http://git-wip-us.apache.org/repos/asf/ambari/blob/1b1b3bc6/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/BlueprintEventCreator.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/BlueprintEventCreator.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/BlueprintEventCreator.java deleted file mode 100644 index c41d665..0000000 --- a/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/BlueprintEventCreator.java +++ /dev/null @@ -1,107 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.ambari.server.audit.request.eventcreator; - -import java.util.Collections; -import java.util.HashSet; -import java.util.Set; - -import org.apache.ambari.server.api.services.Request; -import org.apache.ambari.server.api.services.Result; -import org.apache.ambari.server.api.services.ResultStatus; -import org.apache.ambari.server.audit.AuditEvent; -import org.apache.ambari.server.audit.request.event.AddBlueprintRequestAuditEvent; -import org.apache.ambari.server.audit.request.event.DeleteBlueprintRequestAuditEvent; -import org.apache.ambari.server.audit.request.RequestAuditEventCreator; -import org.apache.ambari.server.controller.spi.Resource; -import org.joda.time.DateTime; -import org.springframework.security.core.context.SecurityContextHolder; -import org.springframework.security.core.userdetails.User; - -/** - * This creator handles blueprint add and remove requests - * For resource type {@link Resource.Type#Blueprint} - * and request types {@link Request.Type#POST} and {@link Request.Type#POST} - */ -public class BlueprintEventCreator implements RequestAuditEventCreator { - - /** - * Set of {@link Request.Type}s that are handled by this plugin - */ - private Set<Request.Type> requestTypes = new HashSet<Request.Type>(); - - { - requestTypes.add(Request.Type.POST); - requestTypes.add(Request.Type.DELETE); - } - - /** - * {@inheritDoc} - */ - @Override - public Set<Request.Type> getRequestTypes() { - return requestTypes; - } - - /** - * {@inheritDoc} - */ - @Override - public Set<Resource.Type> getResourceTypes() { - return Collections.singleton(Resource.Type.Blueprint); - } - - /** - * {@inheritDoc} - */ - @Override - public Set<ResultStatus.STATUS> getResultStatuses() { - return null; - } - - @Override - public AuditEvent createAuditEvent(Request request, Result result) { - String username = ((User) SecurityContextHolder.getContext().getAuthentication().getPrincipal()).getUsername(); - - switch (request.getRequestType()) { - case POST: - return AddBlueprintRequestAuditEvent.builder() - .withTimestamp(DateTime.now()) - .withRequestType(request.getRequestType()) - .withResultStatus(result.getStatus()) - .withUrl(request.getURI()) - .withRemoteIp(request.getRemoteAddress()) - .withUserName(username) - .withBlueprintName(request.getResource().getKeyValueMap().get(Resource.Type.Blueprint)) - .build(); - case DELETE: - return DeleteBlueprintRequestAuditEvent.builder() - .withTimestamp(DateTime.now()) - .withRequestType(request.getRequestType()) - .withResultStatus(result.getStatus()) - .withUrl(request.getURI()) - .withRemoteIp(request.getRemoteAddress()) - .withUserName(username) - .withBlueprintName(request.getResource().getKeyValueMap().get(Resource.Type.Blueprint)) - .build(); - default: - return null; - } - } -}
http://git-wip-us.apache.org/repos/asf/ambari/blob/1b1b3bc6/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/BlueprintExportEventCreator.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/BlueprintExportEventCreator.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/BlueprintExportEventCreator.java deleted file mode 100644 index c97f2af..0000000 --- a/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/BlueprintExportEventCreator.java +++ /dev/null @@ -1,91 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.ambari.server.audit.request.eventcreator; - -import java.util.Collections; -import java.util.HashSet; -import java.util.Set; - -import org.apache.ambari.server.api.services.Request; -import org.apache.ambari.server.api.services.Result; -import org.apache.ambari.server.api.services.ResultStatus; -import org.apache.ambari.server.audit.AuditEvent; -import org.apache.ambari.server.audit.request.event.BlueprintExportRequestAuditEvent; -import org.apache.ambari.server.audit.request.RequestAuditEventCreator; -import org.apache.ambari.server.controller.spi.Resource; -import org.joda.time.DateTime; -import org.springframework.security.core.context.SecurityContextHolder; -import org.springframework.security.core.userdetails.User; - -/** - * This creator handles blueprint export requests - * For resource type {@link Resource.Type#Cluster} - * and request types {@link Request.Type#GET} - */ -public class BlueprintExportEventCreator implements RequestAuditEventCreator { - - /** - * Set of {@link Request.Type}s that are handled by this plugin - */ - private Set<Request.Type> requestTypes = new HashSet<Request.Type>(); - - { - requestTypes.add(Request.Type.GET); - } - - /** - * {@inheritDoc} - */ - @Override - public Set<Request.Type> getRequestTypes() { - return requestTypes; - } - - /** - * {@inheritDoc} - */ - @Override - public Set<Resource.Type> getResourceTypes() { - return Collections.singleton(Resource.Type.Cluster); - } - - /** - * {@inheritDoc} - */ - @Override - public Set<ResultStatus.STATUS> getResultStatuses() { - return null; - } - - @Override - public AuditEvent createAuditEvent(Request request, Result result) { - String username = ((User) SecurityContextHolder.getContext().getAuthentication().getPrincipal()).getUsername(); - if(!request.getURI().contains("format=blueprint")) { - return null; - } - return BlueprintExportRequestAuditEvent.builder() - .withTimestamp(DateTime.now()) - .withRequestType(request.getRequestType()) - .withResultStatus(result.getStatus()) - .withUrl(request.getURI()) - .withRemoteIp(request.getRemoteAddress()) - .withUserName(username) - .build(); - } -} http://git-wip-us.apache.org/repos/asf/ambari/blob/1b1b3bc6/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/ComponentEventCreator.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/ComponentEventCreator.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/ComponentEventCreator.java deleted file mode 100644 index 4808fdc..0000000 --- a/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/ComponentEventCreator.java +++ /dev/null @@ -1,174 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.ambari.server.audit.request.eventcreator; - -import java.util.HashSet; -import java.util.Map; -import java.util.Set; - -import org.apache.ambari.server.api.services.Request; -import org.apache.ambari.server.api.services.Result; -import org.apache.ambari.server.api.services.ResultStatus; -import org.apache.ambari.server.audit.AuditEvent; -import org.apache.ambari.server.audit.StartOperationFailedAuditEvent; -import org.apache.ambari.server.audit.StartOperationSucceededAuditEvent; -import org.apache.ambari.server.audit.request.RequestAuditEventCreator; -import org.apache.ambari.server.controller.internal.RequestOperationLevel; -import org.apache.ambari.server.controller.spi.Resource; -import org.apache.ambari.server.controller.utilities.PropertyHelper; -import org.joda.time.DateTime; -import org.springframework.security.core.context.SecurityContextHolder; -import org.springframework.security.core.userdetails.User; - -/** - * This creator handles operation requests (start, stop, install, etc) - * For resource type {@link org.apache.ambari.server.controller.spi.Resource.Type#HostComponent} - * and request types {@link org.apache.ambari.server.api.services.Request.Type#POST}, {@link org.apache.ambari.server.api.services.Request.Type#PUT} and {@link org.apache.ambari.server.api.services.Request.Type#DELETE} - */ -public class ComponentEventCreator implements RequestAuditEventCreator { - - /** - * Set of {@link org.apache.ambari.server.api.services.Request.Type}s that are handled by this plugin - */ - private Set<Request.Type> requestTypes = new HashSet<Request.Type>(); - - { - requestTypes.add(Request.Type.POST); - requestTypes.add(Request.Type.PUT); - requestTypes.add(Request.Type.DELETE); - } - - private Set<Resource.Type> resourceTypes = new HashSet<Resource.Type>(); - { - resourceTypes.add(Resource.Type.HostComponent); - } - - /** {@inheritDoc} */ - @Override - public Set<Request.Type> getRequestTypes() { - return