Finish audit log redux - completes #5

This commit is contained in:
Colin McDonald 2016-06-26 17:14:47 -04:00
parent d8b66742de
commit 1b20362f4d
24 changed files with 393 additions and 40 deletions

View File

@ -39,6 +39,7 @@ import net.frozenorb.apiv3.handler.MetricsHandler;
import net.frozenorb.apiv3.model.*;
import net.frozenorb.apiv3.route.GETDumpsType;
import net.frozenorb.apiv3.route.GETWhoAmI;
import net.frozenorb.apiv3.route.auditLog.DELETEAuditLogId;
import net.frozenorb.apiv3.route.auditLog.GETAuditLog;
import net.frozenorb.apiv3.route.auditLog.POSTAuditLog;
import net.frozenorb.apiv3.route.bannedAsns.DELETEBannedAsnsId;
@ -244,6 +245,7 @@ public final class APIv3 extends AbstractVerticle {
http.get("/auditLog").handler(new GETAuditLog());
http.post("/auditLog").handler(new POSTAuditLog());
http.delete("/auditLog/:id").blockingHandler(new DELETEAuditLogId());
http.get("/bannedAsns/:id").handler(new GETBannedAsnsId());
http.get("/bannedAsns").handler(new GETBannedAsns());
@ -265,11 +267,13 @@ public final class APIv3 extends AbstractVerticle {
http.get("/grants/:id").handler(new GETGrantsId());
http.get("/grants").handler(new GETGrants());
http.post("/grants").blockingHandler(new POSTGrants(), false);
//http.put("/grants/:id").blockingHandler(new PUTGrantsId(), false);
http.delete("/grants/:id").blockingHandler(new DELETEGrantsId(), false);
http.get("/ipBans/:id").handler(new GETIpBansId());
http.get("/ipBans").handler(new GETIpBans());
http.post("/ipBans").blockingHandler(new POSTIpBans(), false);
//http.put("/ipBans/:id").blockingHandler(new PUTIpBansId(), false);
http.delete("/ipBans/:id").blockingHandler(new DELETEIpBansId(), false);
http.get("/ipIntel/:id").handler(new GETIpInteld());
@ -285,6 +289,7 @@ public final class APIv3 extends AbstractVerticle {
http.get("/punishments/:id").handler(new GETPunishmentsId());
http.get("/punishments").handler(new GETPunishments());
http.post("/punishments").blockingHandler(new POSTPunishments(), false);
//http.put("/punishments/:id").blockingHandler(new PUTPunishmentsId(), false);
http.delete("/punishments/:id").blockingHandler(new DELETEPunishmentsId(), false);
http.delete("/users/:id/activePunishment").blockingHandler(new DELETEUsersIdActivePunishment(), false);

View File

@ -6,6 +6,7 @@ import net.frozenorb.apiv3.model.AuditLogEntry;
public enum AuditLogActionType {
AUDIT_LOG_REVERT(false),
BANNED_ASN_CREATE(false),
BANNED_ASN_UPDATE(false),
BANNED_ASN_DELETE(false),
@ -36,6 +37,7 @@ public enum AuditLogActionType {
USER_CHANGE_PASSWORD(false),
USER_PASSWORD_RESET(false),
USER_REGISTER(false),
USER_CONFIRM_EMAIL(false),
USER_SETUP_TOTP(false),
USER_VERIFY_TOTP(false);
@ -45,7 +47,7 @@ public enum AuditLogActionType {
this.reversible = reversible;
}
public void revert(AuditLogEntry entry, SingleResultCallback<Boolean> callback) {
public void reverse(AuditLogEntry entry, SingleResultCallback<Void> callback) {
callback.onResult(null, new UnsupportedOperationException());
}

View File

@ -41,6 +41,10 @@ public final class AuditLogEntry {
auditLogCollection.find(query).sort(new Document("performedAt", -1)).skip(skip).limit(pageSize).into(new LinkedList<>(), callback);
}
public static void findById(String id, SingleResultCallback<AuditLogEntry> callback) {
auditLogCollection.find(new Document("_id", id)).first(callback);
}
public static void find(Document query, SingleResultCallback<List<AuditLogEntry>> callback) {
auditLogCollection.find(query).into(new LinkedList<>(), callback);
}

