[ https://issues.apache.org/jira/browse/ZOOKEEPER-4648?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Beibei Zhao updated ZOOKEEPER-4648: ----------------------------------- Description: FinalRequestProcessor addAuditLog before the process of request and make failedTxn=false, but I think failedTxn should be true if the request can not pass the checkACL and throw KeeperException. {code:java} @param failedTxn whether audit is being done failed transaction for normal transaction public void processRequest(Request request) { ...... Code err = Code.OK; try { ...... AuditHelper.addAuditLog(request, rc); switch (request.type) { ...... case OpCode.getAllChildrenNumber: { lastOp = "GETACN"; ...... zks.checkACL( request.cnxn, zks.getZKDatabase().aclForNode(n), ZooDefs.Perms.READ, request.authInfo, path, null); ...... break; } ...... } } catch (SessionMovedException e) { ...... } catch (KeeperException e) { err = e.code(); } catch (Exception e) { ...... } {code} if we add audit log after the process of request like below, the log info maybe more accurate. {code:java} Code err = Code.OK; try { ...... } catch (SessionMovedException e) { ...... } catch (KeeperException e) { err = e.code(); } catch (Exception e) { ...... } if (err == Code.OK) { AuditHelper.addAuditLog(request, rc, false); } else { AuditHelper.addAuditLog(request, rc, true); } {code} was: FinalRequestProcessor addAuditLog before the process of request and make failedTxn=false, but I think failedTxn should be true if the request can not pass the checkACL and throw KeeperException. {code:java} @param failedTxn whether audit is being done failed transaction for normal transaction public void processRequest(Request request) { ...... try { ...... AuditHelper.addAuditLog(request, rc); switch (request.type) { ...... case OpCode.getAllChildrenNumber: { lastOp = "GETACN"; ...... zks.checkACL( request.cnxn, zks.getZKDatabase().aclForNode(n), ZooDefs.Perms.READ, request.authInfo, path, null); ...... break; } ...... } } catch (SessionMovedException e) { ...... } catch (KeeperException e) { err = e.code(); } catch (Exception e) { ...... } {code} if we add audit log after the process of request like below, the log info maybe more accurate. {code:java} } catch (SessionMovedException e) { ...... } catch (KeeperException e) { err = e.code(); } catch (Exception e) { ...... } if (err == Code.OK) { AuditHelper.addAuditLog(request, rc, false); } else { AuditHelper.addAuditLog(request, rc, true); } {code} > FinalRequestProcessor addAuditLog after the process of request maybe better. > ---------------------------------------------------------------------------- > > Key: ZOOKEEPER-4648 > URL: https://issues.apache.org/jira/browse/ZOOKEEPER-4648 > Project: ZooKeeper > Issue Type: Bug > Reporter: Beibei Zhao > Priority: Major > > FinalRequestProcessor addAuditLog before the process of request and make > failedTxn=false, but I think failedTxn should be true if the request can not > pass the checkACL and throw KeeperException. > {code:java} > @param failedTxn whether audit is being done failed transaction for normal > transaction > public void processRequest(Request request) { > ...... > Code err = Code.OK; > try { > ...... > AuditHelper.addAuditLog(request, rc); > switch (request.type) { > ...... > case OpCode.getAllChildrenNumber: { > lastOp = "GETACN"; > ...... > zks.checkACL( > request.cnxn, > zks.getZKDatabase().aclForNode(n), > ZooDefs.Perms.READ, > request.authInfo, > path, > null); > ...... > break; > } > ...... > } > } catch (SessionMovedException e) { > ...... > } catch (KeeperException e) { > err = e.code(); > } catch (Exception e) { > ...... > } > {code} > if we add audit log after the process of request like below, the log info > maybe more accurate. > {code:java} > Code err = Code.OK; > try { > ...... > } catch (SessionMovedException e) { > ...... > } catch (KeeperException e) { > err = e.code(); > } catch (Exception e) { > ...... > } > if (err == Code.OK) { > AuditHelper.addAuditLog(request, rc, false); > } else { > AuditHelper.addAuditLog(request, rc, true); > } > {code} -- This message was sent by Atlassian Jira (v8.20.10#820010)