requestTypes; - } - - /** {@inheritDoc} */ - @Override - public Set<Resource.Type> getResourceTypes() { - return resourceTypes; - } - - /** {@inheritDoc} */ - @Override - public Set<ResultStatus.STATUS> getResultStatuses() { - // null makes this default - return null; - } - - @Override - public AuditEvent createAuditEvent(Request request, Result result) { - String username = ((User) SecurityContextHolder.getContext().getAuthentication().getPrincipal()).getUsername(); - - String operation = getOperation(request); - - if (result.getStatus().isErrorState()) { - return StartOperationFailedAuditEvent.builder() - .withOperation(operation) - .withUserName(username) - .withRemoteIp(request.getRemoteAddress()) - .withTimestamp(DateTime.now()) - .withReason(result.getStatus().getMessage()) - .build(); - } else { - Long requestId = null; - if (containsRequestId(result)) { - requestId = getRequestId(result); - } - return StartOperationSucceededAuditEvent.builder() - .withOperation(operation) - .withUserName(username) - .withRemoteIp(request.getRemoteAddress()) - .withTimestamp(DateTime.now()) - .withRequestId(String.valueOf(requestId)) - .build(); - } - } - - private String getOperation(Request request) { - if(request.getRequestType() == Request.Type.DELETE) { - return "Delete component " + request.getResource().getKeyValueMap().get(Resource.Type.HostComponent); - } - - if (request.getBody().getRequestInfoProperties().containsKey(RequestOperationLevel.OPERATION_LEVEL_ID)) { - String operation = ""; - switch (request.getBody().getRequestInfoProperties().get(RequestOperationLevel.OPERATION_LEVEL_ID)) { - case "CLUSTER": - for (Map<String, Object> map : request.getBody().getPropertySets()) { - if (map.containsKey(PropertyHelper.getPropertyId("HostRoles", "cluster_name"))) { - operation = String.valueOf(map.get(PropertyHelper.getPropertyId("HostRoles", "state"))) + ": all services" - + " on all hosts" - + (request.getBody().getQueryString().length() > 0 ? " that matches " + request.getBody().getQueryString() : "") - + " (" + request.getBody().getRequestInfoProperties().get(RequestOperationLevel.OPERATION_CLUSTER_ID) + ")"; - break; - } - } - break; - case "HOST": - for (Map<String, Object> map : request.getBody().getPropertySets()) { - if (map.containsKey(PropertyHelper.getPropertyId("HostRoles", "cluster_name"))) { - String query = request.getBody().getRequestInfoProperties().get("query"); - operation = String.valueOf(map.get(PropertyHelper.getPropertyId("HostRoles", "state"))) + ": " + query.substring(query.indexOf("(")+1, query.length()-1) - + " on " + request.getBody().getRequestInfoProperties().get("operation_level/host_names") - + " (" + request.getBody().getRequestInfoProperties().get(RequestOperationLevel.OPERATION_CLUSTER_ID) + ")"; - break; - } - } - break; - case "HOST_COMPONENT": - for (Map<String, Object> map : request.getBody().getPropertySets()) { - if (map.containsKey(PropertyHelper.getPropertyId("HostRoles", "component_name"))) { - operation = String.valueOf(map.get(PropertyHelper.getPropertyId("HostRoles", "state"))) + ": " + String.valueOf(map.get(PropertyHelper.getPropertyId("HostRoles", "component_name"))) - + "/" + request.getBody().getRequestInfoProperties().get(RequestOperationLevel.OPERATION_SERVICE_ID) - + " on " + request.getBody().getRequestInfoProperties().get("operation_level/host_names") - + " (" + request.getBody().getRequestInfoProperties().get(RequestOperationLevel.OPERATION_CLUSTER_ID) + ")"; - break; - } - } - break; - } - return operation; - } - - for (Map<String, Object> map : request.getBody().getPropertySets()) { - if (map.containsKey(PropertyHelper.getPropertyId("HostRoles", "maintenance_state"))) { - return "Turn " + map.get(PropertyHelper.getPropertyId("HostRoles", "maintenance_state")) + " Maintenance Mode for " + map.get(PropertyHelper.getPropertyId("HostRoles", "component_name")); - } - } - - return null; - } - - private Long getRequestId(Result result) { - return (Long) result.getResultTree().getChild("request").getObject().getPropertiesMap().get("Requests").get("id"); - } - - private boolean containsRequestId(Result result) { - return result.getResultTree().getChild("request") != null - && result.getResultTree().getChild("request").getObject() != null - && result.getResultTree().getChild("request").getObject().getPropertiesMap().get("Requests") != null - && result.getResultTree().getChild("request").getObject().getPropertiesMap().get("Requests").get("id") != null; - } -} http://git-wip-us.apache.org/repos/asf/ambari/blob/1b1b3bc6/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/ConfigurationChangeEventCreator.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/ConfigurationChangeEventCreator.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/ConfigurationChangeEventCreator.java deleted file mode 100644 index c59f276..0000000 --- a/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/ConfigurationChangeEventCreator.java +++ /dev/null @@ -1,134 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.ambari.server.audit.request.eventcreator; - -import java.util.Collections; -import java.util.HashSet; -import java.util.Map; -import java.util.Set; - -import org.apache.ambari.server.api.services.Request; -import org.apache.ambari.server.api.services.Result; -import org.apache.ambari.server.api.services.ResultStatus; -import org.apache.ambari.server.audit.AuditEvent; -import org.apache.ambari.server.audit.request.event.ClusterNameChangeRequestAuditEvent; -import org.apache.ambari.server.audit.request.event.ConfigurationChangeRequestAuditEvent; -import org.apache.ambari.server.audit.request.RequestAuditEventCreator; -import org.apache.ambari.server.controller.spi.Resource; -import org.apache.ambari.server.controller.utilities.PropertyHelper; -import org.joda.time.DateTime; -import org.springframework.security.core.context.SecurityContextHolder; -import org.springframework.security.core.userdetails.User; - -/** - * This creator handles operation requests (start, stop, install, etc) - * For resource type {@link Resource.Type#HostComponent} - * and request types {@link Request.Type#POST}, {@link Request.Type#PUT} and {@link Request.Type#DELETE} - */ -public class ConfigurationChangeEventCreator implements RequestAuditEventCreator { - - /** - * Set of {@link Request.Type}s that are handled by this plugin - */ - private Set<Request.Type> requestTypes = new HashSet<Request.Type>(); - - { - requestTypes.add(Request.Type.POST); - requestTypes.add(Request.Type.PUT); - requestTypes.add(Request.Type.DELETE); - } - - /** - * {@inheritDoc} - */ - @Override - public Set<Request.Type> getRequestTypes() { - return requestTypes; - } - - /** - * {@inheritDoc} - */ - @Override - public Set<Resource.Type> getResourceTypes() { - return Collections.singleton(Resource.Type.Cluster); - } - - /** - * {@inheritDoc} - */ - @Override - public Set<ResultStatus.STATUS> getResultStatuses() { - return null; - } - - @Override - public AuditEvent createAuditEvent(Request request, Result result) { - String username = ((User) SecurityContextHolder.getContext().getAuthentication().getPrincipal()).getUsername(); - - if(!request.getBody().getPropertySets().isEmpty()) { - Map<String, Object> map = request.getBody().getPropertySets().iterator().next(); - if(map.size() == 1 && map.containsKey(PropertyHelper.getPropertyId("Clusters","cluster_name"))) { - String newName = String.valueOf(map.get(PropertyHelper.getPropertyId("Clusters","cluster_name"))); - String oldName = request.getResource().getKeyValueMap().get(Resource.Type.Cluster); - return ClusterNameChangeRequestAuditEvent.builder() - .withTimestamp(DateTime.now()) - .withRequestType(request.getRequestType()) - .withResultStatus(result.getStatus()) - .withUrl(request.getURI()) - .withRemoteIp(request.getRemoteAddress()) - .withUserName(username) - .withOldName(oldName) - .withNewName(newName) - .build(); - } - } - - return ConfigurationChangeRequestAuditEvent.builder() - .withTimestamp(DateTime.now()) - .withRequestType(request.getRequestType()) - .withResultStatus(result.getStatus()) - .withUrl(request.getURI()) - .withRemoteIp(request.getRemoteAddress()) - .withUserName(username) - .withVersionNote(getServiceConfigVersionNote(result)) - .withVersionNumber(getServiceConfigVersion(result)) - .build(); - } - - private String getServiceConfigVersion(Result result) { - Map<String, Object> map = getServiceConfigMap(result); - return map == null ? null : String.valueOf(map.get("service_config_version")); - } - - private String getServiceConfigVersionNote(Result result) { - Map<String, Object> map = getServiceConfigMap(result); - return map == null ? null : String.valueOf(map.get("service_config_version_note")); - } - - private Map<String, Object> getServiceConfigMap(Result result) { - if (result.getResultTree().getChild("resources") != null && - !result.getResultTree().getChild("resources").getChildren().isEmpty() && - result.getResultTree().getChild("resources").getChildren().iterator().next().getObject() != null) { - return result.getResultTree().getChild("resources").getChildren().iterator().next().getObject().getPropertiesMap().get(""); - } - return null; - } - -} http://git-wip-us.apache.org/repos/asf/ambari/blob/1b1b3bc6/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/CredentialEventCreator.