From dev-return-69059-archive-asf-public=cust-asf.ponee.io@zookeeper.apache.org Mon Apr 23 17:30:03 2018 Return-Path: X-Original-To: archive-asf-public@cust-asf.ponee.io Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by mx-eu-01.ponee.io (Postfix) with SMTP id 55868180679 for ; Mon, 23 Apr 2018 17:30:02 +0200 (CEST) Received: (qmail 49953 invoked by uid 500); 23 Apr 2018 15:30:01 -0000 Mailing-List: contact dev-help@zookeeper.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@zookeeper.apache.org Delivered-To: mailing list dev@zookeeper.apache.org Received: (qmail 49176 invoked by uid 99); 23 Apr 2018 15:30:00 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 23 Apr 2018 15:30:00 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id 10F7DE00EB; Mon, 23 Apr 2018 15:30:00 +0000 (UTC) From: anmolnar To: dev@zookeeper.apache.org Reply-To: dev@zookeeper.apache.org References: In-Reply-To: Subject: [GitHub] zookeeper pull request #338: ZOOKEEPER-1260:Audit logging in ZooKeeper serve... Content-Type: text/plain Message-Id: <20180423153000.10F7DE00EB@git1-us-west.apache.org> Date: Mon, 23 Apr 2018 15:30:00 +0000 (UTC) Github user anmolnar commented on a diff in the pull request: https://github.com/apache/zookeeper/pull/338#discussion_r183435384 --- Diff: src/java/main/org/apache/zookeeper/server/FinalRequestProcessor.java --- @@ -465,6 +488,127 @@ public void processRequest(Request request) { } } + private void addSuccessAudit(Request request, ServerCnxn cnxn, String op, String path) { + addSuccessAudit(request, cnxn, op, path, null); + } + + private void addSuccessAudit(Request request, ServerCnxn cnxn, String op, String path, + String acl) { + if (!ZKAuditLogger.isAuditEnabled) { + return; + } + ZKAuditLogger.logSuccess(request.getUsers(), op, path, acl, cnxn.getSessionIdHex(), + cnxn.getHostAddress()); + } + + private void addFailureAudit(Request request, ServerCnxn cnxn, String op, String path) { + addFailureAudit(request, cnxn, op, path, null); + } + + private void addFailureAudit(Request request, ServerCnxn cnxn, String op, String path, + String acl) { + if (!ZKAuditLogger.isAuditEnabled) { + return; + } + ZKAuditLogger.logFailure(request.getUsers(), op, path, acl, cnxn.getSessionIdHex(), + cnxn.getHostAddress()); + } + + private void addAuditLog(Request request, ServerCnxn cnxn, String op, String path, String acl, + Code err) { + if (!ZKAuditLogger.isAuditEnabled) { + return; + } + if (err == Code.OK) { + ZKAuditLogger.logSuccess(request.getUsers(), op, path, acl, cnxn.getSessionIdHex(), + cnxn.getHostAddress()); + } else { + ZKAuditLogger.logFailure(request.getUsers(), op, path, acl, cnxn.getSessionIdHex(), + cnxn.getHostAddress()); + } + } + + private String getACLs(Request request) + { + ByteBuffer reqData = request.request.duplicate(); + reqData.rewind(); + SetACLRequest setACLRequest = new SetACLRequest(); + try { + ByteBufferInputStream.byteBuffer2Record(reqData, setACLRequest); + } catch (IOException e) { + e.printStackTrace(); + } + return ZKUtil.aclToString(setACLRequest.getAcl()); + } + + private void addFailedTxnAduitLog(Request request) { + if (!ZKAuditLogger.isAuditEnabled) { + return; + } + String op = AuditConstants.OP_CREATE; + String path=null; + long sessionId = -1; + String address = null; + String acls = null; + ByteBuffer reqData = request.request.duplicate(); + reqData.rewind(); + try { + sessionId = request.cnxn.getSessionId(); + switch (request.type) { + case OpCode.create: + case OpCode.create2: + case OpCode.createContainer: + op = AuditConstants.OP_CREATE; + CreateRequest createRequest = new CreateRequest(); + ByteBufferInputStream.byteBuffer2Record(reqData, createRequest); + path=createRequest.getPath(); + break; + case OpCode.delete: + case OpCode.deleteContainer: + op = AuditConstants.OP_DELETE; + //path = new String(request.request.array()); --- End diff -- Please the commented line. ---