HDFS-14625. Make DefaultAuditLogger class in FSnamesystem to Abstract. Contributed by hemanthboyina.

hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/DefaultAuditLogger.java

@@ -0,0 +1,93 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.hadoop.hdfs.server.namenode;
+
+import java.net.InetAddress;
+import java.util.HashSet;
+import java.util.Set;
+
+import org.apache.hadoop.classification.InterfaceAudience;
+import org.apache.hadoop.classification.InterfaceStability;
+import org.apache.hadoop.conf.Configuration;
+import org.apache.hadoop.fs.FileStatus;
+import org.apache.hadoop.hdfs.security.token.delegation.DelegationTokenSecretManager;
+import org.apache.hadoop.ipc.CallerContext;
+import org.apache.hadoop.security.UserGroupInformation;
+
+/**
+ * This class provides an interface for Namenode and Router to Audit events
+ * information. This class can be extended and can be used when no access logger
+ * is defined in the config file.
+ */
+@InterfaceAudience.Public
+@InterfaceStability.Evolving
+public abstract class DefaultAuditLogger extends HdfsAuditLogger {
+  protected static final ThreadLocal<StringBuilder> STRING_BUILDER =
+      new ThreadLocal<StringBuilder>() {
+        @Override
+        protected StringBuilder initialValue() {
+          return new StringBuilder();
+        }
+      };
+
+  protected volatile boolean isCallerContextEnabled;
+
+  /** The maximum bytes a caller context string can have. */
+  protected int callerContextMaxLen;
+  protected int callerSignatureMaxLen;
+
+  /** adds a tracking ID for all audit log events. */
+  protected boolean logTokenTrackingId;
+
+  /** List of commands to provide debug messages. */
+  protected Set<String> debugCmdSet = new HashSet<>();
+
+  /**
+   * Enable or disable CallerContext.
+   *
+   * @param value true, enable CallerContext, otherwise false to disable it.
+   */
+  void setCallerContextEnabled(final boolean value) {
+    isCallerContextEnabled = value;
+  }
+
+  /**
+   * Get the value indicating if CallerContext is enabled.
+   *
+   * @return true, if CallerContext is enabled, otherwise false, if it's
+   *         disabled.
+   */
+  boolean getCallerContextEnabled() {
+    return isCallerContextEnabled;
+  }
+
+  public abstract void initialize(Configuration conf);
+
+  public abstract void logAuditMessage(String message);
+
+  public abstract void logAuditEvent(boolean succeeded, String userName,
+      InetAddress addr, String cmd, String src, String dst, FileStatus status,
+      UserGroupInformation ugi, DelegationTokenSecretManager dtSecretManager);
+
+  public abstract void logAuditEvent(boolean succeeded, String userName,
+      InetAddress addr, String cmd, String src, String dst, FileStatus status,
+      CallerContext callerContext, UserGroupInformation ugi,
+      DelegationTokenSecretManager dtSecretManager);
+
+}

hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/FSNamesystem.java

@@ -1061,7 +1061,7 @@ public class FSNamesystem implements Namesystem, FSNamesystemMBean,
         try {
           AuditLogger logger;
           if (DFS_NAMENODE_DEFAULT_AUDIT_LOGGER_NAME.equals(className)) {
-            logger = new DefaultAuditLogger();
+            logger = new FSNamesystemAuditLogger();
           } else {
             logger = (AuditLogger) Class.forName(className).newInstance();
           }
@@ -1077,9 +1077,9 @@ public class FSNamesystem implements Namesystem, FSNamesystemMBean,
 
     // Make sure there is at least one logger installed.
     if (auditLoggers.isEmpty()) {
-      DefaultAuditLogger defaultAuditLogger = new DefaultAuditLogger();
+      FSNamesystemAuditLogger fsNamesystemAuditLogger = new FSNamesystemAuditLogger();
-      defaultAuditLogger.initialize(conf);
+      fsNamesystemAuditLogger.initialize(conf);
-      auditLoggers.add(defaultAuditLogger);
+      auditLoggers.add(fsNamesystemAuditLogger);
     }
 
     // Add audit logger to calculate top users
@@ -7976,46 +7976,12 @@ public class FSNamesystem implements Namesystem, FSNamesystemMBean,
   }
 