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/CredentialEventCreator.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/CredentialEventCreator.java deleted file mode 100644 index ed7c95d..0000000 --- a/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/CredentialEventCreator.java +++ /dev/null @@ -1,103 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.ambari.server.audit.request.eventcreator; - -import java.util.Collections; -import java.util.HashSet; -import java.util.Set; - -import org.apache.ambari.server.api.services.Request; -import org.apache.ambari.server.api.services.Result; -import org.apache.ambari.server.api.services.ResultStatus; -import org.apache.ambari.server.audit.AuditEvent; -import org.apache.ambari.server.audit.request.RequestAuditEventCreator; -import org.apache.ambari.server.audit.request.event.AddCredentialRequestAuditEvent; -import org.apache.ambari.server.audit.request.event.UpdateUpgradeItemRequestAuditEvent; -import org.apache.ambari.server.controller.spi.Resource; -import org.apache.ambari.server.controller.utilities.PropertyHelper; -import org.joda.time.DateTime; -import org.springframework.security.core.context.SecurityContextHolder; -import org.springframework.security.core.userdetails.User; - -/** - * This creator handles crednetial requests - * For resource type {@link Resource.Type#Upgrade} - * and request types {@link Request.Type#POST} - */ -public class CredentialEventCreator implements RequestAuditEventCreator { - - /** - * Set of {@link Request.Type}s that are handled by this plugin - */ - private Set<Request.Type> requestTypes = new HashSet<Request.Type>(); - - { - requestTypes.add(Request.Type.POST); - } - - /** - * {@inheritDoc} - */ - @Override - public Set<Request.Type> getRequestTypes() { - return requestTypes; - } - - /** - * {@inheritDoc} - */ - @Override - public Set<Resource.Type> getResourceTypes() { - return Collections.singleton(Resource.Type.Credential); - } - - /** - * {@inheritDoc} - */ - @Override - public Set<ResultStatus.STATUS> getResultStatuses() { - return null; - } - - @Override - public AuditEvent createAuditEvent(Request request, Result result) { - String username = ((User) SecurityContextHolder.getContext().getAuthentication().getPrincipal()).getUsername(); - - return AddCredentialRequestAuditEvent.builder() - .withTimestamp(DateTime.now()) - .withRequestType(request.getRequestType()) - .withResultStatus(result.getStatus()) - .withUrl(request.getURI()) - .withRemoteIp(request.getRemoteAddress()) - .withUserName(username) - .withClusterName(getProperty(request, "cluster_name")) - .withType(getProperty(request, "type")) - .withAlias(getProperty(request, "alias")) - .withPrincipal(getProperty(request, "principal")) - .build(); - - } - - private String getProperty(Request request, String propertyName) { - if(!request.getBody().getPropertySets().isEmpty()) { - return String.valueOf(request.getBody().getPropertySets().iterator().next().get(PropertyHelper.getPropertyId("Credential",propertyName))); - } - return null; - } -} http://git-wip-us.apache.org/repos/asf/ambari/blob/1b1b3bc6/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/DefaultEventCreator.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/DefaultEventCreator.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/DefaultEventCreator.java deleted file mode 100644 index 78011d7..0000000 --- a/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/DefaultEventCreator.java +++ /dev/null @@ -1,94 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.ambari.server.audit.request.eventcreator; - -import java.util.Arrays; -import java.util.HashSet; -import java.util.Set; - -import org.apache.ambari.server.api.services.Request; -import org.apache.ambari.server.api.services.Result; -import org.apache.ambari.server.api.services.ResultStatus; -import org.apache.ambari.server.audit.AuditEvent; -import org.apache.ambari.server.audit.request.RequestAuditEvent; -import org.apache.ambari.server.audit.request.RequestAuditEventCreator; -import org.apache.ambari.server.controller.spi.Resource; -import org.joda.time.DateTime; -import org.springframework.security.core.context.SecurityContextHolder; -import org.springframework.security.core.userdetails.User; - -import com.google.inject.Singleton; - -/** - * Default creator for {@link org.apache.ambari.server.audit.request.RequestAuditLogger} - */ -@Singleton -public class DefaultEventCreator implements RequestAuditEventCreator { - - /** - * Set of {@link org.apache.ambari.server.api.services.Request.Type}s that are handled by this plugin - */ - private Set<Request.Type> requestTypes = new HashSet<Request.Type>(); - - { - requestTypes.addAll(Arrays.asList(Request.Type.values())); - requestTypes.remove(Request.Type.GET); // get is not handled by default - } - - /** {@inheritDoc} */ - @Override - public Set<Request.Type> getRequestTypes() { - return requestTypes; - } - - /** {@inheritDoc} */ - @Override - public Set<Resource.Type> getResourceTypes() { - // null makes this default - return null; - } - - /** {@inheritDoc} */ - @Override - public Set<ResultStatus.STATUS> getResultStatuses() { - // null makes this default - return null; - } - - /** - * Creates a simple {@link AuditEvent} with the details of request and response - * @param request HTTP request object - * @param result HTTP result object - * @return - */ - @Override - public AuditEvent createAuditEvent(final Request request, final Result result) { - String username = ((User)SecurityContextHolder.getContext().getAuthentication().getPrincipal()).getUsername(); - - return RequestAuditEvent.builder() - .withTimestamp(DateTime.now()) - .withUserName(username) - .withRemoteIp(request.getRemoteAddress()) - .withRequestType(request.getRequestType()) - .withUrl(request.getURI()) - .withResultStatus(result.getStatus()) - .build(); - } - -} http://git-wip-us.apache.org/repos/asf/ambari/blob/1b1b3bc6/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/GroupEventCreator.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/GroupEventCreator.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/GroupEventCreator.java deleted file mode 100644 index 666b488..0000000 --- a/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/GroupEventCreator.java +++ /dev/null @@ -1,117 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.ambari.server.audit.request.eventcreator; - -import java.util.Collections; -import java.util.HashSet; -import java.util.Set; - -import org.apache.ambari.server.api.services.Request; -import org.apache.ambari.server.api.services.Result; -import org.apache.ambari.server.api.services.ResultStatus; -import org.apache.ambari.server.audit.AuditEvent; -import org.apache.ambari.server.audit.request.event.CreateGroupRequestAuditEvent; -import org.apache.ambari.server.audit.request.event.DeleteGroupRequestAuditEvent; -import org.apache.ambari.server.audit.request.RequestAuditEventCreator; -import org.apache.ambari.server.controller.spi.Resource; -import org.apache.ambari.server.controller.utilities.PropertyHelper; -import org.joda.time.DateTime; -import org.springframework.security.core.context.SecurityContextHolder; -import org.springframework.security.core.userdetails.User; - -/** - * This creator handles group requests - * For resource type {@link Resource.Type#Group} - * and request types {@link Request.Type#POST} and {@link