View File

@ -0,0 +1,52 @@
package net.frozenorb.apiv3.route.auditLog;
import com.google.common.collect.ImmutableMap;
import io.vertx.core.Handler;
import io.vertx.core.json.JsonObject;
import io.vertx.ext.web.RoutingContext;
import net.frozenorb.apiv3.APIv3;
import net.frozenorb.apiv3.auditLog.AuditLog;
import net.frozenorb.apiv3.auditLog.AuditLogActionType;
import net.frozenorb.apiv3.model.*;
import net.frozenorb.apiv3.unsorted.BlockingCallback;
import net.frozenorb.apiv3.util.ErrorUtils;
import java.util.UUID;
public final class DELETEAuditLogId implements Handler<RoutingContext> {
public void handle(RoutingContext ctx) {
BlockingCallback<AuditLogEntry> auditLogEntryCallback = new BlockingCallback<>();
AuditLogEntry.findById(ctx.request().getParam("id"), auditLogEntryCallback);
AuditLogEntry auditLogEntry = auditLogEntryCallback.get();
if (auditLogEntry == null) {
ErrorUtils.respondNotFound(ctx, "Audit log entry", ctx.request().getParam("id"));
return;
}
if (!auditLogEntry.isReversible()) {
ErrorUtils.respondInvalidInput(ctx, "Audit log entry referenced is not reversible.");
return;
}
BlockingCallback<Void> callback = new BlockingCallback<>();
auditLogEntry.getType().reverse(auditLogEntry, callback);
callback.get();
JsonObject requestBody = ctx.getBodyAsJson();
if (requestBody.containsKey("user")) {
AuditLog.log(UUID.fromString(requestBody.getString("user")), requestBody.getString("userIp"), ctx, AuditLogActionType.AUDIT_LOG_REVERT, ImmutableMap.of("auditLogEntryId", auditLogEntry.getId()), (ignored, error) -> {
if (error != null) {
ErrorUtils.respondInternalError(ctx, error);
} else {
APIv3.respondJson(ctx, auditLogEntry);
}
});
} else {
APIv3.respondJson(ctx, auditLogEntry);
}
}
}

View File

@ -1,13 +1,19 @@
package net.frozenorb.apiv3.route.bannedAsns;
import com.google.common.collect.ImmutableMap;
import com.mongodb.client.result.DeleteResult;
import io.vertx.core.Handler;
import io.vertx.core.json.JsonObject;
import io.vertx.ext.web.RoutingContext;
import net.frozenorb.apiv3.APIv3;
import net.frozenorb.apiv3.auditLog.AuditLog;
import net.frozenorb.apiv3.auditLog.AuditLogActionType;
import net.frozenorb.apiv3.model.BannedAsn;
import net.frozenorb.apiv3.unsorted.BlockingCallback;
import net.frozenorb.apiv3.util.ErrorUtils;
import java.util.UUID;
public final class DELETEBannedAsnsId implements Handler<RoutingContext> {
public void handle(RoutingContext ctx) {
@ -21,7 +27,20 @@ public final class DELETEBannedAsnsId implements Handler<RoutingContext> {
BlockingCallback<DeleteResult> callback = new BlockingCallback<>();
bannedAsn.delete(callback);
callback.get();
JsonObject requestBody = ctx.getBodyAsJson();
if (requestBody.containsKey("addedBy")) {
AuditLog.log(UUID.fromString(requestBody.getString("addedBy")), requestBody.getString("addedByIp"), ctx, AuditLogActionType.BANNED_ASN_DELETE, ImmutableMap.of("bannedAsnId", bannedAsn.getId()), (ignored, error) -> {
if (error != null) {
ErrorUtils.respondInternalError(ctx, error);
} else {
APIv3.respondJson(ctx, bannedAsn);
}
});
} else {
APIv3.respondJson(ctx, bannedAsn);
}
}
}

View File

@ -1,11 +1,17 @@
package net.frozenorb.apiv3.route.bannedAsns;
import com.google.common.collect.ImmutableMap;
import io.vertx.core.Handler;
import io.vertx.core.json.JsonObject;
import io.vertx.ext.web.RoutingContext;
import net.frozenorb.apiv3.APIv3;
import net.frozenorb.apiv3.auditLog.AuditLog;
import net.frozenorb.apiv3.auditLog.AuditLogActionType;
import net.frozenorb.apiv3.model.BannedAsn;
import net.frozenorb.apiv3.unsorted.BlockingCallback;
import net.frozenorb.apiv3.util.ErrorUtils;
import java.util.UUID;
public final class POSTBannedAsns implements Handler<RoutingContext> {
@ -18,7 +24,18 @@ public final class POSTBannedAsns implements Handler<RoutingContext> {
BlockingCallback<Void> callback = new BlockingCallback<>();
bannedAsn.insert(callback);
callback.get();
if (requestBody.containsKey("addedBy")) {
AuditLog.log(UUID.fromString(requestBody.getString("addedBy")), requestBody.getString("addedByIp"), ctx, AuditLogActionType.BANNED_ASN_CREATE, ImmutableMap.of("bannedAsnId", id), (ignored, error) -> {
if (error != null) {
ErrorUtils.respondInternalError(ctx, error);
} else {
APIv3.respondJson(ctx, bannedAsn);
}
});
} else {
APIv3.respondJson(ctx, bannedAsn);
}
}
}

