-
Notifications
You must be signed in to change notification settings - Fork 188
/
AuditEventRecord.java
763 lines (647 loc) · 28.7 KB
/
AuditEventRecord.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
/*
* Copyright (c) 2010-2020 Evolveum and contributors
*
* This work is dual-licensed under the Apache License 2.0
* and European Union Public License. See LICENSE file for details.
*/
package com.evolveum.midpoint.audit.api;
import java.beans.Transient;
import java.text.SimpleDateFormat;
import java.util.*;
import org.apache.commons.lang3.Validate;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
import com.evolveum.midpoint.prism.PrismContext;
import com.evolveum.midpoint.prism.PrismObject;
import com.evolveum.midpoint.prism.PrismReferenceValue;
import com.evolveum.midpoint.schema.DeltaConversionOptions;
import com.evolveum.midpoint.schema.DeltaConvertor;
import com.evolveum.midpoint.schema.ObjectDeltaOperation;
import com.evolveum.midpoint.schema.result.OperationResult;
import com.evolveum.midpoint.schema.result.OperationResultStatus;
import com.evolveum.midpoint.schema.util.MiscSchemaUtil;
import com.evolveum.midpoint.schema.util.ObjectTypeUtil;
import com.evolveum.midpoint.util.DebugDumpable;
import com.evolveum.midpoint.util.DebugUtil;
import com.evolveum.midpoint.util.MiscUtil;
import com.evolveum.midpoint.util.exception.SchemaException;
import com.evolveum.midpoint.util.exception.SystemException;
import com.evolveum.midpoint.xml.ns._public.common.audit_3.AuditEventRecordPropertyType;
import com.evolveum.midpoint.xml.ns._public.common.audit_3.AuditEventRecordReferenceType;
import com.evolveum.midpoint.xml.ns._public.common.audit_3.AuditEventRecordType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.FocusType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectDeltaOperationType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectReferenceType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType;
import com.evolveum.prism.xml.ns._public.types_3.ItemDeltaType;
import com.evolveum.prism.xml.ns._public.types_3.ObjectDeltaType;
import com.evolveum.prism.xml.ns._public.types_3.PolyStringType;
import com.evolveum.prism.xml.ns._public.types_3.RawType;
/**
* Audit event record describes a single event (usually data change) in a format suitable for audit.
*
* @author Radovan Semancik
*/
public class AuditEventRecord implements DebugDumpable {
/**
* TODO: what is this?
*/
private Long repoId;
/**
* Timestamp when the event occurred.
* Timestamp in millis.
*/
private Long timestamp;
/**
* Unique identification of the event.
* Every record should have unique event identifier.
*/
private String eventIdentifier;
/**
* <p>
* Identifier of a request (operation). All the records that are result of
* processing of a single request should have the same identifier.
* In usual case there should be be a single request-stage record
* and one or more execution-stage records with the same request
* identifier.
* </p>
* <p>
* Please note that this is quite different than task identifier.
* A single task can make many requests. E.g. a typical reconciliation
* task will make thousands of operations. All of the audit records from
* all of those operations will have the same task identifier. But each
* operation will have a separate request identifier.
* </p>
*/
private String requestIdentifier;
/**
* Identification of (interactive) session in which the event occurred.
*/
private String sessionIdentifier;
/**
* <p>
* Task identifier. Operations are executed in a context of a task.
* This field is an identifier of the task. It is not (necessarily) an
* OID of the task, as an operation may be executed in an non-persistent
* (lightweight) task. This field should be populated for all audit records,
* perhaps except very special system-level records that are executed outside
* of a task.
* </p>
* <p>
* Please note that this is quite different than request identifier.
* A single task can make many requests. E.g. a typical reconciliation
* task will make thousands of operations. All of the audit records from
* all of those operations will have the same task identifier. But each
* operation will have a separate request identifier.
* </p>
*/
private String taskIdentifier;
/**
* Task OID. This field is used for records that are executed in the context
* of a persistent task.
*/
private String taskOid;
private String hostIdentifier; // local node name as obtained from the networking stack
private String nodeIdentifier; // midPoint cluster node identifier (NodeType.nodeIdentifier)
private String remoteHostAddress; // remote host address as obtained from the networking stack
/**
* Initiator is the (legal) entity on behalf of whom is the action executed.