Request.Type#DELETE} - */ -public class GroupEventCreator implements RequestAuditEventCreator { - - /** - * Set of {@link Request.Type}s that are handled by this plugin - */ - private Set<Request.Type> requestTypes = new HashSet<Request.Type>(); - - { - requestTypes.add(Request.Type.POST); - requestTypes.add(Request.Type.DELETE); - } - - /** - * {@inheritDoc} - */ - @Override - public Set<Request.Type> getRequestTypes() { - return requestTypes; - } - - /** - * {@inheritDoc} - */ - @Override - public Set<Resource.Type> getResourceTypes() { - return Collections.singleton(Resource.Type.Group); - } - - /** - * {@inheritDoc} - */ - @Override - public Set<ResultStatus.STATUS> getResultStatuses() { - return null; - } - - @Override - public AuditEvent createAuditEvent(Request request, Result result) { - String username = ((User) SecurityContextHolder.getContext().getAuthentication().getPrincipal()).getUsername(); - - switch(request.getRequestType()) { - case POST: - return CreateGroupRequestAuditEvent.builder() - .withTimestamp(DateTime.now()) - .withRequestType(request.getRequestType()) - .withResultStatus(result.getStatus()) - .withUrl(request.getURI()) - .withRemoteIp(request.getRemoteAddress()) - .withUserName(username) - .withGroupName(getGroupName(request)) - .build(); - case DELETE: - return DeleteGroupRequestAuditEvent.builder() - .withTimestamp(DateTime.now()) - .withRequestType(request.getRequestType()) - .withResultStatus(result.getStatus()) - .withUrl(request.getURI()) - .withRemoteIp(request.getRemoteAddress()) - .withUserName(username) - .withGroupName(request.getResource().getKeyValueMap().get(Resource.Type.Group)) - .build(); - default: - break; - } - return null; - } - - private String getGroupName(Request request) { - if(!request.getBody().getPropertySets().isEmpty()) { - return String.valueOf(request.getBody().getPropertySets().iterator().next().get(PropertyHelper.getPropertyId("Groups", "group_name"))); - } - return null; - } - -} http://git-wip-us.apache.org/repos/asf/ambari/blob/1b1b3bc6/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/HostEventCreator.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/HostEventCreator.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/HostEventCreator.java deleted file mode 100644 index 6ab03ca..0000000 --- a/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/HostEventCreator.java +++ /dev/null @@ -1,149 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.ambari.server.audit.request.eventcreator; - -import java.util.HashSet; -import java.util.Map; -import java.util.Set; - -import org.apache.ambari.server.api.services.Request; -import org.apache.ambari.server.api.services.Result; -import org.apache.ambari.server.api.services.ResultStatus; -import org.apache.ambari.server.audit.AuditEvent; -import org.apache.ambari.server.audit.request.RequestAuditEventCreator; -import org.apache.ambari.server.audit.request.event.AddComponentToHostRequestAuditEvent; -import org.apache.ambari.server.audit.request.event.AddHostRequestAuditEvent; -import org.apache.ambari.server.audit.request.event.DeleteHostRequestAuditEvent; -import org.apache.ambari.server.controller.spi.Resource; -import org.apache.ambari.server.controller.utilities.PropertyHelper; -import org.joda.time.DateTime; -import org.springframework.security.core.context.SecurityContextHolder; -import org.springframework.security.core.userdetails.User; - -/** - * This creator handles host requests (add, delete, add component) - * For resource type {@link Resource.Type#HostComponent} - * and request types {@link Request.Type#POST}, {@link Request.Type#DELETE} and {@link Request.Type#QUERY_POST} - */ -public class HostEventCreator implements RequestAuditEventCreator { - - /** - * Set of {@link Request.Type}s that are handled by this plugin - */ - private Set<Request.Type> requestTypes = new HashSet<Request.Type>(); - - { - requestTypes.add(Request.Type.POST); - requestTypes.add(Request.Type.DELETE); - requestTypes.add(Request.Type.QUERY_POST); - } - - private Set<Resource.Type> resourceTypes = new HashSet<Resource.Type>(); - { - resourceTypes.add(Resource.Type.Host); - } - - /** {@inheritDoc} */ - @Override - public Set<Request.Type> getRequestTypes() { - return requestTypes; - } - - /** {@inheritDoc} */ - @Override - public Set<Resource.Type> getResourceTypes() { - return resourceTypes; - } - - /** {@inheritDoc} */ - @Override - public Set<ResultStatus.STATUS> getResultStatuses() { - // null makes this default - return null; - } - - @Override - public AuditEvent createAuditEvent(Request request, Result result) { - String username = ((User) SecurityContextHolder.getContext().getAuthentication().getPrincipal()).getUsername(); - - switch(request.getRequestType()) { - case DELETE: - return DeleteHostRequestAuditEvent.builder() - .withTimestamp(DateTime.now()) - .withRequestType(request.getRequestType()) - .withResultStatus(result.getStatus()) - .withUrl(request.getURI()) - .withRemoteIp(request.getRemoteAddress()) - .withUserName(username) - .withHostName(request.getResource().getKeyValueMap().get(Resource.Type.Host)) - .build(); - case POST: - return AddHostRequestAuditEvent.builder() - .withTimestamp(DateTime.now()) - .withRequestType(request.getRequestType()) - .withResultStatus(result.getStatus()) - .withUrl(request.getURI()) - .withRemoteIp(request.getRemoteAddress()) - .withUserName(username) - .withHostName(getHostName(request)) - .build(); - case QUERY_POST: - return AddComponentToHostRequestAuditEvent.builder() - .withTimestamp(DateTime.now()) - .withRequestType(request.getRequestType()) - .withResultStatus(result.getStatus()) - .withUrl(request.getURI()) - .withRemoteIp(request.getRemoteAddress()) - .withUserName(username) - .withHostName(getHostNameFromQuery(request)) - .withComponent(getHostComponent(request)) - .build(); - default: - return null; - } - } - - private String getHostName(Request request) { - if(!request.getBody().getNamedPropertySets().isEmpty()) { - return String.valueOf(request.getBody().getNamedPropertySets().iterator().next().getProperties().get(PropertyHelper.getPropertyId("Hosts","host_name"))); - } - return null; - } - - private String getHostComponent(Request request) { - if(!request.getBody().getNamedPropertySets().isEmpty()) { - Set<Map<String, String>> set = (Set<Map<String, String>>)request.getBody().getNamedPropertySets().iterator().next().getProperties().get("host_components"); - if(set != null && !set.isEmpty()) { - return set.iterator().next().get(PropertyHelper.getPropertyId("HostRoles","component_name")); - } - } - return null; - } - - private String getHostNameFromQuery(Request request) { - final String key = PropertyHelper.getPropertyId("Hosts","host_name"); - if(request.getBody().getQueryString().contains(key)) { - String q = request.getBody().getQueryString(); - int startIndex = q.indexOf(key) + key.length() + 1; - int endIndex = q.indexOf("&", startIndex) == -1 ? q.length() : q.indexOf("&", startIndex); - return q.substring(startIndex, endIndex); - } - return null; - } -} http://git-wip-us.apache.org/repos/asf/ambari/blob/1b1b3bc6/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/MemberEventCreator.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/MemberEventCreator.