Refactor and cleanup
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/1b1b3bc6 Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/1b1b3bc6 Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/1b1b3bc6 Branch: refs/heads/audit_logging Commit: 1b1b3bc6e49a0791ae4525a92c7b0e5b467ff102 Parents: 5e0e6a2 Author: Daniel Gergely <dgerg...@hortonworks.com> Authored: Tue Mar 1 17:06:11 2016 +0100 Committer: Toader, Sebastian <stoa...@hortonworks.com> Committed: Thu Mar 24 13:06:48 2016 +0100 ---------------------------------------------------------------------- .../actionmanager/ActionDBAccessorImpl.java | 6 +- .../ambari/server/api/services/BaseService.java | 2 +- .../server/api/services/LogoutService.java | 2 +- .../ambari/server/audit/AbstractAuditEvent.java | 139 -------------- .../audit/AbstractAuthorizationEvent.java | 83 --------- .../server/audit/AbstractLoginAuditEvent.java | 38 ---- .../audit/AbstractStartOperationAuditEvent.java | 63 ------- .../server/audit/AbstractUserAuditEvent.java | 83 --------- .../audit/AccessUnauthorizedAuditEvent.java | 70 ------- .../apache/ambari/server/audit/AuditEvent.java | 42 ----- .../ambari/server/audit/AuditEventBuilder.java | 32 ---- .../apache/ambari/server/audit/AuditLogger.java | 6 +- .../server/audit/AuditLoggerDefaultImpl.java | 5 +- .../ambari/server/audit/AuditLoggerModule.java | 5 +- .../server/audit/BufferedAuditLogger.java | 7 +- .../server/audit/LoginFailedAuditEvent.java | 92 ---------- .../server/audit/LoginSucceededAuditEvent.java | 98 ---------- .../ambari/server/audit/LogoutAuditEvent.java | 64 ------- .../server/audit/OperationStatusAuditEvent.java | 104 ----------- .../audit/StartOperationFailedAuditEvent.java | 87 --------- .../StartOperationSucceededAuditEvent.java | 88 --------- .../server/audit/TaskStatusAuditEvent.java | 144 --------------- .../server/audit/event/AbstractAuditEvent.java | 144 +++++++++++++++ .../audit/event/AbstractUserAuditEvent.java | 86 +++++++++ .../event/AccessUnauthorizedAuditEvent.java | 90 +++++++++ .../ambari/server/audit/event/AuditEvent.java | 58 ++++++ .../server/audit/event/LoginAuditEvent.java | 119 ++++++++++++ .../server/audit/event/LogoutAuditEvent.java | 67 +++++++ .../audit/event/OperationStatusAuditEvent.java | 105 +++++++++++ .../audit/event/StartOperationAuditEvent.java | 115 ++++++++++++ .../audit/event/TaskStatusAuditEvent.java | 145 +++++++++++++++ .../kerberos/AbstractKerberosAuditEvent.java | 77 ++++++++ .../ChangeSecurityStateKerberosAuditEvent.java | 100 ++++++++++ .../CreateKeyTabKerberosAuditEvent.java | 96 ++++++++++ .../CreatePrincipalKerberosAuditEvent.java | 73 ++++++++ .../DestroyPrincipalKerberosAuditEvent.java | 74 ++++++++ .../audit/event/request/RequestAuditEvent.java | 145 +++++++++++++++ .../event/request/RequestAuditEventCreator.java | 59 ++++++ .../audit/event/request/RequestAuditLogger.java | 36 ++++ .../event/request/RequestAuditLoggerImpl.java | 146 +++++++++++++++ .../event/ActivateUserRequestAuditEvent.java | 89 +++++++++ .../event/AddAlertGroupRequestAuditEvent.java | 98 ++++++++++ .../event/AddAlertTargetRequestAuditEvent.java | 134 ++++++++++++++ .../event/AddBlueprintRequestAuditEvent.java | 79 ++++++++ .../AddComponentToHostRequestAuditEvent.java | 85 +++++++++ .../event/AddCredentialRequestAuditEvent.java | 104 +++++++++++ .../request/event/AddHostRequestAuditEvent.java | 77 ++++++++ .../event/AddRepositoryRequestAuditEvent.java | 113 ++++++++++++ .../AddRepositoryVersionRequestAuditEvent.java | 131 +++++++++++++ .../event/AddRequestRequestAuditEvent.java | 86 +++++++++ .../event/AddUpgradeRequestAuditEvent.java | 94 ++++++++++ .../event/AddUserToGroupRequestAuditEvent.java | 85 +++++++++ .../event/AddViewInstanceRequestAuditEvent.java | 113 ++++++++++++ .../event/AdminUserRequestAuditEvent.java | 89 +++++++++ .../event/BlueprintExportRequestAuditEvent.java | 66 +++++++ .../ChangeAlertGroupRequestAuditEvent.java | 98 ++++++++++ .../ChangeAlertTargetRequestAuditEvent.java | 134 ++++++++++++++ ...hangeRepositoryVersionRequestAuditEvent.java | 131 +++++++++++++ .../ChangeViewInstanceRequestAuditEvent.java | 113 ++++++++++++ .../ClientConfigDownloadRequestAuditEvent.java | 88 +++++++++ .../ClusterNameChangeRequestAuditEvent.java | 91 ++++++++++ ...ClusterPrivilegeChangeRequestAuditEvent.java | 111 +++++++++++ .../ConfigurationChangeRequestAuditEvent.java | 92 ++++++++++ .../event/CreateGroupRequestAuditEvent.java | 79 ++++++++ .../event/CreateUserRequestAuditEvent.java | 98 ++++++++++ .../DeleteAlertGroupRequestAuditEvent.java | 77 ++++++++ .../DeleteAlertTargetRequestAuditEvent.java | 77 ++++++++ .../event/DeleteBlueprintRequestAuditEvent.java | 79 ++++++++ .../event/DeleteGroupRequestAuditEvent.java | 79 ++++++++ .../event/DeleteHostRequestAuditEvent.java | 79 ++++++++ ...eleteRepositoryVersionRequestAuditEvent.java | 95 ++++++++++ .../event/DeleteServiceRequestAuditEvent.java | 79 ++++++++ .../event/DeleteUserRequestAuditEvent.java | 79 ++++++++ .../DeleteViewInstanceRequestAuditEvent.java | 95 ++++++++++ .../MembershipChangeRequestAuditEvent.java | 96 ++++++++++ .../event/PrivilegeChangeRequestAuditEvent.java | 98 ++++++++++ .../RemoveUserFromGroupRequestAuditEvent.java | 85 +++++++++ .../UpdateRepositoryRequestAuditEvent.java | 113 ++++++++++++ .../UpdateUpgradeItemRequestAuditEvent.java | 94 ++++++++++ .../UserPasswordChangeRequestAuditEvent.java | 79 ++++++++ .../ViewPrivilegeChangeRequestAuditEvent.java | 141 ++++++++++++++ .../eventcreator/AlertGroupEventCreator.java | 152 ++++++++++++++++ .../eventcreator/AlertTargetEventCreator.java | 150 +++++++++++++++ .../eventcreator/BlueprintEventCreator.java | 107 +++++++++++ .../BlueprintExportEventCreator.java | 91 ++++++++++ .../eventcreator/ComponentEventCreator.java | 176 ++++++++++++++++++ .../ConfigurationChangeEventCreator.java | 134 ++++++++++++++ .../eventcreator/CredentialEventCreator.java | 102 +++++++++++ .../eventcreator/DefaultEventCreator.java | 95 ++++++++++ .../request/eventcreator/GroupEventCreator.java | 117 ++++++++++++ .../request/eventcreator/HostEventCreator.java | 156 ++++++++++++++++ .../eventcreator/MemberEventCreator.java | 154 ++++++++++++++++ .../eventcreator/PrivilegeEventCreator.java | 139 ++++++++++++++ .../RecommendationIgnoreEventCreator.java | 77 ++++++++ .../eventcreator/RepositoryEventCreator.java | 124 +++++++++++++ .../RepositoryVersionEventCreator.java | 181 ++++++++++++++++++ .../eventcreator/RequestEventCreator.java | 103 +++++++++++ .../ServiceConfigDownloadEventCreator.java | 90 +++++++++ .../eventcreator/ServiceEventCreator.java | 167 +++++++++++++++++ .../eventcreator/UnauthorizedEventCreator.java | 72 ++++++++ .../eventcreator/UpgradeEventCreator.java | 101 ++++++++++ .../eventcreator/UpgradeItemEventCreator.java | 101 ++++++++++ .../request/eventcreator/UserEventCreator.java | 180 ++++++++++++++++++ .../ValidationIgnoreEventCreator.java | 77 ++++++++ .../eventcreator/ViewInstanceEventCreator.java | 142 +++++++++++++++ .../eventcreator/ViewPrivilegeEventCreator.java | 130 +++++++++++++ .../kerberos/AbstractKerberosAuditEvent.java | 76 -------- .../ChangeSecurityStateKerberosAuditEvent.java | 99 ---------- .../CreateKeyTabKerberosAuditEvent.java | 95 ---------- .../CreatePrincipalKerberosAuditEvent.java | 72 -------- .../DestroyPrincipalKerberosAuditEvent.java | 73 -------- .../server/audit/request/RequestAuditEvent.java | 139 -------------- .../audit/request/RequestAuditEventCreator.java | 59 ------ .../audit/request/RequestAuditLogger.java | 36 ---- .../audit/request/RequestAuditLoggerImpl.java | 147 --------------- .../event/ActivateUserRequestAuditEvent.java | 87 --------- .../event/AddAlertGroupRequestAuditEvent.java | 96 ---------- .../event/AddAlertTargetRequestAuditEvent.java | 134 -------------- .../event/AddBlueprintRequestAuditEvent.java | 77 -------- .../AddComponentToHostRequestAuditEvent.java | 83 --------- .../event/AddCredentialRequestAuditEvent.java | 105 ----------- .../request/event/AddHostRequestAuditEvent.java | 75 -------- .../event/AddRepositoryRequestAuditEvent.java | 111 ----------- .../AddRepositoryVersionRequestAuditEvent.java | 129 ------------- .../event/AddRequestRequestAuditEvent.java | 84 --------- .../event/AddUpgradeRequestAuditEvent.java | 92 ---------- .../event/AddUserToGroupRequestAuditEvent.java | 83 --------- .../event/AddViewInstanceRequestAuditEvent.java | 111 ----------- .../event/AdminUserRequestAuditEvent.java | 87 --------- .../event/BlueprintExportRequestAuditEvent.java | 64 ------- .../ChangeAlertGroupRequestAuditEvent.java | 96 ---------- .../ChangeAlertTargetRequestAuditEvent.java | 134 -------------- ...hangeRepositoryVersionRequestAuditEvent.java | 129 ------------- .../ChangeViewInstanceRequestAuditEvent.java | 111 ----------- .../ClientConfigDownloadRequestAuditEvent.java | 86 --------- .../ClusterNameChangeRequestAuditEvent.java | 89 --------- ...ClusterPrivilegeChangeRequestAuditEvent.java | 109 ----------- .../ConfigurationChangeRequestAuditEvent.java | 90 --------- .../event/CreateGroupRequestAuditEvent.java | 77 -------- .../event/CreateUserRequestAuditEvent.java | 96 ---------- .../DeleteAlertGroupRequestAuditEvent.java | 75 -------- .../DeleteAlertTargetRequestAuditEvent.java | 75 -------- .../event/DeleteBlueprintRequestAuditEvent.java | 77 -------- .../event/DeleteGroupRequestAuditEvent.java | 77 -------- .../event/DeleteHostRequestAuditEvent.java | 77 -------- ...eleteRepositoryVersionRequestAuditEvent.java | 93 ---------- .../event/DeleteServiceRequestAuditEvent.java | 77 -------- .../event/DeleteUserRequestAuditEvent.java | 77 -------- .../DeleteViewInstanceRequestAuditEvent.java | 93 ---------- .../MembershipChangeRequestAuditEvent.java | 94 ---------- .../event/PrivilegeChangeRequestAuditEvent.java | 96 ---------- .../RemoveUserFromGroupRequestAuditEvent.java | 83 --------- .../UpdateRepositoryRequestAuditEvent.java | 111 ----------- .../UpdateUpgradeItemRequestAuditEvent.java | 92 ---------- .../UserPasswordChangeRequestAuditEvent.java | 77 -------- .../ViewPrivilegeChangeRequestAuditEvent.java | 139 -------------- .../eventcreator/AlertGroupEventCreator.java | 152 ---------------- .../eventcreator/AlertTargetEventCreator.java | 150 --------------- .../eventcreator/BlueprintEventCreator.java | 107 ----------- .../BlueprintExportEventCreator.java | 91 ---------- .../eventcreator/ComponentEventCreator.java | 174 ------------------ .../ConfigurationChangeEventCreator.java | 134 -------------- .../eventcreator/CredentialEventCreator.java | 103 ----------- .../eventcreator/DefaultEventCreator.java | 94 ---------- .../request/eventcreator/GroupEventCreator.java | 117 ------------ .../request/eventcreator/HostEventCreator.java | 149 --------------- .../eventcreator/MemberEventCreator.java | 154 ---------------- .../eventcreator/PrivilegeEventCreator.java | 139 -------------- .../RecommendationIgnoreEventCreator.java | 77 -------- .../eventcreator/RepositoryEventCreator.java | 124 ------------- .../RepositoryVersionEventCreator.java | 182 ------------------- .../eventcreator/RequestEventCreator.java | 101 ---------- .../ServiceConfigDownloadEventCreator.java | 90 --------- .../eventcreator/ServiceEventCreator.java | 165 ----------------- .../eventcreator/UnauthorizedEventCreator.java | 73 -------- .../eventcreator/UpgradeEventCreator.java | 105 ----------- .../eventcreator/UpgradeItemEventCreator.java | 102 ----------- .../request/eventcreator/UserEventCreator.java | 180 ------------------ .../ValidationIgnoreEventCreator.java | 77 -------- .../eventcreator/ViewInstanceEventCreator.java | 142 --------------- .../eventcreator/ViewPrivilegeEventCreator.java | 130 ------------- .../ambari/server/controller/AmbariServer.java | 2 +- .../server/controller/ControllerModule.java | 56 +++--- .../AmbariAuthenticationFilter.java | 15 +- .../AmbariAuthorizationFilter.java | 10 +- .../serveraction/AbstractServerAction.java | 3 +- .../kerberos/CreateKeytabFilesServerAction.java | 3 +- .../kerberos/CreatePrincipalsServerAction.java | 2 +- .../kerberos/DestroyPrincipalsServerAction.java | 2 +- .../kerberos/FinalizeKerberosServerAction.java | 2 +- .../server/api/services/BaseServiceTest.java | 8 +- .../audit/AccessUnauthorizedAuditEventTest.java | 3 +- .../server/audit/BufferedAuditLoggerTest.java | 2 + .../server/audit/LoginAuditEventTest.java | 119 ++++++++++++ .../server/audit/LoginFailedAuditEventTest.java | 75 -------- .../audit/LoginSucceededAuditEventTest.java | 89 --------- .../server/audit/LogoutAuditEventTest.java | 4 +- .../audit/OperationStatusAuditEventTest.java | 1 + .../audit/StartOperationAuditEventTest.java | 80 ++++++++ .../StartOperationFailedAuditEventTest.java | 77 -------- .../StartOperationSucceededAuditEventTest.java | 78 -------- .../audit/request/AbstractBaseCreator.java | 3 +- .../audit/request/DefaultEventCreatorTest.java | 9 +- .../audit/request/RequestAuditLogModule.java | 3 + .../audit/request/RequestAuditLoggerTest.java | 3 +- .../AmbariAuthenticationFilterTest.java | 2 +- 206 files changed, 9057 insertions(+), 9386 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ambari/blob/1b1b3bc6/ambari-server/src/main/java/org/apache/ambari/server/actionmanager/ActionDBAccessorImpl.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/actionmanager/ActionDBAccessorImpl.java b/ambari-server/src/main/java/org/apache/ambari/server/actionmanager/ActionDBAccessorImpl.java index 1105f74..c2be6a7 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/actionmanager/ActionDBAccessorImpl.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/actionmanager/ActionDBAccessorImpl.java @@ -35,10 +35,10 @@ import org.apache.ambari.annotations.TransactionalLock.LockType; import org.apache.ambari.server.AmbariException; import org.apache.ambari.server.agent.CommandReport; import org.apache.ambari.server.agent.ExecutionCommand; -import org.apache.ambari.server.audit.AuditEvent; +import org.apache.ambari.server.audit.event.AuditEvent; import org.apache.ambari.server.audit.AuditLogger; -import org.apache.ambari.server.audit.OperationStatusAuditEvent; -import org.apache.ambari.server.audit.TaskStatusAuditEvent; +import org.apache.ambari.server.audit.event.OperationStatusAuditEvent; +import org.apache.ambari.server.audit.event.TaskStatusAuditEvent; import org.apache.ambari.server.configuration.Configuration; import org.apache.ambari.server.controller.internal.CalculatedStatus; import org.apache.ambari.server.events.HostRemovedEvent; http://git-wip-us.apache.org/repos/asf/ambari/blob/1b1b3bc6/ambari-server/src/main/java/org/apache/ambari/server/api/services/BaseService.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/api/services/BaseService.java b/ambari-server/src/main/java/org/apache/ambari/server/api/services/BaseService.java index 4f2359a..cbdd96d 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/api/services/BaseService.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/api/services/BaseService.java @@ -27,7 +27,7 @@ import org.apache.ambari.server.api.services.parsers.RequestBodyParser; import org.apache.ambari.server.api.services.serializers.CsvSerializer; import org.apache.ambari.server.api.services.serializers.JsonSerializer; import org.apache.ambari.server.api.services.serializers.ResultSerializer; -import org.apache.ambari.server.audit.request.RequestAuditLogger; +import org.apache.ambari.server.audit.event.request.RequestAuditLogger; import org.apache.ambari.server.controller.spi.Resource; import org.apache.ambari.server.utils.RetryHelper; import org.eclipse.jetty.util.ajax.JSON; http://git-wip-us.apache.org/repos/asf/ambari/blob/1b1b3bc6/ambari-server/src/main/java/org/apache/ambari/server/api/services/LogoutService.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/api/services/LogoutService.java b/ambari-server/src/main/java/org/apache/ambari/server/api/services/LogoutService.java index 6ff34b4..b07c4b0 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/api/services/LogoutService.