feat[backend](incident-resources): added incident resource controller logs

backend/src/main/java/com/park/utmstack/advice/GlobalExceptionHandler.java

@@ -4,6 +4,8 @@
 import com.park.utmstack.security.TooMuchLoginAttemptsException;
 import com.park.utmstack.service.application_events.ApplicationEventService;
 import com.park.utmstack.util.ResponseUtil;
+import com.park.utmstack.util.exceptions.IncidentAlertConflictException;
+import com.park.utmstack.util.exceptions.NoAlertsProvidedException;
 import com.park.utmstack.util.exceptions.TfaVerificationException;
 import com.park.utmstack.util.exceptions.TooManyRequestsException;
 import lombok.RequiredArgsConstructor;
@@ -49,6 +51,16 @@ public ResponseEntity<?> handleTooManyRequests(TooManyRequestsException e, HttpS
         return ResponseUtil.buildErrorResponse(HttpStatus.TOO_MANY_REQUESTS, e.getMessage());
     }
 
+    @ExceptionHandler({NoAlertsProvidedException.class})
+    public ResponseEntity<?> handleNoAlertsProvided(Exception e, HttpServletRequest request) {
+        return ResponseUtil.buildErrorResponse(HttpStatus.BAD_REQUEST, e.getMessage());
+    }
+
+    @ExceptionHandler(IncidentAlertConflictException.class)
+    public ResponseEntity<?> handleConflict(IncidentAlertConflictException e, HttpServletRequest request) {
+        return ResponseUtil.buildErrorResponse(HttpStatus.CONFLICT, e.getMessage());
+    }
+
     @ExceptionHandler(Exception.class)
     public ResponseEntity<?> handleGenericException(Exception e, HttpServletRequest request) {
         return ResponseUtil.buildInternalServerErrorResponse(e.getMessage());

backend/src/main/java/com/park/utmstack/aop/logging/impl/AuditAspect.java

@@ -0,0 +1,82 @@
+package com.park.utmstack.aop.logging.impl;
+
+import com.park.utmstack.aop.logging.AuditEvent;
+import com.park.utmstack.aop.logging.NoLogException;
+import com.park.utmstack.domain.application_events.enums.ApplicationEventType;
+import com.park.utmstack.loggin.LogContextBuilder;
+import com.park.utmstack.service.application_events.ApplicationEventService;
+import com.park.utmstack.service.dto.auditable.AuditableDTO;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import net.logstash.logback.argument.StructuredArguments;
+import org.aspectj.lang.ProceedingJoinPoint;
+import org.aspectj.lang.annotation.Around;
+import org.aspectj.lang.annotation.Aspect;
+import org.aspectj.lang.reflect.MethodSignature;
+import org.slf4j.MDC;
+import org.springframework.stereotype.Component;
+
+import java.util.HashMap;
+import java.util.Map;
+
+@Aspect
+@Component
+@Slf4j
+@RequiredArgsConstructor
+public class AuditAspect {
+
+    private final ApplicationEventService applicationEventService;
+    private final LogContextBuilder logContextBuilder;
+
+    @Around("@annotation(auditEvent)")
+    public Object logAuditEvent(ProceedingJoinPoint joinPoint, AuditEvent auditEvent) throws Throwable {
+        return handleAudit(joinPoint, auditEvent.attemptType(), auditEvent.successType(),
+                auditEvent.attemptMessage(), auditEvent.successMessage(), "controller");
+    }
+
+    private Object handleAudit(ProceedingJoinPoint joinPoint,
+                               ApplicationEventType attemptType,
+                               ApplicationEventType successType,
+                               String attemptMessage,
+                               String successMessage,
+                               String layer) throws Throwable {
+
+        MethodSignature signature = (MethodSignature) joinPoint.getSignature();
+        String context = signature.getDeclaringType().getSimpleName() + "." + signature.getMethod().getName();
+        MDC.put("context", context);
+
+        Map<String, Object> extra = extractAuditData(joinPoint.getArgs());
+        extra.put("layer", layer);
+
+        try {
+            applicationEventService.createEvent(attemptMessage, attemptType, extra);
+
+            Object result = joinPoint.proceed();
+
+            if (successType != ApplicationEventType.UNDEFINED) {
+                applicationEventService.createEvent(successMessage, successType, extra);
+            }
+
+            return result;
+
+        } catch (Exception e) {
+            if (!e.getClass().isAnnotationPresent(NoLogException.class)) {
+                String msg = String.format("%s: %s", context, e.getMessage());
+                log.error(msg, e, StructuredArguments.keyValue("args", logContextBuilder.buildArgs(e)));
+            }
+
+            throw e;
+        }
+    }
+
+    private Map<String, Object> extractAuditData(Object[] args) {
+        Map<String, Object> extra = new HashMap<>();
+        for (Object arg : args) {
+            if (arg instanceof AuditableDTO auditable) {
+                extra.putAll(auditable.toAuditMap());
+            }
+        }
+        return extra;
+    }
+}
+

