mirrors/cdt
1
0
Fork 0
mirror of https://github.com/eclipse-cdt/cdt synced 2025-07-29 03:45:35 +02:00
Code Issues Wiki Activity

[414016] [dstore] new server audit log requirements

Browse source
This commit is contained in:
Dave McKnight 2013-08-27 16:11:52 -04:00
parent 3ce8c78d7b
commit dee9e1beaf
13 changed files with 136 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

23
rse/plugins/org.eclipse.dstore.core/src/org/eclipse/dstore/core/model/ByteStreamHandler.java
View file

@ -18,6 +18,7 @@
* David McKnight (IBM) [380023] [dstore] remote file permissions lost after upload
* David McKnight (IBM) [385630] [dstore] backup files created during upload should be removed when upload successful
* David McKnight (IBM) [400251] [dstore] backup files cause problem when parent folder is read-only
* David McKnight (IBM) - [414016] [dstore] new server audit log requirements
*******************************************************************************/
package org.eclipse.dstore.core.model;
@ -190,7 +191,11 @@ public class ByteStreamHandler implements IByteStreamHandler
if (fileName != null)
{
_dataStore.trace("Receiving Bytes for " + fileName); //$NON-NLS-1$
if (!_dataStore.isVirtual()){
_dataStore.trace("Receiving Bytes for " + fileName); //$NON-NLS-1$
String[] auditData = new String[] {"WRITE", remotePath, null, null}; //$NON-NLS-1$
_dataStore.getClient().getLogger().logAudit(auditData);
}
try
{
// need to create directories as well
@ -233,6 +238,11 @@ public class ByteStreamHandler implements IByteStreamHandler
fileStream.close();
deleteBackupFile(newFile, backupFile);
if (!_dataStore.isVirtual()){
String[] auditData = new String[] {"WRITE", remotePath, "0", null}; //$NON-NLS-1$ //$NON-NLS-2$
_dataStore.getClient().getLogger().logAudit(auditData);
}
if (status == null)
return;
status.setAttribute(DE.A_SOURCE, "success"); //$NON-NLS-1$
@ -276,7 +286,11 @@ public class ByteStreamHandler implements IByteStreamHandler
if (fileName != null)
{
_dataStore.trace("Receiving Appended Bytes for " + fileName); //$NON-NLS-1$
if (!_dataStore.isVirtual()){
_dataStore.trace("Receiving Appended Bytes for " + fileName); //$NON-NLS-1$
String[] auditData = new String[] {"WRITE", remotePath, null, null}; //$NON-NLS-1$
_dataStore.getClient().getLogger().logAudit(auditData);
}
try
{
// need to create directories as well
@ -323,7 +337,10 @@ public class ByteStreamHandler implements IByteStreamHandler
outStream.close();
}
if (!_dataStore.isVirtual()){
String[] auditData = new String[] {"WRITE", remotePath, "0", null}; //$NON-NLS-1$ //$NON-NLS-2$
_dataStore.getClient().getLogger().logAudit(auditData);
}
if (status == null)
return;
status.setAttribute(DE.A_SOURCE, "success"); //$NON-NLS-1$

10
rse/plugins/org.eclipse.dstore.core/src/org/eclipse/dstore/core/server/IServerLogger.java
View file

@ -1,5 +1,5 @@
/*******************************************************************************
* Copyright (c) 2010 IBM Corporation and others.
* Copyright (c) 2013 IBM Corporation and others.
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the Eclipse Public License v1.0
* which accompanies this distribution, and is available at
@ -12,6 +12,7 @@
* Contributors:
* Noriaki Takatsu (IBM) - [220126] [dstore][api][breaking] Single process server for multiple clients
* David McKnight (IBM) - [305272] [dstore][multithread] log close in ServerLogger
* David McKnight (IBM) - [414016] [dstore] new server audit log requirements
*******************************************************************************/
package org.eclipse.dstore.core.server;
@ -62,4 +63,11 @@ public interface IServerLogger
* @since 3.2
*/
public void closeLogFileStream();
/**
* logAudit
*
* @param data information to log.
*/
public void logAudit(String[] data);
}

