This is an automated email from the ASF dual-hosted git repository.
kezhuw pushed a commit to branch branch-3.9
in repository https://gitbox.apache.org/repos/asf/zookeeper.git
The following commit(s) were added to refs/heads/branch-3.9 by this push:
new a99d4ef89 ZOOKEEPER-4725: Record TTL node creations in audit log
a99d4ef89 is described below
commit a99d4ef89a2764b843bb813d82d09e8dde65ff0c
Author: Damien Diederen <[email protected]>
AuthorDate: Mon Mar 24 17:28:21 2025 +0100
ZOOKEEPER-4725: Record TTL node creations in audit log
Reviewers: kezhuw
Author: ztzg
Closes #2039 from ztzg/ZOOKEEPER-4725-audit-create-ttl
(cherry picked from commit 10328b3ab538d819b538b0bb09e299dd70b71b81)
---
.../org/apache/zookeeper/audit/AuditHelper.java | 17 +++++++++----
.../zookeeper/audit/Slf4JAuditLoggerTest.java | 28 ++++++++++++++++++++++
2 files changed, 41 insertions(+), 4 deletions(-)
diff --git
a/zookeeper-server/src/main/java/org/apache/zookeeper/audit/AuditHelper.java
b/zookeeper-server/src/main/java/org/apache/zookeeper/audit/AuditHelper.java
index d6df7d924..d6f1178c6 100644
--- a/zookeeper-server/src/main/java/org/apache/zookeeper/audit/AuditHelper.java
+++ b/zookeeper-server/src/main/java/org/apache/zookeeper/audit/AuditHelper.java
@@ -28,6 +28,7 @@
import org.apache.zookeeper.ZooDefs;
import org.apache.zookeeper.audit.AuditEvent.Result;
import org.apache.zookeeper.proto.CreateRequest;
+import org.apache.zookeeper.proto.CreateTTLRequest;
import org.apache.zookeeper.proto.DeleteRequest;
import org.apache.zookeeper.proto.SetACLRequest;
import org.apache.zookeeper.proto.SetDataRequest;
@@ -69,11 +70,19 @@ public static void addAuditLog(Request request,
ProcessTxnResult txnResult, bool
case ZooDefs.OpCode.createContainer:
op = AuditConstants.OP_CREATE;
CreateRequest createRequest =
request.readRequestRecord(CreateRequest::new);
- createMode = getCreateMode(createRequest);
+ createMode = getCreateMode(createRequest.getFlags());
if (failedTxn) {
path = createRequest.getPath();
}
break;
+ case ZooDefs.OpCode.createTTL:
+ op = AuditConstants.OP_CREATE;
+ CreateTTLRequest createTtlRequest =
request.readRequestRecord(CreateTTLRequest::new);
+ createMode = getCreateMode(createTtlRequest.getFlags());
+ if (failedTxn) {
+ path = createTtlRequest.getPath();
+ }
+ break;
case ZooDefs.OpCode.delete:
case ZooDefs.OpCode.deleteContainer:
op = AuditConstants.OP_DELETE;
@@ -172,8 +181,8 @@ private static void log(String user, String operation,
String znode, String acl,
ZKAuditProvider.log(user, operation, znode, acl, createMode, session,
ip, result);
}
- private static String getCreateMode(CreateRequest createRequest) throws
KeeperException {
- return
CreateMode.fromFlag(createRequest.getFlags()).toString().toLowerCase();
+ private static String getCreateMode(int createFlags) throws
KeeperException {
+ return CreateMode.fromFlag(createFlags).toString().toLowerCase();
}
private static Map<String, String> getCreateModes(Request request)
@@ -188,7 +197,7 @@ private static Map<String, String> getCreateModes(Request
request)
|| op.getType() == ZooDefs.OpCode.createContainer) {
CreateRequest requestRecord = (CreateRequest)
op.toRequestRecord();
createModes.put(requestRecord.getPath(),
- getCreateMode(requestRecord));
+ getCreateMode(requestRecord.getFlags()));
}
}
return createModes;
diff --git
a/zookeeper-server/src/test/java/org/apache/zookeeper/audit/Slf4JAuditLoggerTest.java
b/zookeeper-server/src/test/java/org/apache/zookeeper/audit/Slf4JAuditLoggerTest.java
index 8a700bbdf..caad6ad3b 100644
---
a/zookeeper-server/src/test/java/org/apache/zookeeper/audit/Slf4JAuditLoggerTest.java
+++
b/zookeeper-server/src/test/java/org/apache/zookeeper/audit/Slf4JAuditLoggerTest.java
@@ -63,6 +63,7 @@ public class Slf4JAuditLoggerTest extends QuorumPeerTestBase {
@BeforeAll
public static void setUpBeforeClass() throws Exception {
System.setProperty(ZKAuditProvider.AUDIT_ENABLE, "true");
+ System.setProperty("zookeeper.extendedTypesEnabled", "true");
// setup the logger to capture all logs
LoggerTestTool loggerTestTool = new
LoggerTestTool(Slf4jAuditLogger.class);
os = loggerTestTool.getOutputStream();
@@ -103,6 +104,32 @@ public void testCreateAuditLogs()
null, createMode), readAuditLog(os));
}
+ @Test
+ public void testCreateWithTtlAuditLogs()
+ throws KeeperException, InterruptedException, IOException {
+ final CreateMode createMode = CreateMode.PERSISTENT_WITH_TTL;
+ final String path = "/createTtlPath";
+ zk.create(path, "".getBytes(), ZooDefs.Ids.OPEN_ACL_UNSAFE,
+ createMode, null, 3600);
+ // success log
+ verifyLog(
+ getAuditLog(AuditConstants.OP_CREATE, path, Result.SUCCESS,
+ null, createMode.toString().toLowerCase()),
readAuditLog(os));
+ }
+
+ @Test
+ public void testCreateSeqWithTtlAuditLogs()
+ throws KeeperException, InterruptedException, IOException {
+ final CreateMode createMode =
CreateMode.PERSISTENT_SEQUENTIAL_WITH_TTL;
+ String path = "/createTtlPath";
+ path = zk.create(path, "".getBytes(), ZooDefs.Ids.OPEN_ACL_UNSAFE,
+ createMode, null, 3600);
+ // success log
+ verifyLog(
+ getAuditLog(AuditConstants.OP_CREATE, path, Result.SUCCESS,
+ null, createMode.toString().toLowerCase()),
readAuditLog(os));
+ }
+
@Test
public void testDeleteAuditLogs()
throws InterruptedException, IOException, KeeperException {
@@ -406,6 +433,7 @@ private void waitForDeletion(ZooKeeper zooKeeper, String
path)
@AfterAll
public static void tearDownAfterClass() {
+ System.clearProperty("zookeeper.extendedTypesEnabled");
System.clearProperty(ZKAuditProvider.AUDIT_ENABLE);
for (int i = 0; i < SERVER_COUNT; i++) {
try {