* It is the subject of the operation. Authorizations of the initiator are used
* to evaluate access to the operation. This is the entity who is formally responsible
* for the operation. Although initiator is always a user in midPoint 3.7 and earlier,
* the initiator may be an organization in later midPoint versions.
*/
private PrismReferenceValue initiatorRef;
/**
* Attorney is the (physical) object who has executed the action. This is the user
* (or similar object, e.g. service) that has logged-in to the user interface or REST
* or other mechanism. Figuratively speaking, this is the user that pressed the button
* to execute the action.
* <p>
* For the vast majority of cases, this is really an object of UserType. But sometimes it can be
* a ServiceType (or, very occasionally, maybe RoleType or OrgType - but this does not make
* much sense).
*/
private PrismReferenceValue attorneyRef;
/**
* (primary) target (object, the thing acted on): store OID, type, name.
* This is reference instead of full object, because sometimes we have just
* the OID of the object and reading full object would be too expensive.
* The reference can store OID but it can also store whole object if
* that is available.
* OPTIONAL
*/
private PrismReferenceValue targetRef;
// user that the target "belongs to"
private PrismReferenceValue targetOwnerRef;
// event type
private AuditEventType eventType;
// event stage (request, execution)
private AuditEventStage eventStage;
// delta
@NotNull
private final Collection<ObjectDeltaOperation<? extends ObjectType>> deltas = new ArrayList<>();
// delta order (primary, secondary)
private String channel;
// outcome (success, failure)
private OperationResultStatus outcome;
// result (e.g. number of entries, returned object, business result of workflow task or process instance - approved, rejected)
private String result;
private String parameter;
private String message;
/**
* Resource OIDs. This field is used for resource OIDs of target, when target is FocusType or Shadowtype.
*/
private Set<String> resourceOids = new HashSet<>();
private static final SimpleDateFormat TIMESTAMP_FORMAT = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.SSSZ");
private final Map<String, Set<String>> properties = new HashMap<>();
private final Map<String, Set<AuditReferenceValue>> references = new HashMap<>();
private final Map<String, String> customColumnProperty = new HashMap<>();
// Just a hint for audit service proxy: these OID need not to be resolved, as they are known to not exist.
private final Set<String> nonExistingReferencedObjects = new HashSet<>();
public AuditEventRecord() {
}
public AuditEventRecord(AuditEventType eventType) {
this.eventType = eventType;
}
public AuditEventRecord(AuditEventType eventType, AuditEventStage eventStage) {
this.eventType = eventType;
this.eventStage = eventStage;
}
public Long getTimestamp() {
return timestamp;
}
public void clearTimestamp() {
timestamp = null;
}
public void setTimestamp(Long timestamp) {
this.timestamp = timestamp;
}
public String getEventIdentifier() {
return eventIdentifier;
}
public void setEventIdentifier(String eventIdentifier) {
this.eventIdentifier = eventIdentifier;
}
public String getSessionIdentifier() {
return sessionIdentifier;
}
public void setSessionIdentifier(String sessionIdentifier) {
this.sessionIdentifier = sessionIdentifier;
}
public String getRequestIdentifier() {
return requestIdentifier;
}
public void setRequestIdentifier(String requestIdentifier) {
this.requestIdentifier = requestIdentifier;
}
public String getTaskIdentifier() {
return taskIdentifier;
}
public void setTaskIdentifier(String taskIdentifier) {
this.taskIdentifier = taskIdentifier;
}
public String getTaskOid() {
return taskOid;
}
public void setTaskOid(String taskOid) {
this.taskOid = taskOid;
}
public String getHostIdentifier() {
return hostIdentifier;
}
public void setHostIdentifier(String hostIdentifier) {
this.hostIdentifier = hostIdentifier;
}
public String getNodeIdentifier() {
return nodeIdentifier;
}
public void setNodeIdentifier(String nodeIdentifier) {
this.nodeIdentifier = nodeIdentifier;
}
public String getRemoteHostAddress() {
return remoteHostAddress;
}
public void setRemoteHostAddress(String remoteHostAddress) {
this.remoteHostAddress = remoteHostAddress;
}
public void setInitiator(PrismObject<? extends FocusType> initiator, PrismContext prismContext) {
this.initiatorRef = createRefValueWithDescription(initiator, prismContext);
}
/**
* Initiator is the (legal) entity on behalf of whom is the action executed.