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/api/services/LogoutService.java @@ -25,7 +25,7 @@ import javax.ws.rs.core.Context; import javax.ws.rs.core.Response; import org.apache.ambari.server.audit.AuditLogger; -import org.apache.ambari.server.audit.LogoutAuditEvent; +import org.apache.ambari.server.audit.event.LogoutAuditEvent; import org.apache.ambari.server.security.authorization.AuthorizationHelper; import org.apache.ambari.server.utils.RequestUtils; http://git-wip-us.apache.org/repos/asf/ambari/blob/1b1b3bc6/ambari-server/src/main/java/org/apache/ambari/server/audit/AbstractAuditEvent.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/AbstractAuditEvent.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/AbstractAuditEvent.java deleted file mode 100644 index d3c7be3..0000000 --- a/ambari-server/src/main/java/org/apache/ambari/server/audit/AbstractAuditEvent.java +++ /dev/null @@ -1,139 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.ambari.server.audit; - - -import org.apache.commons.lang.builder.EqualsBuilder; -import org.apache.commons.lang.builder.HashCodeBuilder; -import org.joda.time.DateTime; - -/** - * Base class for concrete audit event types. - */ -public abstract class AbstractAuditEvent implements AuditEvent { - - private final DateTime timestamp; - - private final String auditMessage; - - /** - * Base class for concrete audit event builders. - * @param <T> the type of the concrete audit event built by this builder - * @param <TBuilder> the type of the concrete audit event builder. - */ - protected static abstract class AbstractAuditEventBuilder<T extends AbstractAuditEvent, TBuilder extends AbstractAuditEventBuilder<T, TBuilder>> - implements AuditEventBuilder<T> { - - private DateTime timestamp; - private String auditMessage; - - - /** - * Creates a new audit event instance from this builder. - * @return the build audit event instance. - */ - protected abstract T newAuditEvent(); - - /** - * Appends details from this builder to the detailed description of the audit event. - * @param builder builder for the audit event details. - */ - protected abstract void buildAuditMessage(StringBuilder builder); - - - /** - * The timestamp of the audit event. - * @param timestamp - * @return - */ - public TBuilder withTimestamp(DateTime timestamp) { - this.timestamp = timestamp; - - return (TBuilder)this; - } - - /** - * {@inheritDoc} - */ - @Override - public final T build() { - final StringBuilder auditMessageBuilder = new StringBuilder(); - - buildAuditMessage(auditMessageBuilder); - auditMessage = auditMessageBuilder.toString(); - - return newAuditEvent(); - } - - } - - - protected AbstractAuditEvent() { - this.timestamp = null; - this.auditMessage = null; - } - - /** - * Constructor. Initializes fields using the provided builder. - * @param builder - */ - protected AbstractAuditEvent(AbstractAuditEventBuilder<?, ?> builder) { - timestamp = builder.timestamp; - auditMessage = builder.auditMessage; - } - - /** - * {@inheritDoc} - */ - @Override - public DateTime getTimestamp() { - return timestamp; - } - - - /** - * {@inheritDoc} - */ - @Override - public String getAuditMessage() { - return auditMessage; - } - - @Override - public final boolean equals(Object o) { - if (this == o) return true; - - if (!(o instanceof AbstractAuditEvent)) return false; - - AbstractAuditEvent that = (AbstractAuditEvent) o; - - return new EqualsBuilder() - .append(getTimestamp(), that.getTimestamp()) - .append(getAuditMessage(), that.getAuditMessage()) - .isEquals(); - } - - @Override - public final int hashCode() { - return new HashCodeBuilder(17, 37) - .append(getTimestamp()) - .append(getAuditMessage()) - .toHashCode(); - } -} http://git-wip-us.apache.org/repos/asf/ambari/blob/1b1b3bc6/ambari-server/src/main/java/org/apache/ambari/server/audit/AbstractAuthorizationEvent.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/AbstractAuthorizationEvent.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/AbstractAuthorizationEvent.java deleted file mode 100644 index 716fa16..0000000 --- a/ambari-server/src/main/java/org/apache/ambari/server/audit/AbstractAuthorizationEvent.java +++ /dev/null @@ -1,83 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.ambari.server.audit; - -/** - * Base class for authorization related audit events. - */ -public abstract class AbstractAuthorizationEvent extends AbstractUserAuditEvent { - - static abstract class AbstractAuthorizationEventBuilder<T extends AbstractAuthorizationEvent, TBuilder extends AbstractAuthorizationEventBuilder<T, TBuilder>> - extends AbstractUserAuditEventBuilder<T, TBuilder> { - - private String httpMethodName; - private String resourcePath; - - /** - * Appends the audit event details the HTTP method and - * the path of the resource being accessed. - * @param builder builder for the audit event details. - */ - @Override - protected void buildAuditMessage(StringBuilder builder) { - super.buildAuditMessage(builder); - - builder - .append(", Operation(") - .append(this.httpMethodName) - .append("), ResourcePath(") - .append(this.resourcePath) - .append(")"); - } - - /** - * Sets the HTTP method of the request. - * @param httpMethodName HTTP method of the request (GET/PUT/POST/DELETE) - * @return this builder - */ - public TBuilder withHttpMethodName(String httpMethodName) { - this.httpMethodName = httpMethodName; - return (TBuilder) this; - } - - /** - * Sets the path being accessed. - * @param resourcePath the path of the resource being accessed. - * @return this builder - */ - public TBuilder withResourcePath(String resourcePath) { - this.resourcePath = resourcePath; - return (TBuilder) this; - } - - - } - - /** - * Constructor. - */ - protected AbstractAuthorizationEvent() {} - - /** - * {@inheritDoc} - */ - protected AbstractAuthorizationEvent(AbstractAuthorizationEventBuilder<?, ?> builder) { - super(builder); - } -} http://git-wip-us.apache.org/repos/asf/ambari/blob/1b1b3bc6/ambari-server/src/main/java/org/apache/ambari/server/audit/AbstractLoginAuditEvent.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/AbstractLoginAuditEvent.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/AbstractLoginAuditEvent.java deleted file mode 100644 index 2b8cb31..0000000 --- a/ambari-server/src/main/java/org/apache/ambari/server/audit/AbstractLoginAuditEvent.java +++ /dev/null @@ -1,38 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.ambari.server.audit; - -/** - * Base class for login related audit events. - */ -public abstract class AbstractLoginAuditEvent extends AbstractUserAuditEvent { - - static abstract class AbstractLoginAuditEventBuilder<T extends AbstractLoginAuditEvent, TBuilder extends AbstractLoginAuditEventBuilder<T, TBuilder>> - extends AbstractUserAuditEventBuilder<T, TBuilder> { - } - - protected AbstractLoginAuditEvent() {} - - /** - * {@inheritDoc} - */ - protected AbstractLoginAuditEvent(AbstractUserAuditEventBuilder<?, ?> builder) { - super(builder); - } -} http://git-wip-us.apache.org/repos/asf/ambari/blob/1b1b3bc6/ambari-server/src/main/java/org/apache/ambari/server/audit/AbstractStartOperationAuditEvent.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/AbstractStartOperationAuditEvent.