypes = ImmutableSet.<Resource.Type>builder().add(Resource.Type.ViewInstance).build(); + + /** + * {@inheritDoc} + */ + @Override + public Set<Request.Type> getRequestTypes() { + return requestTypes; + } + + /** + * {@inheritDoc} + */ + @Override + public Set<Resource.Type> getResourceTypes() { + return resourceTypes; + } + + /** + * {@inheritDoc} + */ + @Override + public Set<ResultStatus.STATUS> getResultStatuses() { + return null; + } + + /** + * {@inheritDoc} + */ + @Override + public AuditEvent createAuditEvent(Request request, Result result) { + String username = ((User) SecurityContextHolder.getContext().getAuthentication().getPrincipal()).getUsername(); + + switch (request.getRequestType()) { + + case POST: + return AddViewInstanceRequestAuditEvent.builder() + .withTimestamp(DateTime.now()) + .withRequestType(request.getRequestType()) + .withResultStatus(result.getStatus()) + .withUrl(request.getURI()) + .withRemoteIp(request.getRemoteAddress()) + .withUserName(username) + .withType(getProperty(request, PropertyHelper.getPropertyId("ViewInstanceInfo", "view_name"))) + .withVersion(getProperty(request, PropertyHelper.getPropertyId("ViewInstanceInfo", "version"))) + .withName(getProperty(request, PropertyHelper.getPropertyId("ViewInstanceInfo", "instance_name"))) + .withDisplayName(getProperty(request, PropertyHelper.getPropertyId("ViewInstanceInfo", "label"))) + .withDescription(getProperty(request, PropertyHelper.getPropertyId("ViewInstanceInfo", "description"))) + .build(); + + case PUT: + return ChangeViewInstanceRequestAuditEvent.builder() + .withTimestamp(DateTime.now()) + .withRequestType(request.getRequestType()) + .withResultStatus(result.getStatus()) + .withUrl(request.getURI()) + .withRemoteIp(request.getRemoteAddress()) + .withUserName(username) + .withType(getProperty(request, PropertyHelper.getPropertyId("ViewInstanceInfo", "view_name"))) + .withVersion(getProperty(request, PropertyHelper.getPropertyId("ViewInstanceInfo", "version"))) + .withName(getProperty(request, PropertyHelper.getPropertyId("ViewInstanceInfo", "instance_name"))) + .withDisplayName(getProperty(request, PropertyHelper.getPropertyId("ViewInstanceInfo", "label"))) + .withDescription(getProperty(request, PropertyHelper.getPropertyId("ViewInstanceInfo", "description"))) + .build(); + + case DELETE: + return DeleteViewInstanceRequestAuditEvent.builder() + .withTimestamp(DateTime.now()) + .withRequestType(request.getRequestType()) + .withResultStatus(result.getStatus()) + .withUrl(request.getURI()) + .withRemoteIp(request.getRemoteAddress()) + .withUserName(username) + .withType(request.getResource().getKeyValueMap().get(Resource.Type.View)) + .withVersion(request.getResource().getKeyValueMap().get(Resource.Type.ViewVersion)) + .withName(request.getResource().getKeyValueMap().get(Resource.Type.ViewInstance)) + .build(); + + default: + return null; + } + } + + /** + * Returns property from the requet based on the propertyId parameter + * @param request + * @param properyId + * @return + */ + private String getProperty(Request request, String properyId) { + if (!request.getBody().getPropertySets().isEmpty()) { + return String.valueOf(request.getBody().getPropertySets().iterator().next().get(properyId)); + } + return null; + } + +} http://git-wip-us.apache.org/repos/asf/ambari/blob/565c2ea2/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/ViewPrivilegeEventCreator.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/ViewPrivilegeEventCreator.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/ViewPrivilegeEventCreator.java new file mode 100644 index 0000000..6cd4d3b --- /dev/null +++ b/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/ViewPrivilegeEventCreator.java @@ -0,0 +1,146 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.ambari.server.audit.request.eventcreator; + +import java.util.HashMap; +import java.util.LinkedList; +import java.util.List; +import java.util.Map; +import java.util.Set; + +import org.apache.ambari.server.api.services.Request; +import org.apache.ambari.server.api.services.Result; +import org.apache.ambari.server.api.services.ResultStatus; +import org.apache.ambari.server.audit.event.AuditEvent; +import