View File

@ -1,13 +1,19 @@
package net.frozenorb.apiv3.route.bannedCellCarriers;
import com.google.common.collect.ImmutableMap;
import com.mongodb.client.result.DeleteResult;
import io.vertx.core.Handler;
import io.vertx.core.json.JsonObject;
import io.vertx.ext.web.RoutingContext;
import net.frozenorb.apiv3.APIv3;
import net.frozenorb.apiv3.auditLog.AuditLog;
import net.frozenorb.apiv3.auditLog.AuditLogActionType;
import net.frozenorb.apiv3.model.BannedCellCarrier;
import net.frozenorb.apiv3.unsorted.BlockingCallback;
import net.frozenorb.apiv3.util.ErrorUtils;
import java.util.UUID;
public final class DELETEBannedCellCarriersId implements Handler<RoutingContext> {
public void handle(RoutingContext ctx) {
@ -21,7 +27,20 @@ public final class DELETEBannedCellCarriersId implements Handler<RoutingContext>
BlockingCallback<DeleteResult> callback = new BlockingCallback<>();
bannedCellCarrier.delete(callback);
callback.get();
JsonObject requestBody = ctx.getBodyAsJson();
if (requestBody.containsKey("addedBy")) {
AuditLog.log(UUID.fromString(requestBody.getString("addedBy")), requestBody.getString("addedByIp"), ctx, AuditLogActionType.BANNED_CALL_CARRIER_DELETE, ImmutableMap.of("bannedCellCarrierId", bannedCellCarrier.getId()), (ignored, error) -> {
if (error != null) {
ErrorUtils.respondInternalError(ctx, error);
} else {
APIv3.respondJson(ctx, bannedCellCarrier);
}
});
} else {
APIv3.respondJson(ctx, bannedCellCarrier);
}
}
}

View File

@ -1,11 +1,17 @@
package net.frozenorb.apiv3.route.bannedCellCarriers;
import com.google.common.collect.ImmutableMap;
import io.vertx.core.Handler;
import io.vertx.core.json.JsonObject;
import io.vertx.ext.web.RoutingContext;
import net.frozenorb.apiv3.APIv3;
import net.frozenorb.apiv3.auditLog.AuditLog;
import net.frozenorb.apiv3.auditLog.AuditLogActionType;
import net.frozenorb.apiv3.model.BannedCellCarrier;
import net.frozenorb.apiv3.unsorted.BlockingCallback;
import net.frozenorb.apiv3.util.ErrorUtils;
import java.util.UUID;
public final class POSTBannedCellCarriers implements Handler<RoutingContext> {
@ -18,7 +24,18 @@ public final class POSTBannedCellCarriers implements Handler<RoutingContext> {
BlockingCallback<Void> callback = new BlockingCallback<>();
bannedCellCarrier.insert(callback);
callback.get();
if (requestBody.containsKey("addedBy")) {
AuditLog.log(UUID.fromString(requestBody.getString("addedBy")), requestBody.getString("addedByIp"), ctx, AuditLogActionType.BANNED_CALL_CARRIER_CREATE, ImmutableMap.of("bannedCellCarrierId", id), (ignored, error) -> {
if (error != null) {
ErrorUtils.respondInternalError(ctx, error);
} else {
APIv3.respondJson(ctx, bannedCellCarrier);
}
});
} else {
APIv3.respondJson(ctx, bannedCellCarrier);
}
}
}

