Martin Mucha has uploaded a new change for review. Change subject: core: audit logging support for mac pools. ......................................................................
core: audit logging support for mac pools. Change-Id: I376b89abc03657a7cd2eb1b06e21591e4cd944ad Bug-Url: https://bugzilla.redhat.com/1078844 Signed-off-by: Martin Mucha <mmu...@redhat.com> --- M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/AddMacPoolCommand.java M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/RemoveMacPoolCommand.java M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/UpdateMacPoolCommand.java M backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/AuditLogType.java M backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/businessentities/AuditLog.java M backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dal/dbbroker/auditloghandling/AuditLogDirector.java M backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dal/dbbroker/auditloghandling/AuditLogableBase.java M backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dao/AuditLogDAODbFacadeImpl.java M backend/manager/modules/dal/src/main/resources/bundles/AuditLogMessages.properties M packaging/dbscripts/audit_log_sp.sql A packaging/dbscripts/upgrade/03_05_0730_support_audit_logging_for_mac_pools.sql 11 files changed, 115 insertions(+), 8 deletions(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/04/29204/1 diff --git a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/AddMacPoolCommand.java b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/AddMacPoolCommand.java index a98beba..5408e98 100644 --- a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/AddMacPoolCommand.java +++ b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/AddMacPoolCommand.java @@ -5,6 +5,7 @@ import org.ovirt.engine.core.bll.network.macpoolmanager.MacPoolPerDc; import org.ovirt.engine.core.bll.utils.PermissionSubject; +import org.ovirt.engine.core.common.AuditLogType; import org.ovirt.engine.core.common.VdcObjectType; import org.ovirt.engine.core.common.action.MacPoolParameters; import org.ovirt.engine.core.common.businessentities.ActionGroup; @@ -16,6 +17,15 @@ public AddMacPoolCommand(MacPoolParameters parameters) { super(parameters); + } + + @Override + public AuditLogType getAuditLogTypeValue() { + if (getSucceeded()) { + return AuditLogType.MAC_POOL_ADD_SUCCESS; + } else { + return AuditLogType.MAC_POOL_ADD_FAILED; + } } @Override @@ -49,6 +59,10 @@ protected void executeCommand() { MacPool macPool = getMacPool(); macPool.setId(Guid.newGuid()); + + setMacPoolNameForLog(macPool.getName()); + setMacPoolIdForLog(macPool.getId()); + getMacPoolDao().save(macPool); MacPoolPerDc.getInstance().createPool(macPool); diff --git a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/RemoveMacPoolCommand.java b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/RemoveMacPoolCommand.java index 5c78298..d37871b 100644 --- a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/RemoveMacPoolCommand.java +++ b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/RemoveMacPoolCommand.java @@ -5,6 +5,7 @@ import org.ovirt.engine.core.bll.network.macpoolmanager.MacPoolPerDc; import org.ovirt.engine.core.bll.utils.PermissionSubject; +import org.ovirt.engine.core.common.AuditLogType; import org.ovirt.engine.core.common.VdcObjectType; import org.ovirt.engine.core.common.action.RemoveMacPoolByIdParameters; import org.ovirt.engine.core.common.businessentities.ActionGroup; @@ -22,6 +23,15 @@ } @Override + public