[2427] fix invalid audit log json on adding/deleting a template (#2428)

Signed-off-by: craman <[email protected]> Co-authored-by: craman <[email protected]>
AthenZ · Nov 27, 2023 · 11b7c72 · 11b7c72
1 parent 0b658ae
commit 11b7c72
Show file tree

Hide file tree

Showing 2 changed files with 81 additions and 2 deletions.
diff --git a/servers/zms/src/main/java/com/yahoo/athenz/zms/DBService.java b/servers/zms/src/main/java/com/yahoo/athenz/zms/DBService.java
@@ -4626,7 +4626,7 @@ boolean addSolutionTemplate(ResourceContext ctx, ObjectStoreConnection con, Stri
 
         auditDetails.append("{\"name\": \"").append(templateName).append('\"');
 
-        // we have already verified that our template is valid but
+        // we have already verified that our template is valid, but
         // we'll just double check to make sure it's not null
 
         Template template = zmsConfig.getServerSolutionTemplates().get(templateName);
@@ -4635,6 +4635,8 @@ boolean addSolutionTemplate(ResourceContext ctx, ObjectStoreConnection con, Stri
             return true;
         }
 
+        auditDetails.append(",");
+
         boolean firstEntry = true;
 
         // iterate through roles in the list.
@@ -4776,6 +4778,8 @@ void deleteSolutionTemplate(ResourceContext ctx, ObjectStoreConnection con, Stri
             return;
         }
 
+        auditDetails.append(",");
+
         boolean firstEntry = true;
 
         // iterate through roles in the list and delete the role

diff --git a/servers/zms/src/test/java/com/yahoo/athenz/zms/DBServiceTest.java b/servers/zms/src/test/java/com/yahoo/athenz/zms/DBServiceTest.java
@@ -18,6 +18,7 @@
 import ch.qos.logback.classic.Logger;
 import ch.qos.logback.classic.spi.LoggingEvent;
 import ch.qos.logback.core.AppenderBase;
+import com.fasterxml.jackson.databind.ObjectMapper;
 import com.google.common.io.Resources;
 import com.yahoo.athenz.auth.Authority;
 import com.yahoo.athenz.auth.Principal;
@@ -320,6 +321,17 @@ private TopLevelDomain createTopLevelDomainObject(String name,
         return createTopLevelDomainObject(name, description, org, admin, true, false);
     }
 
+    private boolean isValidJSON(String jsonText) {
+        try {
+            ObjectMapper objectMapper = new ObjectMapper();
+            objectMapper.readTree(jsonText);
+        } catch (Exception ex) {
+            return false;
+        }
+
+        return true;
+    }
+
     @Test
     public void testCheckDomainAuditEnabledFlagTrueRefValid() {
 
@@ -9268,6 +9280,31 @@ public void testApplySolutionTemplateWithRoleMetaData() {
         zms.deleteTopLevelDomain(mockDomRsrcCtx, domainName, auditRef);
     }
 
+    @Test
+    public void testAuditLogAddSolutionTemplate() {
+
+        String domainName = "auditlog-solutiontemplate-rolemeta";
+        String caller = "testAuditLogAddSolutionTemplate";
+        TopLevelDomain dom1 = createTopLevelDomainObject(domainName,
+                "Test Domain1", "testOrg", adminUser);
+        zms.postTopLevelDomain(mockDomRsrcCtx, auditRef, dom1);
+
+        // apply the template
+
+        List<String> templates = new ArrayList<>();
+        templates.add("templateWithRoleMeta");
+        DomainTemplate domainTemplate = new DomainTemplate().setTemplateNames(templates);
+        ObjectStoreConnection conn = zms.dbService.store.getConnection(true, false);
+
+        StringBuilder auditDetails = new StringBuilder(ZMSConsts.STRING_BLDR_SIZE_DEFAULT);
+        auditDetails.append("{\"add-templates\": ");
+        zms.dbService.addSolutionTemplate(mockDomRsrcCtx, conn, domainName, "templateWithRoleMeta", adminUser, domainTemplate.getParams(), auditRef, auditDetails);
+        auditDetails.append("}");
+
+        assertTrue(isValidJSON(auditDetails.toString()));
+        zms.deleteTopLevelDomain(mockDomRsrcCtx, domainName, auditRef);
+    }
+
     @Test
     public void testApplySolutionTemplateOnExistingRoleWithRoleMetaData() {
         String domainName = "solutiontemplate-existing-rolemeta";
@@ -12791,4 +12828,42 @@ public void testFilterObjectsForReview() {
         assertEquals(filterObjects.getList().get(0), object1);
         assertEquals(filterObjects.getList().get(1), object3);
     }
-}
+
+    @Test
+    public void testAuditLogDeleteSolutionTemplate() {
+
+        String domainName = "auditlog-solutiontemplate";
+        String caller = "testAuditLogDeleteSolutionTemplate";
+        TopLevelDomain dom1 = createTopLevelDomainObject(domainName,
+                "Test Domain1", "testOrg", adminUser);
+        zms.postTopLevelDomain(mockDomRsrcCtx, auditRef, dom1);
+
+        // apply the template
+
+        List<String> templates = new ArrayList<>();
+        templates.add("templateWithRoleMeta");
+        DomainTemplate domainTemplate = new DomainTemplate().setTemplateNames(templates);
+        zms.dbService.executePutDomainTemplate(mockDomRsrcCtx, domainName, domainTemplate, auditRef, caller);
+
+        DomainTemplateList domainTemplateList = zms.dbService.listDomainTemplates(domainName);
+        assertEquals(1, domainTemplateList.getTemplateNames().size());
+
+        StringBuilder auditDetails = new StringBuilder(ZMSConsts.STRING_BLDR_SIZE_DEFAULT);
+        auditDetails.append("{\"templates\": ");
+
+        Template template = zms.dbService.zmsConfig.getServerSolutionTemplates().get("templateWithRoleMeta");
+        ObjectStoreConnection conn = zms.dbService.store.getConnection(true, false);
+
+        // remove the templateWithRoleMeta template
+        zms.dbService.deleteSolutionTemplate(mockDomRsrcCtx, conn, domainName, "templateWithRoleMeta", template,
+                auditDetails);
+
+        auditDetails.append("}");
+
+        assertTrue(isValidJSON(auditDetails.toString()));
+        domainTemplateList = zms.dbService.listDomainTemplates(domainName);
+        assertTrue(domainTemplateList.getTemplateNames().isEmpty());
+
+        zms.deleteTopLevelDomain(mockDomRsrcCtx, domainName, auditRef);
+    }
+}