You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@datalab.apache.org by dy...@apache.org on 2022/09/23 13:44:03 UTC
[incubator-datalab] branch DATALAB-3025 created (now 07e5d93bc)
This is an automated email from the ASF dual-hosted git repository.
dyankiv pushed a change to branch DATALAB-3025
in repository https://gitbox.apache.org/repos/asf/incubator-datalab.git
at 07e5d93bc add image sharing info to audit
This branch includes the following new commits:
new 07e5d93bc add image sharing info to audit
The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@datalab.apache.org
For additional commands, e-mail: commits-help@datalab.apache.org
[incubator-datalab] 01/01: add image sharing info to audit
Posted by dy...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
dyankiv pushed a commit to branch DATALAB-3025
in repository https://gitbox.apache.org/repos/asf/incubator-datalab.git
commit 07e5d93bca0c97454f0acc6b653a2ab72a8250a9
Author: Denys Yankiv <de...@gmail.com>
AuthorDate: Fri Sep 23 16:43:19 2022 +0300
add image sharing info to audit
---
.../datalab/backendapi/domain/AuditActionEnum.java | 2 +-
.../resources/ImageExploratoryResource.java | 2 +-
.../service/ImageExploratoryService.java | 4 +-
.../service/impl/ImageExploratoryServiceImpl.java | 59 ++++++++++++++++++----
4 files changed, 55 insertions(+), 12 deletions(-)
diff --git a/services/self-service/src/main/java/com/epam/datalab/backendapi/domain/AuditActionEnum.java b/services/self-service/src/main/java/com/epam/datalab/backendapi/domain/AuditActionEnum.java
index 65fdcda87..f8ffea01d 100644
--- a/services/self-service/src/main/java/com/epam/datalab/backendapi/domain/AuditActionEnum.java
+++ b/services/self-service/src/main/java/com/epam/datalab/backendapi/domain/AuditActionEnum.java
@@ -20,6 +20,6 @@
package com.epam.datalab.backendapi.domain;
public enum AuditActionEnum {
- CREATE, RECREATE, SET_UP_SCHEDULER, START, STOP, TERMINATE, RECONFIGURE, UPDATE, CONNECT, DISCONNECT, UPLOAD,
+ CREATE, RECREATE, SET_UP_SCHEDULER, START, STOP, TERMINATE, RECONFIGURE, UPDATE, CONNECT, DISCONNECT, UPLOAD, UPDATE_SHARING,
DOWNLOAD, DELETE, INSTALL_LIBS, FOLLOW_LINK, LOG_IN
}
diff --git a/services/self-service/src/main/java/com/epam/datalab/backendapi/resources/ImageExploratoryResource.java b/services/self-service/src/main/java/com/epam/datalab/backendapi/resources/ImageExploratoryResource.java
index c70885b83..d18309bba 100644
--- a/services/self-service/src/main/java/com/epam/datalab/backendapi/resources/ImageExploratoryResource.java
+++ b/services/self-service/src/main/java/com/epam/datalab/backendapi/resources/ImageExploratoryResource.java
@@ -124,7 +124,7 @@ public class ImageExploratoryResource {
@Path("share")
public Response shareImage(@Auth UserInfo ui, @Valid @NotNull ImageShareDTO dto) {
log.debug("Sharing user image {} with project {} groups", dto.getImageName(), dto.getProjectName());
- imageExploratoryService.shareImage(ui, dto.getImageName(), dto.getProjectName(), dto.getEndpoint(), dto.getSharedWith());
+ imageExploratoryService.updateImageSharing(ui, dto);
return Response.ok(imageExploratoryService.getImagesOfUser(ui,null)).build();
}
diff --git a/services/self-service/src/main/java/com/epam/datalab/backendapi/service/ImageExploratoryService.java b/services/self-service/src/main/java/com/epam/datalab/backendapi/service/ImageExploratoryService.java