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/MemberEventCreator.java deleted file mode 100644 index 7162250..0000000 --- a/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/MemberEventCreator.java +++ /dev/null @@ -1,154 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.ambari.server.audit.request.eventcreator; - -import java.util.Collections; -import java.util.HashSet; -import java.util.LinkedList; -import java.util.List; -import java.util.Map; -import java.util.Set; - -import org.apache.ambari.server.api.services.Request; -import org.apache.ambari.server.api.services.Result; -import org.apache.ambari.server.api.services.ResultStatus; -import org.apache.ambari.server.audit.AuditEvent; -import org.apache.ambari.server.audit.request.event.AddUserToGroupRequestAuditEvent; -import org.apache.ambari.server.audit.request.event.MembershipChangeRequestAuditEvent; -import org.apache.ambari.server.audit.request.event.RemoveUserFromGroupRequestAuditEvent; -import org.apache.ambari.server.audit.request.RequestAuditEventCreator; -import org.apache.ambari.server.controller.spi.Resource; -import org.apache.ambari.server.controller.utilities.PropertyHelper; -import org.joda.time.DateTime; -import org.springframework.security.core.context.SecurityContextHolder; -import org.springframework.security.core.userdetails.User; - -/** - * This creator handles member requests - * For resource type {@link Resource.Type#Member} - * and request types {@link Request.Type#POST}, {@link Request.Type#PUT} and {@link Request.Type#DELETE} - */ -public class MemberEventCreator implements RequestAuditEventCreator { - - /** - * Set of {@link Request.Type}s that are handled by this plugin - */ - private Set<Request.Type> requestTypes = new HashSet<Request.Type>(); - - { - requestTypes.add(Request.Type.PUT); - requestTypes.add(Request.Type.POST); - requestTypes.add(Request.Type.DELETE); - } - - /** - * {@inheritDoc} - */ - @Override - public Set<Request.Type> getRequestTypes() { - return requestTypes; - } - - /** - * {@inheritDoc} - */ - @Override - public Set<Resource.Type> getResourceTypes() { - return Collections.singleton(Resource.Type.Member); - } - - /** - * {@inheritDoc} - */ - @Override - public Set<ResultStatus.STATUS> getResultStatuses() { - return null; - } - - @Override - public AuditEvent createAuditEvent(Request request, Result result) { - String username = ((User) SecurityContextHolder.getContext().getAuthentication().getPrincipal()).getUsername(); - - switch(request.getRequestType()) { - case POST: - return AddUserToGroupRequestAuditEvent.builder() - .withTimestamp(DateTime.now()) - .withRequestType(request.getRequestType()) - .withResultStatus(result.getStatus()) - .withUrl(request.getURI()) - .withRemoteIp(request.getRemoteAddress()) - .withUserName(username) - .withAffectedUserName(getUserName(request)) - .withGroupName(getGroupName(request)) - .build(); - case DELETE: - return RemoveUserFromGroupRequestAuditEvent.builder() - .withTimestamp(DateTime.now()) - .withRequestType(request.getRequestType()) - .withResultStatus(result.getStatus()) - .withUrl(request.getURI()) - .withRemoteIp(request.getRemoteAddress()) - .withUserName(username) - .withAffectedUserName(getUserName(request)) - .withGroupName(getGroupName(request)) - .build(); - case PUT: - return MembershipChangeRequestAuditEvent.builder() - .withTimestamp(DateTime.now()) - .withRequestType(request.getRequestType()) - .withResultStatus(result.getStatus()) - .withUrl(request.getURI()) - .withRemoteIp(request.getRemoteAddress()) - .withUserName(username) - .withGroupName(getGroupNameForPut(request)) - .withUserNameList(getUsers(request)) - .build(); - default: - return null; - } - } - - private List<String> getUsers(Request request) { - List<String> users = new LinkedList<String>(); - - for(Map<String, Object> propertyMap : request.getBody().getPropertySets()) { - String userName = String.valueOf(propertyMap.get(PropertyHelper.getPropertyId("MemberInfo", "user_name"))); - users.add(userName); - } - return users; - } - - private String getGroupNameForPut(Request request) { - - for(Map<String, Object> propertyMap : request.getBody().getPropertySets()) { - return String.valueOf(propertyMap.get(PropertyHelper.getPropertyId("MemberInfo", "group_name"))); - } - return null; - } - - private String getUserName(Request request) { - return request.getResource().getKeyValueMap().get(Resource.Type.Member); - } - - private String getGroupName(Request request) { - return request.getResource().getKeyValueMap().get(Resource.Type.Group); - } - - -} http://git-wip-us.apache.org/repos/asf/ambari/blob/1b1b3bc6/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/PrivilegeEventCreator.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/PrivilegeEventCreator.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/PrivilegeEventCreator.java deleted file mode 100644 index fbdeaf7..0000000 --- a/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/PrivilegeEventCreator.java +++ /dev/null @@ -1,139 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.ambari.server.audit.request.eventcreator; - -import java.util.Collections; -import java.util.HashMap; -import java.util.HashSet; -import java.util.LinkedList; -import java.util.List; -import java.util.Map; -import java.util.Set; - -import org.apache.ambari.server.api.services.Request; -import org.apache.ambari.server.api.services.Result; -import org.apache.ambari.server.api.services.ResultStatus; -import org.apache.ambari.server.audit.AuditEvent; -import org.apache.ambari.server.audit.request.event.ClusterPrivilegeChangeRequestAuditEvent; -import org.apache.ambari.server.audit.request.event.PrivilegeChangeRequestAuditEvent; -import org.apache.ambari.server.audit.request.RequestAuditEventCreator; -import org.apache.ambari.server.controller.spi.Resource; -import org.apache.ambari.server.controller.utilities.PropertyHelper; -import org.joda.time.DateTime; -import org.springframework.security.core.context.SecurityContextHolder; -import org.springframework.security.core.userdetails.User; - -/** - * This creator handles privilege requests - * For resource type {@link Resource.Type#ClusterPrivilege} - * and request types {@link Request.Type#POST}, {@link Request.Type#PUT} - */ -public class PrivilegeEventCreator implements RequestAuditEventCreator { - - /** - * Set of {@link Request.Type}s that are handled by this plugin - */ - private Set<Request.Type> requestTypes = new HashSet<Request.Type>(); - - { - requestTypes.add(Request.Type.PUT); - requestTypes.add(Request.Type.POST); - } - - /** - * {@inheritDoc} - */ - @Override - public Set<Request.Type> getRequestTypes() { - return requestTypes; - } - - /** - * {@inheritDoc} - */ - @Override - public Set<Resource.Type> getResourceTypes() { - return Collections.singleton(Resource.Type.ClusterPrivilege); - } - - /** - * {@inheritDoc} - */ - @Override - public Set<ResultStatus.STATUS> getResultStatuses() { - return null; - } - - @Override - public AuditEvent createAuditEvent(Request request, Result result) { - String username = ((User) SecurityContextHolder.getContext().getAuthentication().getPrincipal()).getUsername(); - - Map<String, List<String>> users = getEntities(request, "USER"); - Map<String, List<String>> groups = getEntities(request, "GROUP"); - - switch(request.getRequestType()) { - case PUT: - return ClusterPrivilegeChangeRequestAuditEvent.builder() - .withTimestamp(DateTime.now()) - .withRequestType(request.getRequestType()) - .withResultStatus(result.getStatus()) - .withUrl(request.getURI()) - .withRemoteIp(request.getRemoteAddress()) - .withUserName(username) - .withUsers(users) - .withGroups(groups) - .build(); - case POST: - String role = users.isEmpty() ? (groups.isEmpty() ? null : groups.keySet().iterator().next()) : users.keySet().iterator().next(); - return PrivilegeChangeRequestAuditEvent.builder() - .withTimestamp(DateTime.now()) - .withRequestType(request.getRequestType()) - .withResultStatus(result.getStatus()) - .withUrl(request.getURI()) - .withRemoteIp(request.getRemoteAddress()) - .withUserName(username) - .withRole(role) - .withGroup(groups.get(role) == null ? null : groups.get(role).get(0)) - .withUser(users.get(role) == null ? null : users.get(role).get(0)) - .withOperation((users.isEmpty() ? (groups.isEmpty() ? "" : "Group ") : "User ") + "role change") - .build(); - default: - return null; - } - } - - private Map<String, List<String>> getEntities(final Request request, final String type) { - Map<String, List<String>> entities = new HashMap<String,List<String>>(); - - for(Map<String, Object> propertyMap : request.getBody().getPropertySets()) { - String ptype = String.valueOf(propertyMap.get(PropertyHelper.getPropertyId("PrivilegeInfo", "principal_type"))); - if(type.equals(ptype)) { - String role = String.valueOf(propertyMap.get(PropertyHelper.getPropertyId("PrivilegeInfo", "permission_name"))); - String name = String.valueOf(propertyMap.get(PropertyHelper.getPropertyId("PrivilegeInfo", "principal_name"))); - if (!entities.containsKey(role)) { - entities.put(role, new LinkedList<String>()); - } - - entities.get(role).add(name); - } - } - return entities; - } - -} http://git-wip-us.apache.org/repos/asf/ambari/blob/1b1b3bc6/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/RecommendationIgnoreEventCreator.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/RecommendationIgnoreEventCreator.