* It is the subject of the operation. Authorizations of the initiator are used
* to evaluate access to the operation. This is the entity who is formally responsible
* for the operation. Although initiator is always a user in midPoint 3.7 and earlier,
* the initiator may be an organization in later midPoint versions.
*/
public PrismReferenceValue getInitiatorRef() {
return initiatorRef;
}
/**
* It is assumed the ref has oid, type and description set.
*/
public void setInitiatorRef(PrismReferenceValue initiator) {
this.initiatorRef = initiator;
}
public void setAttorney(PrismObject<? extends FocusType> attorney, PrismContext prismContext) {
this.attorneyRef = attorney != null
? createRefValueWithDescription(attorney, prismContext)
: null;
}
/**
* Attorney is the (physical) user who have executed the action.
* This is the user that have logged-in to the user interface. This is the user that
* pressed the button to execute the action. This is always identity of a user and
* it will always be a user. It cannot be a company or any other virtual entity.
*/
public PrismReferenceValue getAttorneyRef() {
return attorneyRef;
}
/**
* It is assumed the ref has oid, type and description set.
*/
public void setAttorneyRef(PrismReferenceValue attorneyRef) {
this.attorneyRef = attorneyRef;
}
public PrismReferenceValue getTargetRef() {
return targetRef;
}
/**
* It is assumed the ref has oid, type and description set.
*/
public void setTargetRef(PrismReferenceValue target) {
this.targetRef = target;
}
public void setTarget(PrismObject<?> target, PrismContext prismContext) {
this.targetRef = target != null
? createRefValueWithDescription(target, prismContext)
: null;
}
public void setTargetOwner(
PrismObject<? extends FocusType> targetOwner, PrismContext prismContext) {
this.targetOwnerRef = targetOwner != null
? createRefValueWithDescription(targetOwner, prismContext)
: null;
}
public PrismReferenceValue getTargetOwnerRef() {
return targetOwnerRef;
}
/**
* It is assumed the ref has oid, type and description set.
*/
public void setTargetOwnerRef(PrismReferenceValue targetOwnerRef) {
this.targetOwnerRef = targetOwnerRef;
}
private @Nullable PrismReferenceValue createRefValueWithDescription(
@Nullable PrismObject<?> object, @NotNull PrismContext prismContext) {
if (object == null) {
return null;
}
PrismReferenceValue refValue = prismContext.itemFactory().createReferenceValue(object);
refValue.setDescription(object.getBusinessDisplayName());
return refValue;
}
public AuditEventType getEventType() {
return eventType;
}
public void setEventType(AuditEventType eventType) {
this.eventType = eventType;
}
public AuditEventStage getEventStage() {
return eventStage;
}
public void setEventStage(AuditEventStage eventStage) {
this.eventStage = eventStage;
}
public @NotNull Collection<ObjectDeltaOperation<? extends ObjectType>> getDeltas() {
return deltas;
}
public void addDelta(ObjectDeltaOperation<? extends ObjectType> delta) {
deltas.add(delta);
}
public void addDeltas(Collection<? extends ObjectDeltaOperation<? extends ObjectType>> deltasToAdd) {
deltas.addAll(deltasToAdd);
}
public String getChannel() {
return channel;
}
public void setChannel(String channel) {
this.channel = channel;
}
public void clearDeltas() {
deltas.clear();
}
public OperationResultStatus getOutcome() {
return outcome;
}
public void setOutcome(OperationResultStatus outcome) {
this.outcome = outcome;
}
public void setResult(String result) {
this.result = result;
}
public String getResult() {
return result;
}
public String getMessage() {
return message;
}
public void setMessage(String message) {
this.message = message;
}
public String getParameter() {
return parameter;
}
public void setParameter(String parameter) {
this.parameter = parameter;
}
@Transient
public Long getRepoId() {
return repoId;
}
public void setRepoId(Long repoId) {
this.repoId = repoId;
}
public Map<String, Set<String>> getProperties() {
return properties;
}
