Skip to content

Commit

Permalink
MID-7534 added operation result to shadow audit records, also failed …
Browse files Browse the repository at this point in the history 
…operations now audited
  • Loading branch information
@1azyman
1azyman committed May 26, 2023
1 parent bc75d2c commit 73b11de
Show file tree
Hide file tree
Showing 2 changed files with 22 additions and 23 deletions.
16 changes: 10 additions & 6 deletions ...java/com/evolveum/midpoint/provisioning/impl/resourceobjects/ResourceObjectConverter.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -337,14 +337,14 @@ public AsynchronousOperationReturnValue<ShadowType> addResourceObject(

// Be careful NOT to apply this to the cloned shadow. This needs to be propagated outside this method.
applyAfterOperationAttributes(shadow, resourceAttributesAfterAdd);

shadowAuditHelper.auditEvent(AuditEventType.ADD_OBJECT, shadow, ctx, result);
} catch (CommunicationException ex) {
throw communicationException(ctx, connector, ex);
} catch (GenericFrameworkException ex) {
throw genericConnectorException(ctx, connector, ex);
} catch (ObjectAlreadyExistsException ex) {
throw objectAlreadyExistsException("", ctx, connector, ex);
} finally {
shadowAuditHelper.auditEvent(AuditEventType.ADD_OBJECT, shadow, ctx, result);
}

// Execute entitlement modification on other objects (if needed)
Expand Down Expand Up @@ -468,8 +468,6 @@ public AsynchronousOperationResult deleteResourceObject(
identifiers,
ctx.getUcfExecutionContext(),
result);

shadowAuditHelper.auditEvent(AuditEventType.DELETE_OBJECT, shadow, ctx, result);
} catch (ObjectNotFoundException ex) {
throw ex.wrap(String.format(
"An error occurred while deleting resource object %s with identifiers %s (%s)",
Expand All @@ -480,6 +478,8 @@ public AsynchronousOperationResult deleteResourceObject(
throw genericConnectorException(ctx, connector, ex);
} catch (ConfigurationException ex) {
throw configurationException(ctx, connector, ex);
} finally {
shadowAuditHelper.auditEvent(AuditEventType.DELETE_OBJECT, shadow, ctx, result);
}

LOGGER.trace("Deleted resource object {}", shadow);
Expand Down Expand Up @@ -871,7 +871,11 @@ private AsynchronousOperationReturnValue<Collection<PropertyModificationOperatio
operationsWave = convertToReplaceAsNeeded(
ctx, currentShadow, operationsWave, identifiersWorkingCopy, objectDefinition, result);

if (!operationsWave.isEmpty()) {
if (operationsWave.isEmpty()) {
continue;
}

try {
ResourceObjectIdentification identification = ResourceObjectIdentification.create(objectDefinition, identifiersWorkingCopy);
connectorAsyncOpRet = connector.modifyObject(
identification, asPrismObject(currentShadow), operationsWave, connOptions, ctx.getUcfExecutionContext(), result);
Expand All @@ -884,7 +888,7 @@ private AsynchronousOperationReturnValue<Collection<PropertyModificationOperatio
inProgress = true;
asynchronousOperationReference = connectorAsyncOpRet.getOperationResult().getAsynchronousOperationReference();
}

} finally {
shadowAuditHelper.auditEvent(AuditEventType.MODIFY_OBJECT, currentShadow, operationsWave, ctx, result);
}
}
Expand Down
29 changes: 12 additions & 17 deletions .../main/java/com/evolveum/midpoint/provisioning/impl/resourceobjects/ShadowAuditHelper.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -103,18 +103,18 @@ public void auditEvent(@NotNull AuditEventType event, @Nullable ShadowType shado
auditRecord.setTimestamp(Clock.get().currentTimeMillis());
auditRecord.setChannel(task.getChannel());

ObjectDeltaOperation<ShadowType> delta = createDelta(event, shadow, operationsWave);
OperationResult clone = auditHelper.cloneResultForAuditEventRecord(result);
auditHelper.addRecordMessage(auditRecord, clone.getMessage());

auditRecord.setOutcome(clone.getStatus());

ObjectDeltaOperation<ShadowType> delta = createDelta(event, shadow, operationsWave, clone);
if (delta != null) {
auditRecord.addDelta(delta);
}

AuditConfiguration auditConfiguration = auditHelper.getAuditConfiguration(systemConfiguration);

OperationResult clone = auditHelper.cloneResultForAuditEventRecord(result);
auditHelper.addRecordMessage(auditRecord, clone.getMessage());

auditRecord.setOutcome(clone.getStatus());

if (auditConfiguration.isRecordResourceOids()) {
auditRecord.addResourceOid(ctx.getResourceOid());
}
Expand All @@ -141,22 +141,19 @@ public void auditEvent(@NotNull AuditEventType event, @Nullable ShadowType shado
auditHelper.audit(auditRecord, nameResolver, ctx.getTask(), result);
}

private ObjectDeltaOperation<ShadowType> createDelta(AuditEventType event, ShadowType shadow, Collection<Operation> operations) {
private ObjectDeltaOperation<ShadowType> createDelta(AuditEventType event, ShadowType shadow, Collection<Operation> operations, OperationResult result) {
if (shadow == null) {
return null;
}

ObjectDelta<ShadowType> delta = null;
PrismObject<ShadowType> object = shadow.asPrismObject();
if (event == AuditEventType.ADD_OBJECT || event == AuditEventType.DISCOVER_OBJECT) {
ObjectDelta<ShadowType> delta = object.createAddDelta();

return new ObjectDeltaOperation<>(delta);
delta = object.createAddDelta();
} else if (event == AuditEventType.DELETE_OBJECT) {
ObjectDelta<ShadowType> delta = object.createDeleteDelta();

return new ObjectDeltaOperation<>(delta);
delta = object.createDeleteDelta();
} else if (event == AuditEventType.MODIFY_OBJECT) {
ObjectDelta<ShadowType> delta = prismContext
delta = prismContext
.deltaFactory()
.object()
.createEmptyDelta(ShadowType.class, shadow.getOid(), ChangeType.MODIFY);
Expand All @@ -168,11 +165,9 @@ private ObjectDeltaOperation<ShadowType> createDelta(AuditEventType event, Shado
delta.addModification(pDelta);
}
}

return new ObjectDeltaOperation<>(delta);
}

return null;
return delta != null ? new ObjectDeltaOperation<>(delta, result) : null;
}

private boolean isEnhancedShadowAuditingEnabled(SystemConfigurationType config) {
Expand Down

0 comments on commit 73b11de

Please sign in to comment.