12
rse/plugins/org.eclipse.dstore.core/src/org/eclipse/dstore/core/server/ServerLogger.java
View file

@ -1,5 +1,5 @@
/********************************************************************************
* Copyright (c) 2002, 2012 IBM Corporation. All rights reserved.
* Copyright (c) 2002, 2013 IBM Corporation. All rights reserved.
* This program and the accompanying materials are made available under the terms
* of the Eclipse Public License v1.0 which accompanies this distribution, and is
* available at http://www.eclipse.org/legal/epl-v10.html
@ -26,6 +26,7 @@
* David McKnight (IBM) - [351993] [dstore] not able to connect to server if .eclipse folder not available
* David McKnight (IBM) - [366220] Log_To_File no longer default value for log_location in rsecomm.properties
* David McKnight (IBM) - [391774] [dstore] NPE if user-log directory cannot be created
* David McKnight (IBM) - [414016] [dstore] new server audit log requirements
********************************************************************************/
package org.eclipse.dstore.core.server;
@ -326,4 +327,13 @@ public class ServerLogger implements IServerLogger
}
}
/**
* logAudit
*
* @param data information to log.
*/
public void logAudit(String[] data){
// initial implementation is a no-op but extenders (i.e. zosServerLogger) can provide
// required function
}
}

18
rse/plugins/org.eclipse.rse.services.dstore/miners/org/eclipse/rse/dstore/universal/miners/UniversalFileSystemMiner.java
View file

@ -1,5 +1,5 @@
/*******************************************************************************
* Copyright (c) 2002, 2012 IBM Corporation and others.
* Copyright (c) 2002, 2013 IBM Corporation and others.
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the Eclipse Public License v1.0
* which accompanies this distribution, and is available at
@ -46,6 +46,7 @@
* Noriaki Takatsu (IBM) - [380562] [multithread][dstore] File Search is not canceled by the client UI on disconnect
* David McKnight (IBM) - [390037] [dstore] Duplicated items in the System view
* David McKnight (IBM) - [392012] [dstore] make server safer for delete operations
* David McKnight (IBM) - [414016] [dstore] new server audit log requirements
*******************************************************************************/
package org.eclipse.rse.dstore.universal.miners;
@ -749,10 +750,16 @@ public class UniversalFileSystemMiner extends Miner {
}
else if (readOnly)
{
String[] auditData = new String[] {"SET-READONLY", filename.getAbsolutePath(), null, null}; //$NON-NLS-1$
UniversalServerUtilities.logAudit(auditData, _dataStore);
done = filename.setReadOnly();
}
else
{
String[] auditData = new String[] {"SET-READWRITE", filename.getAbsolutePath(), null, null}; //$NON-NLS-1$
UniversalServerUtilities.logAudit(auditData, _dataStore);
// doesn't handle non-unix
if (!_isWindows)
{
@ -816,6 +823,11 @@ public class UniversalFileSystemMiner extends Miner {
status.setAttribute(DE.A_SOURCE, IServiceConstants.FAILED_WITH_DOES_NOT_EXIST);
else {
try {
String[] auditData = new String[] {"SET-LAST-MODIFIED", filename.getAbsolutePath(), null, null}; //$NON-NLS-1$
UniversalServerUtilities.logAudit(auditData, _dataStore);
String str = subject.getAttribute(DE.A_SOURCE);
long date = Long.parseLong(str);
@ -2093,6 +2105,10 @@ public class UniversalFileSystemMiner extends Miner {
private DataElement handleSetFilePermissions(DataElement subject, DataElement newPermissions, DataElement status)
{
File file = getFileFor(subject);
String[] auditData = new String[] {"SET-PERMISSIONS", file.getAbsolutePath(), null, null}; //$NON-NLS-1$
UniversalServerUtilities.logAudit(auditData, _dataStore);
String permissionsStr = newPermissions.getName();
String[] permAttributes = permissionsStr.split("\\"+IServiceConstants.TOKEN_SEPARATOR); //$NON-NLS-1$

14
rse/plugins/org.eclipse.rse.services.dstore/miners/org/eclipse/rse/dstore/universal/miners/UniversalServerUtilities.java
View file

