Repository: logging-log4j-audit Updated Branches: refs/heads/master 07e5419f0 -> 8b56411df
[LOG4J2-2421] check for the presence of required ThreadContext atributes Project: http://git-wip-us.apache.org/repos/asf/logging-log4j-audit/repo Commit: http://git-wip-us.apache.org/repos/asf/logging-log4j-audit/commit/af89554f Tree: http://git-wip-us.apache.org/repos/asf/logging-log4j-audit/tree/af89554f Diff: http://git-wip-us.apache.org/repos/asf/logging-log4j-audit/diff/af89554f Branch: refs/heads/master Commit: af89554f0d34ebd8263b0693cd8c6a6095b6b772 Parents: c2bfa53 Author: Andrei Ivanov <[email protected]> Authored: Mon Sep 17 17:11:02 2018 +0300 Committer: Andrei Ivanov <[email protected]> Committed: Mon Sep 17 17:11:02 2018 +0300 ---------------------------------------------------------------------- .../log4j/audit/AbstractEventLogger.java | 20 +++++++++-- .../logging/log4j/audit/AuditLoggerTest.java | 14 +++++++- .../logging/log4j/audit/TransferTest.java | 36 ++++++++++++++++++-- 3 files changed, 65 insertions(+), 5 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/logging-log4j-audit/blob/af89554f/log4j-audit/log4j-audit-api/src/main/java/org/apache/logging/log4j/audit/AbstractEventLogger.java ---------------------------------------------------------------------- diff --git a/log4j-audit/log4j-audit-api/src/main/java/org/apache/logging/log4j/audit/AbstractEventLogger.java b/log4j-audit/log4j-audit-api/src/main/java/org/apache/logging/log4j/audit/AbstractEventLogger.java index da2254a..575b950 100644 --- a/log4j-audit/log4j-audit-api/src/main/java/org/apache/logging/log4j/audit/AbstractEventLogger.java +++ b/log4j-audit/log4j-audit-api/src/main/java/org/apache/logging/log4j/audit/AbstractEventLogger.java @@ -163,8 +163,7 @@ public abstract class AbstractEventLogger { } List<String> reqCtxAttrs = catalogManager.getRequiredContextAttributes(eventName, event.getCatalogId()); - - if (reqCtxAttrs != null) { + if (reqCtxAttrs != null && !reqCtxAttrs.isEmpty()) { StringBuilder sb = new StringBuilder(); for (String attr : reqCtxAttrs) { if (!ThreadContext.containsKey(attr)) { @@ -179,7 +178,23 @@ public abstract class AbstractEventLogger { " is missing required RequestContextMapping values for " + sb.toString()); } } + Map<String, Attribute> reqCtxAttributes = catalogManager.getRequestContextAttributes(); + for (Map.Entry<String, Attribute> entry : reqCtxAttributes.entrySet()) { + Attribute attribute = entry.getValue(); + String attr = entry.getKey(); + if (attribute.isRequired() && !ThreadContext.containsKey(attr)) { + if (errors.length() > 0) { + errors.append(", "); + } + errors.append(attr); + } + } + if (errors.length() > 0) { + throw new AuditException("Event " + eventName + + " is missing required Thread Context values for " + errors.toString()); + } + for (Map.Entry<String, String> entry : ThreadContext.getImmutableContext().entrySet()) { Attribute attribute = reqCtxAttributes.get(entry.getKey()); if (attribute == null) { @@ -195,6 +210,7 @@ public abstract class AbstractEventLogger { if (errors.length() > 0) { throw new AuditException("Event " + eventName + " has incorrect data in the Thread Context: " + errors.toString()); } + msg.putAll(attributes); try { logEvent(msg); http://git-wip-us.apache.org/repos/asf/logging-log4j-audit/blob/af89554f/log4j-audit/log4j-audit-api/src/test/java/org/apache/logging/log4j/audit/AuditLoggerTest.java ---------------------------------------------------------------------- diff --git a/log4j-audit/log4j-audit-api/src/test/java/org/apache/logging/log4j/audit/AuditLoggerTest.java b/log4j-audit/log4j-audit-api/src/test/java/org/apache/logging/log4j/audit/AuditLoggerTest.java index abe6eb8..eab5dd1 100644 --- a/log4j-audit/log4j-audit-api/src/test/java/org/apache/logging/log4j/audit/AuditLoggerTest.java +++ b/log4j-audit/log4j-audit-api/src/test/java/org/apache/logging/log4j/audit/AuditLoggerTest.java @@ -70,11 +70,14 @@ public class AuditLoggerTest { @Before public void before() { app.clear(); + ThreadContext.clearMap(); } @Test