View File

@ -6,6 +6,8 @@ import io.vertx.core.Handler;
import io.vertx.core.json.JsonObject;
import io.vertx.ext.web.RoutingContext;
import net.frozenorb.apiv3.APIv3;
import net.frozenorb.apiv3.auditLog.AuditLog;
import net.frozenorb.apiv3.auditLog.AuditLogActionType;
import net.frozenorb.apiv3.model.User;
import net.frozenorb.apiv3.unsorted.BlockingCallback;
import net.frozenorb.apiv3.util.ErrorUtils;
@ -50,9 +52,15 @@ public final class POSTEmailTokensIdConfirm implements Handler<RoutingContext> {
user.save(callback);
callback.get();
AuditLog.log(user.getId(), requestBody.getString("userIp"), ctx, AuditLogActionType.USER_CONFIRM_EMAIL, (ignored, error) -> {
if (error != null) {
ErrorUtils.respondInternalError(ctx, error);
} else {
APIv3.respondJson(ctx, ImmutableMap.of(
"success", true
));
}
});
}
}

View File

@ -1,9 +1,12 @@
package net.frozenorb.apiv3.route.ipBans;
import com.google.common.collect.ImmutableMap;
import io.vertx.core.Handler;
import io.vertx.core.json.JsonObject;
import io.vertx.ext.web.RoutingContext;
import net.frozenorb.apiv3.APIv3;
import net.frozenorb.apiv3.auditLog.AuditLog;
import net.frozenorb.apiv3.auditLog.AuditLogActionType;
import net.frozenorb.apiv3.model.IpBan;
import net.frozenorb.apiv3.model.User;
import net.frozenorb.apiv3.unsorted.BlockingCallback;
@ -51,7 +54,17 @@ public final class POSTIpBans implements Handler<RoutingContext> {
ipBan.insert(callback);
callback.get();
if (addedBy != null) {
AuditLog.log(addedBy.getId(), requestBody.getString("addedByIp"), ctx, AuditLogActionType.IP_BAN_CREATE, ImmutableMap.of("ipBanId", ipBan.getId()), (ignored, error) -> {
if (error != null) {
ErrorUtils.respondInternalError(ctx, error);
} else {
APIv3.respondJson(ctx, ipBan);
}
});
} else {
APIv3.respondJson(ctx, ipBan);
}
}
}

View File

@ -1,13 +1,19 @@
package net.frozenorb.apiv3.route.notificationTemplates;
import com.google.common.collect.ImmutableMap;
import com.mongodb.client.result.DeleteResult;
import io.vertx.core.Handler;
import io.vertx.core.json.JsonObject;
import io.vertx.ext.web.RoutingContext;
import net.frozenorb.apiv3.APIv3;
import net.frozenorb.apiv3.auditLog.AuditLog;
import net.frozenorb.apiv3.auditLog.AuditLogActionType;
import net.frozenorb.apiv3.model.NotificationTemplate;
import net.frozenorb.apiv3.unsorted.BlockingCallback;
import net.frozenorb.apiv3.util.ErrorUtils;
import java.util.UUID;
public final class DELETENotificationTemplatesId implements Handler<RoutingContext> {
public void handle(RoutingContext ctx) {
@ -23,7 +29,20 @@ public final class DELETENotificationTemplatesId implements Handler<RoutingConte
BlockingCallback<DeleteResult> callback = new BlockingCallback<>();
notificationTemplate.delete(callback);
callback.get();
JsonObject requestBody = ctx.getBodyAsJson();
if (requestBody.containsKey("addedBy")) {
AuditLog.log(UUID.fromString(requestBody.getString("addedBy")), requestBody.getString("addedByIp"), ctx, AuditLogActionType.NOTIFICATION_TEMPLATE_DELETE, ImmutableMap.of("notificationTemplateId", notificationTemplate.getId()), (ignored, error) -> {
if (error != null) {
ErrorUtils.respondInternalError(ctx, error);
} else {
APIv3.respondJson(ctx, notificationTemplate);
}
});
} else {
APIv3.respondJson(ctx, notificationTemplate);
}
}
}