public Set<String> getPropertyValues(String name) {
return properties.get(name);
}
public Map<String, Set<AuditReferenceValue>> getReferences() {
return references;
}
public Set<AuditReferenceValue> getReferenceValues(String name) {
return references.get(name);
}
public Map<String, String> getCustomColumnProperty() {
return customColumnProperty;
}
public Set<String> getResourceOids() {
return resourceOids;
}
public void setResourceOids(Set<String> resourceOids) {
this.resourceOids = resourceOids;
}
public void addResourceOid(String resourceOid) {
this.resourceOids.add(resourceOid);
}
public void addPropertyValue(String key, String value) {
properties.computeIfAbsent(key, k -> new HashSet<>()).add(value);
}
public void addPropertyValueIgnoreNull(String key, Object value) {
if (value != null) {
addPropertyValue(key, String.valueOf(value));
}
}
public void addReferenceValueIgnoreNull(String key, ObjectReferenceType value) {
if (value != null) {
addReferenceValue(key, value.asReferenceValue());
}
}
public void addReferenceValue(String key, @NotNull AuditReferenceValue value) {
Validate.notNull(value, "Reference value must not be null");
references.computeIfAbsent(key, k -> new HashSet<>()).add(value);
}
public void addReferenceValue(String key, @NotNull PrismReferenceValue prv) {
Validate.notNull(prv, "Reference value must not be null");
addReferenceValue(key, new AuditReferenceValue(prv));
}
public void addReferenceValues(String key, @NotNull List<ObjectReferenceType> values) {
values.forEach(v -> addReferenceValue(key, v.asReferenceValue()));
}
public void checkConsistence() {
if (initiatorRef != null && initiatorRef.getObject() != null) {
initiatorRef.getObject().checkConsistence();
}
if (targetRef != null && targetRef.getObject() != null) {
targetRef.getObject().checkConsistence();
}
if (targetOwnerRef != null && targetOwnerRef.getObject() != null) {
targetOwnerRef.getObject().checkConsistence();
}
ObjectDeltaOperation.checkConsistence(deltas);
}
@Deprecated // should go away with the old audit listRecord
public AuditEventRecordType createAuditEventRecordType() {
return createAuditEventRecordType(false);
}
public AuditEventRecordType createAuditEventRecordType(boolean tolerateInconsistencies) {
AuditEventRecordType auditRecordType = new AuditEventRecordType();
auditRecordType.setChannel(channel);
auditRecordType.setEventIdentifier(eventIdentifier);
auditRecordType.setEventStage(AuditEventStage.toSchemaValue(eventStage));
auditRecordType.setEventType(AuditEventType.toSchemaValue(eventType));
auditRecordType.setHostIdentifier(hostIdentifier);
auditRecordType.setRemoteHostAddress(remoteHostAddress);
auditRecordType.setNodeIdentifier(nodeIdentifier);
auditRecordType.setInitiatorRef(ObjectTypeUtil.createObjectRef(initiatorRef, true));
auditRecordType.setAttorneyRef(ObjectTypeUtil.createObjectRef(attorneyRef, true));
auditRecordType.setMessage(message);
auditRecordType.setOutcome(OperationResultStatus.createStatusType(outcome));
auditRecordType.setParameter(parameter);
auditRecordType.setResult(result);
auditRecordType.setSessionIdentifier(sessionIdentifier);
auditRecordType.setTargetOwnerRef(ObjectTypeUtil.createObjectRef(targetOwnerRef, true));
auditRecordType.setTargetRef(ObjectTypeUtil.createObjectRef(targetRef, true));
auditRecordType.setRequestIdentifier(requestIdentifier);
auditRecordType.setTaskIdentifier(taskIdentifier);
auditRecordType.setTaskOID(taskOid);
auditRecordType.getResourceOid().addAll(resourceOids);
auditRecordType.setTimestamp(MiscUtil.asXMLGregorianCalendar(timestamp));
for (ObjectDeltaOperation delta : deltas) {
ObjectDeltaOperationType odo = new ObjectDeltaOperationType();
try {
DeltaConversionOptions options = DeltaConversionOptions.createSerializeReferenceNames();
// This can be tricky because it can create human-readable but machine-unprocessable
// data, see MID-6262. But in current context the results of this method are to be
// used only in GUI and reports, so we are safe here.