org.apache.ambari.server.audit.event.request.ViewPrivilegeChangeRequestAuditEvent; +import org.apache.ambari.server.audit.request.RequestAuditEventCreator; +import org.apache.ambari.server.controller.spi.Resource; +import org.apache.ambari.server.controller.utilities.PropertyHelper; +import org.joda.time.DateTime; +import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.security.core.userdetails.User; + +import com.google.common.collect.ImmutableSet; + +/** + * This creator handles view privilege requests + * For resource type {@link Resource.Type#ViewInstance} + * and request types {@link Request.Type#PUT} + */ +public class ViewPrivilegeEventCreator implements RequestAuditEventCreator { + + /** + * Set of {@link Request.Type}s that are handled by this plugin + */ + private Set<Request.Type> requestTypes = ImmutableSet.<Request.Type>builder().add(Request.Type.PUT).build(); + + /** + * Set of {@link Resource.Type}s that are handled by this plugin + */ + private Set<Resource.Type> resourceTypes = ImmutableSet.<Resource.Type>builder().add(Resource.Type.ViewPrivilege).build(); + + /** + * {@inheritDoc} + */ + @Override + public Set<Request.Type> getRequestTypes() { + return requestTypes; + } + + /** + * {@inheritDoc} + */ + @Override + public Set<Resource.Type> getResourceTypes() { + return resourceTypes; + } + + /** + * {@inheritDoc} + */ + @Override + public Set<ResultStatus.STATUS> getResultStatuses() { + return null; + } + + /** + * {@inheritDoc} + */ + @Override + public AuditEvent createAuditEvent(Request request, Result result) { + String username = ((User) SecurityContextHolder.getContext().getAuthentication().getPrincipal()).getUsername(); + + + Map<String, List<String>> users = getEntities(request, "USER"); + Map<String, List<String>> groups = getEntities(request, "GROUP"); + + return ViewPrivilegeChangeRequestAuditEvent.builder() + .withTimestamp(DateTime.now()) + .withRequestType(request.getRequestType()) + .withResultStatus(result.getStatus()) + .withUrl(request.getURI()) + .withRemoteIp(request.getRemoteAddress()) + .withUserName(username) + .withType(getProperty(request, PropertyHelper.getPropertyId("PrivilegeInfo", "view_name"))) + .withVersion(getProperty(request, PropertyHelper.getPropertyId("PrivilegeInfo", "version"))) + .withName(getProperty(request, PropertyHelper.getPropertyId("PrivilegeInfo", "instance_name"))) + .withUsers(users) + .withGroups(groups) + .build(); + + } + + /** + * Returns property from the request based on the propertyId parameter + * @param request + * @param properyId + * @return + */ + private String getProperty(Request request, String properyId) { + if (!request.getBody().getPropertySets().isEmpty()) { + return String.valueOf(request.getBody().getPropertySets().iterator().next().get(properyId)); + } + return null; + } + + /** + * Assembles entities from the request. The result can contain users or groups based on the value of type parameter + * @param request + * @param type + * @return a map of role -> [user|group] names + */ + private Map<String, List<String>> getEntities(final Request request, final String type) { + Map<String, List<String>> entities = new HashMap<String, List<String>>(); + + for (Map<String, Object> propertyMap : request.getBody().getPropertySets()) { + String ptype = String.valueOf(propertyMap.get(PropertyHelper.getPropertyId("PrivilegeInfo", "principal_type"))); + if (type.equals(ptype)) { + String role = String.valueOf(propertyMap.get(PropertyHelper.getPropertyId("PrivilegeInfo", "permission_name"))); + String name = String.valueOf(propertyMap.get(PropertyHelper.getPropertyId("PrivilegeInfo", "principal_name"))); + if (!entities.containsKey(role)) { + entities.put(role, new LinkedList<String>()); + } + + entities.get(role).add(name); + } + } + return entities; + } + +} http://git-wip-us.apache.org/repos/asf/ambari/blob/565c2ea2/ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java b/ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java index bf18325..c4f731c 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java @@ -631,6 +631,16 @@ public class Configuration { "custom.oracle.jdbc.name", "custom.postgres.jdbc.name", "custom.mssql.jdbc.name", "custom.hsqldb.jdbc.name", "custom.sqlanywhere.jdbc.name")); + /** + * Capacity for buffered audit logger + */ + private static final String BUFFERED_AUDIT_LOGGER_CAPACITY_KEY = "auditlog.bufferedlogger.capacity"; + /** + * Default value for buffered audit logger capacity + */ + private static final int BUFFERED_AUDIT_LOGGER_CAPACITY_DEFAULT = 10000; + + private static final Logger LOG = LoggerFactory.getLogger( Configuration.class); @@ -2791,4 +2801,10 @@ public class Configuration { public String isAgentStackRetryOnInstallEnabled(){ return properties.getProperty(AGENT_STACK_RETRY_ON_REPO_UNAVAILABILITY_KEY, AGENT_STACK_RETRY_ON_REPO_UNAVAILABILITY_DEFAULT); } + + public int getBufferedAuditLoggerCapacity() { + return NumberUtils.toInt( + properties.getProperty(BUFFERED_AUDIT_LOGGER_CAPACITY_KEY), + BUFFERED_AUDIT_LOGGER_CAPACITY_DEFAULT); + } } http://git-wip-us.apache.org/repos/asf/ambari/blob/565c2ea2/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java index 801378f..1a972ab 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java @@ -51,7 +51,7 @@ import org.apache.ambari.server.api.services.PersistKeyValueService; import org.apache.ambari.server.api.services.stackadvisor.StackAdvisorBlueprintProcessor; import org.apache.ambari.server.api.services.stackadvisor.StackAdvisorHelper; import org.apache.ambari.server.audit.AuditLogger; -import org.apache.ambari.server.audit.event.request.RequestAuditLogger; +import org.apache.ambari.server.audit.request.RequestAuditLogger; import org.apache.ambari.server.audit.AuditLoggerModule; import org.apache.ambari.server.security.authentication.AmbariAuthenticationFilter; import org.apache.ambari.server.bootstrap.BootStrapImpl; http://git-wip-us.apache.org/repos/asf/ambari/blob/565c2ea2/ambari-server/src/main/java/org/apache/ambari/server/controller/ControllerModule.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/ControllerModule.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/ControllerModule.java index efc466d..74cd698 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/controller/ControllerModule.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/ControllerModule.java @@ -41,34 +41,34 @@ import org.apache.ambari.server.actionmanager.HostRoleCommandFactoryImpl; import org.apache.ambari.server.actionmanager.RequestFactory; import org.apache.ambari.server.actionmanager.StageFactory; import org.apache.ambari.server.actionmanager.StageFactoryImpl; -import org.apache.ambari.server.audit.event.request.RequestAuditEventCreator; -import org.apache.ambari.server.audit.event.request.RequestAuditLogger; -import org.apache.ambari.server.audit.event.request.RequestAuditLoggerImpl; -import org.apache.ambari.server.audit.event.request.eventcreator.AlertGroupEventCreator; -import org.apache.ambari.server.audit.event.request.eventcreator.AlertTargetEventCreator; -import org.apache.ambari.server.audit.event.request.eventcreator.BlueprintEventCreator; -import org.apache.ambari.server.audit.event.request.eventcreator.BlueprintExportEventCreator; -import org.apache.ambari.server.audit.event.request.eventcreator.CredentialEventCreator; -import org.apache.ambari.server.audit.event.request.eventcreator.HostEventCreator; -import org.apache.ambari.server.audit.event.request.eventcreator.PrivilegeEventCreator; -import org.apache.ambari.server.audit.event.request.eventcreator.GroupEventCreator; -import org.apache.ambari.server.audit.event.request.eventcreator.MemberEventCreator; -import org.apache.ambari.server.audit.event.request.eventcreator.RecommendationIgnoreEventCreator; -import org.apache.ambari.server.audit.event.request.eventcreator.RepositoryEventCreator; -import org.apache.ambari.server.audit.event.request.eventcreator.RepositoryVersionEventCreator; -import org.apache.ambari.server.audit.event.request.eventcreator.RequestEventCreator; -import org.apache.ambari.server.audit.event.request.eventcreator.ServiceConfigDownloadEventCreator; -import org.apache.ambari.server.audit.event.request.eventcreator.UnauthorizedEventCreator; -import org.apache.ambari.server.audit.event.request.eventcreator.ConfigurationChangeEventCreator; -import org.apache.ambari.server.audit.event.request.eventcreator.DefaultEventCreator; -import