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/RecommendationIgnoreEventCreator.java deleted file mode 100644 index d68db84..0000000 --- a/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/RecommendationIgnoreEventCreator.java +++ /dev/null @@ -1,77 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.ambari.server.audit.request.eventcreator; - -import java.util.Collections; -import java.util.HashSet; -import java.util.Set; - -import org.apache.ambari.server.api.services.Request; -import org.apache.ambari.server.api.services.Result; -import org.apache.ambari.server.api.services.ResultStatus; -import org.apache.ambari.server.audit.AuditEvent; -import org.apache.ambari.server.audit.request.RequestAuditEventCreator; -import org.apache.ambari.server.controller.spi.Resource; - -/** - * This creator ignores recommendation post requests - * For resource type {@link Resource.Type#Recommendation} - * and request types {@link Request.Type#POST} - */ -public class RecommendationIgnoreEventCreator implements RequestAuditEventCreator { - - /** - * Set of {@link Request.Type}s that are handled by this plugin - */ - private Set<Request.Type> requestTypes = new HashSet<Request.Type>(); - - { - requestTypes.add(Request.Type.POST); - } - - /** - * {@inheritDoc} - */ - @Override - public Set<Request.Type> getRequestTypes() { - return requestTypes; - } - - /** - * {@inheritDoc} - */ - @Override - public Set<Resource.Type> getResourceTypes() { - return Collections.singleton(Resource.Type.Recommendation); - } - - /** - * {@inheritDoc} - */ - @Override - public Set<ResultStatus.STATUS> getResultStatuses() { - return null; - } - - @Override - public AuditEvent createAuditEvent(Request request, Result result) { - // intentionally skipping this event - return null; - } -} http://git-wip-us.apache.org/repos/asf/ambari/blob/1b1b3bc6/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/RepositoryEventCreator.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/RepositoryEventCreator.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/RepositoryEventCreator.java deleted file mode 100644 index 1105811..0000000 --- a/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/RepositoryEventCreator.java +++ /dev/null @@ -1,124 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.ambari.server.audit.request.eventcreator; - -import java.util.Collections; -import java.util.HashSet; -import java.util.Set; - -import org.apache.ambari.server.api.services.Request; -import org.apache.ambari.server.api.services.Result; -import org.apache.ambari.server.api.services.ResultStatus; -import org.apache.ambari.server.audit.AuditEvent; -import org.apache.ambari.server.audit.request.RequestAuditEventCreator; -import org.apache.ambari.server.audit.request.event.AddRepositoryRequestAuditEvent; -import org.apache.ambari.server.audit.request.event.UpdateRepositoryRequestAuditEvent; -import org.apache.ambari.server.controller.spi.Resource; -import org.apache.ambari.server.controller.utilities.PropertyHelper; -import org.joda.time.DateTime; -import org.springframework.security.core.context.SecurityContextHolder; -import org.springframework.security.core.userdetails.User; - -/** - * This creator handles privilege requests - * For resource type {@link Resource.Type#Repository} - * and request types {@link Request.Type#POST} and {@link Request.Type#PUT} - */ -public class RepositoryEventCreator implements RequestAuditEventCreator { - - /** - * Set of {@link Request.Type}s that are handled by this plugin - */ - private Set<Request.Type> requestTypes = new HashSet<Request.Type>(); - - { - requestTypes.add(Request.Type.POST); - requestTypes.add(Request.Type.PUT); - } - - /** - * {@inheritDoc} - */ - @Override - public Set<Request.Type> getRequestTypes() { - return requestTypes; - } - - /** - * {@inheritDoc} - */ - @Override - public Set<Resource.Type> getResourceTypes() { - return Collections.singleton(Resource.Type.Repository); - } - - /** - * {@inheritDoc} - */ - @Override - public Set<ResultStatus.STATUS> getResultStatuses() { - return null; - } - - @Override - public AuditEvent createAuditEvent(Request request, Result result) { - String username = ((User) SecurityContextHolder.getContext().getAuthentication().getPrincipal()).getUsername(); - - switch(request.getRequestType()) { - case POST: - return AddRepositoryRequestAuditEvent.builder() - .withTimestamp(DateTime.now()) - .withRequestType(request.getRequestType()) - .withResultStatus(result.getStatus()) - .withUrl(request.getURI()) - .withRemoteIp(request.getRemoteAddress()) - .withUserName(username) - .withRepo(getProperty(request, PropertyHelper.getPropertyId("Repositories", "repo_id"))) - .withStackName(getProperty(request, PropertyHelper.getPropertyId("Repositories", "stack_name"))) - .withStackVersion(getProperty(request, PropertyHelper.getPropertyId("Repositories", "stack_version"))) - .withOsType(getProperty(request, PropertyHelper.getPropertyId("Repositories", "os_type"))) - .withBaseUrl(getProperty(request, PropertyHelper.getPropertyId("Repositories", "base_url"))) - .build(); - case PUT: - return UpdateRepositoryRequestAuditEvent.builder() - .withTimestamp(DateTime.now()) - .withRequestType(request.getRequestType()) - .withResultStatus(result.getStatus()) - .withUrl(request.getURI()) - .withRemoteIp(request.getRemoteAddress()) - .withUserName(username) - .withRepo(getProperty(request, PropertyHelper.getPropertyId("Repositories", "repo_id"))) - .withStackName(getProperty(request, PropertyHelper.getPropertyId("Repositories", "stack_name"))) - .withStackVersion(getProperty(request, PropertyHelper.getPropertyId("Repositories", "stack_version"))) - .withOsType(getProperty(request, PropertyHelper.getPropertyId("Repositories", "os_type"))) - .withBaseUrl(getProperty(request, PropertyHelper.getPropertyId("Repositories", "base_url"))) - .build(); - default: - return null; - } - } - - private String getProperty(Request request, String properyId) { - if(!request.getBody().getPropertySets().isEmpty()) { - return String.valueOf(request.getBody().getPropertySets().iterator().next().get(properyId)); - } - return null; - } - -} http://git-wip-us.apache.org/repos/asf/ambari/blob/1b1b3bc6/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/RepositoryVersionEventCreator.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/RepositoryVersionEventCreator.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/RepositoryVersionEventCreator.java deleted file mode 100644 index 468dd1c..0000000 --- a/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/RepositoryVersionEventCreator.java +++ /dev/null @@ -1,182 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.ambari.server.audit.request.eventcreator; - -import java.util.Collections; -import java.util.HashMap; -import java.util.HashSet; -import java.util.LinkedList; -import java.util.List; -import java.util.Map; -import java.util.Set; - -import org.apache.ambari.server.api.services.Request; -import org.apache.ambari.server.api.services.Result; -import org.apache.ambari.server.api.services.ResultStatus; -import org.apache.ambari.server.audit.AuditEvent; -import org.apache.ambari.server.audit.request.RequestAuditEventCreator; -import org.apache.ambari.server.audit.request.event.AddRepositoryVersionRequestAuditEvent; -import org.apache.ambari.server.audit.request.event.ChangeRepositoryVersionRequestAuditEvent; -import org.apache.ambari.server.audit.request.event.DeleteRepositoryVersionRequestAuditEvent; -import org.apache.ambari.server.controller.spi.Resource; -import org.apache.ambari.server.controller.utilities.PropertyHelper; -import org.joda.time.DateTime; -import org.springframework.security.core.context.SecurityContextHolder; -import org.springframework.security.core.userdetails.User; - -/** - * This creator handles privilege requests - * For resource type {@link Resource.Type#Repository} - * and request types {@link Request.Type#POST}, {@link Request.Type#PUT} and {@link Request.Type#DELETE} - */ -public class RepositoryVersionEventCreator implements RequestAuditEventCreator { - - /** - * Set of {@link Request.Type}s that are handled by this plugin - */ - private Set<Request.Type> requestTypes = new HashSet<Request.Type>(); - - { - requestTypes.add(Request.Type.POST); - requestTypes.add(Request.Type.PUT); - requestTypes.add(Request.Type.DELETE); - } - - /** - * {@inheritDoc} - */ - @Override - public Set<Request.Type> getRequestTypes() { - return requestTypes; - } - - /** - * {@inheritDoc} - */ - @Override - public Set<Resource.Type> getResourceTypes() { - return Collections.singleton(Resource.Type.RepositoryVersion); - } - - /** - * {@inheritDoc} - */ - @Override - public Set<ResultStatus.STATUS> getResultStatuses() { - return null; - } - - @Override - public AuditEvent createAuditEvent(Request request, Result result) { - String username = ((User) SecurityContextHolder.getContext().getAuthentication().getPrincipal()).getUsername(); - - switch(request.getRequestType()) { - case POST: - return AddRepositoryVersionRequestAuditEvent.builder() - .withTimestamp(DateTime.now()) - .withRequestType(request.getRequestType()) - .withResultStatus(result.getStatus()) - .withUrl(request.getURI()) - .withRemoteIp(request.getRemoteAddress()) - .withUserName(username) - .withStackName(getProperty(request, PropertyHelper.getPropertyId("RepositoryVersions", "stack_name"))) - .withStackVersion(getProperty(request, PropertyHelper.getPropertyId("RepositoryVersions", "stack_version"))) - .withDisplayName(getProperty(request, PropertyHelper.getPropertyId("RepositoryVersions", "display_name"))) - .withRepoVersion(getProperty(request, PropertyHelper.getPropertyId("RepositoryVersions", "repository_version"))) - .withRepos(getRepos(request)) - .build(); - case PUT: - return ChangeRepositoryVersionRequestAuditEvent.builder() - .withTimestamp(DateTime.now()) - .withRequestType(request.getRequestType()) - .withResultStatus(result.getStatus()) - .withUrl(request.getURI()) - .withRemoteIp(request.getRemoteAddress()) - .withUserName(username) - .withStackName(getProperty(request, PropertyHelper.getPropertyId("RepositoryVersions", "stack_name"))) - .withStackVersion(getProperty(request, PropertyHelper.getPropertyId("RepositoryVersions", "stack_version"))) - .withDisplayName(getProperty(request, PropertyHelper.getPropertyId("RepositoryVersions", "display_name"))) - .withRepoVersion(getProperty(request, PropertyHelper.getPropertyId("RepositoryVersions", "repository_version"))) - .withRepos(getRepos(request)) - .build(); - case DELETE: - return DeleteRepositoryVersionRequestAuditEvent.builder() - .withTimestamp(DateTime.now()) - .withRequestType(request.getRequestType()) - .withResultStatus(result.getStatus()) - .withUrl(request.getURI()) - .withRemoteIp(request.getRemoteAddress()) - .withUserName(username) - .withStackName(request.getResource().getKeyValueMap().get(Resource.Type.Stack)) - .withStackVersion(request.getResource().getKeyValueMap().get(Resource.Type.StackVersion)) - .withRepoVersion(request.getResource().getKeyValueMap().get(Resource.Type.RepositoryVersion)) - .build(); - default: - return null; - } - } - - private Map<String,List<Map<String,String>>> getRepos(Request request) { - - Map<String,List<Map<String,String>>> result = new HashMap<String,List<Map<String,String>>>(); - - if(!request.getBody().getPropertySets().isEmpty()) { - if(request.getBody().getPropertySets().iterator().next().get("operating_systems") instanceof Set) { - Set<Object> set = (Set<Object>) request.getBody().getPropertySets().iterator().next().get("operating_systems"); - - for (Object entry : set) { - if(entry instanceof Map) { - Map<String, Object> map = (Map<String, Object>) entry; - String osType = (String) map.get(PropertyHelper.getPropertyId("OperatingSystems", "os_type")); - if(!result.containsKey(osType)) { - result.put(osType,new LinkedList<Map<String, String>>()); - } - if(map.get("repositories") instanceof Set) { - Set<Object> repos = (Set<Object>) map.get("repositories"); - for(Object repo : repos) { - if(repo instanceof Map) { - Map<String, String> m = (Map<String,String>) repo; - String repoId = m.get(PropertyHelper.getPropertyId("Repositories", "repo_id")); - String repo_name = m.get(PropertyHelper.getPropertyId("Repositories", "repo_name")); - String baseUrl = m.get(PropertyHelper.getPropertyId("Repositories", "base_url")); - Map<String, String> resultMap = new HashMap<>(); - resultMap.put("repo_id", repoId); - resultMap.put("repo_name", repo_name); - resultMap.put("base_url", baseUrl); - result.get(osType).add(resultMap); - } - } - } - } - } - } - } - return result; - } - - private String getProperty(Request request, String properyId) { - if(!request.getBody().getPropertySets().isEmpty()) { - return String.valueOf(request.getBody().getPropertySets().iterator().next().get(properyId)); - } - return null; - } - - - -} http://git-wip-us.apache.org/repos/asf/ambari/blob/1b1b3bc6/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/RequestEventCreator.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/RequestEventCreator.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/RequestEventCreator.java deleted file mode 100644 index d96edf2..0000000 --- a/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/RequestEventCreator.java +++ /dev/null @@ -1,101 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.ambari.server.audit.request.eventcreator; - -import java.util.HashSet; -import java.util.Map; -import java.util.Set; - -import org.apache.ambari.server.api.services.Request; -import org.apache.ambari.server.api.services.Result; -import org.apache.ambari.server.api.services.ResultStatus; -import org.apache.ambari.server.audit.AuditEvent; -import org.apache.ambari.server.audit.StartOperationFailedAuditEvent; -import org.apache.ambari.server.audit.StartOperationSucceededAuditEvent; -import org.apache.ambari.server.audit.request.RequestAuditEventCreator; -import org.apache.ambari.server.audit.request.event.AddRequestRequestAuditEvent; -import org.apache.ambari.server.audit.request.event.DeleteServiceRequestAuditEvent; -import org.apache.ambari.server.controller.internal.RequestOperationLevel; -import org.apache.ambari.server.controller.spi.Resource; -import org.apache.ambari.server.controller.utilities.PropertyHelper; -import org.joda.time.DateTime; -import org.springframework.security.core.context.SecurityContextHolder; -import org.springframework.security.core.userdetails.User; - -/** - * This creator handles request type requests - * For resource type {@link Resource.Type#Request} - * and request types {@link Request.Type#POST} - */ -public class RequestEventCreator implements RequestAuditEventCreator { - - /** - * Set of {@link Request.Type}s that are handled by this plugin - */ - private Set<Request.Type> requestTypes = new HashSet<Request.Type>(); - - { - requestTypes.add(Request.Type.POST); - } - - private Set<Resource.Type> resourceTypes = new HashSet<Resource.Type>(); - { - resourceTypes.add(Resource.Type.Request); - } - - /** {@inheritDoc} */ - @Override - public Set<Request.Type> getRequestTypes() { - return requestTypes; - } - - /** {@inheritDoc} */ - @Override - public Set<Resource.Type> getResourceTypes() { - return resourceTypes; - } - - /** {@inheritDoc} */ - @Override - public Set<ResultStatus.STATUS> getResultStatuses() { - // null makes this default - return null; - } - - @Override - public AuditEvent createAuditEvent(Request request, Result result) { - String username = ((User) SecurityContextHolder.getContext().getAuthentication().getPrincipal()).getUsername(); - - switch(request.getRequestType()) { - case POST: - return AddRequestRequestAuditEvent.builder() - .withTimestamp(DateTime.now()) - .withRequestType(request.getRequestType()) - .withResultStatus(result.getStatus()) - .withUrl(request.getURI()) - .withRemoteIp(request.getRemoteAddress()) - .withUserName(username) - .withCommand(request.getBody().getRequestInfoProperties().get("command")) - .withClusterName(request.getBody().getRequestInfoProperties().get(RequestOperationLevel.OPERATION_CLUSTER_ID)) - .build(); - default: - return null; - } - } -} http://git-wip-us.apache.org/repos/asf/ambari/blob/1b1b3bc6/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/ServiceConfigDownloadEventCreator.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/ServiceConfigDownloadEventCreator.