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/AbstractStartOperationAuditEvent.java deleted file mode 100644 index 6399720..0000000 --- a/ambari-server/src/main/java/org/apache/ambari/server/audit/AbstractStartOperationAuditEvent.java +++ /dev/null @@ -1,63 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.ambari.server.audit; - -/** - * Base class for start operation audit events. - */ -public class AbstractStartOperationAuditEvent extends AbstractUserAuditEvent { - static abstract class AbstractStartOperationAuditEventBuilder<T extends AbstractStartOperationAuditEvent, TBuilder extends AbstractStartOperationAuditEventBuilder<T, TBuilder>> - extends AbstractUserAuditEventBuilder<T, TBuilder> { - - private String operation; - - /** - * Appends to the event the details of the incoming request. - * @param builder builder for the audit event details. - */ - @Override - protected void buildAuditMessage(StringBuilder builder) { - super.buildAuditMessage(builder); - - builder - .append(", Operation(") - .append(this.operation) - .append(")"); - } - - /** - * Sets the operation to be added to the audit event. - * @param operation operation to be added to the audit event. - * @return this builder - */ - public TBuilder withOperation(String operation) { - this.operation = operation; - - return (TBuilder)this; - } - } - - protected AbstractStartOperationAuditEvent() {} - - /** - * {@inheritDoc} - */ - protected AbstractStartOperationAuditEvent(AbstractStartOperationAuditEventBuilder<?, ?> builder) { - super(builder); - } -} http://git-wip-us.apache.org/repos/asf/ambari/blob/1b1b3bc6/ambari-server/src/main/java/org/apache/ambari/server/audit/AbstractUserAuditEvent.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/AbstractUserAuditEvent.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/AbstractUserAuditEvent.java deleted file mode 100644 index 721f1fc..0000000 --- a/ambari-server/src/main/java/org/apache/ambari/server/audit/AbstractUserAuditEvent.java +++ /dev/null @@ -1,83 +0,0 @@ - -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.ambari.server.audit; - -/** - * Base class for audit events which are result of user actions. It appends - * to audit event details the user name and remote ip of the host - * where user actions originates from. - */ -public abstract class AbstractUserAuditEvent extends AbstractAuditEvent { - - public static abstract class AbstractUserAuditEventBuilder<T extends AbstractUserAuditEvent, TBuilder extends AbstractUserAuditEventBuilder<T, TBuilder>> - extends AbstractAuditEventBuilder<T, TBuilder> { - - private String userName; - - private String remoteIp; - - /** - * Appends to audit event details the user name and remote ip of the host - * where user actions originates from. - * @param builder builder for the audit message details. - */ - @Override - protected void buildAuditMessage(StringBuilder builder) { - builder - .append("User(") - .append(this.userName) - .append("), RemoteIp(") - .append(this.remoteIp) - .append(")"); - } - - /** - * Sets the user name of the user that initiated the audited action. - * @param userName - * @return the builder - */ - public TBuilder withUserName(String userName) { - this.userName = userName; - - return (TBuilder)this; - } - - /** - * Sets the remote ip where the user action originated from. - * @param ip - * @return the builder - */ - public TBuilder withRemoteIp(String ip) { - this.remoteIp = ip; - - return (TBuilder)this; - } - } - - protected AbstractUserAuditEvent() {} - - /** - * {@inheritDoc} - */ - protected AbstractUserAuditEvent(AbstractUserAuditEventBuilder<?, ?> builder) { - super(builder); - } - -} http://git-wip-us.apache.org/repos/asf/ambari/blob/1b1b3bc6/ambari-server/src/main/java/org/apache/ambari/server/audit/AccessUnauthorizedAuditEvent.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/AccessUnauthorizedAuditEvent.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/AccessUnauthorizedAuditEvent.java deleted file mode 100644 index d51270a..0000000 --- a/ambari-server/src/main/java/org/apache/ambari/server/audit/AccessUnauthorizedAuditEvent.java +++ /dev/null @@ -1,70 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.ambari.server.audit; - -import javax.annotation.concurrent.Immutable; - -/** - * Access to given resource is not authorized. - */ -@Immutable -public class AccessUnauthorizedAuditEvent extends AbstractAuthorizationEvent { - - public static class AccessUnauthorizedAuditEventBuilder - extends AbstractAuthorizationEventBuilder<AccessUnauthorizedAuditEvent, AccessUnauthorizedAuditEventBuilder> { - - /** - * Appends to the aduit event detail the list of the privileges - * possessed by the principal requesting access to a resource. - * @param builder builder for the audit event details. - */ - @Override - protected void buildAuditMessage(StringBuilder builder) { - super.buildAuditMessage(builder); - - builder.append(", Status(Access not authorized !)"); - } - - - /** - * {@inheritDoc} - */ - @Override - protected AccessUnauthorizedAuditEvent newAuditEvent() { - return new AccessUnauthorizedAuditEvent(this); - } - } - - private AccessUnauthorizedAuditEvent() {} - - /** - * {@inheritDoc} - */ - private AccessUnauthorizedAuditEvent(AccessUnauthorizedAuditEventBuilder builder) { - super(builder); - } - - /** - * Returns an builder for {@link AccessUnauthorizedAuditEvent} - * @return a builder instance - */ - public static AccessUnauthorizedAuditEventBuilder builder() { - return new AccessUnauthorizedAuditEventBuilder(); - } -} http://git-wip-us.apache.org/repos/asf/ambari/blob/1b1b3bc6/ambari-server/src/main/java/org/apache/ambari/server/audit/AuditEvent.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/AuditEvent.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/AuditEvent.java deleted file mode 100644 index d9ca081..0000000 --- a/ambari-server/src/main/java/org/apache/ambari/server/audit/AuditEvent.java +++ /dev/null @@ -1,42 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.ambari.server.audit; - -import org.joda.time.DateTime; - -/** - * Audit event that contains - * the details of an action/event - * that is subject to audit. - */ -public interface AuditEvent { - - /** - * Returns the timestamp of the audit event. - * @return timestamp of the audit event. - */ - DateTime getTimestamp(); - - /** - * Returns the details of the audit event. - * @return detail of the audit event. - */ - String getAuditMessage(); - -} http://git-wip-us.apache.org/repos/asf/ambari/blob/1b1b3bc6/ambari-server/src/main/java/org/apache/ambari/server/audit/AuditEventBuilder.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/AuditEventBuilder.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/AuditEventBuilder.java deleted file mode 100644 index ce6c53b..0000000 --- a/ambari-server/src/main/java/org/apache/ambari/server/audit/AuditEventBuilder.java +++ /dev/null @@ -1,32 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.ambari.server.audit; - - -/** - * Builder for {@link AuditEvent} - * @param <T> the type of the concrete audit event. - */ -public interface AuditEventBuilder<T extends AuditEvent> { - /** - * Builds an audit event. - * @return audit event instance - */ - T build(); -} http://git-wip-us.apache.org/repos/asf/ambari/blob/1b1b3bc6/ambari-server/src/main/java/org/apache/ambari/server/audit/AuditLogger.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/AuditLogger.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/AuditLogger.java index 29bf6d1..77a97ad 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/audit/AuditLogger.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/audit/AuditLogger.java @@ -6,9 +6,9 @@ * to you under the Apache License, Version 2.0 (the * "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at - * + * <p/> * http://www.apache.org/licenses/LICENSE-2.0 - * + * <p/> * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -18,6 +18,8 @@ package org.apache.ambari.server.audit; +import org.apache.ambari.server.audit.event.AuditEvent; + /** * Interface to handle audit log events */ http://git-wip-us.apache.org/repos/asf/ambari/blob/1b1b3bc6/ambari-server/src/main/java/org/apache/ambari/server/audit/AuditLoggerDefaultImpl.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/AuditLoggerDefaultImpl.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/AuditLoggerDefaultImpl.java index 49e3dee..6b351e9 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/audit/AuditLoggerDefaultImpl.