On Wed, Mar 02, 2016 at 10:05:56AM +1000, Fraser Tweedale wrote:
> On Mon, Feb 22, 2016 at 02:21:58PM -0500, Ade Lee wrote:
> > This patch needs to be rebased.
> >
> > Tt was possible, however, to review the contents. In general,
> > everything looks good. It would be be useful though, to be able to
> > distinguish the many failure cases. For instance --
> >
> > try {
> > ca.modifyAuthority(data.getEnabled(), data.getDescription());
> > + audit(ILogger.SUCCESS, OpDef.OP_MODIFY,
> > ca.getAuthorityID().toString(), auditParams);
> > return createOKResponse(readAuthorityData(ca));
> > } catch (CATypeException e) {
> > + audit(ILogger.FAILURE, OpDef.OP_MODIFY,
> > ca.getAuthorityID().toString(), auditParams);
> > throw new ForbiddenException(e.toString());
> > } catch (IssuerUnavailableException e) {
> > + audit(ILogger.FAILURE, OpDef.OP_MODIFY,
> > ca.getAuthorityID().toString(), auditParams);
> > throw new ConflictingOperationException(e.toString());
> > } catch (EBaseException e) {
> > CMS.debug(e);
> > + audit(ILogger.FAILURE, OpDef.OP_MODIFY,
> > ca.getAuthorityID().toString(), auditParams);
> > throw new PKIException("Error modifying authority: " +
> > e.toString());
> > }
> >
> > It would be nice to be able to determine if the modify failed because of
> > permissions or otherwise.
> > Can we add the exception error message to the auditParams?
> >
> > Ade
> >
> Updated patch attached. The "exception" key is added to the
> auditParams map to indicate the exception (if any), rather than
> adding a whole new audit message parameter.
>
> Cheers,
> Fraser
FRACKed by Ade (Fix, retest -> ACK).
Pushed to master (2d7722f2c9b8230e79d258ad7aa1be1e87804518)
_______________________________________________
Pki-devel mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/pki-devel