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/ServiceConfigDownloadEventCreator.java deleted file mode 100644 index 34c93eb..0000000 --- a/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/ServiceConfigDownloadEventCreator.java +++ /dev/null @@ -1,90 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.ambari.server.audit.request.eventcreator; - -import java.util.Collections; -import java.util.HashSet; -import java.util.Set; - -import org.apache.ambari.server.api.services.Request; -import org.apache.ambari.server.api.services.Result; -import org.apache.ambari.server.api.services.ResultStatus; -import org.apache.ambari.server.audit.AuditEvent; -import org.apache.ambari.server.audit.request.event.ClientConfigDownloadRequestAuditEvent; -import org.apache.ambari.server.audit.request.RequestAuditEventCreator; -import org.apache.ambari.server.controller.spi.Resource; -import org.joda.time.DateTime; -import org.springframework.security.core.context.SecurityContextHolder; -import org.springframework.security.core.userdetails.User; - -/** - * This creator handles service config download requests - * For resource type {@link Resource.Type#Service} - * and request types {@link Request.Type#GET} - */ -public class ServiceConfigDownloadEventCreator implements RequestAuditEventCreator { - - /** - * Set of {@link Request.Type}s that are handled by this plugin - */ - private Set<Request.Type> requestTypes = new HashSet<Request.Type>(); - - { - requestTypes.add(Request.Type.GET); - } - - /** - * {@inheritDoc} - */ - @Override - public Set<Request.Type> getRequestTypes() { - return requestTypes; - } - - /** - * {@inheritDoc} - */ - @Override - public Set<Resource.Type> getResourceTypes() { - return Collections.singleton(Resource.Type.ClientConfig); - } - - /** - * {@inheritDoc} - */ - @Override - public Set<ResultStatus.STATUS> getResultStatuses() { - return null; - } - - @Override - public AuditEvent createAuditEvent(Request request, Result result) { - String username = ((User) SecurityContextHolder.getContext().getAuthentication().getPrincipal()).getUsername(); - return ClientConfigDownloadRequestAuditEvent.builder() - .withTimestamp(DateTime.now()) - .withRequestType(request.getRequestType()) - .withResultStatus(result.getStatus()) - .withUrl(request.getURI()) - .withRemoteIp(request.getRemoteAddress()) - .withUserName(username) - .withService(request.getResource().getKeyValueMap().get(Resource.Type.Service)) - .withComponent(request.getResource().getKeyValueMap().get(Resource.Type.Component)) - .build(); - } -} http://git-wip-us.apache.org/repos/asf/ambari/blob/1b1b3bc6/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/ServiceEventCreator.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/ServiceEventCreator.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/ServiceEventCreator.java deleted file mode 100644 index 09a8f89..0000000 --- a/ambari-server/src/main/java/org/apache/ambari/server/audit/request/eventcreator/ServiceEventCreator.java +++ /dev/null @@ -1,165 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.ambari.server.audit.request.eventcreator; - -import java.util.HashSet; -import java.util.Map; -import java.util.Set; - -import org.apache.ambari.server.api.services.Request; -import org.apache.ambari.server.api.services.Result; -import org.apache.ambari.server.api.services.ResultStatus; -import org.apache.ambari.server.audit.AuditEvent; -import org.apache.ambari.server.audit.StartOperationFailedAuditEvent; -import org.apache.ambari.server.audit.StartOperationSucceededAuditEvent; -import org.apache.ambari.server.audit.request.RequestAuditEventCreator; -import org.apache.ambari.server.audit.request.event.DeleteServiceRequestAuditEvent; -import org.apache.ambari.server.controller.internal.RequestOperationLevel; -import org.apache.ambari.server.controller.spi.Resource; -import org.apache.ambari.server.controller.utilities.PropertyHelper; -import org.joda.time.DateTime; -import org.springframework.security.core.context.SecurityContextHolder; -import org.springframework.security.core.userdetails.User; - -/** - * This creator handles operation requests (start, stop, install, etc) - * For resource type {@link Resource.Type#Service} - * and request types {@link Request.Type#POST}, {@link Request.Type#PUT} and {@link Request.Type#DELETE} - */ -public class ServiceEventCreator implements RequestAuditEventCreator { - - /** - * Set of {@link Request.Type}s that are handled by this plugin - */ - private Set<Request.Type> requestTypes = new HashSet<Request.Type>(); - - { - requestTypes.add(Request.Type.POST); - requestTypes.add(Request.Type.PUT); - requestTypes.add(Request.Type.DELETE); - } - - private Set<Resource.Type> resourceTypes = new HashSet<Resource.Type>(); - { - resourceTypes.add(Resource.Type.Service); - } - - /** {@inheritDoc} */ - @Override - public Set<Request.Type> getRequestTypes() { - return requestTypes; - } - - /** {@inheritDoc} */ - @Override - public Set<Resource.Type> getResourceTypes() { - return resourceTypes; - } - - /** {@inheritDoc} */ - @Override - public Set<ResultStatus.STATUS> getResultStatuses() { - // null makes this default - return null; - } - - @Override - public AuditEvent createAuditEvent(Request request, Result result) { - String username = ((User) SecurityContextHolder.getContext().getAuthentication().getPrincipal()).getUsername(); - - if(request.getRequestType() == Request.Type.DELETE) { - return DeleteServiceRequestAuditEvent.builder() - .withTimestamp(DateTime.now()) - .withRequestType(request.getRequestType()) - .withResultStatus(result.getStatus()) - .withUrl(request.getURI()) - .withRemoteIp(request.getRemoteAddress()) - .withUserName(username) - .withService(request.getResource().getKeyValueMap().get(Resource.Type.Service)) - .build(); - } - - String operation = getOperation(request); - - if (result.getStatus().isErrorState()) { - return StartOperationFailedAuditEvent.builder() - .withOperation(operation) - .withUserName(username) - .withRemoteIp(request.getRemoteAddress()) - .withTimestamp(DateTime.now()) - .withReason(result.getStatus().getMessage()) - .build(); - } else { - Long requestId = null; - if (containsRequestId(result)) { - requestId = getRequestId(result); - } - return StartOperationSucceededAuditEvent.builder() - .withOperation(operation) - .withUserName(username) - .withRemoteIp(request.getRemoteAddress()) - .withTimestamp(DateTime.now()) - .withRequestId(String.valueOf(requestId)) - .build(); - } - } - - private String getOperation(Request request) { - if (request.getBody().getRequestInfoProperties().containsKey(RequestOperationLevel.OPERATION_LEVEL_ID)) { - String operation = ""; - if("CLUSTER".equals(request.getBody().getRequestInfoProperties().get(RequestOperationLevel.OPERATION_LEVEL_ID))) { - for (Map<String, Object> map : request.getBody().getPropertySets()) { - if (map.containsKey(PropertyHelper.getPropertyId("ServiceInfo", "state"))) { - operation = String.valueOf(map.get(PropertyHelper.getPropertyId("ServiceInfo", "state"))) + ": all services" - + " (" + request.getBody().getRequestInfoProperties().get(RequestOperationLevel.OPERATION_CLUSTER_ID) + ")"; - break; - } - } - } - if("SERVICE".equals(request.getBody().getRequestInfoProperties().get(RequestOperationLevel.OPERATION_LEVEL_ID))) { - for (Map<String, Object> map : request.getBody().getPropertySets()) { - if (map.containsKey(PropertyHelper.getPropertyId("ServiceInfo", "state"))) { - operation = String.valueOf(map.get(PropertyHelper.getPropertyId("ServiceInfo", "state"))) + ": " + map.get(PropertyHelper.getPropertyId("ServiceInfo", "service_name")) - + " (" + request.getBody().getRequestInfoProperties().get(RequestOperationLevel.OPERATION_CLUSTER_ID) + ")"; - break; - } - } - } - return operation; - } - - for (Map<String, Object> map : request.getBody().getPropertySets()) { - if (map.containsKey(PropertyHelper.getPropertyId("ServiceInfo", "maintenance_state"))) { - return "Turn " + map.get(PropertyHelper.getPropertyId("ServiceInfo", "maintenance_state")) + " Maintenance Mode for " + map.get(PropertyHelper.getPropertyId("ServiceInfo", "service_name")); - } - } - return null; - } - - private Long getRequestId(Result result) { - return (Long) result.getResultTree().getChild("request").getObject().getPropertiesMap().get("Requests").get("id"); - } - - private boolean containsRequestId(Result result) { - return result.getResultTree().getChild("request") != null - && result.getResultTree().getChild("request").getObject() != null - && result.getResultTree().getChild("request").getObject().getPropertiesMap().get("Requests") != null - && result.getResultTree().getChild("request").getObject().getPropertiesMap().get("Requests").get("id") != null; - } -}
