Work in progress

ElaadF · Jul 31, 2021 · fa97f90 · fa97f90
1 parent 41764fd
commit fa97f90
Show file tree

Hide file tree

Showing 14 changed files with 579 additions and 2 deletions.
diff --git a/webapp/sources/rudder/rudder-core/src/main/scala/com/normation/rudder/domain/Constants.scala b/webapp/sources/rudder/rudder-core/src/main/scala/com/normation/rudder/domain/Constants.scala
@@ -115,4 +115,6 @@ object Constants {
 
   val HOOKS_IGNORE_FILE_NAME = "non-exec-extensions.txt"
 
+  // for secret variable
+  val XML_TAG_SECRET = "secret"
 }
diff --git a/.../rudder-core/src/main/scala/com/normation/rudder/domain/eventlog/EventLogCategories.scala b/.../rudder-core/src/main/scala/com/normation/rudder/domain/eventlog/EventLogCategories.scala
@@ -51,6 +51,7 @@ final case object NodeGroupLogCategory extends EventLogCategory
 final case object AssetLogCategory extends EventLogCategory
 final case object RedButtonLogCategory extends EventLogCategory
 final case object ChangeRequestLogCategory extends EventLogCategory
+final case object SecretLogCategory extends EventLogCategory
 final case object WorkflowLogCategory extends EventLogCategory
 final case object PolicyServerLogCategory extends EventLogCategory
 final case object ImportExportItemsLogCategory extends EventLogCategory
@@ -113,6 +114,19 @@ final case object ModifyChangeRequestEventType extends NoRollbackEventLogType {
   def serialize = "ChangeRequestModified"
 }
 
+// secret related
+final case object AddSecretEventType extends NoRollbackEventLogType {
+  def serialize = "SecretAdded"
+}
+
+final case object ModifySecretEventType extends NoRollbackEventLogType {
+  def serialize = "SecretModified"
+}
+
+final case object DeleteSecretEventType extends NoRollbackEventLogType {
+  def serialize = "SecretDeleted"
+}
+
 // directive related
 final case object AddDirectiveEventType extends RollbackEventLogType {
   def serialize = "DirectiveAdded"

