X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=ecomp-portal-BE-common%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Fportalapp%2Fportal%2Fcontroller%2FAuditLogController.java;h=512fbea1bdd9bca2487152a15997e3a0db61a9f8;hb=a04d98b55a44d67918ff79bc550e760fd9e1e278;hp=e8fb71a67e546ff30cab65b186b90e31eb08423c;hpb=0d18bed7939ac8258c9fd7b68b41fbf45901c6b2;p=portal.git

diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AuditLogController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AuditLogController.java
index e8fb71a6..512fbea1 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AuditLogController.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AuditLogController.java
@@ -33,7 +33,7 @@
  *
  * ============LICENSE_END============================================
  *
- * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * 
  */
 package org.onap.portalapp.portal.controller;
 
@@ -43,10 +43,12 @@ import java.util.UUID;
 
 import javax.servlet.http.HttpServletRequest;
 
+import org.onap.portalapp.validation.DataValidator;
+import org.onap.portalapp.validation.SecureString;
 import org.slf4j.MDC;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;
 
@@ -54,6 +56,7 @@ import com.att.eelf.configuration.Configuration;
 
 import org.onap.portalapp.controller.EPRestrictedBaseController;
 import org.onap.portalapp.portal.domain.EPUser;
+import org.onap.portalapp.portal.domain.EcompAuditLog;
 import org.onap.portalapp.portal.logging.aop.EPEELFLoggerAdvice;
 import org.onap.portalapp.portal.logging.logic.EPLogUtil;
 import org.onap.portalapp.portal.utils.EPCommonSystemProperties;
@@ -68,14 +71,19 @@ import org.onap.portalsdk.core.util.SystemProperties;
 @RestController
 @RequestMapping("/portalApi/auditLog")
 public class AuditLogController extends EPRestrictedBaseController {
-	private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(DashboardController.class);
+	private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(AuditLogController.class);
+	private static final DataValidator dataValidator = new DataValidator();
+	
 
-	@Autowired
 	private AuditService auditService;
+	@Autowired
+	public AuditLogController(AuditService auditService) {
+		this.auditService = auditService;
+	}
 
 	/**
 	 * Store audit log of the specified access type.
-	 * 
+	 *
 	 * @param request
 	 *            HttpServletRequest
 	 * @param affectedAppId
@@ -85,39 +93,55 @@ public class AuditLogController extends EPRestrictedBaseController {
 	 * @param comment
 	 *            Comment
 	 */
-	@RequestMapping(value = "/store", method = RequestMethod.GET, produces = "application/json")
+	@GetMapping(value = "/store", produces = "application/json")
 	public void auditLog(HttpServletRequest request, @RequestParam String affectedAppId, @RequestParam String type,
 			@RequestParam String comment) {
-		logger.debug(EELFLoggerDelegate.debugLogger, "auditLog: appId {}, type {], comment {}", affectedAppId, type,
+		logger.debug(EELFLoggerDelegate.debugLogger, "auditLog: appId {}, type {}, comment {}", affectedAppId, type,
 				comment);
-		String cd_type = null;
+		String cdType = null;
+
+		SecureString secureString0 = new SecureString(affectedAppId);
+		SecureString secureString1 = new SecureString(type);
+		SecureString secureString2 = new SecureString(comment);
+		if (  !dataValidator.isValid(secureString0)
+			||!dataValidator.isValid(secureString1)
+			||!dataValidator.isValid(secureString2)){
+			return;
+		}
+
 		try {
 			EPUser user = EPUserUtils.getUserSession(request);
 			/* Check type of Activity CD */
-			if (type.equals("app")) {
-				cd_type = AuditLog.CD_ACTIVITY_APP_ACCESS;
-			} else if (type.equals("tab")) {
-				cd_type = AuditLog.CD_ACTIVITY_TAB_ACCESS;
-			} else if (type.equals("functional")) {
-				cd_type = AuditLog.CD_ACTIVITY_FUNCTIONAL_ACCESS;
-			} else if (type.equals("leftMenu")) {
-				cd_type = AuditLog.CD_ACTIVITY_LEFT_MENU_ACCESS;
-			} else {
-				logger.error(EELFLoggerDelegate.errorLogger,
+			switch (type) {
+				case "app":
+					cdType = AuditLog.CD_ACTIVITY_APP_ACCESS;
+					break;
+				case "tab":
+					cdType = AuditLog.CD_ACTIVITY_TAB_ACCESS;
+					break;
+				case "functional":
+					cdType = AuditLog.CD_ACTIVITY_FUNCTIONAL_ACCESS;
+					break;
+				case "leftMenu":
+					cdType = AuditLog.CD_ACTIVITY_LEFT_MENU_ACCESS;
+					break;
+				default:
+					logger.error(EELFLoggerDelegate.errorLogger,
 						"Storing auditLog failed! Activity CD type is not correct.");
+					break;
 			}
 			/* Store the audit log only if it contains valid Activity CD */
-			if (cd_type != null) {
+			if (cdType != null) {
 				AuditLog auditLog = new AuditLog();
-				auditLog.setActivityCode(cd_type);
+				auditLog.setActivityCode(cdType);
 				/*
 				 * Check affectedAppId and comment and see if these two values
 				 * are valid
 				 */
-				if (comment != null && !comment.equals("") && !comment.equals("undefined"))
+				if (comment != null && !comment.isEmpty() && !"undefined".equals(comment))
 					auditLog.setComments(
 							EcompPortalUtils.truncateString(comment, PortalConstants.AUDIT_LOG_COMMENT_SIZE));
-				if (affectedAppId != null && !affectedAppId.equals("") && !affectedAppId.equals("undefined"))
+				if (affectedAppId != null && !affectedAppId.isEmpty() && !"undefined".equals(affectedAppId))
 					auditLog.setAffectedRecordId(affectedAppId);
 				long userId = EPUserUtils.getUserId(request);
 				auditLog.setUserId(userId);
@@ -128,21 +152,12 @@ public class AuditLogController extends EPRestrictedBaseController {
 					String requestId = UUID.randomUUID().toString();
 					MDC.put(Configuration.MDC_KEY_REQUEST_ID, requestId);
 				}
-				// Log file
-				MDC.put(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP, EPEELFLoggerAdvice.getCurrentDateTimeUTC());
-				SimpleDateFormat ecompLogDateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.SSSXXX");
-				String beginDateTime = MDC.get(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP);
-				Date beginDate = ecompLogDateFormat.parse(beginDateTime);
 				auditService.logActivity(auditLog, null);
-				String endDateTime = MDC.get(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP);
-				Date endDate = ecompLogDateFormat.parse(endDateTime);
-				String timeDifference = String.format("%d", endDate.getTime() - beginDate.getTime());
-				MDC.put(SystemProperties.MDC_TIMER, timeDifference);
-				MDC.put(EPCommonSystemProperties.STATUS_CODE, "COMPLETE");
-				logger.info(EELFLoggerDelegate.auditLogger, EPLogUtil.formatAuditLogMessage(
-						"AuditLogController.auditLog", cd_type, user.getOrgUserId(), affectedAppId, comment));
-				MDC.remove(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP);
-				MDC.remove(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP);
+				String auditMessageInfo = EPLogUtil.formatAuditLogMessage(
+						"AuditLogController.auditLog", cdType, user.getOrgUserId(), affectedAppId, comment);		
+		
+				EPLogUtil.logAuditMessage(logger, auditMessageInfo);				
+
 			}
 		} catch (Exception e) {
 			logger.error(EELFLoggerDelegate.errorLogger, "auditLog failed", e);