You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@datalab.apache.org by dy...@apache.org on 2022/09/23 13:44:04 UTC
[incubator-datalab] 01/01: add image sharing info to audit
This is an automated email from the ASF dual-hosted git repository.
dyankiv pushed a commit to branch DATALAB-3025
in repository https://gitbox.apache.org/repos/asf/incubator-datalab.git
commit 07e5d93bca0c97454f0acc6b653a2ab72a8250a9
Author: Denys Yankiv <de...@gmail.com>
AuthorDate: Fri Sep 23 16:43:19 2022 +0300
add image sharing info to audit
---
.../datalab/backendapi/domain/AuditActionEnum.java | 2 +-
.../resources/ImageExploratoryResource.java | 2 +-
.../service/ImageExploratoryService.java | 4 +-
.../service/impl/ImageExploratoryServiceImpl.java | 59 ++++++++++++++++++----
4 files changed, 55 insertions(+), 12 deletions(-)
diff --git a/services/self-service/src/main/java/com/epam/datalab/backendapi/domain/AuditActionEnum.java b/services/self-service/src/main/java/com/epam/datalab/backendapi/domain/AuditActionEnum.java
index 65fdcda87..f8ffea01d 100644
--- a/services/self-service/src/main/java/com/epam/datalab/backendapi/domain/AuditActionEnum.java
+++ b/services/self-service/src/main/java/com/epam/datalab/backendapi/domain/AuditActionEnum.java
@@ -20,6 +20,6 @@
package com.epam.datalab.backendapi.domain;
public enum AuditActionEnum {
- CREATE, RECREATE, SET_UP_SCHEDULER, START, STOP, TERMINATE, RECONFIGURE, UPDATE, CONNECT, DISCONNECT, UPLOAD,
+ CREATE, RECREATE, SET_UP_SCHEDULER, START, STOP, TERMINATE, RECONFIGURE, UPDATE, CONNECT, DISCONNECT, UPLOAD, UPDATE_SHARING,
DOWNLOAD, DELETE, INSTALL_LIBS, FOLLOW_LINK, LOG_IN
}
diff --git a/services/self-service/src/main/java/com/epam/datalab/backendapi/resources/ImageExploratoryResource.java b/services/self-service/src/main/java/com/epam/datalab/backendapi/resources/ImageExploratoryResource.java
index c70885b83..d18309bba 100644
--- a/services/self-service/src/main/java/com/epam/datalab/backendapi/resources/ImageExploratoryResource.java
+++ b/services/self-service/src/main/java/com/epam/datalab/backendapi/resources/ImageExploratoryResource.java
@@ -124,7 +124,7 @@ public class ImageExploratoryResource {
@Path("share")
public Response shareImage(@Auth UserInfo ui, @Valid @NotNull ImageShareDTO dto) {
log.debug("Sharing user image {} with project {} groups", dto.getImageName(), dto.getProjectName());
- imageExploratoryService.shareImage(ui, dto.getImageName(), dto.getProjectName(), dto.getEndpoint(), dto.getSharedWith());
+ imageExploratoryService.updateImageSharing(ui, dto);
return Response.ok(imageExploratoryService.getImagesOfUser(ui,null)).build();
}
diff --git a/services/self-service/src/main/java/com/epam/datalab/backendapi/service/ImageExploratoryService.java b/services/self-service/src/main/java/com/epam/datalab/backendapi/service/ImageExploratoryService.java
index c1149fb42..901a72baf 100644
--- a/services/self-service/src/main/java/com/epam/datalab/backendapi/service/ImageExploratoryService.java
+++ b/services/self-service/src/main/java/com/epam/datalab/backendapi/service/ImageExploratoryService.java
@@ -46,7 +46,9 @@ public interface ImageExploratoryService {
ImagesPageInfo getImagesOfUser(UserInfo user, ImageFilter imageFilter);
- void shareImage(UserInfo user, String imageName, String projectName, String endpoint, Set<SharedWithDTO> sharedWithDTOS);
+ void updateImageSharing(UserInfo user, ImageShareDTO imageShareDTO);
+
+ //void shareImage(UserInfo user, String imageName, String projectName, String endpoint, Set<SharedWithDTO> sharedWithDTOS, String info);
List<ImageInfoRecord> getSharedImages(UserInfo user);
diff --git a/services/self-service/src/main/java/com/epam/datalab/backendapi/service/impl/ImageExploratoryServiceImpl.java b/services/self-service/src/main/java/com/epam/datalab/backendapi/service/impl/ImageExploratoryServiceImpl.java
index b1acbc270..b0b5bc7dc 100644
--- a/services/self-service/src/main/java/com/epam/datalab/backendapi/service/impl/ImageExploratoryServiceImpl.java
+++ b/services/self-service/src/main/java/com/epam/datalab/backendapi/service/impl/ImageExploratoryServiceImpl.java
@@ -60,8 +60,7 @@ import java.util.*;
import java.util.function.Predicate;
import java.util.stream.Collectors;
-import static com.epam.datalab.backendapi.domain.AuditActionEnum.CREATE;
-import static com.epam.datalab.backendapi.domain.AuditActionEnum.TERMINATE;
+import static com.epam.datalab.backendapi.domain.AuditActionEnum.*;
import static com.epam.datalab.backendapi.domain.AuditResourceTypeEnum.IMAGE;
@Singleton
@@ -77,6 +76,11 @@ public class ImageExploratoryServiceImpl implements ImageExploratoryService {
private static final String CREATE_NOTEBOOK_BASED_ON_OWN_IMAGES = "/api/exploratory/createFromOwnCustomImage";
