https://fedorahosted.org/pki/ticket/2335
Ticket #2335 Missing activity logs when formatting/enrolling unknown token This patch adds activity logs for adding unknown token during format or enrollment
thanks, Christina
>From 844c5c03d5981f6c881bb82f114c72e335478b44 Mon Sep 17 00:00:00 2001 From: Christina Fu <c...@redhat.com> Date: Fri, 3 Jun 2016 17:26:47 -0700 Subject: [PATCH] Ticket #2335 Missing activity logs when formatting/enrolling unknown token This patch adds activity logs for adding unknown token during format or enrollment --- base/tps/src/org/dogtagpki/server/tps/TPSTokendb.java | 11 +++++------ .../server/tps/processor/TPSEnrollProcessor.java | 18 ++++++++++-------- .../server/tps/processor/TPSPinResetProcessor.java | 7 ++++--- .../dogtagpki/server/tps/processor/TPSProcessor.java | 17 ++++++++++++++--- 4 files changed, 33 insertions(+), 20 deletions(-) diff --git a/base/tps/src/org/dogtagpki/server/tps/TPSTokendb.java b/base/tps/src/org/dogtagpki/server/tps/TPSTokendb.java index ed7e022faf7d85bee8e53ebe37b35a16b713bde5..e9190d09a6fd48e34a15ce761fa0aec201db9c30 100644 --- a/base/tps/src/org/dogtagpki/server/tps/TPSTokendb.java +++ b/base/tps/src/org/dogtagpki/server/tps/TPSTokendb.java @@ -180,19 +180,18 @@ public class TPSTokendb { public void tdbUpdateTokenEntry(TokenRecord tokenRecord) throws Exception { + String method = "TPSTokendb.tdbUpdateTokenEntry:"; String id = tokenRecord.getId(); TokenRecord existingTokenRecord; try { existingTokenRecord = tps.tokenDatabase.getRecord(id); } catch (EDBRecordNotFoundException e) { - CMS.debug("TPSTokendb.tdbUpdateTokenEntry: " + e); - CMS.debug("TPSTokendb.tdbUpdateTokenEntry: Adding token " + id); - // add and exit - tdbAddTokenEntry(tokenRecord, TokenStatus.FORMATTED); - return; + String logMsg = method + e; + CMS.debug(logMsg); + throw new TPSException(logMsg, TPSStatus.STATUS_ERROR_CONTACT_ADMIN); } // token found; modify - CMS.debug("TPSTokendb.tdbUpdateTokenEntry: token entry found; Modifying with status: " + tokenRecord.getTokenStatus()); + CMS.debug(method + " token entry found; Modifying with status: " + tokenRecord.getTokenStatus()); // don't change the create time of an existing token record; put it back tokenRecord.setCreateTimestamp(existingTokenRecord.getCreateTimestamp()); tps.tokenDatabase.updateRecord(id, tokenRecord); diff --git a/base/tps/src/org/dogtagpki/server/tps/processor/TPSEnrollProcessor.java b/base/tps/src/org/dogtagpki/server/tps/processor/TPSEnrollProcessor.java index 24b2dbf8200ae32dc4627e1fed6e9c5af64b187f..4182cc1c879f69b8200c90586fdd4a13d23ec6c5 100644 --- a/base/tps/src/org/dogtagpki/server/tps/processor/TPSEnrollProcessor.java +++ b/base/tps/src/org/dogtagpki/server/tps/processor/TPSEnrollProcessor.java @@ -366,13 +366,14 @@ public class TPSEnrollProcessor extends TPSProcessor { pkcs11objx.setCUID(appletInfo.getCUID()); + logMsg = "add token during enrollment"; if (!isTokenPresent) { try { - tps.tdb.tdbAddTokenEntry(tokenRecord, TokenStatus.FORMATTED); + tps.tdb.tdbAddTokenEntry(tokenRecord, TokenStatus.UNFORMATTED); + tps.tdb.tdbActivity(ActivityDatabase.OP_ADD, tokenRecord, session.getIpAddress(), logMsg, "success"); } catch (Exception e) { - String failMsg = "add token failure"; - logMsg = failMsg + ":" + e.toString(); - tps.tdb.tdbActivity(ActivityDatabase.OP_ENROLLMENT, tokenRecord, session.getIpAddress(), logMsg, + logMsg = logMsg + ":" + e.toString(); + tps.tdb.tdbActivity(ActivityDatabase.OP_ADD, tokenRecord, session.getIpAddress(), logMsg, "failure"); throw new TPSException(logMsg); } @@ -397,6 +398,7 @@ public class TPSEnrollProcessor extends TPSProcessor { } //most failed would have thrown an exception + logMsg = " generateCertsAfterRenewalRecoveryPolicy returned status=" + status; String statusString = "Unknown"; // gives some meaningful debug message if (status == TPSStatus.STATUS_NO_ERROR) statusString = "Enrollment to follow"; @@ -409,7 +411,6 @@ public class TPSEnrollProcessor extends TPSProcessor { renewed = true; tps.tdb.tdbActivity(ActivityDatabase.OP_RENEWAL, tokenRecord, session.getIpAddress(), logMsg, "success"); } else { - logMsg = " generateCertsAfterRenewalRecoveryPolicy