From 1bee1688399eed154d969c04dccd41e3155b09f5 Mon Sep 17 00:00:00 2001 From: "Endi S. Dewata" Date: Sat, 16 Apr 2016 03:48:40 +0200 Subject: Replaced TPS OP_DO_TOKEN activity. For clarity the TPS operatons that generate OP_DO_TOKEN activity has been modified to generate OP_TOKEN_MODIFY instead, except for the changeTokenStatus() which will generate OP_TOKEN_STATUS_CHANGE. https://fedorahosted.org/pki/ticket/2268 --- base/tps/src/org/dogtagpki/server/tps/TPSTokendb.java | 8 ++++---- .../src/org/dogtagpki/server/tps/dbs/ActivityDatabase.java | 5 ++++- base/tps/src/org/dogtagpki/server/tps/rest/TokenService.java | 12 ++++++------ 3 files changed, 14 insertions(+), 11 deletions(-) diff --git a/base/tps/src/org/dogtagpki/server/tps/TPSTokendb.java b/base/tps/src/org/dogtagpki/server/tps/TPSTokendb.java index 7a12466b8..4142bab4f 100644 --- a/base/tps/src/org/dogtagpki/server/tps/TPSTokendb.java +++ b/base/tps/src/org/dogtagpki/server/tps/TPSTokendb.java @@ -402,7 +402,7 @@ public class TPSTokendb { ", keyType: " + keyType + ", state: " + tokenReason; - tdbActivity(ActivityDatabase.OP_DO_TOKEN, tdbGetTokenEntry(cuid), + tdbActivity(ActivityDatabase.OP_TOKEN_MODIFY, tdbGetTokenEntry(cuid), ipAddress, activityMsg, "success", remoteUser); return false; @@ -418,13 +418,13 @@ public class TPSTokendb { Date now = new Date(); if (now.after(notAfter)) { activityMsg = "revocation not enabled for expired cert: " + cert.getSerialNumber(); - tdbActivity(ActivityDatabase.OP_DO_TOKEN, tdbGetTokenEntry(cuid), + tdbActivity(ActivityDatabase.OP_TOKEN_MODIFY, tdbGetTokenEntry(cuid), ipAddress, activityMsg, "success", remoteUser); return false; } if (now.before(notBefore)) { activityMsg = "revocation not enabled for cert that is not yet valid: " + cert.getSerialNumber(); - tdbActivity(ActivityDatabase.OP_DO_TOKEN, tdbGetTokenEntry(cuid), + tdbActivity(ActivityDatabase.OP_TOKEN_MODIFY, tdbGetTokenEntry(cuid), ipAddress, activityMsg, "success", remoteUser); return false; } @@ -439,7 +439,7 @@ public class TPSTokendb { activityMsg = "revocation not permitted as certificate " + cert.getSerialNumber() + " is shared by anothr active token"; - tdbActivity(ActivityDatabase.OP_DO_TOKEN, tdbGetTokenEntry(cuid), + tdbActivity(ActivityDatabase.OP_TOKEN_MODIFY, tdbGetTokenEntry(cuid), ipAddress, activityMsg, "success", remoteUser); return false; diff --git a/base/tps/src/org/dogtagpki/server/tps/dbs/ActivityDatabase.java b/base/tps/src/org/dogtagpki/server/tps/dbs/ActivityDatabase.java index c15ff9255..338283699 100644 --- a/base/tps/src/org/dogtagpki/server/tps/dbs/ActivityDatabase.java +++ b/base/tps/src/org/dogtagpki/server/tps/dbs/ActivityDatabase.java @@ -36,7 +36,7 @@ import com.netscape.cmsutil.ldap.LDAPUtil; * @author Endi S. Dewata */ public class ActivityDatabase extends LDAPDatabase { - public final static String OP_DO_TOKEN = "do_token"; + public final static String OP_ADD = "add"; // add a token public final static String OP_DELETE = "delete"; // delete a token //public final static String OP_MODIFY_AUDIT_SIGNING = "modify_audit_signing"; @@ -46,6 +46,9 @@ public class ActivityDatabase extends LDAPDatabase { public final static String OP_PIN_RESET = "pin_reset"; public final static String OP_FORMAT = "format"; + public final static String OP_TOKEN_MODIFY = "token_modify"; + public final static String OP_TOKEN_STATUS_CHANGE = "token_status_change"; + public ActivityDatabase(IDBSubsystem dbSubsystem, String baseDN) throws EBaseException { super("Activity", dbSubsystem, baseDN, ActivityRecord.class); } diff --git a/base/tps/src/org/dogtagpki/server/tps/rest/TokenService.java b/base/tps/src/org/dogtagpki/server/tps/rest/TokenService.java index 3dcc5a547..78a503994 100644 --- a/base/tps/src/org/dogtagpki/server/tps/rest/TokenService.java +++ b/base/tps/src/org/dogtagpki/server/tps/rest/TokenService.java @@ -460,7 +460,7 @@ public class TokenService extends PKIService implements TokenResource { tokenRecord.setPolicy(tokenData.getPolicy()); auditModParams.put("Policy", tokenData.getPolicy()); database.updateRecord(tokenID, tokenRecord); - subsystem.tdb.tdbActivity(ActivityDatabase.OP_DO_TOKEN, tokenRecord, + subsystem.tdb.tdbActivity(ActivityDatabase.OP_TOKEN_MODIFY, tokenRecord, ipAddress, msg, "success", remoteUser); tokenData = createTokenData(database.getRecord(tokenID)); @@ -473,7 +473,7 @@ public class TokenService extends PKIService implements TokenResource { CMS.debug(e); msg = msg + ": " + e.getMessage(); - subsystem.tdb.tdbActivity(ActivityDatabase.OP_DO_TOKEN, tokenRecord, + subsystem.tdb.tdbActivity(ActivityDatabase.OP_TOKEN_MODIFY, tokenRecord, ipAddress, msg, "failure", remoteUser); @@ -554,7 +554,7 @@ public class TokenService extends PKIService implements TokenResource { } database.updateRecord(tokenID, tokenRecord); - subsystem.tdb.tdbActivity(ActivityDatabase.OP_DO_TOKEN, tokenRecord, + subsystem.tdb.tdbActivity(ActivityDatabase.OP_TOKEN_MODIFY, tokenRecord, ipAddress, msg, "success", remoteUser); tokenData = createTokenData(database.getRecord(tokenID)); @@ -567,7 +567,7 @@ public class TokenService extends PKIService implements TokenResource { CMS.debug(e); msg = msg + ": " + e.getMessage(); - subsystem.tdb.tdbActivity(ActivityDatabase.OP_DO_TOKEN, tokenRecord, + subsystem.tdb.tdbActivity(ActivityDatabase.OP_TOKEN_MODIFY, tokenRecord, ipAddress, msg, "failure", remoteUser); @@ -662,7 +662,7 @@ public class TokenService extends PKIService implements TokenResource { // audit in setTokenStatus() setTokenStatus(tokenRecord, tokenStatus, ipAddress, remoteUser, auditModParams); database.updateRecord(tokenID, tokenRecord); - subsystem.tdb.tdbActivity(ActivityDatabase.OP_DO_TOKEN, tokenRecord, + subsystem.tdb.tdbActivity(ActivityDatabase.OP_TOKEN_STATUS_CHANGE, tokenRecord, ipAddress, msg, "success", remoteUser); @@ -674,7 +674,7 @@ public class TokenService extends PKIService implements TokenResource { CMS.debug(e); msg = msg + ": " + e.getMessage(); - subsystem.tdb.tdbActivity(ActivityDatabase.OP_DO_TOKEN, tokenRecord, + subsystem.tdb.tdbActivity(ActivityDatabase.OP_TOKEN_STATUS_CHANGE, tokenRecord, ipAddress, msg, "failure", remoteUser); -- cgit