View File

@ -1,11 +1,17 @@
package net.frozenorb.apiv3.route.notificationTemplates;
import com.google.common.collect.ImmutableMap;
import io.vertx.core.Handler;
import io.vertx.core.json.JsonObject;
import io.vertx.ext.web.RoutingContext;
import net.frozenorb.apiv3.APIv3;
import net.frozenorb.apiv3.auditLog.AuditLog;
import net.frozenorb.apiv3.auditLog.AuditLogActionType;
import net.frozenorb.apiv3.model.NotificationTemplate;
import net.frozenorb.apiv3.unsorted.BlockingCallback;
import net.frozenorb.apiv3.util.ErrorUtils;
import java.util.UUID;
public final class POSTNotificationTemplates implements Handler<RoutingContext> {
@ -19,7 +25,18 @@ public final class POSTNotificationTemplates implements Handler<RoutingContext>
BlockingCallback<Void> callback = new BlockingCallback<>();
notificationTemplate.insert(callback);
callback.get();
if (requestBody.containsKey("addedBy")) {
AuditLog.log(UUID.fromString(requestBody.getString("addedBy")), requestBody.getString("addedByIp"), ctx, AuditLogActionType.NOTIFICATION_TEMPLATE_CREATE, ImmutableMap.of("notificationTemplateId", id), (ignored, error) -> {
if (error != null) {
ErrorUtils.respondInternalError(ctx, error);
} else {
APIv3.respondJson(ctx, notificationTemplate);
}
});
} else {
APIv3.respondJson(ctx, notificationTemplate);
}
}
}

View File

@ -6,6 +6,8 @@ import io.vertx.core.Handler;
import io.vertx.core.json.JsonObject;
import io.vertx.ext.web.RoutingContext;
import net.frozenorb.apiv3.APIv3;
import net.frozenorb.apiv3.auditLog.AuditLog;
import net.frozenorb.apiv3.auditLog.AuditLogActionType;
import net.frozenorb.apiv3.model.IpBan;
import net.frozenorb.apiv3.model.Punishment;
import net.frozenorb.apiv3.model.User;
@ -101,10 +103,23 @@ public final class POSTPunishments implements Handler<RoutingContext> {
punishment.insert(callback);
callback.get();
if (addedBy != null) {
AuditLog.log(addedBy.getId(), requestBody.getString("addedByIp"), ctx, AuditLogActionType.PUNISHMENT_CREATE, ImmutableMap.of("punishmentId", punishment.getId()), (ignored, error) -> {
if (error != null) {
ErrorUtils.respondInternalError(ctx, error);
} else {
APIv3.respondJson(ctx, ImmutableMap.of(
"punishment", punishment,
"accessDenialReason", accessDenialReason == null ? "" : accessDenialReason
));
}
});
} else {
APIv3.respondJson(ctx, ImmutableMap.of(
"punishment", punishment,
"accessDenialReason", accessDenialReason == null ? "" : accessDenialReason
));
}
}
}

View File

@ -1,13 +1,19 @@
package net.frozenorb.apiv3.route.ranks;
import com.google.common.collect.ImmutableMap;
import com.mongodb.client.result.DeleteResult;
import io.vertx.core.Handler;
import io.vertx.core.json.JsonObject;
import io.vertx.ext.web.RoutingContext;
import net.frozenorb.apiv3.APIv3;
import net.frozenorb.apiv3.auditLog.AuditLog;
import net.frozenorb.apiv3.auditLog.AuditLogActionType;
import net.frozenorb.apiv3.model.Rank;
import net.frozenorb.apiv3.unsorted.BlockingCallback;
import net.frozenorb.apiv3.util.ErrorUtils;
import java.util.UUID;
public final class DELETERanksId implements Handler<RoutingContext> {
public void handle(RoutingContext ctx) {
@ -21,7 +27,20 @@ public final class DELETERanksId implements Handler<RoutingContext> {
BlockingCallback<DeleteResult> callback = new BlockingCallback<>();
rank.delete(callback);
callback.get();
JsonObject requestBody = ctx.getBodyAsJson();
if (requestBody.containsKey("addedBy")) {
AuditLog.log(UUID.fromString(requestBody.getString("addedBy")), requestBody.getString("addedByIp"), ctx, AuditLogActionType.RANK_DELETE, ImmutableMap.of("rankId", rank.getId()), (ignored, error) -> {
if (error != null) {
ErrorUtils.respondInternalError(ctx, error);
} else {
APIv3.respondJson(ctx, rank);
}
});
} else {
APIv3.respondJson(ctx, rank);
}
}
}