index c1149fb42..901a72baf 100644
--- a/services/self-service/src/main/java/com/epam/datalab/backendapi/service/ImageExploratoryService.java
+++ b/services/self-service/src/main/java/com/epam/datalab/backendapi/service/ImageExploratoryService.java
@@ -46,7 +46,9 @@ public interface ImageExploratoryService {
ImagesPageInfo getImagesOfUser(UserInfo user, ImageFilter imageFilter);
- void shareImage(UserInfo user, String imageName, String projectName, String endpoint, Set<SharedWithDTO> sharedWithDTOS);
+ void updateImageSharing(UserInfo user, ImageShareDTO imageShareDTO);
+
+ //void shareImage(UserInfo user, String imageName, String projectName, String endpoint, Set<SharedWithDTO> sharedWithDTOS, String info);
List<ImageInfoRecord> getSharedImages(UserInfo user);
diff --git a/services/self-service/src/main/java/com/epam/datalab/backendapi/service/impl/ImageExploratoryServiceImpl.java b/services/self-service/src/main/java/com/epam/datalab/backendapi/service/impl/ImageExploratoryServiceImpl.java
index b1acbc270..b0b5bc7dc 100644
--- a/services/self-service/src/main/java/com/epam/datalab/backendapi/service/impl/ImageExploratoryServiceImpl.java
+++ b/services/self-service/src/main/java/com/epam/datalab/backendapi/service/impl/ImageExploratoryServiceImpl.java
@@ -60,8 +60,7 @@ import java.util.*;
import java.util.function.Predicate;
import java.util.stream.Collectors;
-import static com.epam.datalab.backendapi.domain.AuditActionEnum.CREATE;
-import static com.epam.datalab.backendapi.domain.AuditActionEnum.TERMINATE;
+import static com.epam.datalab.backendapi.domain.AuditActionEnum.*;
import static com.epam.datalab.backendapi.domain.AuditResourceTypeEnum.IMAGE;
@Singleton
@@ -77,6 +76,11 @@ public class ImageExploratoryServiceImpl implements ImageExploratoryService {
private static final String CREATE_NOTEBOOK_BASED_ON_OWN_IMAGES = "/api/exploratory/createFromOwnCustomImage";
private static final String CREATE_NOTEBOOK_BASED_ON_SHARED_IMAGES = "/api/exploratory/createFromSharedCustomImage";
+ private static final String AUDIT_SHARE_IMAGE_WITH_GROUPS = "Add group(s): %s\n";
+ private static final String AUDIT_SHARE_IMAGE_WITH_USERS = "Add users(s): %s\n";
+ private static final String AUDIT_STOP_SHARE_IMAGE_WITH_GROUPS = "Remove group(s): %s\n";
+ private static final String AUDIT_STOP_SHARE_IMAGE_WITH_USERS = "Remove users(s): %s\n";
+
@Inject
private ExploratoryDAO exploratoryDAO;
@Inject
@@ -255,12 +259,9 @@ public class ImageExploratoryServiceImpl implements ImageExploratoryService {
}
@Override
- public void shareImage(UserInfo user, String imageName, String projectName, String endpoint, Set<SharedWithDTO> sharedWithDTOS) {
- Optional<ImageInfoRecord> image = imageExploratoryDao.getImage(user.getName(), imageName, projectName, endpoint);
- image.ifPresent(img -> {
- log.info("image {}", img);
- imageExploratoryDao.updateSharing(toSharedWith(sharedWithDTOS), img.getName(), img.getProject(), img.getEndpoint());
- });
+ public void updateImageSharing(UserInfo user, ImageShareDTO imageShareDTO){
+ String info = updateImageSharingAudit(imageShareDTO);
+ shareImage(user, imageShareDTO.getImageName(), imageShareDTO.getProjectName(), imageShareDTO.getEndpoint(), imageShareDTO.getSharedWith(), info);
}
@Override
