diff options
| author | Endi S. Dewata <edewata@redhat.com> | 2017-03-28 21:02:22 +0200 |
|---|---|---|
| committer | Endi S. Dewata <edewata@redhat.com> | 2017-04-04 22:07:54 +0200 |
| commit | 88cd07655268831e14e7cd4f6f6a65e331f86583 (patch) | |
| tree | 9519b55cfa1638746423e7e5a227783a42a2af73 /base/server/cms/src | |
| parent | 6a682f8e56c982ed0e0810326e71f9de23347590 (diff) | |
Added CLIs to access audit log files.
New pki audit commands have been added to list and retrieve audit
log files.
Change-Id: I785fa6f55d9b143f513d9210ebf82d04e06eaed5
Diffstat (limited to 'base/server/cms/src')
| -rw-r--r-- | base/server/cms/src/com/netscape/cms/servlet/base/PKIService.java | 1 | ||||
| -rw-r--r-- | base/server/cms/src/org/dogtagpki/server/rest/AuditService.java | 107 |
2 files changed, 108 insertions, 0 deletions
diff --git a/base/server/cms/src/com/netscape/cms/servlet/base/PKIService.java b/base/server/cms/src/com/netscape/cms/servlet/base/PKIService.java index 8dfbef1e5..e023aa682 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/base/PKIService.java +++ b/base/server/cms/src/com/netscape/cms/servlet/base/PKIService.java @@ -59,6 +59,7 @@ public class PKIService { MediaType.APPLICATION_XML_TYPE, MediaType.APPLICATION_JSON_TYPE, MediaType.APPLICATION_FORM_URLENCODED_TYPE, + MediaType.APPLICATION_OCTET_STREAM_TYPE, MediaType.valueOf("application/pkix-cert"), MediaType.valueOf("application/pkcs7-mime"), MediaType.valueOf("application/x-pem-file") diff --git a/base/server/cms/src/org/dogtagpki/server/rest/AuditService.java b/base/server/cms/src/org/dogtagpki/server/rest/AuditService.java index 9af95d992..7bb048f19 100644 --- a/base/server/cms/src/org/dogtagpki/server/rest/AuditService.java +++ b/base/server/cms/src/org/dogtagpki/server/rest/AuditService.java @@ -18,16 +18,27 @@ package org.dogtagpki.server.rest; +import java.io.File; +import java.io.FileInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; import java.io.UnsupportedEncodingException; import java.net.URI; +import java.util.ArrayList; import java.util.Collection; +import java.util.Collections; import java.util.HashMap; +import java.util.List; import java.util.Map; import java.util.TreeMap; import java.util.TreeSet; +import javax.ws.rs.WebApplicationException; import javax.ws.rs.core.Response; +import javax.ws.rs.core.StreamingOutput; +import org.apache.commons.io.IOUtils; import org.apache.commons.lang.StringUtils; import org.jboss.resteasy.plugins.providers.atom.Link; @@ -36,7 +47,10 @@ import com.netscape.certsrv.base.BadRequestException; import com.netscape.certsrv.base.EBaseException; import com.netscape.certsrv.base.IConfigStore; import com.netscape.certsrv.base.PKIException; +import com.netscape.certsrv.base.ResourceNotFoundException; import com.netscape.certsrv.logging.AuditConfig; +import com.netscape.certsrv.logging.AuditFile; +import com.netscape.certsrv.logging.AuditFileCollection; import com.netscape.certsrv.logging.AuditResource; import com.netscape.certsrv.logging.ILogger; import com.netscape.cms.servlet.base.SubsystemService; @@ -299,6 +313,99 @@ public class AuditService extends SubsystemService implements AuditResource { } } + public File getCurrentLogFile() { + IConfigStore cs = CMS.getConfigStore(); + String filename = cs.get("log.instance.SignedAudit.fileName"); + return new File(filename); + } + + public File getLogDirectory() { + File file = getCurrentLogFile(); + return file.getParentFile(); + } + + public List<File> getLogFiles() { + + List<String> filenames = new ArrayList<>(); + + File currentFile = getCurrentLogFile(); + String currentFilename = currentFile.getName(); + File logDir = currentFile.getParentFile(); + + // add all log files except the current one + for (String filename : logDir.list()) { + if (filename.equals(currentFilename)) continue; + filenames.add(filename); + } + + // sort log files in ascending order + Collections.sort(filenames); + + // add the current log file last (i.e. newest) + filenames.add(currentFilename); + + List<File> files = new ArrayList<>(); + for (String filename : filenames) { + files.add(new File(logDir, filename)); + } + + return files; + } + + @Override + public Response findAuditFiles() { + + AuditFileCollection response = new AuditFileCollection(); + + List<File> files = getLogFiles(); + + CMS.debug("Audit files:"); + for (File file : files) { + String name = file.getName(); + CMS.debug(" - " + name); + + AuditFile auditFile = new AuditFile(); + auditFile.setName(name); + auditFile.setSize(file.length()); + + response.addEntry(auditFile); + } + + response.setTotal(files.size()); + + return createOKResponse(response); + } + + @Override + public Response getAuditFile(String filename) { + + // make sure filename does not contain path + if (!new File(filename).getName().equals(filename)) { + CMS.debug("Invalid file name: " + filename); + throw new BadRequestException("Invalid file name: " + filename); + } + + File logDir = getLogDirectory(); + File file = new File(logDir, filename); + + if (!file.exists()) { + throw new ResourceNotFoundException("File not found: " + filename); + } + + StreamingOutput so = new StreamingOutput() { + + @Override + public void write(OutputStream out) throws IOException, WebApplicationException { + + try (InputStream is = new FileInputStream(file)) { + IOUtils.copy(is, out); + } + } + }; + + return createOKResponse(so); + } + /* * in case of failure, "info" should be in the params */ |