org.apache.ambari.server.audit.event.request.eventcreator.ComponentEventCreator; -import org.apache.ambari.server.audit.event.request.eventcreator.ServiceEventCreator; -import org.apache.ambari.server.audit.event.request.eventcreator.UpgradeEventCreator; -import org.apache.ambari.server.audit.event.request.eventcreator.UpgradeItemEventCreator; -import org.apache.ambari.server.audit.event.request.eventcreator.UserEventCreator; -import org.apache.ambari.server.audit.event.request.eventcreator.ValidationIgnoreEventCreator; -import org.apache.ambari.server.audit.event.request.eventcreator.ViewInstanceEventCreator; -import org.apache.ambari.server.audit.event.request.eventcreator.ViewPrivilegeEventCreator; +import org.apache.ambari.server.audit.request.RequestAuditEventCreator; +import org.apache.ambari.server.audit.request.RequestAuditLogger; +import org.apache.ambari.server.audit.request.RequestAuditLoggerImpl; +import org.apache.ambari.server.audit.request.eventcreator.AlertGroupEventCreator; +import org.apache.ambari.server.audit.request.eventcreator.AlertTargetEventCreator; +import org.apache.ambari.server.audit.request.eventcreator.BlueprintEventCreator; +import org.apache.ambari.server.audit.request.eventcreator.BlueprintExportEventCreator; +import org.apache.ambari.server.audit.request.eventcreator.CredentialEventCreator; +import org.apache.ambari.server.audit.request.eventcreator.HostEventCreator; +import org.apache.ambari.server.audit.request.eventcreator.PrivilegeEventCreator; +import org.apache.ambari.server.audit.request.eventcreator.GroupEventCreator; +import org.apache.ambari.server.audit.request.eventcreator.MemberEventCreator; +import org.apache.ambari.server.audit.request.eventcreator.RecommendationIgnoreEventCreator; +import org.apache.ambari.server.audit.request.eventcreator.RepositoryEventCreator; +import org.apache.ambari.server.audit.request.eventcreator.RepositoryVersionEventCreator; +import org.apache.ambari.server.audit.request.eventcreator.RequestEventCreator; +import org.apache.ambari.server.audit.request.eventcreator.ServiceConfigDownloadEventCreator; +import org.apache.ambari.server.audit.request.eventcreator.UnauthorizedEventCreator; +import org.apache.ambari.server.audit.request.eventcreator.ConfigurationChangeEventCreator; +import org.apache.ambari.server.audit.request.eventcreator.DefaultEventCreator; +import org.apache.ambari.server.audit.request.eventcreator.ComponentEventCreator; +import org.apache.ambari.server.audit.request.eventcreator.ServiceEventCreator; +import org.apache.ambari.server.audit.request.eventcreator.UpgradeEventCreator; +import org.apache.ambari.server.audit.request.eventcreator.UpgradeItemEventCreator; +import org.apache.ambari.server.audit.request.eventcreator.UserEventCreator; +import org.apache.ambari.server.audit.request.eventcreator.ValidationIgnoreEventCreator; +import org.apache.ambari.server.audit.request.eventcreator.ViewInstanceEventCreator; +import org.apache.ambari.server.audit.request.eventcreator.ViewPrivilegeEventCreator; import org.apache.ambari.server.checks.AbstractCheckDescriptor; import org.apache.ambari.server.checks.UpgradeCheckRegistry; import org.apache.ambari.server.configuration.Configuration; http://git-wip-us.apache.org/repos/asf/ambari/blob/565c2ea2/ambari-server/src/test/java/org/apache/ambari/server/api/services/BaseServiceTest.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/api/services/BaseServiceTest.java b/ambari-server/src/test/java/org/apache/ambari/server/api/services/BaseServiceTest.java index 7f11af4..ea4e5e3 100644 --- a/ambari-server/src/test/java/org/apache/ambari/server/api/services/BaseServiceTest.java +++ b/ambari-server/src/test/java/org/apache/ambari/server/api/services/BaseServiceTest.java @@ -22,7 +22,7 @@ import org.apache.ambari.server.api.resources.ResourceInstance; import org.apache.ambari.server.api.services.parsers.BodyParseException; import org.apache.ambari.server.api.services.parsers.RequestBodyParser; import org.apache.ambari.server.api.services.serializers.ResultSerializer; -import org.apache.ambari.server.audit.event.request.RequestAuditLogger; +import org.apache.ambari.server.audit.request.RequestAuditLogger; import org.easymock.Capture; import org.easymock.EasyMock; import org.junit.BeforeClass; http://git-wip-us.apache.org/repos/asf/ambari/blob/565c2ea2/ambari-server/src/test/java/org/apache/ambari/server/audit/BufferedAuditLoggerTest.