   /**
-   * Default AuditLogger implementation; used when no access logger is
+   * FSNamesystem Default AuditLogger implementation;used when no access logger
-   * defined in the config file. It can also be explicitly listed in the
+   * is defined in the config file. It can also be explicitly listed in the
    * config file.
    */
   @VisibleForTesting
-  static class DefaultAuditLogger extends HdfsAuditLogger {
+  static class FSNamesystemAuditLogger extends DefaultAuditLogger {
-    private static final ThreadLocal<StringBuilder> STRING_BUILDER =
-        new ThreadLocal<StringBuilder>() {
-          @Override
-          protected StringBuilder initialValue() {
-            return new StringBuilder();
-          }
-        };
-
-    private volatile boolean isCallerContextEnabled;
-    private int callerContextMaxLen;
-    private int callerSignatureMaxLen;
-
-    private boolean logTokenTrackingId;
-    private Set<String> debugCmdSet = new HashSet<String>();
-
-    /**
-     * Enable or disable CallerContext.
-     *
-     * @param value
-     *          true, enable CallerContext, otherwise false to disable it.
-     */
-    void setCallerContextEnabled(final boolean value) {
-      isCallerContextEnabled = value;
-    }
-
-    /**
-     * Get the value indicating if CallerContext is enabled.
-     *
-     * @return true, if CallerContext is enabled, otherwise false, if it's
-     *         disabled.
-     */
-    boolean getCallerContextEnabled() {
-      return isCallerContextEnabled;
-    }
 
     @Override
     public void initialize(Configuration conf) {

hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/server/namenode/TestAuditLogAtDebug.java

@@ -24,7 +24,7 @@ import org.slf4j.LoggerFactory;
 import org.apache.hadoop.conf.Configuration;
 import org.apache.hadoop.hdfs.DFSConfigKeys;
 import org.apache.hadoop.hdfs.HdfsConfiguration;
-import org.apache.hadoop.hdfs.server.namenode.FSNamesystem.DefaultAuditLogger;
+import org.apache.hadoop.hdfs.server.namenode.FSNamesystem.FSNamesystemAuditLogger;
 import org.apache.hadoop.test.GenericTestUtils;
 import org.apache.log4j.Level;
 import org.junit.Rule;
@@ -54,7 +54,7 @@ public class TestAuditLogAtDebug {
   
   private DefaultAuditLogger makeSpyLogger(
       Level level, Optional<List<String>> debugCommands) {
-    DefaultAuditLogger logger = new DefaultAuditLogger();
+    DefaultAuditLogger logger = new FSNamesystemAuditLogger();
     Configuration conf = new HdfsConfiguration();
     if (debugCommands.isPresent()) {
       conf.set(DFSConfigKeys.DFS_NAMENODE_AUDIT_LOG_DEBUG_CMDLIST,

hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/server/namenode/TestFSNamesystem.java

@@ -247,9 +247,10 @@ public class TestFSNamesystem {
     fsn = new FSNamesystem(conf, fsImage);
     auditLoggers = fsn.getAuditLoggers();
     assertTrue(auditLoggers.size() == 1);
-    assertTrue(auditLoggers.get(0) instanceof FSNamesystem.DefaultAuditLogger);
+    assertTrue(
-    FSNamesystem.DefaultAuditLogger defaultAuditLogger =
+        auditLoggers.get(0) instanceof FSNamesystem.FSNamesystemAuditLogger);
-        (FSNamesystem.DefaultAuditLogger) auditLoggers.get(0);
+    FSNamesystem.FSNamesystemAuditLogger defaultAuditLogger =
+        (FSNamesystem.FSNamesystemAuditLogger) auditLoggers.get(0);
     assertTrue(defaultAuditLogger.getCallerContextEnabled());
 
     // Not to specify any audit loggers in config
@@ -262,7 +263,7 @@ public class TestFSNamesystem {
     // the audit loggers order is not defined
     for (AuditLogger auditLogger : auditLoggers) {
       assertThat(auditLogger,
-          either(instanceOf(FSNamesystem.DefaultAuditLogger.class))
+          either(instanceOf(FSNamesystem.FSNamesystemAuditLogger.class))
               .or(instanceOf(TopAuditLogger.class)));
     }
 
@@ -275,7 +276,7 @@ public class TestFSNamesystem {
     assertTrue(auditLoggers.size() == 2);
     for (AuditLogger auditLogger : auditLoggers) {
       assertThat(auditLogger,
-          either(instanceOf(FSNamesystem.DefaultAuditLogger.class))
+          either(instanceOf(FSNamesystem.FSNamesystemAuditLogger.class))
               .or(instanceOf(TopAuditLogger.class)));
     }
 
@@ -289,7 +290,7 @@ public class TestFSNamesystem {
     assertTrue(auditLoggers.size() == 3);
     for (AuditLogger auditLogger : auditLoggers) {
       assertThat(auditLogger,
-          either(instanceOf(FSNamesystem.DefaultAuditLogger.class))
+          either(instanceOf(FSNamesystem.FSNamesystemAuditLogger.class))
               .or(instanceOf(TopAuditLogger.class))
               .or(instanceOf(DummyAuditLogger.class)));
     }