@ -1,5 +1,5 @@
/********************************************************************************
* Copyright (c) 2002, 2008 IBM Corporation. All rights reserved.
* Copyright (c) 2002, 2013 IBM Corporation. All rights reserved.
* This program and the accompanying materials are made available under the terms
* of the Eclipse Public License v1.0 which accompanies this distribution, and is
* available at http://www.eclipse.org/legal/epl-v10.html
@ -14,6 +14,7 @@
* Noriaki Takatsu (IBM) - [220126] [dstore][api][breaking] Single process server for multiple clients
* Martin Oberhuber (Wind River) - [cleanup] Add API "since" Javadoc tags
* Noriaki Takatsu (IBM) - [239068] [multithread] "client.username" property must be set via dataStore Client
* David McKnight (IBM) - [414016] [dstore] new server audit log requirements
********************************************************************************/
package org.eclipse.rse.dstore.universal.miners;
@ -98,4 +99,15 @@ public class UniversalServerUtilities {
dataStore.getClient().getLogger().logDebugMessage(minerName, message);
}
/**
* logAudit
*
* @param data information to be logged
* @param dataStore
*/
public static void logAudit(String[] data, DataStore dataStore)
{
dataStore.getClient().getLogger().logAudit(data);
}
}

27
rse/plugins/org.eclipse.rse.services.dstore/miners/org/eclipse/rse/internal/dstore/universal/miners/command/CommandMinerThread.java
View file

@ -1,5 +1,5 @@
/*******************************************************************************
* Copyright (c) 2003, 2012 IBM Corporation and others.
* Copyright (c) 2003, 2013 IBM Corporation and others.
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the Eclipse Public License v1.0
* which accompanies this distribution, and is available at
@ -38,6 +38,7 @@
* David McKnight (IBM) [372968] [dstore][shell] provide support for csh and tcsh shells
* David McKnight (IBM) [395306] [dstore] Regression for CommandMinerThread authority
* David McKnight (IBM) [395465] [dstore][shells] customer hit an NPE on shell cleanup
* David McKnight (IBM) - [414016] [dstore] new server audit log requirements
*******************************************************************************/
package org.eclipse.rse.internal.dstore.universal.miners.command;
@ -351,6 +352,11 @@ public class CommandMinerThread extends MinerThread
if (suCommand!=null)
_invocation = suCommand + _invocation;
String[] auditData = new String[] {"SHELL", _invocation, null, null}; //$NON-NLS-1$
UniversalServerUtilities.logAudit(auditData, _dataStore);
_theProcess = Runtime.getRuntime().exec(_invocation, env, theDirectory);
}
}
@ -401,7 +407,11 @@ public class CommandMinerThread extends MinerThread
argsList.add("-L"); //$NON-NLS-1$
didLogin = true;
}
String[] auditData = new String[] {"SHELL", _invocation, null, null}; //$NON-NLS-1$
UniversalServerUtilities.logAudit(auditData, _dataStore);
String args[] = (String[])argsList.toArray(new String[argsList.size()]);
try {
@ -418,6 +428,10 @@ public class CommandMinerThread extends MinerThread
_invocation = suCommand + _invocation;
}
String[] auditData = new String[] {"SHELL", _invocation, null, null}; //$NON-NLS-1$
UniversalServerUtilities.logAudit(auditData, _dataStore);
if (customShellInvocation != null && customShellInvocation.length() > 0){
// all handled in the custom shell invocation
_theProcess = Runtime.getRuntime().exec(_invocation, env, theDirectory);
@ -460,6 +474,11 @@ public class CommandMinerThread extends MinerThread
argsList.add("-c"); //$NON-NLS-1$
argsList.add(_invocation);
String[] auditData = new String[] {"SHELL", _invocation, null, null}; //$NON-NLS-1$
UniversalServerUtilities.logAudit(auditData, _dataStore);
String args[] = (String[])argsList.toArray(new String[argsList.size()]);
_theProcess = Runtime.getRuntime().exec(args, env, theDirectory);
}
@ -694,6 +713,10 @@ public class CommandMinerThread extends MinerThread
input.getBytes();
UniversalServerUtilities.logInfo(getName(), "shell input after char conversion="+input, _dataStore); //$NON-NLS-1$
String[] auditData = new String[] {"SHELL-INPUT", input, null, null}; //$NON-NLS-1$
UniversalServerUtilities.logAudit(auditData, _dataStore);
if (_isCsh && origInput.startsWith("export ")){ //$NON-NLS-1$
input = origInput.replaceAll("export ", "setenv ").replaceAll("=", " "); //$NON-NLS-1$//$NON-NLS-2$ //$NON-NLS-3$ //$NON-NLS-4$
}