backend/src/main/java/com/park/utmstack/config/Constants.java

@@ -36,8 +36,8 @@ public final class Constants {
     public static final String PROP_NETWORK_SCAN_API_URL = "utmstack.networkScan.apiUrl";
     public static final String PROP_TFA_ENABLE = "utmstack.tfa.enable";
     public static final String PROP_TFA_METHOD = "utmstack.tfa.method";
-    public static final int EXPIRES_IN_SECONDS = 30;
-    public static final int INIT_EXPIRES_IN_SECONDS = 300;
+    public static final int EXPIRES_IN_SECONDS_TOTP = 30;   // Google Authenticator
+    public static final int EXPIRES_IN_SECONDS_EMAIL = 120; // Email OTP
     public static final String TFA_ISSUER = "UTMStack";
 
     // ----------------------------------------------------------------------------------

backend/src/main/java/com/park/utmstack/config/LoggingConfiguration.java

@@ -3,8 +3,11 @@
 import ch.qos.logback.classic.LoggerContext;
 import com.fasterxml.jackson.core.JsonProcessingException;
 import com.fasterxml.jackson.databind.ObjectMapper;
+import com.park.utmstack.loggin.filter.MdcCleanupFilter;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.web.servlet.FilterRegistrationBean;
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import tech.jhipster.config.JHipsterProperties;
 
@@ -45,4 +48,13 @@ public LoggingConfiguration(
             addContextListener(context, customFields, loggingProperties);
         }
     }
+
+    @Bean
+    public FilterRegistrationBean<MdcCleanupFilter> mdcCleanupFilter() {
+        FilterRegistrationBean<MdcCleanupFilter> registrationBean = new FilterRegistrationBean<>();
+        registrationBean.setFilter(new MdcCleanupFilter());
+        registrationBean.setOrder(Integer.MAX_VALUE);
+        registrationBean.addUrlPatterns("/*");
+        return registrationBean;
+    }
 }

backend/src/main/java/com/park/utmstack/config/SecurityConfiguration.java

@@ -75,15 +75,6 @@ public PasswordEncoder passwordEncoder() {
         return new BCryptPasswordEncoder();
     }
 