options.setEscapeInvalidCharacters(true);
DeltaConvertor.toObjectDeltaOperationType(delta, odo, options);
auditRecordType.getDelta().add(odo);
} catch (Exception e) {
if (tolerateInconsistencies) {
if (delta.getExecutionResult() != null) {
// TODO does this even work? [med]
delta.getExecutionResult().setMessage("Could not show audit record, bad data in delta: " + delta.getObjectDelta());
} else {
OperationResult result = new OperationResult("Create audit event record type");
result.setMessage("Could not show audit record, bad data in delta: " + delta.getObjectDelta());
odo.setExecutionResult(result.createOperationResultType());
}
} else {
throw new SystemException(e.getMessage(), e);
}
}
}
for (Map.Entry<String, Set<String>> propertyEntry : properties.entrySet()) {
AuditEventRecordPropertyType propertyType = new AuditEventRecordPropertyType();
propertyType.setName(propertyEntry.getKey());
propertyType.getValue().addAll(propertyEntry.getValue());
auditRecordType.getProperty().add(propertyType);
}
for (Map.Entry<String, Set<AuditReferenceValue>> referenceEntry : references.entrySet()) {
AuditEventRecordReferenceType referenceType = new AuditEventRecordReferenceType();
referenceType.setName(referenceEntry.getKey());
referenceEntry.getValue().forEach(v -> referenceType.getValue().add(v.toXml()));
auditRecordType.getReference().add(referenceType);
}
// TODO MID-5531 convert custom properties too? What about other than string types?
return auditRecordType;
}
@SuppressWarnings("MethodDoesntCallSuperMethod") // it's wrong, but intended
public AuditEventRecord clone() {
AuditEventRecord clone = new AuditEventRecord();
clone.channel = this.channel;
clone.deltas.addAll(MiscSchemaUtil.cloneObjectDeltaOperationCollection(this.deltas));
clone.eventIdentifier = this.eventIdentifier;
clone.eventStage = this.eventStage;
clone.eventType = this.eventType;
clone.hostIdentifier = this.hostIdentifier;
clone.remoteHostAddress = this.remoteHostAddress;
clone.nodeIdentifier = this.nodeIdentifier;
clone.initiatorRef = this.initiatorRef;
clone.attorneyRef = this.attorneyRef;
clone.outcome = this.outcome;
clone.sessionIdentifier = this.sessionIdentifier;
clone.targetRef = this.targetRef;
clone.targetOwnerRef = this.targetOwnerRef;
clone.requestIdentifier = this.requestIdentifier;
clone.taskIdentifier = this.taskIdentifier;
clone.taskOid = this.taskOid;
clone.timestamp = this.timestamp;
clone.result = this.result;
clone.parameter = this.parameter;
clone.message = this.message;
clone.properties.putAll(properties); // TODO deep clone?
clone.references.putAll(references); // TODO deep clone?
clone.resourceOids.addAll(resourceOids);
clone.customColumnProperty.putAll(customColumnProperty);
return clone;
}
@Override
public String toString() {
return "AUDIT[" + formatTimestamp(timestamp) + " eid=" + eventIdentifier
+ " sid=" + sessionIdentifier + ", rid=" + requestIdentifier + ", tid=" + taskIdentifier
+ " toid=" + taskOid + ", hid=" + hostIdentifier + ", nid=" + nodeIdentifier + ", raddr=" + remoteHostAddress
+ ", I=" + formatReference(initiatorRef) + ", A=" + formatReference(attorneyRef)
+ ", T=" + formatReference(targetRef) + ", TO=" + formatReference(targetOwnerRef) + ", et=" + eventType
+ ", es=" + eventStage + ", D=" + deltas + ", ch=" + channel + ", o=" + outcome + ", r=" + result + ", p=" + parameter
+ ", m=" + message
+ ", cuscolprop=" + customColumnProperty
+ ", prop=" + properties
+ ", roid=" + resourceOids
+ ", ref=" + references + "]";
}
private static String formatTimestamp(Long timestamp) {
if (timestamp == null) {
return "null";
}
return TIMESTAMP_FORMAT.format(new java.util.Date(timestamp));
}
private static String formatObject(PrismObject<? extends ObjectType> object) {
if (object == null) {
return "null";
}
return object.toString();
}
private String formatReference(PrismReferenceValue refVal) {
if (refVal == null) {
return "null";
}
if (refVal.getObject() != null) {
//noinspection unchecked
return formatObject(refVal.getObject());
}
return refVal.toString();
