[jira] [Created] (HDDS-11119) Unnecessary UPDATE_VOLUME audit entry for DELETE_TENANT

[Attila Doroszlai (Jira)]

Attila Doroszlai created HDDS-11119:
---------------------------------------

             Summary: Unnecessary UPDATE_VOLUME audit entry for DELETE_TENANT
                 Key: HDDS-11119
                 URL: https://issues.apache.org/jira/browse/HDDS-11119
             Project: Apache Ozone
          Issue Type: Bug
          Components: Ozone Manager
            Reporter: Attila Doroszlai


{{DELETE_TENANT}} request results in two audit messages.  Problems:

* No information is logged about what change is made to the volume.
* The duplicate message is logged even if the request fails due to non-empty 
tenant, in which case volume update is not even attempted.

{code:title=success}
2024-07-08 15:47:31,680 | INFO  | OMAudit | user=testuser/s...@example.com | 
ip=192.168.112.5 | op=UPDATE_VOLUME {volume=tenantone} | ret=SUCCESS |  
2024-07-08 15:47:31,680 | INFO  | OMAudit | user=testuser/s...@example.com | 
ip=192.168.112.5 | op=DELETE_TENANT {tenant=tenantone} | ret=SUCCESS |  
{code}

{code:title=failure}
2024-07-08 15:47:24,325 | ERROR | OMAudit | user=testuser/s...@example.com | 
ip=192.168.112.5 | op=UPDATE_VOLUME {volume=tenantone} | ret=FAILURE | 
TENANT_NOT_EMPTY org.apache.hadoop.ozone.om.exceptions.OMException: Tenant 
'tenantone' is not empty. All accessIds associated to this tenant must be 
revoked before the tenant can be deleted. See `ozone tenant user revoke`
        at 
org.apache.hadoop.ozone.om.request.s3.tenant.OMTenantDeleteRequest.validateAndUpdateCache(OMTenantDeleteRequest.java:158)
        at 
org.apache.hadoop.ozone.protocolPB.OzoneManagerRequestHandler.lambda$0(OzoneManagerRequestHandler.java:398)
 
2024-07-08 15:47:24,325 | ERROR | OMAudit | user=testuser/s...@example.com | 
ip=192.168.112.5 | op=DELETE_TENANT {tenant=tenantone} | ret=FAILURE | 
TENANT_NOT_EMPTY org.apache.hadoop.ozone.om.exceptions.OMException: Tenant 
'tenantone' is not empty. All accessIds associated to this tenant must be 
revoked before the tenant can be deleted. See `ozone tenant user revoke`
        at 
org.apache.hadoop.ozone.om.request.s3.tenant.OMTenantDeleteRequest.validateAndUpdateCache(OMTenantDeleteRequest.java:158)
        at 
org.apache.hadoop.ozone.protocolPB.OzoneManagerRequestHandler.lambda$0(OzoneManagerRequestHandler.java:398)
 
{code}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@ozone.apache.org
For additional commands, e-mail: issues-h...@ozone.apache.org