This is an automated email from the ASF dual-hosted git repository. ofuks pushed a commit to branch audit in repository https://gitbox.apache.org/repos/asf/incubator-dlab.git
The following commit(s) were added to refs/heads/audit by this push: new de9ea30 Added audit for bucket browser de9ea30 is described below commit de9ea307b7c93685e61e583f91bb1788e971f7b3 Author: Oleh Fuks <olegfuk...@gmail.com> AuthorDate: Thu Jun 11 16:03:46 2020 +0300 Added audit for bucket browser --- .../com/epam/dlab/backendapi/domain/AuditActionEnum.java | 1 + .../com/epam/dlab/backendapi/resources/BucketResource.java | 9 ++++++--- .../com/epam/dlab/backendapi/service/BucketService.java | 6 +++--- .../dlab/backendapi/service/impl/BucketServiceImpl.java | 14 +++++++++++--- 4 files changed, 21 insertions(+), 9 deletions(-) diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/domain/AuditActionEnum.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/domain/AuditActionEnum.java index a46f93d..6f39205 100644 --- a/services/self-service/src/main/java/com/epam/dlab/backendapi/domain/AuditActionEnum.java +++ b/services/self-service/src/main/java/com/epam/dlab/backendapi/domain/AuditActionEnum.java @@ -24,5 +24,6 @@ public enum AuditActionEnum { CREATE_NOTEBOOK, START_NOTEBOOK, STOP_NOTEBOOK, TERMINATE_NOTEBOOK, UPDATE_CLUSTER_CONFIG, CREATE_DATA_ENGINE, CREATE_DATA_ENGINE_SERVICE, START_COMPUTATIONAL, STOP_COMPUTATIONAL, TERMINATE_COMPUTATIONAL, UPDATE_DATA_ENGINE_CONFIG, CREATE_ENDPOINT, DELETE_ENDPOINT, + BUCKET_UPLOAD_OBJECT, BUCKET_DOWNLOAD_OBJECT, BUCKET_DELETE_OBJECT, FOLLOW_NOTEBOOK_LINK } diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/BucketResource.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/BucketResource.java index 6ffc7f9..c4f7b6e 100644 --- a/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/BucketResource.java +++ b/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/BucketResource.java @@ -51,6 +51,8 @@ import java.nio.file.Paths; @Path("/bucket") @Slf4j public class BucketResource { + private static final String AUDIT_UPLOAD_MESSAGE = "File name: %s. File size: %d."; + private static final String AUDIT_MESSAGE = "File name: %s."; private static final String OBJECT_FORM_FIELD = "object"; private static final String BUCKET_FORM_FIELD = "bucket"; private static final String ENDPOINT_FORM_FIELD = "endpoint"; @@ -93,7 +95,7 @@ public class BucketResource { @PathParam("bucket") String bucket, @PathParam("object") String object, @PathParam("endpoint") String endpoint) { - bucketService.downloadObject(userInfo, bucket, object, endpoint, resp); + bucketService.downloadObject(userInfo, bucket, object, endpoint, resp, String.format(AUDIT_MESSAGE, object)); return Response.ok() .header(HttpHeaders.CONTENT_DISPOSITION, "attachment; filename=\"" + Paths.get(object).getFileName() + "\"") .build(); @@ -105,7 +107,8 @@ public class BucketResource { @Produces(MediaType.APPLICATION_JSON) @RolesAllowed("/api/bucket/delete") public Response deleteObject(@Auth UserInfo userInfo, @Valid BucketDeleteDTO bucketDto) { - bucketService.deleteObjects(userInfo, bucketDto.getBucket(), bucketDto.getObjects(), bucketDto.getEndpoint()); + final String listOfDeletedObject = String.join(", ", bucketDto.getObjects()); + bucketService.deleteObjects(userInfo, bucketDto.getBucket(), bucketDto.getObjects(), bucketDto.getEndpoint(), String.format(AUDIT_MESSAGE, listOfDeletedObject)); return Response.ok().build(); } @@ -135,7 +138,7 @@ public class BucketResource { fileSize = Long.parseLong(Streams.asString(stream)); } } else { - bucketService.uploadObjects(userInfo, bucket, object, endpoint, stream, fileSize); + bucketService.uploadObjects(userInfo, bucket, object, endpoint, stream, fileSize, String.format(AUDIT_UPLOAD_MESSAGE, object, fileSize)); } } catch (Exception e) { log.error("Cannot upload object {} to bucket {}. {}", object, bucket, e.getMessage(), e); diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/service/BucketService.