6
rse/plugins/org.eclipse.rse.services.dstore/miners/org/eclipse/rse/internal/dstore/universal/miners/filesystem/CopyThread.java
View file

@ -1,5 +1,5 @@
/*******************************************************************************
* Copyright (c) 2007, 2009 IBM Corporation and others.
* Copyright (c) 2007, 2013 IBM Corporation and others.
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the Eclipse Public License v1.0
* which accompanies this distribution, and is available at
@ -13,6 +13,7 @@
* Xuan Chen (IBM) - [209827] Update DStore command implementation to enable cancelation of archive operations
* Noriaki Takatsu (IBM) - [220126] [dstore][api][breaking] Single process server for multiple clients
* David McKnight (IBM) - [290290] [dstore] Error message when copy a file from another users folder
* David McKnight (IBM) - [414016] [dstore] new server audit log requirements
*******************************************************************************/
package org.eclipse.rse.internal.dstore.universal.miners.filesystem;
@ -89,6 +90,9 @@ public class CopyThread extends SecuredThread implements ICancellableHandler {
protected void doCopyCommand(String source, String tgt, boolean folderCopy, DataElement status)
{
String[] auditData = new String[] {"COPY", source, tgt, null}; //$NON-NLS-1$
UniversalServerUtilities.logAudit(auditData, _dataStore);
String command = null;
if (isWindows) {

10
rse/plugins/org.eclipse.rse.services.dstore/miners/org/eclipse/rse/internal/dstore/universal/miners/filesystem/CreateFileThread.java
View file

@ -1,5 +1,5 @@
/*******************************************************************************
* Copyright (c) 2007, 2008 IBM Corporation and others.
* Copyright (c) 2007, 2013 IBM Corporation and others.
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the Eclipse Public License v1.0
* which accompanies this distribution, and is available at
@ -13,6 +13,7 @@
* Xuan Chen (IBM) - [209827] Update DStore command implementation to enable cancelation of archive operations
* Noriaki Takatsu (IBM) - [220126] [dstore][api][breaking] Single process server for multiple clients
* Martin Oberhuber (Wind River) - [199854][api] Improve error reporting for archive handlers
* David McKnight (IBM) - [414016] [dstore] new server audit log requirements
*******************************************************************************/
package org.eclipse.rse.internal.dstore.universal.miners.filesystem;
@ -118,6 +119,9 @@ public class CreateFileThread extends SecuredThread implements ICancellableHandl
if (filename.exists())
_status.setAttribute(DE.A_SOURCE, IServiceConstants.FAILED_WITH_EXIST);
else {
String[] auditData = new String[] {"CREATE-FILE", filename.getAbsolutePath(), null, null}; //$NON-NLS-1$
UniversalServerUtilities.logAudit(auditData, _dataStore);
try {
boolean done = filename.createNewFile();
if (ArchiveHandlerManager.getInstance().isArchive(filename)) {
@ -174,6 +178,10 @@ public class CreateFileThread extends SecuredThread implements ICancellableHandl
}
// VirtualChild child = handler.getVirtualFile(vpath.getVirtualPart());
handler.getVirtualFile(vpath.getVirtualPart(), systemOperationMonitor);
String[] auditData = new String[] {"MODIFY-ARCHIVE", handler.getArchive().getAbsolutePath(), null, null}; //$NON-NLS-1$
UniversalServerUtilities.logAudit(auditData, _dataStore);
handler.createFile(vpath.getVirtualPart(), systemOperationMonitor);
status.setAttribute(DE.A_SOURCE, IServiceConstants.SUCCESS);