public void testAuditLogger() { + ThreadContext.put("accountNumber", "12345"); ThreadContext.put("companyId", "12345"); + ThreadContext.put("userId", "JohnDoe"); ThreadContext.put("ipAddress", "127.0.0.1"); ThreadContext.put("environment", "dev"); ThreadContext.put("product", "TestProduct"); @@ -100,7 +103,16 @@ public class AuditLoggerTest { } @Test(expected = AuditException.class) - public void testBadAttribute() { + public void testMissingRequestContextAttribute() { + Map<String, String> properties = new HashMap<String, String>(); + properties.put("toAccount", "123456"); + properties.put("fromAccount", "111111"); + properties.put("amount", "111.55"); + auditLogger.logEvent("transfer", properties); + } + + @Test(expected = AuditException.class) + public void testMissingEventAttribute() { ThreadContext.put("companyId", "12345"); ThreadContext.put("ipAddress", "127.0.0.1"); ThreadContext.put("environment", "dev"); http://git-wip-us.apache.org/repos/asf/logging-log4j-audit/blob/af89554f/log4j-audit/log4j-audit-api/src/test/java/org/apache/logging/log4j/audit/TransferTest.java ---------------------------------------------------------------------- diff --git a/log4j-audit/log4j-audit-api/src/test/java/org/apache/logging/log4j/audit/TransferTest.java b/log4j-audit/log4j-audit-api/src/test/java/org/apache/logging/log4j/audit/TransferTest.java index 7c5ce5e..ebc46ba 100644 --- a/log4j-audit/log4j-audit-api/src/test/java/org/apache/logging/log4j/audit/TransferTest.java +++ b/log4j-audit/log4j-audit-api/src/test/java/org/apache/logging/log4j/audit/TransferTest.java @@ -65,7 +65,7 @@ public class TransferTest { } @Test(expected = ConstraintValidationException.class) - public void testValidationFailure() { + public void testValidationFailureForMissingRequestContextAttribute() { Transfer transfer = LogEventFactory.getEvent(Transfer.class); ThreadContext.put("companyId", "12345"); ThreadContext.put("ipAddress", "127.0.0.1"); @@ -80,6 +80,23 @@ public class TransferTest { fail("Should have thrown an AuditException"); } + @Test(expected = ConstraintValidationException.class) + public void testValidationFailureForMissingEventAttribute() { + Transfer transfer = LogEventFactory.getEvent(Transfer.class); + ThreadContext.put("accountNumber", "12345"); + ThreadContext.put("companyId", "12345"); + ThreadContext.put("userId", "JohnDoe"); + ThreadContext.put("ipAddress", "127.0.0.1"); + ThreadContext.put("environment", "dev"); + ThreadContext.put("product", "TestProduct"); + ThreadContext.put("timeZone", "America/Phoenix"); + ThreadContext.put("loginId", "TestUser"); + transfer.setToAccount(123456); + transfer.setFromAccount(111111); + transfer.logEvent(); + fail("Should have thrown an AuditException"); + } + @Test public void testAuditClass() { Transfer transfer = LogEventFactory.getEvent(Transfer.class); @@ -117,7 +134,7 @@ public class TransferTest { } @Test(expected = ConstraintValidationException.class) - public void testAuditLogException() { + public void testAuditLogWithMissingRequestContextAttribute() { ThreadContext.put("userId", "JohnDoe"); ThreadContext.put("ipAddress", "127.0.0.1"); ThreadContext.put("environment", "dev"); @@ -131,6 +148,21 @@ public class TransferTest { LogEventFactory.logEvent(Transfer.class, properties); } + @Test(expected = ConstraintValidationException.class) + public void testAuditLogWithMissingEventAttribute() { + ThreadContext.put("accountNumber", "12345"); + ThreadContext.put("userId", "JohnDoe"); + ThreadContext.put("ipAddress", "127.0.0.1"); + ThreadContext.put("environment", "dev"); + ThreadContext.put("product", "TestProduct"); + ThreadContext.put("timeZone", "America/Phoenix"); + ThreadContext.put("loginId", "TestUser"); + Map<String, String> properties = new HashMap<>(); + properties.put("toAccount", "123456"); + properties.put("fromAccount", "111111"); + LogEventFactory.logEvent(Transfer.class, properties); + } + @Test public void testAuditLog() { ThreadContext.put("accountNumber", "12345");