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/service/BucketService.java index 6e5345b..1cb0769 100644 --- a/services/self-service/src/main/java/com/epam/dlab/backendapi/service/BucketService.java +++ b/services/self-service/src/main/java/com/epam/dlab/backendapi/service/BucketService.java @@ -29,9 +29,9 @@ import java.util.List; public interface BucketService { List<BucketDTO> getObjects(UserInfo userInfo, String bucket, String endpoint); - void uploadObjects(UserInfo userInfo, String bucket, String object, String endpoint, InputStream inputStream, long fileSize); + void uploadObjects(UserInfo userInfo, String bucket, String object, String endpoint, InputStream inputStream, long fileSize, String auditInfo); - void downloadObject(UserInfo userInfo, String bucket, String object, String endpoint, HttpServletResponse resp); + void downloadObject(UserInfo userInfo, String bucket, String object, String endpoint, HttpServletResponse resp, String auditInfo); - void deleteObjects(UserInfo userInfo, String bucket, List<String> objects, String endpoint); + void deleteObjects(UserInfo userInfo, String bucket, List<String> objects, String endpoint, String auditInfo); } diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/service/impl/BucketServiceImpl.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/service/impl/BucketServiceImpl.java index d305532..eecd939 100644 --- a/services/self-service/src/main/java/com/epam/dlab/backendapi/service/impl/BucketServiceImpl.java +++ b/services/self-service/src/main/java/com/epam/dlab/backendapi/service/impl/BucketServiceImpl.java @@ -20,6 +20,11 @@ package com.epam.dlab.backendapi.service.impl; import com.epam.dlab.auth.UserInfo; +import com.epam.dlab.backendapi.annotation.Audit; +import com.epam.dlab.backendapi.annotation.Info; +import com.epam.dlab.backendapi.annotation.ResourceName; +import com.epam.dlab.backendapi.annotation.User; +import com.epam.dlab.backendapi.domain.AuditActionEnum; import com.epam.dlab.backendapi.domain.EndpointDTO; import com.epam.dlab.backendapi.service.BucketService; import com.epam.dlab.backendapi.service.EndpointService; @@ -78,8 +83,9 @@ public class BucketServiceImpl implements BucketService { } } + @Audit(action = AuditActionEnum.BUCKET_UPLOAD_OBJECT) @Override - public void uploadObjects(UserInfo userInfo, String bucket, String object, String endpoint, InputStream inputStream, long fileSize) { + public void uploadObjects(@User UserInfo userInfo, @ResourceName String bucket, String object, String endpoint, InputStream inputStream, long fileSize, @Info String auditInfo) { log.info("Uploading file {} for user {} to bucket {}", object, userInfo.getName(), bucket); try { EndpointDTO endpointDTO = endpointService.get(endpoint); @@ -95,8 +101,9 @@ public class BucketServiceImpl implements BucketService { log.info("Finished uploading file {} for user {} to bucket {}", object, userInfo.getName(), bucket); } + @Audit(action = AuditActionEnum.BUCKET_DOWNLOAD_OBJECT) @Override - public void downloadObject(UserInfo userInfo, String bucket, String object, String endpoint, HttpServletResponse resp) { + public void downloadObject(@User UserInfo userInfo, @ResourceName String bucket, String object, String endpoint, HttpServletResponse resp, @Info String auditInfo) { log.info("Downloading file {} for user {} from bucket {}", object, userInfo.getName(), bucket); EndpointDTO endpointDTO = endpointService.get(endpoint); try (InputStream inputStream = provisioningService.getWithMediaTypes(String.format(BUCKET_DOWNLOAD_OBJECT, endpointDTO.getUrl(), bucket, encodeObject(object)), userInfo.getAccessToken(), @@ -109,8 +116,9 @@ public class BucketServiceImpl implements BucketService { } } + @Audit(action = AuditActionEnum.BUCKET_DELETE_OBJECT) @Override - public void deleteObjects(UserInfo userInfo, String bucket, List<String> objects, String endpoint) { + public void deleteObjects(@User UserInfo userInfo, @ResourceName String bucket, List<String> objects, String endpoint, @Info String auditInfo) { try { EndpointDTO endpointDTO = endpointService.get(endpoint); BucketDeleteDTO bucketDeleteDTO = new BucketDeleteDTO(bucket, objects); --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@dlab.apache.org For additional commands, e-mail: commits-h...@dlab.apache.org