View File

@ -1,11 +1,17 @@
package net.frozenorb.apiv3.route.ranks;
import com.google.common.collect.ImmutableMap;
import io.vertx.core.Handler;
import io.vertx.core.json.JsonObject;
import io.vertx.ext.web.RoutingContext;
import net.frozenorb.apiv3.APIv3;
import net.frozenorb.apiv3.auditLog.AuditLog;
import net.frozenorb.apiv3.auditLog.AuditLogActionType;
import net.frozenorb.apiv3.model.Rank;
import net.frozenorb.apiv3.unsorted.BlockingCallback;
import net.frozenorb.apiv3.util.ErrorUtils;
import java.util.UUID;
public final class POSTRanks implements Handler<RoutingContext> {
@ -23,7 +29,18 @@ public final class POSTRanks implements Handler<RoutingContext> {
BlockingCallback<Void> callback = new BlockingCallback<>();
rank.insert(callback);
callback.get();
if (requestBody.containsKey("addedBy")) {
AuditLog.log(UUID.fromString(requestBody.getString("addedBy")), requestBody.getString("addedByIp"), ctx, AuditLogActionType.RANK_CREATE, ImmutableMap.of("rankId", id), (ignored, error) -> {
if (error != null) {
ErrorUtils.respondInternalError(ctx, error);
} else {
APIv3.respondJson(ctx, rank);
}
});
} else {
APIv3.respondJson(ctx, rank);
}
}
}

View File

@ -1,13 +1,19 @@
package net.frozenorb.apiv3.route.serverGroups;
import com.google.common.collect.ImmutableMap;
import com.mongodb.client.result.DeleteResult;
import io.vertx.core.Handler;
import io.vertx.core.json.JsonObject;
import io.vertx.ext.web.RoutingContext;
import net.frozenorb.apiv3.APIv3;
import net.frozenorb.apiv3.auditLog.AuditLog;
import net.frozenorb.apiv3.auditLog.AuditLogActionType;
import net.frozenorb.apiv3.model.ServerGroup;
import net.frozenorb.apiv3.unsorted.BlockingCallback;
import net.frozenorb.apiv3.util.ErrorUtils;
import java.util.UUID;
public final class DELETEServerGroupsId implements Handler<RoutingContext> {
public void handle(RoutingContext ctx) {
@ -21,7 +27,20 @@ public final class DELETEServerGroupsId implements Handler<RoutingContext> {
BlockingCallback<DeleteResult> callback = new BlockingCallback<>();
serverGroup.delete(callback);
callback.get();
JsonObject requestBody = ctx.getBodyAsJson();
if (requestBody.containsKey("addedBy")) {
AuditLog.log(UUID.fromString(requestBody.getString("addedBy")), requestBody.getString("addedByIp"), ctx, AuditLogActionType.SERVER_GROUP_DELETE, ImmutableMap.of("serverGroupId", serverGroup.getId()), (ignored, error) -> {
if (error != null) {
ErrorUtils.respondInternalError(ctx, error);
} else {
APIv3.respondJson(ctx, serverGroup);
}
});
} else {
APIv3.respondJson(ctx, serverGroup);
}
}
}

View File

@ -1,11 +1,17 @@
package net.frozenorb.apiv3.route.serverGroups;
import com.google.common.collect.ImmutableMap;
import io.vertx.core.Handler;
import io.vertx.core.json.JsonObject;
import io.vertx.ext.web.RoutingContext;
import net.frozenorb.apiv3.APIv3;
import net.frozenorb.apiv3.auditLog.AuditLog;
import net.frozenorb.apiv3.auditLog.AuditLogActionType;
import net.frozenorb.apiv3.model.ServerGroup;
import net.frozenorb.apiv3.unsorted.BlockingCallback;
import net.frozenorb.apiv3.util.ErrorUtils;
import java.util.UUID;
public final class POSTServerGroups implements Handler<RoutingContext> {
@ -18,7 +24,18 @@ public final class POSTServerGroups implements Handler<RoutingContext> {
BlockingCallback<Void> callback = new BlockingCallback<>();
serverGroup.insert(callback);
callback.get();
if (requestBody.containsKey("addedBy")) {
AuditLog.log(UUID.fromString(requestBody.getString("addedBy")), requestBody.getString("addedByIp"), ctx, AuditLogActionType.SERVER_GROUP_CREATE, ImmutableMap.of("serverGroupId", id), (ignored, error) -> {
if (error != null) {
ErrorUtils.respondInternalError(ctx, error);
} else {
APIv3.respondJson(ctx, serverGroup);
}
});
} else {
APIv3.respondJson(ctx, serverGroup);
}
}
}

