Skip to content

Commit

Permalink
Added pki-server <subsystem>-audit-event-find command.
Browse files Browse the repository at this point in the history 
A new pki-server <subsystem>-audit-event-find command has been
added to list audit events and their attributes (e.g. filter).
Currently the command can only list enabled events.

https://pagure.io/dogtagpki/issue/2656

Change-Id: I7319ac4e449045d7456e9ae225aca58075093bcd
  • Loading branch information
@edewata
edewata committed Jan 10, 2018
1 parent 6716b82 commit 9f3a7d6
Show file tree
Hide file tree
Showing 2 changed files with 103 additions and 0 deletions.
20 changes: 20 additions & 0 deletions base/server/python/pki/server/__init__.py
View file
Expand Up @@ -419,6 +419,26 @@ def customize_file(self, input_file, output_file):

pki.util.customize_file(input_file, output_file, params)

def find_audit_events(self, enabled=None):

if not enabled:
raise Exception('This operation is not yet supported. Specify --enabled True.')

events = []

names = self.config['log.instance.SignedAudit.events'].split(',')
names = list(map(str.strip, names))
names.sort()

for name in names:
event = {}
event['name'] = name
event['enabled'] = True
event['filter'] = self.config.get('log.instance.SignedAudit.filters.%s' % name)
events.append(event)

return events

def get_audit_log_dir(self):

current_file_path = self.config['log.instance.SignedAudit.fileName']
Expand Down
83 changes: 83 additions & 0 deletions base/server/python/pki/server/cli/audit.py
View file
Expand Up @@ -37,10 +37,93 @@ def __init__(self, parent):
'audit', 'Audit management commands')

self.parent = parent
self.add_module(AuditEventFindCLI(self))
self.add_module(AuditFileFindCLI(self))
self.add_module(AuditFileVerifyCLI(self))


class AuditEventFindCLI(pki.cli.CLI):

def __init__(self, parent):
super(AuditEventFindCLI, self).__init__(
'event-find', 'Find audit event configurations')

self.parent = parent

def print_help(self):
print('Usage: pki-server %s-audit-event-find [OPTIONS]' % self.parent.parent.name)
print()
print(' -i, --instance <instance ID> Instance ID (default: pki-tomcat).')
print(' --enabled <True|False> Show enabled/disabled events only.')
print(' -v, --verbose Run in verbose mode.')
print(' --help Show help message.')
print()

def execute(self, argv):

try:
opts, _ = getopt.gnu_getopt(argv, 'i:v', [
'instance=',
'enabled=',
'verbose', 'help'])

except getopt.GetoptError as e:
print('ERROR: ' + str(e))
self.print_help()
sys.exit(1)

instance_name = 'pki-tomcat'
enabled = None

for o, a in opts:
if o in ('-i', '--instance'):
instance_name = a

elif o == '--enabled':
enabled = a == 'True'

elif o in ('-v', '--verbose'):
self.set_verbose(True)

elif o == '--help':
self.print_help()
sys.exit()

else:
print('ERROR: unknown option ' + o)
self.print_help()
sys.exit(1)

instance = pki.server.PKIInstance(instance_name)
if not instance.is_valid():
print('ERROR: Invalid instance %s.' % instance_name)
sys.exit(1)

instance.load()

subsystem_name = self.parent.parent.name
subsystem = instance.get_subsystem(subsystem_name)
if not subsystem:
print('ERROR: No %s subsystem in instance %s.'
% (subsystem_name.upper(), instance_name))
sys.exit(1)

events = subsystem.find_audit_events(enabled)

self.print_message('%s entries matched' % len(events))

first = True
for event in events:
if first:
first = False
else:
print()

print(' Event Name: %s' % event.get('name'))
print(' Enabled: %s' % event.get('enabled'))
print(' Filter: %s' % event.get('filter'))


class AuditFileFindCLI(pki.cli.CLI):

def __init__(self, parent):
Expand Down

0 comments on commit 9f3a7d6

Please sign in to comment.