Added enable/disable functionality for TPS audit.

A new method has been added to TPS audit REST service to enable or disable audit logging. The CLI and UI have been modified to provide a way to acces this functionality. Also, new ACL entries have been added for audit. Ticket #955
author: Endi S. Dewata <edewata@redhat.com> 2014-04-10 17:55:02 -0400
committer: Endi S. Dewata <edewata@redhat.com> 2014-04-15 14:51:04 -0400
commit: 4e548279b92af62b913c1678e84a695366608540 (patch)
tree: 908cd61b9aad31e3216a1b5b72be4bf0bad48e28 /base/common/src/com/netscape/certsrv/logging
parent: ed9c9538ddbb98262d50f6857c88ce345949037b (diff)
download: pki-4e548279b92af62b913c1678e84a695366608540.tar.gz
pki-4e548279b92af62b913c1678e84a695366608540.tar.xz
pki-4e548279b92af62b913c1678e84a695366608540.zip
3 files changed, 29 insertions, 11 deletions
diff --git a/base/common/src/com/netscape/certsrv/logging/AuditClient.java b/base/common/src/com/netscape/certsrv/logging/AuditClient.java
index 95d2c7fb4..018850c57 100644
--- a/base/common/src/com/netscape/certsrv/logging/AuditClient.java
+++ b/base/common/src/com/netscape/certsrv/logging/AuditClient.java
@@ -49,4 +49,9 @@ public class AuditClient extends Client {
         Response response = resource.updateAuditConfig(auditConfig);
         return client.getEntity(response, AuditConfig.class);
     }
+
+    public AuditConfig changeAuditStatus(String action) {
+        Response response = resource.changeAuditStatus(action);
+        return client.getEntity(response, AuditConfig.class);
+    }
 }
diff --git a/base/common/src/com/netscape/certsrv/logging/AuditConfig.java b/base/common/src/com/netscape/certsrv/logging/AuditConfig.java
index d52dd97c6..2d1e20eb9 100644
--- a/base/common/src/com/netscape/certsrv/logging/AuditConfig.java
+++ b/base/common/src/com/netscape/certsrv/logging/AuditConfig.java
@@ -59,7 +59,7 @@ public class AuditConfig {
         }
     }
 
-    Boolean enabled;
+    String status;
     Boolean signed;
     Integer interval;
     Integer bufferSize;
@@ -68,13 +68,13 @@ public class AuditConfig {
 
     Link link;
 
-    @XmlElement(name="Enabled")
-    public Boolean getEnabled() {
-        return enabled;
+    @XmlElement(name="Status")
+    public String getStatus() {
+        return status;
     }
 
-    public void setEnabled(Boolean enabled) {
-        this.enabled = enabled;
+    public void setStatus(String status) {
+        this.status = status;
     }
 
     @XmlElement(name="Signed")
@@ -164,7 +164,7 @@ public class AuditConfig {
         final int prime = 31;
         int result = 1;
         result = prime * result + ((bufferSize == null) ? 0 : bufferSize.hashCode());
-        result = prime * result + ((enabled == null) ? 0 : enabled.hashCode());
+        result = prime * result + ((status == null) ? 0 : status.hashCode());
         result = prime * result + ((eventConfigs == null) ? 0 : eventConfigs.hashCode());
         result = prime * result + ((interval == null) ? 0 : interval.hashCode());
         result = prime * result + ((link == null) ? 0 : link.hashCode());
@@ -186,10 +186,10 @@ public class AuditConfig {
                 return false;
         } else if (!bufferSize.equals(other.bufferSize))
             return false;
-        if (enabled == null) {
-            if (other.enabled != null)
+        if (status == null) {
+            if (other.status != null)
                 return false;
-        } else if (!enabled.equals(other.enabled))
+        } else if (!status.equals(other.status))
             return false;
         if (eventConfigs == null) {
             if (other.eventConfigs != null)
@@ -237,7 +237,7 @@ public class AuditConfig {
     public static void main(String args[]) throws Exception {
 
         AuditConfig before = new AuditConfig();
-        before.setEnabled(true);
+        before.setStatus("Enabled");
         before.setSigned(false);
         before.setInterval(10);
         before.setBufferSize(512);
diff --git a/base/common/src/com/netscape/certsrv/logging/AuditResource.java b/base/common/src/com/netscape/certsrv/logging/AuditResource.java
index 6053c6b8f..9b14986b1 100644
--- a/base/common/src/com/netscape/certsrv/logging/AuditResource.java
+++ b/base/common/src/com/netscape/certsrv/logging/AuditResource.java
@@ -18,11 +18,15 @@
 package com.netscape.certsrv.logging;
 
 import javax.ws.rs.GET;
+import javax.ws.rs.POST;
 import javax.ws.rs.Path;
+import javax.ws.rs.QueryParam;
 import javax.ws.rs.core.Response;
 
 import org.jboss.resteasy.annotations.ClientResponseType;
 
+import com.netscape.certsrv.acls.ACLMapping;
+import com.netscape.certsrv.authentication.AuthMethodMapping;
 import com.netscape.certsrv.base.PATCH;
 
 
@@ -30,6 +34,8 @@ import com.netscape.certsrv.base.PATCH;
  * @author Endi S. Dewata
  */
 @Path("audit")
+@AuthMethodMapping("audit")
+@ACLMapping("audit.read")
 public interface AuditResource {
 
     @GET
@@ -38,5 +44,12 @@ public interface AuditResource {
 
     @PATCH
     @ClientResponseType(entityType=AuditConfig.class)
+    @ACLMapping("audit.modify")
     public Response updateAuditConfig(AuditConfig configData);
+
+    @POST
+    @ClientResponseType(entityType=AuditConfig.class)
+    @ACLMapping("audit.modify")
+    public Response changeAuditStatus(
+            @QueryParam("action") String action);
 }
author	Endi S. Dewata <edewata@redhat.com>	2014-04-10 17:55:02 -0400
committer	Endi S. Dewata <edewata@redhat.com>	2014-04-15 14:51:04 -0400
commit	4e548279b92af62b913c1678e84a695366608540 (patch)
tree	908cd61b9aad31e3216a1b5b72be4bf0bad48e28 /base/common/src/com/netscape/certsrv/logging
parent	ed9c9538ddbb98262d50f6857c88ce345949037b (diff)
download	pki-4e548279b92af62b913c1678e84a695366608540.tar.gz pki-4e548279b92af62b913c1678e84a695366608540.tar.xz pki-4e548279b92af62b913c1678e84a695366608540.zip