View File

@ -1,13 +1,19 @@
package net.frozenorb.apiv3.route.servers;
import com.google.common.collect.ImmutableMap;
import com.mongodb.client.result.DeleteResult;
import io.vertx.core.Handler;
import io.vertx.core.json.JsonObject;
import io.vertx.ext.web.RoutingContext;
import net.frozenorb.apiv3.APIv3;
import net.frozenorb.apiv3.auditLog.AuditLog;
import net.frozenorb.apiv3.auditLog.AuditLogActionType;
import net.frozenorb.apiv3.model.Server;
import net.frozenorb.apiv3.unsorted.BlockingCallback;
import net.frozenorb.apiv3.util.ErrorUtils;
import java.util.UUID;
public final class DELETEServersId implements Handler<RoutingContext> {
public void handle(RoutingContext ctx) {
@ -21,7 +27,20 @@ public final class DELETEServersId implements Handler<RoutingContext> {
BlockingCallback<DeleteResult> callback = new BlockingCallback<>();
server.delete(callback);
callback.get();
JsonObject requestBody = ctx.getBodyAsJson();
if (requestBody.containsKey("addedBy")) {
AuditLog.log(UUID.fromString(requestBody.getString("addedBy")), requestBody.getString("addedByIp"), ctx, AuditLogActionType.SERVER_DELETE, ImmutableMap.of("serverId", server.getId()), (ignored, error) -> {
if (error != null) {
ErrorUtils.respondInternalError(ctx, error);
} else {
APIv3.respondJson(ctx, server);
}
});
} else {
APIv3.respondJson(ctx, server);
}
}
}

View File

@ -1,9 +1,12 @@
package net.frozenorb.apiv3.route.servers;
import com.google.common.collect.ImmutableMap;
import io.vertx.core.Handler;
import io.vertx.core.json.JsonObject;
import io.vertx.ext.web.RoutingContext;
import net.frozenorb.apiv3.APIv3;
import net.frozenorb.apiv3.auditLog.AuditLog;
import net.frozenorb.apiv3.auditLog.AuditLogActionType;
import net.frozenorb.apiv3.model.Server;
import net.frozenorb.apiv3.model.ServerGroup;
import net.frozenorb.apiv3.unsorted.BlockingCallback;
@ -36,7 +39,18 @@ public final class POSTServers implements Handler<RoutingContext> {
BlockingCallback<Void> callback = new BlockingCallback<>();
server.insert(callback);
callback.get();
if (requestBody.containsKey("addedBy")) {
AuditLog.log(UUID.fromString(requestBody.getString("addedBy")), requestBody.getString("addedByIp"), ctx, AuditLogActionType.SERVER_CREATE, ImmutableMap.of("serverId", id), (ignored, error) -> {
if (error != null) {
ErrorUtils.respondInternalError(ctx, error);
} else {
APIv3.respondJson(ctx, server);
}
});
} else {
APIv3.respondJson(ctx, server);
}
}
}

View File

@ -6,6 +6,8 @@ import io.vertx.core.Handler;
import io.vertx.core.json.JsonObject;
import io.vertx.ext.web.RoutingContext;
import net.frozenorb.apiv3.APIv3;
import net.frozenorb.apiv3.auditLog.AuditLog;
import net.frozenorb.apiv3.auditLog.AuditLogActionType;
import net.frozenorb.apiv3.model.User;
import net.frozenorb.apiv3.unsorted.BlockingCallback;
import net.frozenorb.apiv3.unsorted.RequiresTotpResult;
@ -79,9 +81,15 @@ public final class POSTUsersIdChangePassword implements Handler<RoutingContext>
user.save(saveCallback);
saveCallback.get();
AuditLog.log(user.getId(), requestBody.getString("userIp"), ctx, AuditLogActionType.USER_CHANGE_PASSWORD, (ignored, error) -> {
if (error != null) {
ErrorUtils.respondInternalError(ctx, error);
} else {
APIv3.respondJson(ctx, ImmutableMap.of(
"success", true
));
}
});
}
}

View File

@ -3,8 +3,11 @@ package net.frozenorb.apiv3.route.users;
import com.google.common.collect.ImmutableMap;
import com.mongodb.client.result.UpdateResult;
import io.vertx.core.Handler;
import io.vertx.core.json.JsonObject;
import io.vertx.ext.web.RoutingContext;
import net.frozenorb.apiv3.APIv3;
import net.frozenorb.apiv3.auditLog.AuditLog;
import net.frozenorb.apiv3.auditLog.AuditLogActionType;
import net.frozenorb.apiv3.model.NotificationTemplate;
import net.frozenorb.apiv3.model.User;
import net.frozenorb.apiv3.unsorted.BlockingCallback;
@ -48,6 +51,12 @@ public final class POSTUsersIdPasswordReset implements Handler<RoutingContext> {
notification.sendAsEmail(user.getEmail(), (ignored, error) -> {
if (error != null) {
ErrorUtils.respondInternalError(ctx, error);
} else {
JsonObject requestBody = ctx.getBodyAsJson();
AuditLog.log(user.getId(), requestBody.getString("userIp"), ctx, AuditLogActionType.USER_PASSWORD_RESET, (ignored2, error2) -> {
if (error2 != null) {
ErrorUtils.respondInternalError(ctx, error2);
} else {
APIv3.respondJson(ctx, ImmutableMap.of(
"success", true
@ -55,5 +64,7 @@ public final class POSTUsersIdPasswordReset implements Handler<RoutingContext> {
}
});
}
});
}
}