returned status=" + status; CMS.debug(method + logMsg); tps.tdb.tdbActivity(ActivityDatabase.OP_ENROLLMENT, tokenRecord, session.getIpAddress(), logMsg, "failure"); @@ -536,13 +537,14 @@ public class TPSEnrollProcessor extends TPSProcessor { statusUpdate(99, "PROGRESS_SET_LIFECYCLE"); channel.setLifeycleState((byte) 0x0f); + logMsg = "update token during enrollment"; try { tokenRecord.setTokenStatus(TokenStatus.ACTIVE); tps.tdb.tdbUpdateTokenEntry(tokenRecord); + tps.tdb.tdbActivity(ActivityDatabase.OP_TOKEN_MODIFY, tokenRecord, session.getIpAddress(), logMsg, "success"); } catch (Exception e) { - String failMsg = "update token failure"; - logMsg = failMsg + ":" + e.toString(); - tps.tdb.tdbActivity(ActivityDatabase.OP_ENROLLMENT, tokenRecord, session.getIpAddress(), logMsg, + logMsg = logMsg + ":" + e.toString(); + tps.tdb.tdbActivity(ActivityDatabase.OP_TOKEN_MODIFY, tokenRecord, session.getIpAddress(), logMsg, "failure"); throw new TPSException(logMsg); } diff --git a/base/tps/src/org/dogtagpki/server/tps/processor/TPSPinResetProcessor.java b/base/tps/src/org/dogtagpki/server/tps/processor/TPSPinResetProcessor.java index d9a79f4f024f701641252da2b13ff69b5735db1b..1dd5d2f8490cb7c77ec70cefc49bd4b55cac549d 100644 --- a/base/tps/src/org/dogtagpki/server/tps/processor/TPSPinResetProcessor.java +++ b/base/tps/src/org/dogtagpki/server/tps/processor/TPSPinResetProcessor.java @@ -153,13 +153,14 @@ public class TPSPinResetProcessor extends TPSProcessor { auditPinReset(session.getIpAddress(), userid, appletInfo, "success", channel.getKeyInfoData().toHexStringPlain(), null); + logMsg = "update token during pin reset"; try { tps.tdb.tdbUpdateTokenEntry(tokenRecord); + tps.tdb.tdbActivity(ActivityDatabase.OP_TOKEN_MODIFY, tokenRecord, session.getIpAddress(), logMsg, "success"); CMS.debug(method + ": token record updated!"); } catch (Exception e) { - String failMsg = "update token failure"; - logMsg = failMsg + ":" + e.toString(); - tps.tdb.tdbActivity(ActivityDatabase.OP_PIN_RESET, tokenRecord, session.getIpAddress(), logMsg, + logMsg = logMsg + ":" + e.toString(); + tps.tdb.tdbActivity(ActivityDatabase.OP_TOKEN_MODIFY, tokenRecord, session.getIpAddress(), logMsg, "failure"); throw new TPSException(logMsg); } diff --git a/base/tps/src/org/dogtagpki/server/tps/processor/TPSProcessor.java b/base/tps/src/org/dogtagpki/server/tps/processor/TPSProcessor.java index 26c438b3a365525a7d366b859786ef5d1506ef0e..d6133793f00b76f70b845ac447a39c973808775e 100644 --- a/base/tps/src/org/dogtagpki/server/tps/processor/TPSProcessor.java +++ b/base/tps/src/org/dogtagpki/server/tps/processor/TPSProcessor.java @@ -2120,6 +2120,16 @@ public class TPSProcessor { } } else { CMS.debug("TPSProcessor.format: token does not exist"); + logMsg = "add token during format"; + try { + tps.tdb.tdbAddTokenEntry(tokenRecord, TokenStatus.UNFORMATTED); + tps.tdb.tdbActivity(ActivityDatabase.OP_ADD, tokenRecord, session.getIpAddress(), logMsg, "success"); + } catch (Exception e) { + logMsg = logMsg + ":" + e.toString(); + tps.tdb.tdbActivity(ActivityDatabase.OP_ADD, tokenRecord, session.getIpAddress(), logMsg, + "failure"); + throw new TPSException(logMsg); + } checkAllowUnknownToken(TPSEngine.OP_FORMAT_PREFIX); } @@ -2205,12 +2215,13 @@ public class TPSProcessor { // Update Token DB tokenRecord.setTokenStatus(TokenStatus.FORMATTED); + logMsg = "update token during format"; try { tps.tdb.tdbUpdateTokenEntry(tokenRecord); + tps.tdb.tdbActivity(ActivityDatabase.OP_TOKEN_MODIFY, tokenRecord, session.getIpAddress(), logMsg, "success"); } catch (Exception e) { - String failMsg = "update token failure"; - logMsg = failMsg + ":" + e.toString(); - tps.tdb.tdbActivity(ActivityDatabase.OP_FORMAT, tokenRecord, session.getIpAddress(), failMsg, + logMsg = logMsg + ":" + e.toString(); + tps.tdb.tdbActivity(ActivityDatabase.OP_TOKEN_MODIFY, tokenRecord, session.getIpAddress(), logMsg, "failure"); throw new TPSException(logMsg, TPSStatus.STATUS_ERROR_CONTACT_ADMIN); -- 2.4.3
_______________________________________________ Pki-devel mailing list Pki-devel@redhat.com https://www.redhat.com/mailman/listinfo/pki-devel