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/audit/BufferedAuditLoggerTest.java b/ambari-server/src/test/java/org/apache/ambari/server/audit/BufferedAuditLoggerTest.java index a188b4c..1914ca9 100644 --- a/ambari-server/src/test/java/org/apache/ambari/server/audit/BufferedAuditLoggerTest.java +++ b/ambari-server/src/test/java/org/apache/ambari/server/audit/BufferedAuditLoggerTest.java @@ -23,7 +23,9 @@ import java.util.List; import org.apache.ambari.server.audit.event.AuditEvent; import org.apache.ambari.server.audit.event.OperationStatusAuditEvent; +import org.apache.ambari.server.configuration.Configuration; import org.easymock.Capture; +import org.easymock.EasyMock; import org.easymock.EasyMockRule; import org.easymock.Mock; import org.easymock.MockType; @@ -55,6 +57,9 @@ public class BufferedAuditLoggerTest { @Mock(type = MockType.STRICT) private AuditLogger auditLogger; + @Mock(type = MockType.STRICT) + private Configuration configuration; + @Before public void setUp() throws Exception { @@ -68,7 +73,10 @@ public class BufferedAuditLoggerTest { Capture<AuditEvent> capturedArgument = newCapture(); auditLogger.log(capture(capturedArgument)); - BufferedAuditLogger bufferedAuditLogger = new BufferedAuditLogger(auditLogger, 50); + EasyMock.expect(configuration.getBufferedAuditLoggerCapacity()).andReturn(50); + replay(configuration); + + BufferedAuditLogger bufferedAuditLogger = new BufferedAuditLogger(auditLogger, configuration); replay(auditLogger, auditEvent); @@ -78,7 +86,7 @@ public class BufferedAuditLoggerTest { Thread.sleep(100); // Then - verify(auditLogger); + verify(auditLogger, configuration); assertThat(capturedArgument.getValue(), equalTo(auditEvent)); @@ -87,7 +95,9 @@ public class BufferedAuditLoggerTest { @Test(timeout = 300) public void testConsumeAuditEventsFromInternalBuffer() throws Exception { // Given - BufferedAuditLogger bufferedAuditLogger = new BufferedAuditLogger(auditLogger, 5); + EasyMock.expect(configuration.getBufferedAuditLoggerCapacity()).andReturn(5); + replay(configuration); + BufferedAuditLogger bufferedAuditLogger = new BufferedAuditLogger(auditLogger, configuration); List<AuditEvent> auditEvents = Collections.nCopies(50, auditEvent); @@ -106,7 +116,7 @@ public class BufferedAuditLoggerTest { Thread.sleep(100); } - verify(auditLogger, auditEvent); + verify(auditLogger, auditEvent, configuration); } @Test(timeout = 3000) @@ -114,8 +124,10 @@ public class BufferedAuditLoggerTest { // Given int nProducers = 100; + EasyMock.expect(configuration.getBufferedAuditLoggerCapacity()).andReturn(10000); + replay(configuration); - final BufferedAuditLogger bufferedAuditLogger = new BufferedAuditLogger(new AuditLoggerDefaultImpl(), 10000); + final BufferedAuditLogger bufferedAuditLogger = new BufferedAuditLogger(new AuditLoggerDefaultImpl(), configuration); ImmutableList.Builder<Thread> producersBuilder = ImmutableList.builder(); @@ -157,5 +169,7 @@ public class BufferedAuditLoggerTest { Thread.sleep(100); } + verify(configuration); + } } http://git-wip-us.apache.org/repos/asf/ambari/blob/565c2ea2/ambari-server/src/test/java/org/apache/ambari/server/audit/StartOperationRequestAuditEventTest.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/audit/StartOperationRequestAuditEventTest.java b/ambari-server/src/test/java/org/apache/ambari/server/audit/StartOperationRequestAuditEventTest.java index 0aabd4b..9d33f5d 100644 --- a/ambari-server/src/test/java/org/apache/ambari/server/audit/StartOperationRequestAuditEventTest.java +++ b/ambari-server/src/test/java/org/apache/ambari/server/audit/StartOperationRequestAuditEventTest.java @@ -18,7 +18,7 @@ package org.apache.ambari.server.audit; import org.apache.ambari.server.audit.event.LoginAuditEvent; -import org.apache.ambari.server.audit.event.request.event.StartOperationRequestAuditEvent; +import org.apache.ambari.server.audit.event.request.StartOperationRequestAuditEvent; import org.joda.time.DateTime; import org.junit.Test; http://git-wip-us.apache.org/repos/asf/ambari/blob/565c2ea2/ambari-server/src/test/java/org/apache/ambari/server/audit/request/AbstractBaseCreator.