AuditLogType getAuditLogTypeValue() { + if (getSucceeded()) { + return AuditLogType.MAC_POOL_REMOVE_SUCCESS; + } else { + return AuditLogType.MAC_POOL_REMOVE_FAILED; + } + } + + @Override protected void setActionMessageParameters() { super.setActionMessageParameters(); addCanDoActionMessage(VdcBllMessages.VAR__ACTION__REMOVE); @@ -29,6 +39,9 @@ @Override protected void executeCommand() { + setMacPoolIdForLog(getParameters().getMacPoolId()); + setMacPoolNameForLog(oldMacPool.getName()); + final Guid macPoolId = getParameters().getMacPoolId(); getMacPoolDao().remove(macPoolId); diff --git a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/UpdateMacPoolCommand.java b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/UpdateMacPoolCommand.java index 7379823..2a7524b 100644 --- a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/UpdateMacPoolCommand.java +++ b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/UpdateMacPoolCommand.java @@ -5,6 +5,7 @@ import org.ovirt.engine.core.bll.network.macpoolmanager.MacPoolPerDc; import org.ovirt.engine.core.bll.utils.PermissionSubject; +import org.ovirt.engine.core.common.AuditLogType; import org.ovirt.engine.core.common.VdcObjectType; import org.ovirt.engine.core.common.action.MacPoolParameters; import org.ovirt.engine.core.common.businessentities.ActionGroup; @@ -18,6 +19,15 @@ public UpdateMacPoolCommand(MacPoolParameters parameters) { super(parameters); + } + + @Override + public AuditLogType getAuditLogTypeValue() { + if (getSucceeded()) { + return AuditLogType.MAC_POOL_EDIT_SUCCESS; + } else { + return AuditLogType.MAC_POOL_EDIT_FAILED; + } } @Override @@ -50,6 +60,9 @@ @Override protected void executeCommand() { + setMacPoolIdForLog(getMacPoolId()); + setMacPoolNameForLog(oldMacPool.getName()); + getMacPoolDao().update(getMacPool()); MacPoolPerDc.getInstance().modifyPool(getMacPool()); diff --git a/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/AuditLogType.java b/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/AuditLogType.java index 7373f8d..7705ad7 100644 --- a/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/AuditLogType.java +++ b/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/AuditLogType.java @@ -1029,7 +1029,15 @@ USER_REMOVE_AUDIT_LOG(10600), USER_REMOVE_AUDIT_LOG_FAILED(10601, AuditLogSeverity.ERROR), USER_CLEAR_ALL_DISMISSED_AUDIT_LOG(10602), - USER_CLEAR_ALL_DISMISSED_AUDIT_LOG_FAILED(10603, AuditLogSeverity.ERROR); + USER_CLEAR_ALL_DISMISSED_AUDIT_LOG_FAILED(10603, AuditLogSeverity.ERROR), + + //MacPool Log + MAC_POOL_ADD_SUCCESS(10700), + MAC_POOL_ADD_FAILED(10701, AuditLogSeverity.ERROR), + MAC_POOL_EDIT_SUCCESS(10702), + MAC_POOL_EDIT_FAILED(10703, AuditLogSeverity.ERROR), + MAC_POOL_REMOVE_SUCCESS(10704), + MAC_POOL_REMOVE_FAILED(10705, AuditLogSeverity.ERROR); private int intValue; // indicates time interval in seconds on which identical events from same instance are suppressed. diff --git a/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/businessentities/AuditLog.java b/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/businessentities/AuditLog.java index ca24f7d..99eda34 100644 --- a/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/businessentities/AuditLog.java +++ b/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/businessentities/AuditLog.java @@ -9,7 +9,7 @@ import org.ovirt.engine.core.compat.Guid; public class AuditLog extends IVdcQueryable implements Serializable { - private static final long serialVersionUID = -2808392095455280186L; + private static final long serialVersionUID = -5346124122179332184L; private long auditLogId; private Date logTime; @@ -46,6 +46,8 @@ private String compatibilityVersion; private String quotaEnforcementType; private String callStack; + private String macPoolName; + private Guid macPoolId; public AuditLog() { logType = AuditLogType.UNASSIGNED.getValue(); @@ -427,6 +429,8 @@ result = prime * result + ((customData == null) ? 