10
rse/plugins/org.eclipse.rse.services.dstore/miners/org/eclipse/rse/internal/dstore/universal/miners/filesystem/CreateFolderThread.java
View file

@ -1,5 +1,5 @@
/*******************************************************************************
* Copyright (c) 2007, 2008 IBM Corporation and others.
* Copyright (c) 2007, 2013 IBM Corporation and others.
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the Eclipse Public License v1.0
* which accompanies this distribution, and is available at
@ -13,6 +13,7 @@
* Xuan Chen (IBM) - [209827] Update DStore command implementation to enable cancelation of archive operations
* Noriaki Takatsu (IBM) - [220126] [dstore][api][breaking] Single process server for multiple clients
* Martin Oberhuber (Wind River) - [199854][api] Improve error reporting for archive handlers
* David McKnight (IBM) - [414016] [dstore] new server audit log requirements
*******************************************************************************/
package org.eclipse.rse.internal.dstore.universal.miners.filesystem;
@ -124,6 +125,9 @@ public class CreateFolderThread extends SecuredThread implements ICancellableHan
_status.setAttribute(DE.A_SOURCE, IServiceConstants.FAILED_WITH_EXIST);
else
{
String[] auditData = new String[] {"CREATE-FOLDER", filename.getAbsolutePath(), null, null}; //$NON-NLS-1$
UniversalServerUtilities.logAudit(auditData, _dataStore);
try {
boolean done = filename.mkdirs();
if (done)
@ -167,6 +171,10 @@ public class CreateFolderThread extends SecuredThread implements ICancellableHan
}
// VirtualChild child = handler.getVirtualFile(vpath.getVirtualPart());
handler.getVirtualFile(vpath.getVirtualPart(), systemOperationMonitor);
String[] auditData = new String[] {"MODIFY-ARCHIVE", handler.getArchive().getAbsolutePath(), null, null}; //$NON-NLS-1$
UniversalServerUtilities.logAudit(auditData, _dataStore);
handler.createFolder(vpath.getVirtualPart(), systemOperationMonitor);
status.setAttribute(DE.A_SOURCE, IServiceConstants.SUCCESS);

6
rse/plugins/org.eclipse.rse.services.dstore/miners/org/eclipse/rse/internal/dstore/universal/miners/filesystem/DeleteThread.java
View file

@ -1,5 +1,5 @@
/*******************************************************************************
* Copyright (c) 2007, 2012 IBM Corporation and others.
* Copyright (c) 2007, 2013 IBM Corporation and others.
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the Eclipse Public License v1.0
* which accompanies this distribution, and is available at
@ -17,6 +17,7 @@
* David McKnight (IBM) - [321026][dstore] Broken symbolic link can't be removed
* David McKnight (IBM) - [342450][dstore] Real files should not be deleted when deleting a symbolic link
* David McKnight (IBM) - [392012] [dstore] make server safer for delete operations
* David McKnight (IBM) - [414016] [dstore] new server audit log requirements
*******************************************************************************/
package org.eclipse.rse.internal.dstore.universal.miners.filesystem;
@ -157,6 +158,9 @@ public class DeleteThread extends SecuredThread implements ICancellableHandler {
"The object to delete does not exist", null, _dataStore); //$NON-NLS-1$
} else {
try {
String[] auditData = new String[] {"DELETE", deleteObj.getAbsolutePath(), null, null};
UniversalServerUtilities.logAudit(auditData, _dataStore);
if (classification != null && classification.startsWith("symbolic link")){ //$NON-NLS-1$
// only delete the link - no the actual file or folder contents
deleteObj.delete();

6
rse/plugins/org.eclipse.rse.services.dstore/miners/org/eclipse/rse/internal/dstore/universal/miners/filesystem/RenameThread.java
View file