View File

@ -6,6 +6,8 @@ import io.vertx.core.Handler;
import io.vertx.core.json.JsonObject;
import io.vertx.ext.web.RoutingContext;
import net.frozenorb.apiv3.APIv3;
import net.frozenorb.apiv3.auditLog.AuditLog;
import net.frozenorb.apiv3.auditLog.AuditLogActionType;
import net.frozenorb.apiv3.model.NotificationTemplate;
import net.frozenorb.apiv3.model.User;
import net.frozenorb.apiv3.unsorted.BlockingCallback;
@ -18,8 +20,6 @@ import java.util.concurrent.TimeUnit;
public final class POSTUsersIdRegister implements Handler<RoutingContext> {
public void handle(RoutingContext ctx) {
BlockingCallback<User> userCallback = new BlockingCallback<>();
User.findById(ctx.request().getParam("id"), userCallback);
@ -71,6 +71,10 @@ public final class POSTUsersIdRegister implements Handler<RoutingContext> {
notification.sendAsEmail(user.getEmail(), (ignored, error) -> {
if (error != null) {
ErrorUtils.respondInternalError(ctx, error);
} else {
AuditLog.log(user.getId(), requestBody.getString("userIp"), ctx, AuditLogActionType.USER_REGISTER, (ignored2, error2) -> {
if (error2 != null) {
ErrorUtils.respondInternalError(ctx, error2);
} else {
APIv3.respondJson(ctx, ImmutableMap.of(
"success", true
@ -78,5 +82,7 @@ public final class POSTUsersIdRegister implements Handler<RoutingContext> {
}
});
}
});
}
}

View File

@ -6,6 +6,8 @@ import io.vertx.core.Handler;
import io.vertx.core.json.JsonObject;
import io.vertx.ext.web.RoutingContext;
import net.frozenorb.apiv3.APIv3;
import net.frozenorb.apiv3.auditLog.AuditLog;
import net.frozenorb.apiv3.auditLog.AuditLogActionType;
import net.frozenorb.apiv3.model.User;
import net.frozenorb.apiv3.unsorted.BlockingCallback;
import net.frozenorb.apiv3.util.ErrorUtils;
@ -38,10 +40,16 @@ public final class POSTUsersIdSetupTotp implements Handler<RoutingContext> {
user.save(callback);
callback.get();
AuditLog.log(user.getId(), requestBody.getString("userIp"), ctx, AuditLogActionType.USER_SETUP_TOTP, (ignored, error) -> {
if (error != null) {
ErrorUtils.respondInternalError(ctx, error);
} else {
APIv3.respondJson(ctx, ImmutableMap.of(
"success", true,
"message", "Totp code set."
));
}
});
} else {
ErrorUtils.respondInvalidInput(ctx, "Confirmation code provided did not match.");
}

View File

@ -5,6 +5,8 @@ import io.vertx.core.Handler;
import io.vertx.core.json.JsonObject;
import io.vertx.ext.web.RoutingContext;
import net.frozenorb.apiv3.APIv3;
import net.frozenorb.apiv3.auditLog.AuditLog;
import net.frozenorb.apiv3.auditLog.AuditLogActionType;
import net.frozenorb.apiv3.model.User;
import net.frozenorb.apiv3.util.ErrorUtils;
import net.frozenorb.apiv3.util.IpUtils;
@ -42,10 +44,16 @@ public final class POSTUsersIdVerifyTotp implements Handler<RoutingContext> {
return;
}
AuditLog.log(user.getId(), userIp, ctx, AuditLogActionType.USER_VERIFY_TOTP, (ignored, error3) -> {
if (error3 != null) {
ErrorUtils.respondInternalError(ctx, error3);
} else {
APIv3.respondJson(ctx, ImmutableMap.of(
"authorized", totpAuthorizationResult.isAuthorized(),
"message", totpAuthorizationResult.name()
));
}
});
});
});
}