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/audit/request/AbstractBaseCreator.java b/ambari-server/src/test/java/org/apache/ambari/server/audit/request/AbstractBaseCreator.java index 1c38b49..b1fe72a 100644 --- a/ambari-server/src/test/java/org/apache/ambari/server/audit/request/AbstractBaseCreator.java +++ b/ambari-server/src/test/java/org/apache/ambari/server/audit/request/AbstractBaseCreator.java @@ -21,7 +21,6 @@ package org.apache.ambari.server.audit.request; import org.apache.ambari.server.api.services.Request; import org.apache.ambari.server.api.services.Result; import org.apache.ambari.server.audit.event.AuditEvent; -import org.apache.ambari.server.audit.event.request.RequestAuditEventCreator; import org.joda.time.DateTime; public abstract class AbstractBaseCreator implements RequestAuditEventCreator { http://git-wip-us.apache.org/repos/asf/ambari/blob/565c2ea2/ambari-server/src/test/java/org/apache/ambari/server/audit/request/DefaultEventCreatorTest.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/audit/request/DefaultEventCreatorTest.java b/ambari-server/src/test/java/org/apache/ambari/server/audit/request/DefaultEventCreatorTest.java index 1db6a18..5c23059 100644 --- a/ambari-server/src/test/java/org/apache/ambari/server/audit/request/DefaultEventCreatorTest.java +++ b/ambari-server/src/test/java/org/apache/ambari/server/audit/request/DefaultEventCreatorTest.java @@ -55,7 +55,7 @@ import org.apache.ambari.server.api.services.RequestFactory; import org.apache.ambari.server.api.services.Result; import org.apache.ambari.server.api.services.ResultImpl; import org.apache.ambari.server.api.services.ResultStatus; -import org.apache.ambari.server.audit.event.request.eventcreator.DefaultEventCreator; +import org.apache.ambari.server.audit.request.eventcreator.DefaultEventCreator; import org.apache.ambari.server.controller.spi.Resource; import org.junit.Before; import org.junit.BeforeClass; http://git-wip-us.apache.org/repos/asf/ambari/blob/565c2ea2/ambari-server/src/test/java/org/apache/ambari/server/audit/request/RequestAuditLogModule.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/audit/request/RequestAuditLogModule.java b/ambari-server/src/test/java/org/apache/ambari/server/audit/request/RequestAuditLogModule.java index 7a3b0d1..52ad44c 100644 --- a/ambari-server/src/test/java/org/apache/ambari/server/audit/request/RequestAuditLogModule.java +++ b/ambari-server/src/test/java/org/apache/ambari/server/audit/request/RequestAuditLogModule.java @@ -20,9 +20,6 @@ package org.apache.ambari.server.audit.request; import org.apache.ambari.server.audit.AuditLogger; import org.apache.ambari.server.audit.AuditLoggerDefaultImpl; -import org.apache.ambari.server.audit.event.request.RequestAuditEventCreator; -import org.apache.ambari.server.audit.event.request.RequestAuditLogger; -import org.apache.ambari.server.audit.event.request.RequestAuditLoggerImpl; import org.easymock.EasyMock; import com.google.inject.AbstractModule; http://git-wip-us.apache.org/repos/asf/ambari/blob/565c2ea2/ambari-server/src/test/java/org/apache/ambari/server/audit/request/RequestAuditLoggerTest.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/audit/request/RequestAuditLoggerTest.java b/ambari-server/src/test/java/org/apache/ambari/server/audit/request/RequestAuditLoggerTest.java index 6cae132..55c1d24 100644 --- a/ambari-server/src/test/java/org/apache/ambari/server/audit/request/RequestAuditLoggerTest.java +++ b/ambari-server/src/test/java/org/apache/ambari/server/audit/request/RequestAuditLoggerTest.java @@ -36,7 +36,6 @@ import org.apache.ambari.server.api.services.ResultImpl; import org.apache.ambari.server.api.services.ResultStatus; import org.apache.ambari.server.audit.event.AuditEvent; import org.apache.ambari.server.audit.AuditLogger; -import org.apache.ambari.server.audit.event.request.RequestAuditLogger; import org.apache.ambari.server.controller.spi.Resource; import org.easymock.Capture; import org.easymock.EasyMock;