@ -1,5 +1,5 @@
/*******************************************************************************
* Copyright (c) 2007, 2008 IBM Corporation and others.
* Copyright (c) 2007, 2013 IBM Corporation and others.
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the Eclipse Public License v1.0
* which accompanies this distribution, and is available at
@ -13,6 +13,7 @@
* Xuan Chen (IBM) - [209827] Update DStore command implementation to enable cancelation of archive operations
* Noriaki Takatsu (IBM) - [220126] [dstore][api][breaking] Single process server for multiple clients
* Martin Oberhuber (Wind River) - [199854][api] Improve error reporting for archive handlers
* David McKnight (IBM) - [414016] [dstore] new server audit log requirements
*******************************************************************************/
package org.eclipse.rse.internal.dstore.universal.miners.filesystem;
@ -121,6 +122,9 @@ public class RenameThread extends SecuredThread implements ICancellableHandler {
_status.setAttribute(DE.A_SOURCE, IServiceConstants.FAILED_WITH_EXIST);
else {
try {
String[] auditData = new String[] {"RENAME", fileoldname.getAbsolutePath(), filerename.getAbsolutePath(), null}; //$NON-NLS-1$
UniversalServerUtilities.logAudit(auditData, _dataStore);
boolean done = fileoldname.renameTo(filerename);
if (done) {
_subject.setAttribute(DE.A_NAME, filerename.getName());

6
rse/plugins/org.eclipse.rse.services.dstore/miners/org/eclipse/rse/internal/dstore/universal/miners/filesystem/UniversalDownloadHandler.java
View file

@ -1,5 +1,5 @@
/*******************************************************************************
* Copyright (c) 2006, 2012 IBM Corporation and others.
* Copyright (c) 2006, 2013 IBM Corporation and others.
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the Eclipse Public License v1.0
* which accompanies this distribution, and is available at
@ -16,6 +16,7 @@
* Noriaki Takatsu (IBM) - [220126] [dstore][api][breaking] Single process server for multiple clients
* David McKnight (IBM) - [dstore] cancelable threads not removed fast enough from Hashmap, resulting in OOM
* David McKnight (IBM) - [396783] [dstore] fix issues with the spiriting mechanism and other memory improvements (phase 2)
* David McKnight (IBM) - [414016] [dstore] new server audit log requirements
*******************************************************************************/
package org.eclipse.rse.internal.dstore.universal.miners.filesystem;
@ -127,7 +128,8 @@ public class UniversalDownloadHandler extends SecuredThread implements ICancella
_dataStore.trace("download:" + remotePath + "," + elementType); //$NON-NLS-1$ //$NON-NLS-2$
File file = new File(remotePath);
String[] auditData = new String[] {"READ", file.getAbsolutePath(), null, null}; //$NON-NLS-1$
UniversalServerUtilities.logAudit(auditData, _dataStore);
if (elementType.equals(IUniversalDataStoreConstants.UNIVERSAL_VIRTUAL_FILE_DESCRIPTOR))
{

5
rse/plugins/org.eclipse.rse.services.dstore/miners/org/eclipse/rse/internal/dstore/universal/miners/filesystem/UniversalSearchHandler.java
View file

@ -1,5 +1,5 @@
/*******************************************************************************
* Copyright (c) 2006, 2012 IBM Corporation and others.
* Copyright (c) 2006, 2013 IBM Corporation and others.
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the Eclipse Public License v1.0
* which accompanies this distribution, and is available at
@ -31,6 +31,7 @@
* David McKnight (IBM) - [371401] [dstore][multithread] avoid use of static variables - causes memory leak after disconnect
* Noriaki Takatsu (IBM) - [380562] [multithread][dstore] File Search is not canceled by the client UI on disconnect
* David McKnight (IBM) - [396783] [dstore] fix issues with the spiriting mechanism and other memory improvements (phase 2)
* David McKnight (IBM) - [414016] [dstore] new server audit log requirements
********************************************************************************/
package org.eclipse.rse.internal.dstore.universal.miners.filesystem;
@ -393,6 +394,8 @@ public class UniversalSearchHandler extends SecuredThread implements ICancellabl
return true;
}
String[] auditData = new String[] {"READ", theFile.getAbsolutePath(), null, null}; //$NON-NLS-1$
UniversalServerUtilities.logAudit(auditData, _dataStore);
FileInputStream inputStream = null;
try {