@@ -287,7 +288,6 @@ public class ImageExploratoryServiceImpl implements ImageExploratoryService {
.filter(img -> img.getDockerImage().equals(dockerImage) && img.getProject().equals(project) && img.getEndpoint().equals(endpoint))
.filter(img -> hasAccess(userInfo.getName(), img.getSharedWith()))
.collect(Collectors.toList());
- //sharedImages.forEach(img -> img.setSharingStatus(getImageSharingStatus(userInfo.getName(), img)));
log.info("Found shared with user {} images {}", userInfo.getName(), sharedImages);
return sharedImages;
}
@@ -324,6 +324,16 @@ public class ImageExploratoryServiceImpl implements ImageExploratoryService {
return new TreeSet<>(canBeSharedWith);
}
+ @Audit(action = UPDATE_SHARING, type = IMAGE)
+ public void shareImage(@User UserInfo user, @ResourceName String imageName, @Project String projectName, String endpoint,
+ Set<SharedWithDTO> sharedWithDTOS, @Info String info) {
+ Optional<ImageInfoRecord> image = imageExploratoryDao.getImage(user.getName(), imageName, projectName, endpoint);
+ image.ifPresent(img -> {
+ log.info("image {}", img);
+ imageExploratoryDao.updateSharing(toSharedWith(sharedWithDTOS), img.getName(), img.getProject(), img.getEndpoint());
+ });
+ }
+
private boolean hasAccess(String userName, SharedWith sharedWith) {
boolean accessByUserName = sharedWith.getUsers().contains(userName);
boolean accessByGroup = sharedWith.getGroups().stream().anyMatch(groupName -> userGroupDAO.getUsers(groupName).contains(userName));
@@ -420,6 +430,37 @@ public class ImageExploratoryServiceImpl implements ImageExploratoryService {
return filterData;
}
+ private String updateImageSharingAudit(ImageShareDTO imageShareDTO){
+ StringBuilder audit = new StringBuilder();
+ imageExploratoryDao.getImage(imageShareDTO.getImageName(), imageShareDTO.getProjectName(), imageShareDTO.getEndpoint()).ifPresent((img)->{
+ Set<String> oldGroups = new TreeSet<>(img.getSharedWith().getGroups());
+ Set<String> oldUsers = new TreeSet<>(img.getSharedWith().getUsers());
+ SharedWith oldSharedWith = img.getSharedWith();
+ SharedWith newSharedWith = toSharedWith(imageShareDTO.getSharedWith());
+
+ oldSharedWith.getGroups().removeAll(newSharedWith.getGroups());
+ oldSharedWith.getUsers().removeAll(newSharedWith.getUsers());
+
+ newSharedWith.getGroups().removeAll(oldGroups);
+ newSharedWith.getUsers().removeAll(oldUsers);
+
+ if(!oldSharedWith.getGroups().isEmpty()){
+ audit.append(String.format(AUDIT_STOP_SHARE_IMAGE_WITH_GROUPS, String.join(", ", oldSharedWith.getGroups())));
+ }
+ if(!oldSharedWith.getUsers().isEmpty()){
+ audit.append(String.format(AUDIT_STOP_SHARE_IMAGE_WITH_USERS, String.join(", ", oldSharedWith.getUsers())));
+ }
+ if(!newSharedWith.getGroups().isEmpty()){
+ audit.append(String.format(AUDIT_SHARE_IMAGE_WITH_GROUPS, String.join(", ", newSharedWith.getGroups())));
+ }
+ if(!newSharedWith.getUsers().isEmpty()){
+ audit.append(String.format(AUDIT_SHARE_IMAGE_WITH_USERS, String.join(", ", newSharedWith.getUsers())));
+ }
+
+ });
+ return audit.toString();
+ }
+
private ImageInfoDTO toImageInfoDTO(ImageInfoRecord imageInfoRecord, UserInfo userInfo){
return ImageInfoDTO.builder()
.name(imageInfoRecord.getName())
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@datalab.apache.org
For additional commands, e-mail: commits-help@datalab.apache.org