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/audit/AuditLoggerDefaultImpl.java @@ -6,9 +6,9 @@ * to you under the Apache License, Version 2.0 (the * "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at - * + * <p/> * http://www.apache.org/licenses/LICENSE-2.0 - * + * <p/> * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -18,6 +18,7 @@ package org.apache.ambari.server.audit; +import org.apache.ambari.server.audit.event.AuditEvent; import org.slf4j.Logger; import org.slf4j.LoggerFactory; http://git-wip-us.apache.org/repos/asf/ambari/blob/1b1b3bc6/ambari-server/src/main/java/org/apache/ambari/server/audit/AuditLoggerModule.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/AuditLoggerModule.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/AuditLoggerModule.java index a79cb15..2c27b79 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/audit/AuditLoggerModule.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/audit/AuditLoggerModule.java @@ -6,9 +6,9 @@ * to you under the Apache License, Version 2.0 (the * "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at - * + * <p/> * http://www.apache.org/licenses/LICENSE-2.0 - * + * <p/> * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -24,6 +24,7 @@ import com.google.inject.name.Names; public class AuditLoggerModule extends AbstractModule { private final static int BUFFERED_LOGGER_CAPACITY = 10000; + @Override protected void configure() { bind(AuditLogger.class).to(BufferedAuditLogger.class); http://git-wip-us.apache.org/repos/asf/ambari/blob/1b1b3bc6/ambari-server/src/main/java/org/apache/ambari/server/audit/BufferedAuditLogger.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/BufferedAuditLogger.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/BufferedAuditLogger.java index e279fa5..81a05c9 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/audit/BufferedAuditLogger.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/audit/BufferedAuditLogger.java @@ -6,9 +6,9 @@ * to you under the Apache License, Version 2.0 (the * "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at - * + * <p/> * http://www.apache.org/licenses/LICENSE-2.0 - * + * <p/> * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -23,6 +23,7 @@ import java.util.concurrent.ExecutorService; import java.util.concurrent.Executors; import java.util.concurrent.LinkedBlockingQueue; +import org.apache.ambari.server.audit.event.AuditEvent; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -81,8 +82,6 @@ public class BufferedAuditLogger implements AuditLogger { } - - /** * Constructor. * http://git-wip-us.apache.org/repos/asf/ambari/blob/1b1b3bc6/ambari-server/src/main/java/org/apache/ambari/server/audit/LoginFailedAuditEvent.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/LoginFailedAuditEvent.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/LoginFailedAuditEvent.java deleted file mode 100644 index 3124d1b..0000000 --- a/ambari-server/src/main/java/org/apache/ambari/server/audit/LoginFailedAuditEvent.java +++ /dev/null @@ -1,92 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.ambari.server.audit; - - -import javax.annotation.concurrent.Immutable; - -/** - * Login failure audit event. - */ -@Immutable -public class LoginFailedAuditEvent extends AbstractLoginAuditEvent { - - public static class LoginFailedAuditEventBuilder - extends AbstractLoginAuditEventBuilder<LoginFailedAuditEvent, LoginFailedAuditEventBuilder> { - - private String reason; - - /** - * Appends to the audit message details the reason - * that caused the login failure. - * @param builder builder for the audit message details. - */ - @Override - protected void buildAuditMessage(StringBuilder builder) { - super.buildAuditMessage(builder); - - builder - .append(", Status(Login failed !)") - .append(", Reason(") - .append(this.reason) - .append(")") - ; - } - - private LoginFailedAuditEventBuilder() { - } - - /** - * {@inheritDoc} - */ - @Override - protected LoginFailedAuditEvent newAuditEvent() { - return new LoginFailedAuditEvent(this); - } - - /** - * Sets the root cause of the login failure. - * @param reason root cause of the login failure. - * @return this builder - */ - public LoginFailedAuditEventBuilder withReason(String reason) { - this.reason = reason; - return this; - } - - } - - - private LoginFailedAuditEvent() {} - - /** - * {@inheritDoc} - */ - private LoginFailedAuditEvent(LoginFailedAuditEventBuilder builder) { - super(builder); - } - - /** - * Returns an builder for {@link LoginFailedAuditEvent} - * @return a builder instance - */ - public static LoginFailedAuditEventBuilder builder() { - return new LoginFailedAuditEventBuilder(); - } -} http://git-wip-us.apache.org/repos/asf/ambari/blob/1b1b3bc6/ambari-server/src/main/java/org/apache/ambari/server/audit/LoginSucceededAuditEvent.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/LoginSucceededAuditEvent.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/LoginSucceededAuditEvent.java deleted file mode 100644 index 08c272e..0000000 --- a/ambari-server/src/main/java/org/apache/ambari/server/audit/LoginSucceededAuditEvent.java +++ /dev/null @@ -1,98 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.ambari.server.audit; - -import java.util.LinkedList; -import java.util.List; -import java.util.Map; - -import javax.annotation.concurrent.Immutable; -import org.apache.commons.lang.StringUtils; - -/** - * Successful login audit event. - */ -@Immutable -public class LoginSucceededAuditEvent extends AbstractLoginAuditEvent { - - public static class LoginSucceededAuditEventBuilder - extends AbstractLoginAuditEventBuilder<LoginSucceededAuditEvent, LoginSucceededAuditEventBuilder> { - - private LoginSucceededAuditEventBuilder() { } - - private Map<String, List<String>> roles; - - - /** - * {@inheritDoc} - */ - @Override - protected void buildAuditMessage(StringBuilder builder) { - super.buildAuditMessage(builder); - - builder.append(", Roles(").append(System.lineSeparator()); - - List<String> lines = new LinkedList<>(); - for( Map.Entry<String, List<String>> entry : roles.entrySet()) { - lines.add(" " + entry.getKey() + ": " + StringUtils.join(entry.getValue(), ", ")); - } - builder.append(StringUtils.join(lines, System.lineSeparator())); - builder.append(System.lineSeparator()).append("), Status(Login succeeded !)"); - } - - /** - * Sets the list of roles possessed by the principal requesting access to a resource. - * @param roles - * @return this builder - */ - public LoginSucceededAuditEventBuilder withRoles(Map<String, List<String>> roles) { - this.roles = roles; - - return this; - } - - /** - * {@inheritDoc} - */ - @Override - protected LoginSucceededAuditEvent newAuditEvent() { - return new LoginSucceededAuditEvent(this); - } - - } - - - private LoginSucceededAuditEvent() { } - - /** - * {@inheritDoc} - */ - private LoginSucceededAuditEvent(LoginSucceededAuditEventBuilder builder) { - super(builder); - - } - - /** - * Returns an builder for {@link LoginSucceededAuditEvent} - * @return a builder instance - */ - public static LoginSucceededAuditEventBuilder builder() { - return new LoginSucceededAuditEventBuilder(); - } -} http://git-wip-us.apache.org/repos/asf/ambari/blob/1b1b3bc6/ambari-server/src/main/java/org/apache/ambari/server/audit/LogoutAuditEvent.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/LogoutAuditEvent.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/LogoutAuditEvent.java deleted file mode 100644 index 12cf7bf..0000000 --- a/ambari-server/src/main/java/org/apache/ambari/server/audit/LogoutAuditEvent.java +++ /dev/null @@ -1,64 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.ambari.server.audit; - -import javax.annotation.concurrent.Immutable; - -/** - * Logout audit event. - */ -@Immutable -public class LogoutAuditEvent extends AbstractUserAuditEvent { - public static class LogoutAuditEventBuilder - extends AbstractUserAuditEventBuilder<LogoutAuditEvent, LogoutAuditEventBuilder> { - - private LogoutAuditEventBuilder() {} - - /** - * {@inheritDoc} - */ - @Override - protected void buildAuditMessage(StringBuilder builder) { - super.buildAuditMessage(builder); - builder.append(", Status(Logout succeeded !)"); - } - - @Override - protected LogoutAuditEvent newAuditEvent() { - return new LogoutAuditEvent(this); - } - } - - private LogoutAuditEvent() { } - - /** - * {@inheritDoc} - */ - private LogoutAuditEvent(LogoutAuditEventBuilder builder) { - super(builder); - - } - - /** - * Returns an builder for {@link LogoutAuditEvent} - * @return a builder instance - */ - public static LogoutAuditEventBuilder builder() { - return new LogoutAuditEventBuilder(); - } -} http://git-wip-us.apache.org/repos/asf/ambari/blob/1b1b3bc6/ambari-server/src/main/java/org/apache/ambari/server/audit/OperationStatusAuditEvent.