0 : customData.hashCode()); result = prime * result + (external ? 1231 : 1237); result = prime * result + (deleted ? 1231 : 1237); + result = prime * result + ((macPoolId == null) ? 0 : macPoolId.hashCode()); + result = prime * result + ((macPoolName == null) ? 0 : macPoolName.hashCode()); result = prime * result + ((callStack == null) ? 0 : callStack.hashCode()); return result; } @@ -464,6 +468,8 @@ && ObjectUtils.objectsEqual(customData, other.customData) && external == other.external && deleted == other.deleted + && macPoolId == other.macPoolId + && macPoolName == other.macPoolName && ObjectUtils.objectsEqual(callStack, other.callStack)); } @@ -495,4 +501,20 @@ sb.append(message); return sb.toString(); } + + public Guid getMacPoolId() { + return macPoolId; + } + + public void setMacPoolId(Guid macPoolId) { + this.macPoolId = macPoolId; + } + + public String getMacPoolName() { + return macPoolName; + } + + public void setMacPoolName(String macPoolName) { + this.macPoolName = macPoolName; + } } diff --git a/backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dal/dbbroker/auditloghandling/AuditLogDirector.java b/backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dal/dbbroker/auditloghandling/AuditLogDirector.java index 80b2393..0c78641 100644 --- a/backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dal/dbbroker/auditloghandling/AuditLogDirector.java +++ b/backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dal/dbbroker/auditloghandling/AuditLogDirector.java @@ -157,6 +157,8 @@ auditLog.setQuotaId(auditLogable.getQuotaIdForLog()); auditLog.setQuotaName(auditLogable.getQuotaNameForLog()); auditLog.setCallStack(auditLogable.getCallStack()); + auditLog.setMacPoolId(auditLogable.getMacPoolIdForLog()); + auditLog.setMacPoolName(auditLogable.getMacPoolNameForLog()); getDbFacadeInstance().getAuditLogDao().save(auditLog); String logMessage; if (!"".equals(loggerString)) { diff --git a/backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dal/dbbroker/auditloghandling/AuditLogableBase.java b/backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dal/dbbroker/auditloghandling/AuditLogableBase.java index c7e0713..67bde83 100644 --- a/backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dal/dbbroker/auditloghandling/AuditLogableBase.java +++ b/backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dal/dbbroker/auditloghandling/AuditLogableBase.java @@ -90,6 +90,8 @@ private Guid quotaIdForLog; private String quotaNameForLog; private String callStack; + private String macPoolNameForLog; + private Guid macPoolIdForLog; public AuditLogableBase() { } @@ -779,4 +781,20 @@ setCallStack(ExceptionUtils.getStackTrace(throwable)); } } + + public String getMacPoolNameForLog() { + return macPoolNameForLog; + } + + public void setMacPoolNameForLog(String macPoolNameForLog) { + this.macPoolNameForLog = macPoolNameForLog; + } + + public Guid getMacPoolIdForLog() { + return macPoolIdForLog; + } + + public void setMacPoolIdForLog(Guid macPoolIdForLog) { + this.macPoolIdForLog = macPoolIdForLog; + } } diff --git