}
@Override
public String debugDump(int indent) {
StringBuilder sb = new StringBuilder();
DebugUtil.indentDebugDump(sb, indent);
sb.append("AUDIT");
sb.append("\n");
DebugUtil.debugDumpWithLabelToStringLn(sb, "Timestamp", formatTimestamp(timestamp), indent + 1);
DebugUtil.debugDumpWithLabelToStringLn(sb, "Event Identifier", eventIdentifier, indent + 1);
DebugUtil.debugDumpWithLabelToStringLn(sb, "Session Identifier", sessionIdentifier, indent + 1);
DebugUtil.debugDumpWithLabelToStringLn(sb, "Request Identifier", requestIdentifier, indent + 1);
DebugUtil.debugDumpWithLabelToStringLn(sb, "Task Identifier", taskIdentifier, indent + 1);
DebugUtil.debugDumpWithLabelToStringLn(sb, "Task OID", taskOid, indent + 1);
DebugUtil.debugDumpWithLabelToStringLn(sb, "Host Identifier", hostIdentifier, indent + 1);
DebugUtil.debugDumpWithLabelToStringLn(sb, "Node Identifier", nodeIdentifier, indent + 1);
DebugUtil.debugDumpWithLabelToStringLn(sb, "Remote Host Address", remoteHostAddress, indent + 1);
DebugUtil.debugDumpWithLabelToStringLn(sb, "Initiator", formatReference(initiatorRef), indent + 1);
DebugUtil.debugDumpWithLabelToStringLn(sb, "Attorney", formatReference(attorneyRef), indent + 1);
DebugUtil.debugDumpWithLabelToStringLn(sb, "Target", formatReference(targetRef), indent + 1);
DebugUtil.debugDumpWithLabelToStringLn(sb, "Target Owner", formatReference(targetOwnerRef), indent + 1);
DebugUtil.debugDumpWithLabelToStringLn(sb, "Event Type", eventType, indent + 1);
DebugUtil.debugDumpWithLabelToStringLn(sb, "Event Stage", eventStage, indent + 1);
DebugUtil.debugDumpWithLabelToStringLn(sb, "Channel", channel, indent + 1);
DebugUtil.debugDumpWithLabelToStringLn(sb, "Outcome", outcome, indent + 1);
DebugUtil.debugDumpWithLabelToStringLn(sb, "Result", result, indent + 1);
DebugUtil.debugDumpWithLabelToStringLn(sb, "Parameter", parameter, indent + 1);
DebugUtil.debugDumpWithLabelToStringLn(sb, "Message", message, indent + 1);
DebugUtil.debugDumpWithLabelToStringLn(sb, "Properties", properties, indent + 1);
DebugUtil.debugDumpWithLabelToStringLn(sb, "Resource OIDs", resourceOids, indent + 1);
DebugUtil.debugDumpWithLabelToStringLn(sb, "References", references, indent + 1);
DebugUtil.debugDumpWithLabelToStringLn(sb, "Custom column properties", customColumnProperty, indent + 1);
DebugUtil.debugDumpLabel(sb, "Deltas", indent + 1);
if (deltas.isEmpty()) {
sb.append(" none");
} else {
sb.append(" ").append(deltas.size()).append(" deltas\n");
DebugUtil.debugDump(sb, deltas, indent + 2, false);
}
return sb.toString();
}
// a bit of hack - TODO place appropriately
public static void adopt(AuditEventRecordType record, PrismContext prismContext) throws SchemaException {
for (ObjectDeltaOperationType odo : record.getDelta()) {
adopt(odo.getObjectDelta(), prismContext);
}
}
public static void adopt(ObjectDeltaType delta, PrismContext prismContext) throws SchemaException {
if (delta == null) {
return;
}
if (delta.getObjectToAdd() != null) {
//noinspection unchecked
prismContext.adopt(delta.getObjectToAdd().asPrismObject());
}
for (ItemDeltaType itemDelta : delta.getItemDelta()) {
adopt(itemDelta, prismContext);
}
}
private static void adopt(ItemDeltaType itemDelta, PrismContext prismContext) throws SchemaException {
for (RawType value : itemDelta.getValue()) {
if (value != null) {
value.revive(prismContext);
}
}
for (RawType value : itemDelta.getEstimatedOldValue()) {
if (value != null) {
value.revive(prismContext);
}
}
}
public void setInitiatorAndLoginParameter(
PrismObject<? extends FocusType> initiator, PrismContext prismContext) {
setInitiator(initiator, prismContext);
String parameter = null;
if (initiator != null) {
PolyStringType name = initiator.asObjectable().getName();
if (name != null) {
parameter = name.getOrig();
}
}
setParameter(parameter);
}
@NotNull
public Set<String> getNonExistingReferencedObjects() {
return nonExistingReferencedObjects;
}
public void addNonExistingReferencedObject(String oid) {
nonExistingReferencedObjects.add(oid);
}
}