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/OperationStatusAuditEvent.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/OperationStatusAuditEvent.java deleted file mode 100644 index 9fe7169..0000000 --- a/ambari-server/src/main/java/org/apache/ambari/server/audit/OperationStatusAuditEvent.java +++ /dev/null @@ -1,104 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.ambari.server.audit; - - -import javax.annotation.concurrent.Immutable; - -@Immutable -public class OperationStatusAuditEvent extends AbstractAuditEvent { - - public static class OperationStatusAuditEventBuilder extends AbstractAuditEventBuilder<OperationStatusAuditEvent, OperationStatusAuditEventBuilder> { - - /** - * Request identifier - */ - private String requestId; - - /** - * Status of the whole request - */ - private String status; - - /** - * Name of the operation - */ - private String operation; - - private OperationStatusAuditEventBuilder() { - } - - @Override - protected OperationStatusAuditEvent newAuditEvent() { - return new OperationStatusAuditEvent(this); - } - - /** - * Builds and audit log message based on the member variables - * @param builder builder for the audit event details. - */ - @Override - protected void buildAuditMessage(StringBuilder builder) { - builder - .append("Operation(") - .append(this.operation) - .append("), Status(") - .append(this.status) - .append("), RequestId(") - .append(this.requestId) - .append(")"); - } - - - - public OperationStatusAuditEventBuilder withStatus(String status) { - this.status = status; - return this; - } - - public OperationStatusAuditEventBuilder withRequestId(String requestId) { - this.requestId = requestId; - return this; - } - - public OperationStatusAuditEventBuilder withRequestContext(String operation) { - this.operation = operation; - return this; - } - } - - private OperationStatusAuditEvent() { - } - - /** - * {@inheritDoc} - */ - private OperationStatusAuditEvent(OperationStatusAuditEventBuilder builder) { - super(builder); - } - - /** - * Returns an builder for {@link OperationStatusAuditEvent} - * @return a builder instance - */ - public static OperationStatusAuditEventBuilder builder() { - return new OperationStatusAuditEventBuilder(); - } - -} http://git-wip-us.apache.org/repos/asf/ambari/blob/1b1b3bc6/ambari-server/src/main/java/org/apache/ambari/server/audit/StartOperationFailedAuditEvent.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/StartOperationFailedAuditEvent.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/StartOperationFailedAuditEvent.java deleted file mode 100644 index 948f136..0000000 --- a/ambari-server/src/main/java/org/apache/ambari/server/audit/StartOperationFailedAuditEvent.java +++ /dev/null @@ -1,87 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.ambari.server.audit; - -import javax.annotation.concurrent.Immutable; - -/** - * Start operation request rejected. - */ -@Immutable -public class StartOperationFailedAuditEvent extends AbstractStartOperationAuditEvent { - - public static class StartOperationFailedAuditEventBuilder - extends AbstractStartOperationAuditEventBuilder<StartOperationFailedAuditEvent, StartOperationFailedAuditEventBuilder> { - - private String reason; - - private StartOperationFailedAuditEventBuilder() {} - - /** - * Appends to the audit event the reason due to which the - * operation was rejected. - * @param builder builder for the audit event details. - */ - @Override - protected void buildAuditMessage(StringBuilder builder) { - super.buildAuditMessage(builder); - - builder - .append(", Status(Request failed to be processed !), Reason(") - .append(this.reason) - .append(")"); - } - - /** - * {@inheritDoc} - */ - @Override - protected StartOperationFailedAuditEvent newAuditEvent() { - return new StartOperationFailedAuditEvent(this); - } - - /** - * Sets the reason due to which the operation was rejected. - * @param reason the reason due to which the operation was rejected. - * @return this builder. - */ - public StartOperationFailedAuditEventBuilder withReason(String reason) { - this.reason = reason; - return this; - } - } - - private StartOperationFailedAuditEvent() { - } - - /** - * {@inheritDoc} - */ - private StartOperationFailedAuditEvent(StartOperationFailedAuditEventBuilder builder) { - super(builder); - } - - /** - * Returns an builder for {@link StartOperationFailedAuditEvent} - * @return a builder instance - */ - public static StartOperationFailedAuditEventBuilder builder() { - return new StartOperationFailedAuditEventBuilder(); - } -} http://git-wip-us.apache.org/repos/asf/ambari/blob/1b1b3bc6/ambari-server/src/main/java/org/apache/ambari/server/audit/StartOperationSucceededAuditEvent.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/StartOperationSucceededAuditEvent.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/StartOperationSucceededAuditEvent.java deleted file mode 100644 index 352c1dd..0000000 --- a/ambari-server/src/main/java/org/apache/ambari/server/audit/StartOperationSucceededAuditEvent.java +++ /dev/null @@ -1,88 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.ambari.server.audit; - - -import javax.annotation.concurrent.Immutable; - -/** - * Start operation request was accepted. - */ -@Immutable -public class StartOperationSucceededAuditEvent extends AbstractStartOperationAuditEvent { - - public static class StartOperationSucceededAuditEventBuilder - extends AbstractStartOperationAuditEventBuilder<StartOperationSucceededAuditEvent, StartOperationSucceededAuditEventBuilder> { - - private String requestId; - - private StartOperationSucceededAuditEventBuilder() {} - - /** - * Appends to the audit event the identifier of the - * operation through whcih the operation progress can be tracked. - * @param builder builder for the audit event details. - */ - @Override - protected void buildAuditMessage(StringBuilder builder) { - super.buildAuditMessage(builder); - - builder - .append(", Status(Request queued for processing with request id ") - .append(this.requestId) - .append(")"); - } - - /** - * {@inheritDoc} - */ - @Override - protected StartOperationSucceededAuditEvent newAuditEvent() { - return new StartOperationSucceededAuditEvent(this); - } - - /** - * Sets the identifier of the operation through whcih the operation progress can be tracked. - * @param requestId he identifier of the operation through whcih the operation progress can be tracked. - * @return this builder - */ - public StartOperationSucceededAuditEventBuilder withRequestId(String requestId) { - this.requestId = requestId; - return this; - } - } - - private StartOperationSucceededAuditEvent() { - } - - /** - * {@inheritDoc} - */ - private StartOperationSucceededAuditEvent(StartOperationSucceededAuditEventBuilder builder) { - super(builder); - } - - /** - * Returns an builder for {@link StartOperationSucceededAuditEvent} - * @return a builder instance - */ - public static StartOperationSucceededAuditEventBuilder builder() { - return new StartOperationSucceededAuditEventBuilder(); - } -} http://git-wip-us.apache.org/repos/asf/ambari/blob/1b1b3bc6/ambari-server/src/main/java/org/apache/ambari/server/audit/TaskStatusAuditEvent.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/TaskStatusAuditEvent.