-    @Bean
-    public FilterRegistrationBean<MdcCleanupFilter> mdcCleanupFilter() {
-        FilterRegistrationBean<MdcCleanupFilter> registrationBean = new FilterRegistrationBean<>();
-        registrationBean.setFilter(new MdcCleanupFilter());
-        registrationBean.setOrder(Integer.MAX_VALUE);
-        registrationBean.addUrlPatterns("/*");
-        return registrationBean;
-    }
-
     @Bean
     public WebSecurityCustomizer webSecurityCustomizer() {
         return web -> web.ignoring()
@@ -119,7 +110,10 @@ public void configure(HttpSecurity http) throws Exception {
                 .antMatchers("/api/account/reset-password/init").permitAll()
                 .antMatchers("/api/account/reset-password/finish").permitAll()
                 .antMatchers("/api/images/all").permitAll()
-                .antMatchers("/api/tfa/**").hasAnyAuthority(AuthoritiesConstants.PRE_VERIFICATION_USER, AuthoritiesConstants.ADMIN, AuthoritiesConstants.USER)
+                .antMatchers("/api/enrollment/**").hasAnyAuthority(AuthoritiesConstants.PRE_VERIFICATION_USER)
+                .antMatchers("/api/tfa/verify-code").hasAnyAuthority(AuthoritiesConstants.PRE_VERIFICATION_USER, AuthoritiesConstants.USER, AuthoritiesConstants.ADMIN)
+                .antMatchers("/api/tfa/refresh").hasAnyAuthority(AuthoritiesConstants.PRE_VERIFICATION_USER, AuthoritiesConstants.USER, AuthoritiesConstants.ADMIN)
+                .antMatchers("/api/tfa/**").hasAnyAuthority(AuthoritiesConstants.ADMIN, AuthoritiesConstants.USER)
                 .antMatchers("/api/utm-incident-jobs").hasAuthority(AuthoritiesConstants.ADMIN)
                 .antMatchers("/api/utm-incident-jobs/**").hasAuthority(AuthoritiesConstants.ADMIN)
                 .antMatchers("/api/utm-incident-variables/**").hasAuthority(AuthoritiesConstants.ADMIN)

backend/src/main/java/com/park/utmstack/domain/application_events/enums/ApplicationEventType.java

@@ -31,6 +31,14 @@ public enum ApplicationEventType {
     CONFIG_GROUP_BULK_DELETE_SUCCESS,
     CONFIG_UPDATE_ATTEMPT,
     CONFIG_UPDATE_SUCCESS,
+    INCIDENT_CREATION_ATTEMPT,
+    INCIDENT_CREATED,
+    INCIDENT_CREATION_SUCCESS,
+    INCIDENT_ALERTS_ADDED,
+    INCIDENT_ALERT_ADD_ATTEMPT,
+    INCIDENT_ALERT_ADD_SUCCESS,
+    INCIDENT_UPDATE_ATTEMPT,
+    INCIDENT_UPDATE_SUCCESS,
     ERROR,
     WARNING,
     INFO,

backend/src/main/java/com/park/utmstack/domain/tfa/TfaStage.java

@@ -0,0 +1,7 @@
+package com.park.utmstack.domain.tfa;
+
+public enum TfaStage {
+    INIT,
+    VERIFY,
+    COMPLETE
+}

backend/src/main/java/com/park/utmstack/service/UserService.java

@@ -218,6 +218,8 @@ public void updateUserTfaSecret(String userLogin, String tfaSecret, String tfaMe
                 .orElseThrow(() -> new NoSuchElementException(String.format("User %1$s not found", userLogin)));
             user.setTfaMethod(tfaMethod);
             user.setTfaSecret(tfaSecret);
+
+            userRepository.save(user);
     }
 
     public void deleteUser(String login) {

backend/src/main/java/com/park/utmstack/service/UtmConfigurationParameterService.java

@@ -162,13 +162,13 @@ public Map<String, String> getValueMapForDateSetting() throws Exception {
         }
     }
 
-    public List<UtmConfigurationParameter> getConfigParameterBySectionId(long sectionId) throws Exception {
+    public List<UtmConfigurationParameter> getConfigParameterBySectionId(long sectionId) {
         final String ctx = CLASSNAME + ".getConfigParameterBySectionId";
         try {
             return new ArrayList<>(configParamRepository
                     .findAllBySectionId(sectionId));
         } catch (Exception e) {
-            throw new Exception(ctx + ": " + e.getMessage());
+            throw new RuntimeException(ctx + ": " + e.getMessage());
         }
     }
 

backend/src/main/java/com/park/utmstack/service/dto/auditable/AuditableDTO.java

@@ -0,0 +1,7 @@
+package com.park.utmstack.service.dto.auditable;
+
+import java.util.Map;
+
+public interface AuditableDTO {
+    Map<String, Object> toAuditMap();
+}