Merge pull request #415 from CJSCommonPlatform/access-control-component

Access control component

Author: matt-rich

CHANGELOG.md

@@ -5,6 +5,11 @@ on [Keep a CHANGELOG](http://keepachangelog.com/). This project adheres to
 
 ## [Unreleased]
 
+### Changed
+- Improved logging for annotation scanning
+- Add component to audit interceptor so that audit messages can distinguish between components even
+when they are deployed in a single WAR.
+
 ## [2.0.0-rc5] - 2017-06-20
 
 ### Changed

core/src/main/java/uk/gov/justice/services/core/audit/DefaultAuditService.java

@@ -40,16 +40,18 @@ public void initialise() {
      * Orchestrates the auditing of the action, uses a blacklist regex pattern to skip auditing if
      * required.
      *
-     * @param envelope - the envelope to be audited.
+     * @param envelope the envelope to be audited
+     * @param component the component that requested the action to be audited
      */
-    public void audit(final JsonEnvelope envelope) {
+    @Override
+    public void audit(final JsonEnvelope envelope, final String component) {
 
         final String actionName = envelope.metadata().name();
 
         if (auditBlacklistPattern.matcher(actionName).matches()) {
             logger.info(format("Skipping auditing of action %s due to configured blacklist pattern %s.", actionName, auditBlacklist));
         } else {
-            auditClient.auditEntry(envelope);
+            auditClient.auditEntry(envelope, component);
         }
     }
 }

core/src/main/java/uk/gov/justice/services/core/audit/LocalAuditInterceptor.java

@@ -14,21 +14,24 @@
  */
 public class LocalAuditInterceptor implements Interceptor {
 
+    private static final String UNKNOWN_COMPONENT = "UNKNOWN";
+
     @Inject
     AuditService auditService;
 
     @Override
     public InterceptorContext process(final InterceptorContext interceptorContext, final InterceptorChain interceptorChain) {
-        recordAudit(interceptorContext.inputEnvelope());
+        final String component = (String) interceptorContext.getInputParameter("component").orElse(UNKNOWN_COMPONENT);
+        recordAudit(interceptorContext.inputEnvelope(), component);
 
         final InterceptorContext outputContext = interceptorChain.processNext(interceptorContext);
         final Optional<JsonEnvelope> jsonEnvelope = outputContext.outputEnvelope();
 
-        jsonEnvelope.ifPresent(this::recordAudit);
+        jsonEnvelope.ifPresent(envelope -> recordAudit(envelope, component));
         return outputContext;
     }
 
-    private void recordAudit(final JsonEnvelope jsonEnvelope) {
-        auditService.audit(jsonEnvelope);
+    private void recordAudit(final JsonEnvelope jsonEnvelope, final String component) {
+        auditService.audit(jsonEnvelope, component);
     }
-}
+}

core/src/main/java/uk/gov/justice/services/core/audit/SimpleAuditClient.java

@@ -24,14 +24,15 @@ public class SimpleAuditClient implements AuditClient {
     ServiceContextNameProvider serviceContextNameProvider;
 
     @Override
-    public void auditEntry(final JsonEnvelope envelope) {
-        logger.info(createAuditMessageFrom(envelope));
+    public void auditEntry(final JsonEnvelope envelope, final String component) {
+        logger.info(createAuditMessageFrom(envelope, component));
     }
 
-    private String createAuditMessageFrom(final JsonEnvelope envelope) {
+    private String createAuditMessageFrom(final JsonEnvelope envelope, final String component) {
 
         return new JSONObject()
                 .put("serviceContext", serviceContextNameProvider.getServiceContextName())
+                .put("component", component)
                 .put("envelope", new JSONObject(envelope.toString()))
                 .toString(2);
     }

core/src/test/java/uk/gov/justice/services/core/audit/DefaultAuditServiceTest.java

@@ -20,6 +20,7 @@
 public class DefaultAuditServiceTest {
 
     private static final String ACTION_NAME = "test.action";
+    private static final String COMPONENT = "test-component";
 
     @Mock
     private AuditClient auditClient;
@@ -45,29 +46,29 @@ public void setup() {
     @Test
     public void shouldAuditWithDefaultEmptyBlacklist() throws Exception {
         initialisePattern("");
-        auditService.audit(jsonEnvelope);
+        auditService.audit(jsonEnvelope, COMPONENT);
 
-        verify(auditClient, times(1)).auditEntry(jsonEnvelope);
+        verify(auditClient, times(1)).auditEntry(jsonEnvelope, COMPONENT);
     }
 
     @Test
     public void shouldAuditNonBlacklistedAction() throws Exception {
         initialisePattern(".*\\.action");
         when(metadata.name()).thenReturn("some-action");
 