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/TaskStatusAuditEvent.java deleted file mode 100644 index 212ada3..0000000 --- a/ambari-server/src/main/java/org/apache/ambari/server/audit/TaskStatusAuditEvent.java +++ /dev/null @@ -1,144 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.ambari.server.audit; - - -import javax.annotation.concurrent.Immutable; - -@Immutable -public class TaskStatusAuditEvent extends AbstractAuditEvent { - - public static class TaskStatusAuditEventBuilder extends AbstractAuditEventBuilder<TaskStatusAuditEvent, TaskStatusAuditEventBuilder> { - - /** - * Request identifier - */ - private String requestId; - - /** - * Task identifier - */ - private String taskId; - - /** - * Request identifier - */ - private String hostName; - - /** - * Status of the whole request - */ - private String status; - - /** - * Name of the operation - */ - private String operation; - - /** - * Task command details - */ - private String details; - - private TaskStatusAuditEventBuilder() { - } - - @Override - protected TaskStatusAuditEvent newAuditEvent() { - return new TaskStatusAuditEvent(this); - } - - /** - * Builds and audit log message based on the member variables - * @param builder builder for the audit event details. - */ - @Override - protected void buildAuditMessage(StringBuilder builder) { - builder - .append("Operation(") - .append(this.operation); - - if(details != null) { - builder.append("), Details(") - .append(this.details); - } - - builder.append("), Status(") - .append(this.status) - .append("), RequestId(") - .append(this.requestId) - .append("), TaskId(") - .append(this.taskId) - .append("), Hostname(") - .append(this.hostName) - .append(")"); - } - - - - public TaskStatusAuditEventBuilder withStatus(String status) { - this.status = status; - return this; - } - - public TaskStatusAuditEventBuilder withRequestId(String requestId) { - this.requestId = requestId; - return this; - } - - public TaskStatusAuditEventBuilder withTaskId(String taskId) { - this.taskId = taskId; - return this; - } - - public TaskStatusAuditEventBuilder withHostName(String hostName) { - this.hostName = hostName; - return this; - } - - public TaskStatusAuditEventBuilder withOperation(String operation) { - this.operation = operation; - return this; - } - - public TaskStatusAuditEventBuilder withDetails(String details) { - this.details = details; - return this; - } - } - - private TaskStatusAuditEvent() { - } - - /** - * {@inheritDoc} - */ - private TaskStatusAuditEvent(TaskStatusAuditEventBuilder builder) { - super(builder); - } - - /** - * Returns an builder for {@link TaskStatusAuditEvent} - * @return a builder instance - */ - public static TaskStatusAuditEventBuilder builder() { - return new TaskStatusAuditEventBuilder(); - } - -} http://git-wip-us.apache.org/repos/asf/ambari/blob/1b1b3bc6/ambari-server/src/main/java/org/apache/ambari/server/audit/event/AbstractAuditEvent.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/event/AbstractAuditEvent.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/event/AbstractAuditEvent.java new file mode 100644 index 0000000..2ed8f87 --- /dev/null +++ b/ambari-server/src/main/java/org/apache/ambari/server/audit/event/AbstractAuditEvent.java @@ -0,0 +1,144 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.ambari.server.audit.event; + + +import org.apache.commons.lang.builder.EqualsBuilder; +import org.apache.commons.lang.builder.HashCodeBuilder; +import org.joda.time.DateTime; + +/** + * Base class for concrete audit event types. + */ +public abstract class AbstractAuditEvent implements AuditEvent { + + private final DateTime timestamp; + + private final String auditMessage; + + /** + * Base class for concrete audit event builders. + * + * @param <T> the type of the concrete audit event built by this builder + * @param <TBuilder> the type of the concrete audit event builder. + */ + protected static abstract class AbstractAuditEventBuilder<T extends AbstractAuditEvent, TBuilder extends AbstractAuditEventBuilder<T, TBuilder>> + implements AuditEventBuilder<T> { + + private DateTime timestamp; + private String auditMessage; + + + /** + * Creates a new audit event instance from this builder. + * + * @return the build audit event instance. + */ + protected abstract T newAuditEvent(); + + /** + * Appends details from this builder to the detailed description of the audit event. + * + * @param builder builder for the audit event details. + */ + protected abstract void buildAuditMessage(StringBuilder builder); + + + /** + * The timestamp of the audit event. + * + * @param timestamp + * @return + */ + public TBuilder withTimestamp(DateTime timestamp) { + this.timestamp = timestamp; + + return (TBuilder) this; + } + + /** + * {@inheritDoc} + */ + @Override + public final T build() { + final StringBuilder auditMessageBuilder = new StringBuilder(); + + buildAuditMessage(auditMessageBuilder); + auditMessage = auditMessageBuilder.toString(); + + return newAuditEvent(); + } + + } + + + protected AbstractAuditEvent() { + this.timestamp = null; + this.auditMessage = null; + } + + /** + * Constructor. Initializes fields using the provided builder. + * + * @param builder + */ + protected AbstractAuditEvent(AbstractAuditEventBuilder<?, ?> builder) { + timestamp = builder.timestamp; + auditMessage = builder.auditMessage; + } + + /** + * {@inheritDoc} + */ + @Override + public DateTime getTimestamp() { + return timestamp; + } + + + /** + * {@inheritDoc} + */ + @Override + public String getAuditMessage() { + return auditMessage; + } + + @Override + public final boolean equals(Object o) { + if (this == o) return true; + + if (!(o instanceof AbstractAuditEvent)) return false; + + AbstractAuditEvent that = (AbstractAuditEvent) o; + + return new EqualsBuilder() + .append(getTimestamp(), that.getTimestamp()) + .append(getAuditMessage(), that.getAuditMessage()) + .isEquals(); + } + + @Override + public final int hashCode() { + return new HashCodeBuilder(17, 37) + .append(getTimestamp()) + .append(getAuditMessage()) + .toHashCode(); + } +} http://git-wip-us.apache.org/repos/asf/ambari/blob/1b1b3bc6/ambari-server/src/main/java/org/apache/ambari/server/audit/event/AbstractUserAuditEvent.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/event/AbstractUserAuditEvent.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/event/AbstractUserAuditEvent.java new file mode 100644 index 0000000..a883740 --- /dev/null +++ b/ambari-server/src/main/java/org/apache/ambari/server/audit/event/AbstractUserAuditEvent.java @@ -0,0 +1,86 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.ambari.server.audit.event; + +/** + * Base class for audit events which are result of user actions. It appends + * to audit event details the user name and remote ip of the host + * where user actions originates from. + */ +public abstract class AbstractUserAuditEvent extends AbstractAuditEvent { + + public static abstract class AbstractUserAuditEventBuilder<T extends AbstractUserAuditEvent, TBuilder extends AbstractUserAuditEventBuilder<T, TBuilder>> + extends AbstractAuditEventBuilder<T, TBuilder> { + + private String userName; + + private String remoteIp; + + /** + * Appends to audit event details the user name and remote ip of the host + * where user actions originates from. + * + * @param builder builder for the audit message details. + */ + @Override + protected void buildAuditMessage(StringBuilder builder) { + builder + .append("User(") + .append(this.userName) + .append("), RemoteIp(") + .append(this.remoteIp) + .append(")"); + } + + /** + * Sets the user name of the user that initiated the audited action. + * + * @param userName + * @return the builder + */ + public TBuilder withUserName(String userName) { + this.userName = userName; + + return (TBuilder) this; + } + + /** + * Sets the remote ip where the user action originated from. + * + * @param ip + * @return the builder + */ + public TBuilder withRemoteIp(String ip) { + this.remoteIp = ip; + + return (TBuilder) this; + } + } + + protected AbstractUserAuditEvent() { + } + + /** + * {@inheritDoc} + */ + protected AbstractUserAuditEvent(AbstractUserAuditEventBuilder<?, ?