diff --git a/...dder/rudder-core/src/main/scala/com/normation/rudder/domain/eventlog/SecretEventLog.scala b/...dder/rudder-core/src/main/scala/com/normation/rudder/domain/eventlog/SecretEventLog.scala
@@ -0,0 +1,127 @@
+/*
+*************************************************************************************
+* Copyright 2021 Normation SAS
+*************************************************************************************
+*
+* This file is part of Rudder.
+*
+* Rudder is free software: you can redistribute it and/or modify
+* it under the terms of the GNU General Public License as published by
+* the Free Software Foundation, either version 3 of the License, or
+* (at your option) any later version.
+*
+* In accordance with the terms of section 7 (7. Additional Terms.) of
+* the GNU General Public License version 3, the copyright holders add
+* the following Additional permissions:
+* Notwithstanding to the terms of section 5 (5. Conveying Modified Source
+* Versions) and 6 (6. Conveying Non-Source Forms.) of the GNU General
+* Public License version 3, when you create a Related Module, this
+* Related Module is not considered as a part of the work and may be
+* distributed under the license agreement of your choice.
+* A "Related Module" means a set of sources files including their
+* documentation that, without modification of the Source Code, enables
+* supplementary functions or services in addition to those offered by
+* the Software.
+*
+* Rudder is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+* GNU General Public License for more details.
+*
+* You should have received a copy of the GNU General Public License
+* along with Rudder.  If not, see <http://www.gnu.org/licenses/>.
+
+*
+*************************************************************************************
+*/
+package com.normation.rudder.domain.eventlog
+
+import com.normation.eventlog.EventLog
+import com.normation.eventlog.EventLogDetails
+import com.normation.eventlog.EventLogFilter
+import com.normation.eventlog.EventLogType
+import com.normation.rudder.domain.policies.SimpleDiff
+
+final case class Secret(name: String, value: String, description: String)
+
+sealed trait SecretEventLog extends EventLog { override final val eventLogCategory = SecretLogCategory }
+
+final case class AddSecret(
+  override val eventDetails : EventLogDetails
+) extends SecretEventLog {
+  override val cause = None
+  override val eventType = AddSecret.eventType
+}
+
+object AddSecret extends EventLogFilter {
+  override val eventType = AddSecretEventType
+
+  override def apply(x : (EventLogType, EventLogDetails)) : AddSecret = AddSecret(x._2)
+}
+
+final case class ModifySecret(
+  override val eventDetails : EventLogDetails
+) extends SecretEventLog {
+  override val cause = None
+  override val eventType = ModifySecret.eventType
+}
+
+object ModifySecret extends EventLogFilter {
+  override val eventType = ModifySecretEventType
+
+  override def apply(x : (EventLogType, EventLogDetails)) : ModifySecret = ModifySecret(x._2)
+}
+
+final case class DeleteSecret(
+  override val eventDetails : EventLogDetails
+) extends SecretEventLog {
+  override val cause = None
+  override val eventType = DeleteSecret.eventType
+}
+
+object DeleteSecret extends EventLogFilter {
+  override val eventType = DeleteSecretEventType
+
+  override def apply(x : (EventLogType, EventLogDetails)) : DeleteSecret = DeleteSecret(x._2)
+}
+
+object SecretEventsLogsFilter {
+  final val eventList : List[EventLogFilter] = List(
+    AddSecret
+    , ModifySecret
+    , DeleteSecret
+  )
+}
+
+sealed trait SecretDiff
+
+final case class AddSecretDiff(secret: Secret) extends SecretDiff
+
+final case class DeleteSecretDiff(secret: Secret) extends SecretDiff
+
+final case class ModifySecretDiff(
+    modName        : Option[SimpleDiff[String]] = None
+  , modValue       : Boolean
+  , modDescription : Option[SimpleDiff[String]] = None
+) extends SecretDiff
+
+object ModifySecretDiff {
+  def apply(newSecret : Secret, oldSecret : Secret) : ModifySecretDiff = {
+    val modName =
+      if (newSecret.name == oldSecret.name)
+        None
+      else
+        Some(SimpleDiff(oldSecret.name,newSecret.name))
+    val modDesc =
+      if (newSecret.description == oldSecret.description)
+        None
+      else
+        Some(SimpleDiff(oldSecret.description,newSecret.description))
+    val modValue =
+      if (newSecret.value == oldSecret.value)
+        false
+      else
+        true
+    ModifySecretDiff(modName,modValue,modDesc)
+  }
+}
diff --git a/...udder/rudder-core/src/main/scala/com/normation/rudder/repository/EventLogRepository.scala b/...udder/rudder-core/src/main/scala/com/normation/rudder/repository/EventLogRepository.scala
@@ -49,6 +49,7 @@ import com.normation.rudder.api.ModifyApiAccountDiff
 import com.normation.rudder.domain.appconfig.RudderWebProperty
 import com.normation.rudder.domain.eventlog.ChangeRequestDiff
 import com.normation.rudder.domain.eventlog.ModifyGlobalPropertyEventType
+import com.normation.rudder.domain.eventlog.Secret
 import com.normation.rudder.domain.nodes.AddNodeGroupDiff
 import com.normation.rudder.domain.nodes.DeleteNodeGroupDiff
 import com.normation.rudder.domain.nodes.ModifyNodeDiff
@@ -400,6 +401,53 @@ trait EventLogRepository {
     )
   }
 
+  def saveModifySecret(
+    modId: ModificationId
+    , principal: EventActor
+    , oldSecret: Secret
+    , newSecret: Secret
+    , reason:Option[String]) = {
+    saveEventLog(
+      modId
+      , eventLogFactory.getModifySecretFromDiff(
+        principal = principal
+        , oldSecret = oldSecret
+        , newSecret = newSecret
+        , reason = reason
+      )
+    )
+  }
+
+  def saveAddSecret(
+    modId: ModificationId
+    , principal: EventActor
+    , secret   : Secret
+    , reason:Option[String]) = {
+    saveEventLog(
+      modId
+      , eventLogFactory.getAddSecretFromDiff(
+        principal = principal
+        , secret  = secret
+        , reason  = reason
+      )
+    )
+  }
+
+  def saveDeleteSecret(
+    modId: ModificationId
+    , principal: EventActor
+    , secret: Secret
+    , reason:Option[String]) = {
+    saveEventLog(
+      modId
+      , eventLogFactory.getDeleteSecretFromDiff(
+        principal = principal
+        , secret = secret
+        , reason = reason
+      )
+    )
+  }
+
   /**
    * Returns eventlog matching criteria
    * For the moment it only a string, it should be something else in the future