a/backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dao/AuditLogDAODbFacadeImpl.java b/backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dao/AuditLogDAODbFacadeImpl.java index b7934f0..d7b9a06 100644 --- a/backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dao/AuditLogDAODbFacadeImpl.java +++ b/backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dao/AuditLogDAODbFacadeImpl.java @@ -137,7 +137,9 @@ .addValue("quota_name", event.getQuotaName()) .addValue("gluster_volume_id", event.getGlusterVolumeId()) .addValue("gluster_volume_name", event.getGlusterVolumeName()) - .addValue("call_stack", event.getCallStack()); + .addValue("call_stack", event.getCallStack()) + .addValue("mac_pool_id", event.getMacPoolId()) + .addValue("mac_pool_name", event.getMacPoolName()); } private MapSqlParameterSource getExternalEventSqlMapper(AuditLog event) { @@ -242,6 +244,8 @@ entity.setCustomData(rs.getString("custom_data")); entity.setDeleted(rs.getBoolean("deleted")); entity.setCallStack(rs.getString("call_stack")); + entity.setMacPoolId(getGuid(rs, "mac_pool_id")); + entity.setMacPoolName(rs.getString("mac_pool_name")); return entity; } } diff --git a/backend/manager/modules/dal/src/main/resources/bundles/AuditLogMessages.properties b/backend/manager/modules/dal/src/main/resources/bundles/AuditLogMessages.properties index 772d799..542d8c5 100644 --- a/backend/manager/modules/dal/src/main/resources/bundles/AuditLogMessages.properties +++ b/backend/manager/modules/dal/src/main/resources/bundles/AuditLogMessages.properties @@ -835,3 +835,10 @@ KDUMP_FLOW_NOT_DETECTED_ON_VDS=Kdump flow not detected on host '${VdsName}'. KDUMP_FLOW_FINISHED_ON_VDS=Kdump flow finished on host '${VdsName}'. KDUMP_DETECTION_NOT_CONFIGURED_ON_VDS=Kdump detection is enabled for host '${VdsName}', but kdump is not configured properly on host. + +MAC_POOL_ADD_SUCCESS=MAC Pool ${macPoolName} (id=${macPoolId}) created. +MAC_POOL_ADD_FAILED=Creation of MAC Pool ${macPoolName} failed. +MAC_POOL_EDIT_SUCCESS=MAC Pool ${macPoolName} (id=${macPoolId}) changed. +MAC_POOL_EDIT_FAILED=Alteration of MAC Pool ${macPoolName} (id=${macPoolId}) failed. +MAC_POOL_REMOVE_SUCCESS=MAC Pool ${macPoolName} (id=${macPoolId}) removed. +MAC_POOL_REMOVE_FAILED=Removal of MAC Pool ${macPoolName} (id=${macPoolId}) failed. diff --git a/packaging/dbscripts/audit_log_sp.sql b/packaging/dbscripts/audit_log_sp.sql index 714c053..926e1e6 100644 --- a/packaging/dbscripts/audit_log_sp.sql +++ b/packaging/dbscripts/audit_log_sp.sql @@ -28,7 +28,9 @@ v_job_id UUID, v_gluster_volume_id UUID, v_gluster_volume_name VARCHAR(1000), - v_call_stack text) + v_call_stack text, + v_mac_pool_id UUID, + v_mac_pool_name VARCHAR(255)) AS $procedure$ DECLARE v_min_alret_severity INTEGER; @@ -37,15 +39,15 @@ -- insert regular log messages (non alerts) if (v_severity < v_min_alret_severity) then -INSERT INTO audit_log(LOG_TIME, log_type, log_type_name, severity,message, user_id, USER_NAME, vds_id, VDS_NAME, vm_id, VM_NAME,vm_template_id,VM_TEMPLATE_NAME,storage_pool_id,STORAGE_POOL_NAME,storage_domain_id,STORAGE_DOMAIN_NAME,vds_group_id,vds_group_name, correlation_id, job_id, quota_id, quota_name, gluster_volume_id, gluster_volume_name, call_stack) - VALUES(v_log_time, v_log_type, v_log_type_name, v_severity, v_message, v_user_id, v_user_name, v_vds_id, v_vds_name, v_vm_id, v_vm_name,v_vm_template_id,v_vm_template_name,v_storage_pool_id,v_storage_pool_name,v_storage_domain_id,v_storage_domain_name,v_vds_group_id,v_vds_group_name, v_correlation_id, v_job_id, v_quota_id, v_quota_name, v_gluster_volume_id, v_gluster_volume_name, v_call_stack); +INSERT