opendev/gerrit
Code Issues Proposed changes

Implement a more capable servlet auditing interface.

Browse Source 
In order to facilitate action-specific auditing, the RestResource,
RestView, and HttpServletRequest are incorporated into a new extended
audit event class, supplementing all existing fields (some redundant)
in HttpAuditEvent. Although the request is already available from the
Guice injector, adding this high-value information as a field
facilitates convenient access.

Change-Id: I3ebd629c90921237bbcfbb00d9ea990740099104
This commit is contained in:
David Pletcher
2015-04-30 15:59:41 -07:00
parent 79d17aa007
commit 86535611f3
2 changed files with 64 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
gerrit-httpd/src/main/java/com/google/gerrit/httpd/restapi/RestApiServlet.java
View File

@@ -46,7 +46,7 @@ import com.google.common.io.BaseEncoding;
import com.google.common.math.IntMath;
import com.google.common.net.HttpHeaders;
import com.google.gerrit.audit.AuditService;
import com.google.gerrit.audit.HttpAuditEvent;
import com.google.gerrit.audit.ExtendedHttpAuditEvent;
import com.google.gerrit.common.Nullable;
import com.google.gerrit.common.TimeUtil;
import com.google.gerrit.extensions.registration.DynamicItem;
@@ -204,6 +204,8 @@ public class RestApiServlet extends HttpServlet {
Object result = null;
Multimap<String, String> params = LinkedHashMultimap.create();
Object inputRequestBody = null;
RestResource rsrc = TopLevelResource.INSTANCE;
ViewData viewData = null;
try {
checkUserSession(req);
@@ -213,8 +215,8 @@ public class RestApiServlet extends HttpServlet {
CapabilityUtils.checkRequiresCapability(globals.currentUser,
null, rc.getClass());
RestResource rsrc = TopLevelResource.INSTANCE;
ViewData viewData = new ViewData(null, null);
viewData = new ViewData(null, null);
if (path.isEmpty()) {
if (isGetOrHead(req)) {
viewData = new ViewData(null, rc.list());
@@ -386,10 +388,10 @@ public class RestApiServlet extends HttpServlet {
status = SC_INTERNAL_SERVER_ERROR;
handleException(e, req, res);
} finally {
globals.auditService.dispatch(new HttpAuditEvent(globals.webSession.get()
.getSessionId(), globals.currentUser.get(), req.getRequestURI(),
auditStartTs, params, req.getMethod(), inputRequestBody, status,
result));
globals.auditService.dispatch(new ExtendedHttpAuditEvent(globals.webSession.get()
.getSessionId(), globals.currentUser.get(), req,
auditStartTs, params, inputRequestBody, status,
result, rsrc, viewData.view));
}
}