honeymoose/OpenSearch
1
0
Fork 0
mirror of https://github.com/honeymoose/OpenSearch.git synced 2025-02-06 21:18:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

always store origin type and request content for rest requests

Browse Source 
The change fixes two bugs in the index audit trail implementation. The first is that
we did not always store the origin type with rest requests. The second is that a
conditional statement controlled the storage of the rest requests content, but the
conditional was based on a log level that had nothing to do with the index based
audit implementation.

Closes elastic/elasticsearch#932

Original commit: elastic/x-pack-elasticsearch@b309e261c3
This commit is contained in:
jaymode 2015-06-22 15:05:34 -04:00
parent 4e11cbebad
commit 9fcd68c8f4
2 changed files with 13 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/main/java/org/elasticsearch/shield/audit/index/IndexAuditTrail.java
View File

@ -463,10 +463,8 @@ public class IndexAuditTrail extends AbstractComponent implements AuditTrail {
if (indices != null) {
msg.builder.array(Field.INDICES, indices);
}
if (logger.isDebugEnabled()) {
msg.builder.field(Field.REQUEST_BODY, restRequestContent(request));
}
msg.builder.field(Field.REQUEST_BODY, restRequestContent(request));
msg.builder.field(Field.ORIGIN_TYPE, "rest");
msg.builder.field(Field.ORIGIN_ADDRESS, request.getRemoteAddress());
msg.builder.field(Field.URI, request.uri());

13
src/test/java/org/elasticsearch/shield/audit/index/IndexAuditTrailTests.java
View File

@ -210,6 +210,8 @@ public class IndexAuditTrailTests extends ShieldIntegrationTest {
assertAuditMessage(hit, "rest", "anonymous_access_denied");
assertThat("_hostname:9200", equalTo(hit.field("origin_address").getValue()));
assertThat("_uri", equalTo(hit.field("uri").getValue()));
assertThat((String) hit.field("origin_type").getValue(), is("rest"));
assertThat(hit.field("request_body").getValue(), notNullValue());
}
@Test(expected = IndexMissingException.class)
@ -296,9 +298,11 @@ public class IndexAuditTrailTests extends ShieldIntegrationTest {
SearchHit hit = getIndexedAuditMessage();
assertAuditMessage(hit, "rest", "authentication_failed");
assertThat(hit.field("principal").getValue(), is((Object)"_principal"));
assertThat(hit.field("principal").getValue(), is((Object) "_principal"));
assertThat("_hostname:9200", equalTo(hit.field("origin_address").getValue()));
assertThat("_uri", equalTo(hit.field("uri").getValue()));
assertThat((String) hit.field("origin_type").getValue(), is("rest"));
assertThat(hit.field("request_body").getValue(), notNullValue());
}
@Test
@ -314,6 +318,8 @@ public class IndexAuditTrailTests extends ShieldIntegrationTest {
assertThat(hit.field("principal"), nullValue());
assertThat("_hostname:9200", equalTo(hit.field("origin_address").getValue()));
assertThat("_uri", equalTo(hit.field("uri").getValue()));
assertThat((String) hit.field("origin_type").getValue(), is("rest"));
assertThat(hit.field("request_body").getValue(), notNullValue());
}
@Test(expected = IndexMissingException.class)
@ -382,6 +388,8 @@ public class IndexAuditTrailTests extends ShieldIntegrationTest {
assertThat("_hostname:9200", equalTo(hit.field("origin_address").getValue()));
assertThat("_uri", equalTo(hit.field("uri").getValue()));
assertEquals("_realm", hit.field("realm").getValue());
assertThat((String) hit.field("origin_type").getValue(), is("rest"));
assertThat(hit.field("request_body").getValue(), notNullValue());
}
@Test(expected = IndexMissingException.class)
@ -647,7 +655,7 @@ public class IndexAuditTrailTests extends ShieldIntegrationTest {
}
private void awaitIndexCreation(final String indexName) throws InterruptedException {
awaitBusy(new Predicate<Void>() {
boolean found = awaitBusy(new Predicate<Void>() {
@Override
public boolean apply(Void o) {
try {
@ -659,6 +667,7 @@ public class IndexAuditTrailTests extends ShieldIntegrationTest {
}
}
});
assertThat("[" + indexName + "] does not exist!", found, is(true));
GetSettingsResponse response = getClient().admin().indices().prepareGetSettings(indexName).execute().actionGet();
assertThat(response.getSetting(indexName, "index.number_of_shards"), is(Integer.toString(numShards)));