[
https://issues.apache.org/jira/browse/ZOOKEEPER-4648?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Beibei Zhao updated ZOOKEEPER-4648:
-----------------------------------
Description:
FinalRequestProcessor addAuditLog before the process of request and make
failedTxn=false, but I think failedTxn should be true if the request can not
pass the checkACL and throw KeeperException.
{code:java}
@param failedTxn whether audit is being done failed transaction for normal
transaction
public void processRequest(Request request) {
......
Code err = Code.OK;
try {
......
AuditHelper.addAuditLog(request, rc);
switch (request.type) {
......
case OpCode.getAllChildrenNumber: {
lastOp = "GETACN";
......
zks.checkACL(
request.cnxn,
zks.getZKDatabase().aclForNode(n),
ZooDefs.Perms.READ,
request.authInfo,
path,
null);
......
break;
}
......
}
} catch (SessionMovedException e) {
......
} catch (KeeperException e) {
err = e.code();
} catch (Exception e) {
......
}
{code}
if we add audit log after the process of request like below, the log info maybe
more accurate.
{code:java}
Code err = Code.OK;
try {
......
} catch (SessionMovedException e) {
......
} catch (KeeperException e) {
err = e.code();
} catch (Exception e) {
......
}
if (err == Code.OK) {
AuditHelper.addAuditLog(request, rc, false);
} else {
AuditHelper.addAuditLog(request, rc, true);
}
{code}
was:
FinalRequestProcessor addAuditLog before the process of request and make
failedTxn=false, but I think failedTxn should be true if the request can not
pass the checkACL and throw KeeperException.
{code:java}
@param failedTxn whether audit is being done failed transaction for normal
transaction
public void processRequest(Request request) {
......
try {
......
AuditHelper.addAuditLog(request, rc);
switch (request.type) {
......
case OpCode.getAllChildrenNumber: {
lastOp = "GETACN";
......
zks.checkACL(
request.cnxn,
zks.getZKDatabase().aclForNode(n),
ZooDefs.Perms.READ,
request.authInfo,
path,
null);
......
break;
}
......
}
} catch (SessionMovedException e) {
......
} catch (KeeperException e) {
err = e.code();
} catch (Exception e) {
......
}
{code}
if we add audit log after the process of request like below, the log info maybe
more accurate.
{code:java}
} catch (SessionMovedException e) {
......
} catch (KeeperException e) {
err = e.code();
} catch (Exception e) {
......
}
if (err == Code.OK) {
AuditHelper.addAuditLog(request, rc, false);
} else {
AuditHelper.addAuditLog(request, rc, true);
}
{code}
> FinalRequestProcessor addAuditLog after the process of request maybe better.
> ----------------------------------------------------------------------------
>
> Key: ZOOKEEPER-4648
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-4648
> Project: ZooKeeper
> Issue Type: Bug
> Reporter: Beibei Zhao
> Priority: Major
>
> FinalRequestProcessor addAuditLog before the process of request and make
> failedTxn=false, but I think failedTxn should be true if the request can not
> pass the checkACL and throw KeeperException.
> {code:java}
> @param failedTxn whether audit is being done failed transaction for normal
> transaction
> public void processRequest(Request request) {
> ......
> Code err = Code.OK;
> try {
> ......
> AuditHelper.addAuditLog(request, rc);
> switch (request.type) {
> ......
> case OpCode.getAllChildrenNumber: {
> lastOp = "GETACN";
> ......
> zks.checkACL(
> request.cnxn,
> zks.getZKDatabase().aclForNode(n),
> ZooDefs.Perms.READ,
> request.authInfo,
> path,
> null);
> ......
> break;
> }
> ......
> }
> } catch (SessionMovedException e) {
> ......
> } catch (KeeperException e) {
> err = e.code();
> } catch (Exception e) {
> ......
> }
> {code}
> if we add audit log after the process of request like below, the log info
> maybe more accurate.
> {code:java}
> Code err = Code.OK;
> try {
> ......
> } catch (SessionMovedException e) {
> ......
> } catch (KeeperException e) {
> err = e.code();
> } catch (Exception e) {
> ......
> }
> if (err == Code.OK) {
> AuditHelper.addAuditLog(request, rc, false);
> } else {
> AuditHelper.addAuditLog(request, rc, true);
> }
> {code}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