private static final String CREATE_NOTEBOOK_BASED_ON_SHARED_IMAGES = "/api/exploratory/createFromSharedCustomImage";
+ private static final String AUDIT_SHARE_IMAGE_WITH_GROUPS = "Add group(s): %s\n";
+ private static final String AUDIT_SHARE_IMAGE_WITH_USERS = "Add users(s): %s\n";
+ private static final String AUDIT_STOP_SHARE_IMAGE_WITH_GROUPS = "Remove group(s): %s\n";
+ private static final String AUDIT_STOP_SHARE_IMAGE_WITH_USERS = "Remove users(s): %s\n";
+
@Inject
private ExploratoryDAO exploratoryDAO;
@Inject
@@ -255,12 +259,9 @@ public class ImageExploratoryServiceImpl implements ImageExploratoryService {
}
@Override
- public void shareImage(UserInfo user, String imageName, String projectName, String endpoint, Set<SharedWithDTO> sharedWithDTOS) {
- Optional<ImageInfoRecord> image = imageExploratoryDao.getImage(user.getName(), imageName, projectName, endpoint);
- image.ifPresent(img -> {
- log.info("image {}", img);
- imageExploratoryDao.updateSharing(toSharedWith(sharedWithDTOS), img.getName(), img.getProject(), img.getEndpoint());
- });
+ public void updateImageSharing(UserInfo user, ImageShareDTO imageShareDTO){
+ String info = updateImageSharingAudit(imageShareDTO);
+ shareImage(user, imageShareDTO.getImageName(), imageShareDTO.getProjectName(), imageShareDTO.getEndpoint(), imageShareDTO.getSharedWith(), info);
}
@Override
@@ -287,7 +288,6 @@ public class ImageExploratoryServiceImpl implements ImageExploratoryService {
.filter(img -> img.getDockerImage().equals(dockerImage) && img.getProject().equals(project) && img.getEndpoint().equals(endpoint))
.filter(img -> hasAccess(userInfo.getName(), img.getSharedWith()))
.collect(Collectors.toList());
- //sharedImages.forEach(img -> img.setSharingStatus(getImageSharingStatus(userInfo.getName(), img)));
log.info("Found shared with user {} images {}", userInfo.getName(), sharedImages);
return sharedImages;
}
@@ -324,6 +324,16 @@ public class ImageExploratoryServiceImpl implements ImageExploratoryService {
return new TreeSet<>(canBeSharedWith);
}
+ @Audit(action = UPDATE_SHARING, type = IMAGE)
+ public void shareImage(@User UserInfo user, @ResourceName String imageName, @Project String projectName, String endpoint,
+ Set<SharedWithDTO> sharedWithDTOS, @Info String info) {
+ Optional<ImageInfoRecord> image = imageExploratoryDao.getImage(user.getName(), imageName, projectName, endpoint);
+ image.ifPresent(img -> {
+ log.info("image {}", img);
+ imageExploratoryDao.updateSharing(toSharedWith(sharedWithDTOS), img.getName(), img.getProject(), img.getEndpoint());
+ });
+ }
+
private boolean hasAccess(String userName, SharedWith sharedWith) {
boolean accessByUserName = sharedWith.getUsers().contains(userName);
boolean accessByGroup = sharedWith.getGroups().stream().anyMatch(groupName -> userGroupDAO.getUsers(groupName).contains(userName));
@@ -420,6 +430,37 @@ public class ImageExploratoryServiceImpl implements ImageExploratoryService {
return filterData;
}
+ private String updateImageSharingAudit(ImageShareDTO imageShareDTO){
+ StringBuilder audit = new StringBuilder();
+ imageExploratoryDao.getImage(imageShareDTO.getImageName(), imageShareDTO.getProjectName(), imageShareDTO.getEndpoint()).ifPresent((img)->{
+ Set<String> oldGroups = new TreeSet<>(img.getSharedWith().getGroups());
+ Set<String> oldUsers = new TreeSet<>(img.getSharedWith().getUsers());
+ SharedWith oldSharedWith = img.getSharedWith();
+ SharedWith newSharedWith = toSharedWith(imageShareDTO.getSharedWith());
+
+ oldSharedWith.getGroups().removeAll(newSharedWith.getGroups());
+ oldSharedWith.getUsers().removeAll(newSharedWith.getUsers());
+
+ newSharedWith.getGroups().removeAll(oldGroups);
+ newSharedWith.getUsers().removeAll(oldUsers);
+
+ if(!oldSharedWith.getGroups().isEmpty()){
+ audit.append(String.format(AUDIT_STOP_SHARE_IMAGE_WITH_GROUPS, String.join(", ", oldSharedWith.getGroups())));
+ }
+ if(!oldSharedWith.getUsers().isEmpty()){
+ audit.append(String.format(AUDIT_STOP_SHARE_IMAGE_WITH_USERS, String.join(", ", oldSharedWith.getUsers())));
+ }
+ if(!newSharedWith.getGroups().isEmpty()){
+ audit.append(String.format(AUDIT_SHARE_IMAGE_WITH_GROUPS, String.join(", ", newSharedWith.getGroups())));
+ }
+ if(!newSharedWith.getUsers().isEmpty()){
+ audit.append(String.format(AUDIT_SHARE_IMAGE_WITH_USERS, String.join(", ", newSharedWith.getUsers())));
+ }
+
+ });
+ return audit.toString();
+ }
+
private ImageInfoDTO toImageInfoDTO(ImageInfoRecord imageInfoRecord, UserInfo userInfo){
return ImageInfoDTO.builder()
.name(imageInfoRecord.getName())
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@datalab.apache.org
For additional commands, e-mail: commits-help@datalab.apache.org