INTO audit_log(LOG_TIME, log_type, log_type_name, severity,message, user_id, USER_NAME, vds_id, VDS_NAME, vm_id, VM_NAME,vm_template_id,VM_TEMPLATE_NAME,storage_pool_id,STORAGE_POOL_NAME,storage_domain_id,STORAGE_DOMAIN_NAME,vds_group_id,vds_group_name, correlation_id, job_id, quota_id, quota_name, gluster_volume_id, gluster_volume_name, call_stack, mac_pool_id, mac_pool_name) + VALUES(v_log_time, v_log_type, v_log_type_name, v_severity, v_message, v_user_id, v_user_name, v_vds_id, v_vds_name, v_vm_id, v_vm_name,v_vm_template_id,v_vm_template_name,v_storage_pool_id,v_storage_pool_name,v_storage_domain_id,v_storage_domain_name,v_vds_group_id,v_vds_group_name, v_correlation_id, v_job_id, v_quota_id, v_quota_name, v_gluster_volume_id, v_gluster_volume_name, v_call_stack, v_mac_pool_id, v_mac_pool_name); v_audit_log_id := CURRVAL('audit_log_seq'); else if (not exists(select audit_log_id from audit_log where vds_name = v_vds_name and log_type = v_log_type)) then -INSERT INTO audit_log(LOG_TIME, log_type, log_type_name, severity,message, user_id, USER_NAME, vds_id, VDS_NAME, vm_id, VM_NAME,vm_template_id,VM_TEMPLATE_NAME,storage_pool_id,STORAGE_POOL_NAME,storage_domain_id,STORAGE_DOMAIN_NAME,vds_group_id,vds_group_name, correlation_id, job_id, quota_id, quota_name, gluster_volume_id, gluster_volume_name, call_stack) - VALUES(v_log_time, v_log_type, v_log_type_name, v_severity, v_message, v_user_id, v_user_name, v_vds_id, v_vds_name, v_vm_id, v_vm_name,v_vm_template_id,v_vm_template_name,v_storage_pool_id,v_storage_pool_name,v_storage_domain_id,v_storage_domain_name,v_vds_group_id,v_vds_group_name, v_correlation_id, v_job_id, v_quota_id, v_quota_name, v_gluster_volume_id, v_gluster_volume_name, v_call_stack); +INSERT INTO audit_log(LOG_TIME, log_type, log_type_name, severity,message, user_id, USER_NAME, vds_id, VDS_NAME, vm_id, VM_NAME,vm_template_id,VM_TEMPLATE_NAME,storage_pool_id,STORAGE_POOL_NAME,storage_domain_id,STORAGE_DOMAIN_NAME,vds_group_id,vds_group_name, correlation_id, job_id, quota_id, quota_name, gluster_volume_id, gluster_volume_name, call_stack, mac_pool_id, mac_pool_name) + VALUES(v_log_time, v_log_type, v_log_type_name, v_severity, v_message, v_user_id, v_user_name, v_vds_id, v_vds_name, v_vm_id, v_vm_name,v_vm_template_id,v_vm_template_name,v_storage_pool_id,v_storage_pool_name,v_storage_domain_id,v_storage_domain_name,v_vds_group_id,v_vds_group_name, v_correlation_id, v_job_id, v_quota_id, v_quota_name, v_gluster_volume_id, v_gluster_volume_name, v_call_stack, v_mac_pool_id, v_mac_pool_name); v_audit_log_id := CURRVAL('audit_log_seq'); else diff --git a/packaging/dbscripts/upgrade/03_05_0730_support_audit_logging_for_mac_pools.sql b/packaging/dbscripts/upgrade/03_05_0730_support_audit_logging_for_mac_pools.sql new file mode 100644 index 0000000..35d9f36 --- /dev/null +++ b/packaging/dbscripts/upgrade/03_05_0730_support_audit_logging_for_mac_pools.sql @@ -0,0 +1,4 @@ +SELECT + fn_db_add_column('audit_log', 'mac_pool_id', 'uuid'); +SELECT + fn_db_add_column('audit_log', 'mac_pool_name', 'VARCHAR(255)'); -- To view, visit http://gerrit.ovirt.org/29204 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I376b89abc03657a7cd2eb1b06e21591e4cd944ad Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Martin Mucha <mmu...@redhat.com> _______________________________________________ Engine-patches mailing list Engine-patches@ovirt.org http://lists.ovirt.org/mailman/listinfo/engine-patches