diff --git a/...r-core/src/main/scala/com/normation/rudder/services/eventlog/EventLogDetailsService.scala b/...r-core/src/main/scala/com/normation/rudder/services/eventlog/EventLogDetailsService.scala
@@ -176,6 +176,12 @@ trait EventLogDetailsService {
 
   def getPromotedNodeToRelayDetails(xml:NodeSeq) : Box[(NodeId, String)]
 
+  // Secrets variables
+  def getSecretAddDetails(xml:NodeSeq) : Box[AddSecretDiff]
+
+  def getSecretDeleteDetails(xml:NodeSeq) : Box[DeleteSecretDiff]
+
+  def getSecretModifyDetails(xml:NodeSeq) : Box[ModifySecretDiff]
 
 }
 
@@ -191,6 +197,7 @@ class EventLogDetailsServiceImpl(
   , deploymentStatusUnserialisation : DeploymentStatusUnserialisation
   , globalParameterUnserialisation  : GlobalParameterUnserialisation
   , apiAccountUnserialisation       : ApiAccountUnserialisation
+  , secretUnserialisation           : SecretUnserialisation
 ) extends EventLogDetailsService {
 
   /**
@@ -229,6 +236,20 @@ class EventLogDetailsServiceImpl(
     }
   }
 
+  def getSecretFromXML(xml:NodeSeq, changeType:String) : Box[Secret] = {
+    for {
+      entry           <- getEntryContent(xml)
+      s               <- (entry \ "secret").headOption ?~! (s"Entry type is not a secret: ${entry}")
+      changeTypeAddOk <- {
+        if(s.attribute("changeType").map( _.text ) == Some(changeType)) Full("OK")
+        else Failure(s"Secret attribute does not have changeType=${changeType} in ${entry}")
+      }
+      secret          <- secretUnserialisation.unserialise(s)
+    } yield {
+      secret
+    }
+  }
+
   /**
    * Version 2:
      <rule changeType="add" fileFormat="2">
@@ -1006,6 +1027,42 @@ class EventLogDetailsServiceImpl(
       )
     }
   }
+
+  def getSecretAddDetails(xml:NodeSeq) : Box[AddSecretDiff] = {
+    getSecretFromXML(xml, "add").map { secret =>
+      AddSecretDiff(secret)
+    }
+  }
+
+  def getSecretDeleteDetails(xml:NodeSeq) : Box[DeleteSecretDiff] = {
+    getSecretFromXML(xml, "delete").map { secret =>
+      DeleteSecretDiff(secret)
+    }
+  }
+
+  def getSecretModifyDetails(xml:NodeSeq) : Box[ModifySecretDiff] = {
+    for {
+      entry              <- getEntryContent(xml)
+      secret             <- (entry \ "secret").headOption ?~!
+        (s"Entry type is not a Secret: ${entry}")
+//      name               <- (secret \ "name").headOption.map( _.text ) ?~!
+//        (s"Missing attribute 'name' in entry type Secret: ${entry}")
+//      description        <- (secret \ "description").headOption.map( _.text ) ?~!
+//        (s"Missing attribute 'description' in entry type Secret: ${entry}")
+      modValue           <- tryo{(secret \ "valueHasChanged").text.toBoolean}
+      modDescription     <- getFromToString((secret \ "diffDescription").headOption)
+      modName            <- getFromToString((secret \ "diffName").headOption)
+      fileFormatOk       <- TestFileFormat(secret)
+    } yield {
+      ModifySecretDiff(
+          modName = (modName)
+        , modValue = (modValue)
+        , modDescription = (modDescription)
+      )
+    }
+  }
+
+
 }
 
 final case class RollbackInfo(