> builder) { + super(builder); + } + +} http://git-wip-us.apache.org/repos/asf/ambari/blob/1b1b3bc6/ambari-server/src/main/java/org/apache/ambari/server/audit/event/AccessUnauthorizedAuditEvent.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/event/AccessUnauthorizedAuditEvent.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/event/AccessUnauthorizedAuditEvent.java new file mode 100644 index 0000000..9eaa3ee --- /dev/null +++ b/ambari-server/src/main/java/org/apache/ambari/server/audit/event/AccessUnauthorizedAuditEvent.java @@ -0,0 +1,90 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.ambari.server.audit.event; + +import javax.annotation.concurrent.Immutable; + +/** + * Access to given resource is not authorized. + */ +@Immutable +public class AccessUnauthorizedAuditEvent extends AbstractUserAuditEvent { + + public static class AccessUnauthorizedAuditEventBuilder + extends AbstractUserAuditEventBuilder<AccessUnauthorizedAuditEvent, AccessUnauthorizedAuditEventBuilder> { + + private String httpMethodName; + private String resourcePath; + + /** + * Appends to the aduit event detail the list of the privileges + * possessed by the principal requesting access to a resource. + * + * @param builder builder for the audit event details. + */ + @Override + protected void buildAuditMessage(StringBuilder builder) { + super.buildAuditMessage(builder); + + builder + .append(", Operation(") + .append(httpMethodName) + .append("), ResourcePath(") + .append(resourcePath) + .append("), Status(Failed), Reason(Access not authorized)"); + } + + public AccessUnauthorizedAuditEventBuilder withHttpMethodName(String httpMethodName) { + this.httpMethodName = httpMethodName; + return this; + } + + public AccessUnauthorizedAuditEventBuilder withResourcePath(String resourcePath) { + this.resourcePath = resourcePath; + return this; + } + + /** + * {@inheritDoc} + */ + @Override + protected AccessUnauthorizedAuditEvent newAuditEvent() { + return new AccessUnauthorizedAuditEvent(this); + } + } + + private AccessUnauthorizedAuditEvent() { + } + + /** + * {@inheritDoc} + */ + private AccessUnauthorizedAuditEvent(AccessUnauthorizedAuditEventBuilder builder) { + super(builder); + } + + /** + * Returns an builder for {@link AccessUnauthorizedAuditEvent} + * + * @return a builder instance + */ + public static AccessUnauthorizedAuditEventBuilder builder() { + return new AccessUnauthorizedAuditEventBuilder(); + } +} http://git-wip-us.apache.org/repos/asf/ambari/blob/1b1b3bc6/ambari-server/src/main/java/org/apache/ambari/server/audit/event/AuditEvent.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/event/AuditEvent.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/event/AuditEvent.java new file mode 100644 index 0000000..4ef88d6 --- /dev/null +++ b/ambari-server/src/main/java/org/apache/ambari/server/audit/event/AuditEvent.java @@ -0,0 +1,58 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.ambari.server.audit.event; + +import org.joda.time.DateTime; + +/** + * Audit event that contains + * the details of an action/event + * that is subject to audit. + */ +public interface AuditEvent { + + /** + * Builder for {@link AuditEvent} + * + * @param <T> the type of the concrete audit event. + */ + interface AuditEventBuilder<T extends AuditEvent> { + /** + * Builds an audit event. + * + * @return audit event instance + */ + T build(); + } + + /** + * Returns the timestamp of the audit event. + * + * @return timestamp of the audit event. + */ + DateTime getTimestamp(); + + /** + * Returns the details of the audit event. + * + * @return detail of the audit event. + */ + String getAuditMessage(); + +} http://git-wip-us.apache.org/repos/asf/ambari/blob/1b1b3bc6/ambari-server/src/main/java/org/apache/ambari/server/audit/event/LoginAuditEvent.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/event/LoginAuditEvent.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/event/LoginAuditEvent.java new file mode 100644 index 0000000..4a9daed --- /dev/null +++ b/ambari-server/src/main/java/org/apache/ambari/server/audit/event/LoginAuditEvent.java @@ -0,0 +1,119 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.ambari.server.audit.event; + +import java.util.LinkedList; +import java.util.List; +import java.util.Map; + +import javax.annotation.concurrent.Immutable; + +import org.apache.commons.lang.StringUtils; + +/** + * Successful login audit event. + */ +@Immutable +public class LoginAuditEvent extends AbstractUserAuditEvent { + + public static class LoginAuditEventBuilder + extends AbstractUserAuditEventBuilder<LoginAuditEvent, LoginAuditEventBuilder> { + + private LoginAuditEventBuilder() { + } + + private Map<String, List<String>> roles; + + private String reasonOfFailure; + + /** + * {@inheritDoc} + */ + @Override + protected void buildAuditMessage(StringBuilder builder) { + super.buildAuditMessage(builder); + + builder.append(", Operation(User login), Roles(").append(System.lineSeparator()); + + if (roles != null && !roles.isEmpty()) { + List<String> lines = new LinkedList<>(); + for (Map.Entry<String, List<String>> entry : roles.entrySet()) { + lines.add(" " + entry.getKey() + ": " + StringUtils.join(entry.getValue(), ", ")); + } + builder.append(StringUtils.join(lines, System.lineSeparator())); + builder.append(System.lineSeparator()); + } + builder.append("), Status(") + .append(reasonOfFailure == null ? "Success" : "Failed"); + + if (reasonOfFailure != null) { + builder.append("), Reason(") + .append(reasonOfFailure); + } + builder.append(")"); + } + + /** + * Sets the list of roles possessed by the principal requesting access to a resource. + * + * @param roles + * @return this builder + */ + public LoginAuditEventBuilder withRoles(Map<String, List<String>> roles) { + this.roles = roles; + + return this; + } + + public LoginAuditEventBuilder withReasonOfFailure(String reasonOfFailure) { + this.reasonOfFailure = reasonOfFailure; + return this; + } + + /** + * {@inheritDoc} + */ + @Override + protected LoginAuditEvent newAuditEvent() { + return new LoginAuditEvent(this); + } + + } + + + private LoginAuditEvent() { + } + + /** + * {@inheritDoc} + */ + private LoginAuditEvent(LoginAuditEventBuilder builder) { + super(builder); + + } + + /** + * Returns an builder for {@link LoginAuditEvent} + * + * @return a builder instance + */ + public static LoginAuditEventBuilder builder() { + return new LoginAuditEventBuilder(); + } +} http://git-wip-us.apache.org/repos/asf/ambari/blob/1b1b3bc6/ambari-server/src/main/java/org/apache/ambari/server/audit/event/LogoutAuditEvent.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/audit/event/LogoutAuditEvent.java b/ambari-server/src/main/java/org/apache/ambari/server/audit/event/LogoutAuditEvent.java new file mode 100644 index 0000000..3ce8c31 --- /dev/null +++ b/ambari-server/src/main/java/org/apache/ambari/server/audit/event/LogoutAuditEvent.java @@ -0,0 +1,67 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.ambari.server.audit.event; + +import javax.annotation.concurrent.Immutable; + +/** + * Logout audit event. + */ +@Immutable +public class LogoutAuditEvent extends AbstractUserAuditEvent { + public static class LogoutAuditEventBuilder + extends AbstractUserAuditEventBuilder<LogoutAuditEvent, LogoutAuditEventBuilder> { + + private LogoutAuditEventBuilder() { + } + + /** + * {@inheritDoc} + */ + @Override + protected void buildAuditMessage(StringBuilder builder) { + super.buildAuditMessage(builder); + builder.append(", Operation(Logout), Status(Success)"); + } + + @Override + protected LogoutAuditEvent newAuditEvent() { + return new LogoutAuditEvent(this); + } + } + + private LogoutAuditEvent() { + } + + /** + * {@inheritDoc} + */ + private LogoutAuditEvent(LogoutAuditEventBuilder builder) { + super(builder); + + } + + /** + * Returns an builder for {@link LogoutAuditEvent} + * + * @return a builder instance + */ + public static LogoutAuditEventBuilder builder() { + return new LogoutAuditEventBuilder(); + } +}