-        auditService.audit(jsonEnvelope);
+        auditService.audit(jsonEnvelope, COMPONENT);
 
-        verify(auditClient, times(1)).auditEntry(jsonEnvelope);
+        verify(auditClient, times(1)).auditEntry(jsonEnvelope, COMPONENT);
     }
 
     @Test
     public void shouldNotAuditBlacklistedAction() {
         initialisePattern(".*\\.action");
 
-        auditService.audit(jsonEnvelope);
+        auditService.audit(jsonEnvelope, COMPONENT);
 
         verify(logger, times(1)).info("Skipping auditing of action test.action due to configured blacklist pattern .*\\.action.");
-        verify(auditClient, never()).auditEntry(jsonEnvelope);
+        verify(auditClient, never()).auditEntry(jsonEnvelope, COMPONENT);
     }
 
     private void initialisePattern(final String pattern) {

core/src/test/java/uk/gov/justice/services/core/audit/LocalAuditInterceptorTest.java

@@ -28,7 +28,8 @@
 @RunWith(MockitoJUnitRunner.class)
 public class LocalAuditInterceptorTest {
 
-    private static final int AUDIT_PRIORITY = 2000;
+    private static final String COMPONENT = "test-component";
+    private static final String UNKNOWN_COMPONENT = "UNKNOWN";
 
     @Mock
     private JsonEnvelope inputEnvelope;
@@ -57,11 +58,22 @@ public void setup() throws Exception {
     @Test
     public void shouldApplyAccessControlToInputIfLocalComponent() throws Exception {
         final InterceptorContext inputContext = interceptorContextWithInput(inputEnvelope);
+        inputContext.setInputParameter("component", COMPONENT);
 
         interceptorChain.processNext(inputContext);
 
-        verify(auditService).audit(inputEnvelope);
-        verify(auditService).audit(outputEnvelope);
+        verify(auditService).audit(inputEnvelope, COMPONENT);
+        verify(auditService).audit(outputEnvelope, COMPONENT);
+    }
+
+    @Test
+    public void shouldUseUnknownComponentIfComponentNotSet() throws Exception {
+        final InterceptorContext inputContext = interceptorContextWithInput(inputEnvelope);
+
+        interceptorChain.processNext(inputContext);
+
+        verify(auditService).audit(inputEnvelope, UNKNOWN_COMPONENT);
+        verify(auditService).audit(outputEnvelope, UNKNOWN_COMPONENT);
     }
 
     @Adapter(COMMAND_API)
@@ -82,4 +94,4 @@ public void dummyMethod() {
 
         }
     }
-}
+}

core/src/test/java/uk/gov/justice/services/core/audit/SimpleAuditClientTest.java

@@ -21,6 +21,8 @@
 @RunWith(MockitoJUnitRunner.class)
 public class SimpleAuditClientTest {
 
+    private static final String COMPONENT = "test-component";
+
     @Mock
     Logger logger;
 
@@ -45,7 +47,7 @@ public void shouldPrependTheAppNameToTheEnvelopeJsonAndLog() throws Exception {
         when(envelope.toString()).thenReturn(envelopeJson);
         when(serviceContextNameProvider.getServiceContextName()).thenReturn(serviceContextName);
 
-        simpleAuditClient.auditEntry(envelope);
+        simpleAuditClient.auditEntry(envelope, COMPONENT);
 
         final ArgumentCaptor<String> argumentCaptor = forClass(String.class);
 
@@ -55,6 +57,7 @@ public void shouldPrependTheAppNameToTheEnvelopeJsonAndLog() throws Exception {
 
         with(json)
                 .assertEquals("serviceContext", serviceContextName)
+                .assertEquals("component", COMPONENT)
                 .assertEquals("envelope.propertyName", propertyValue);
     }
 }

framework-api/framework-api-core/src/main/java/uk/gov/justice/services/core/audit/AuditClient.java

@@ -2,7 +2,15 @@
 
 import uk.gov.justice.services.messaging.JsonEnvelope;
 
+/**
+ * Interface for audit clients.
+ */
 public interface AuditClient {
 
-    void auditEntry(final JsonEnvelope envelope);
+    /**
+     * Record an audit entry.
+     * @param envelope the message to audit
+     * @param component the component that generated the audit entry
+     */
+    void auditEntry(final JsonEnvelope envelope, final String component);
 }

framework-api/framework-api-core/src/main/java/uk/gov/justice/services/core/audit/AuditService.java

@@ -10,7 +10,8 @@ public interface AuditService {
     /**
      * Orchestrates the auditing of the action.
      *
-     * @param envelope - the envelope to be audited.
+     * @param envelope the envelope to be audited
+     * @param component the name of the component that the action came into
      */
-    void audit(final JsonEnvelope envelope);
+    void audit(final JsonEnvelope envelope, final String component);
 }