[RORDEV-1481] New audit serializers, including fully configurable serializer

audit/src/main/scala/tech/beshu/ror/audit/AuditRequestContext.scala

@@ -21,7 +21,6 @@ import java.time.Instant
 import org.json.JSONObject
 
 trait AuditRequestContext {
-
   def timestamp: Instant
   def id: String
   def correlationId: String
@@ -45,4 +44,5 @@ trait AuditRequestContext {
   def attemptedUserName: Option[String]
   def rawAuthHeader: Option[String]
   def generalAuditEvents: JSONObject
+  def auditEnvironmentContext: AuditEnvironmentContext
 }

audit/src/main/scala/tech/beshu/ror/audit/EnvironmentAwareAuditLogSerializer.scala

@@ -18,6 +18,8 @@ package tech.beshu.ror.audit
 
 import org.json.JSONObject
 
+// The `AuditResponseContext` now contains the `AuditEnvironmentContext` and there is no need to use this trait.
+// This trait is preserved and supported for compatibility reasons, but we should not include it in our docs and use `AuditLogSerializer` instead
 trait EnvironmentAwareAuditLogSerializer {
   def onResponse(responseContext: AuditResponseContext,
                  environmentContext: AuditEnvironmentContext): Option[JSONObject]

audit/src/main/scala/tech/beshu/ror/audit/adapters/EnvironmentAwareAuditLogSerializerAdapter.scala

@@ -19,11 +19,10 @@ package tech.beshu.ror.audit.adapters
 import org.json.JSONObject
 import tech.beshu.ror.audit._
 
-class EnvironmentAwareAuditLogSerializerAdapter(underlying: EnvironmentAwareAuditLogSerializer,
-                                                environmentContext: AuditEnvironmentContext) extends AuditLogSerializer {
+class EnvironmentAwareAuditLogSerializerAdapter(underlying: EnvironmentAwareAuditLogSerializer) extends AuditLogSerializer {
 
   override def onResponse(responseContext: AuditResponseContext): Option[JSONObject] = {
-    underlying.onResponse(responseContext, environmentContext)
+    underlying.onResponse(responseContext, responseContext.requestContext.auditEnvironmentContext)
   }
 
 }

audit/src/main/scala/tech/beshu/ror/audit/instances/DefaultAuditLogSerializer.scala

@@ -16,6 +16,4 @@
  */
 package tech.beshu.ror.audit.instances
 
-import tech.beshu.ror.audit.AuditEnvironmentContext
-
-class DefaultAuditLogSerializer(environmentContext: AuditEnvironmentContext) extends DefaultAuditLogSerializerV2(environmentContext)
+class DefaultAuditLogSerializer extends DefaultAuditLogSerializerV2

audit/src/main/scala/tech/beshu/ror/audit/instances/DefaultAuditLogSerializerV1.scala

@@ -17,82 +17,49 @@
 package tech.beshu.ror.audit.instances
 
 import org.json.JSONObject
-import tech.beshu.ror.audit.AuditResponseContext._
-import tech.beshu.ror.audit.{AuditLogSerializer, AuditRequestContext, AuditResponseContext}
-
-import java.time.ZoneId
-import java.time.format.DateTimeFormatter
-import scala.collection.JavaConverters._
-import scala.concurrent.duration.FiniteDuration
+import tech.beshu.ror.audit._
+import tech.beshu.ror.audit.AuditResponseContext.Verbosity
+import tech.beshu.ror.audit.utils.AuditSerializationHelper.AllowedEventMode.Include
+import tech.beshu.ror.audit.utils.AuditSerializationHelper.{AuditFieldName, AuditFieldValueDescriptor}
+import tech.beshu.ror.audit.instances.DefaultAuditLogSerializerV1.defaultV1AuditFields
+import tech.beshu.ror.audit.utils.AuditSerializationHelper
 
 class DefaultAuditLogSerializerV1 extends AuditLogSerializer {
 
-  private val timestampFormatter = DateTimeFormatter.ofPattern("yyyy-MM-dd'T'HH:mm:ss'Z'").withZone(ZoneId.of("GMT"))
-
-  override def onResponse(responseContext: AuditResponseContext): Option[JSONObject] = responseContext match {
-    case Allowed(requestContext, verbosity, reason) =>
-      verbosity match {
-        case Verbosity.Info =>
-          Some(createEntry(matched = true, "ALLOWED", reason, responseContext.duration, requestContext, None))
-        case Verbosity.Error =>
-          None
-      }
-    case ForbiddenBy(requestContext, _, reason) =>
-      Some(createEntry(matched = true, "FORBIDDEN", reason, responseContext.duration, requestContext, None))
-    case Forbidden(requestContext) =>
-      Some(createEntry(matched = false, "FORBIDDEN", "default", responseContext.duration, requestContext, None))
-    case RequestedIndexNotExist(requestContext) =>
-      Some(createEntry(matched = false, "INDEX NOT EXIST", "Requested index doesn't exist", responseContext.duration, requestContext, None))
-    case Errored(requestContext, cause) =>
-      Some(createEntry(matched = false, "ERRORED", "error", responseContext.duration, requestContext, Some(cause)))
-  }
+  override def onResponse(responseContext: AuditResponseContext): Option[JSONObject] =
+    AuditSerializationHelper.serialize(
+      responseContext = responseContext,
+      fields = defaultV1AuditFields,
+      allowedEventMode = Include(Set(Verbosity.Info))
+    )
 
-  private def createEntry(matched: Boolean,
-                          finalState: String,
-                          reason: String,
-                          duration: FiniteDuration,
-                          requestContext: AuditRequestContext,
-                          error: Option[Throwable]) = {
-    new JSONObject()
-      .put("match", matched)
-      .put("block", reason)
-      .put("id", requestContext.id)
-      .put("final_state", finalState)
-      .put("@timestamp", timestampFormatter.format(requestContext.timestamp))
-      .put("correlation_id", requestContext.correlationId)
-      .put("processingMillis", duration.toMillis)
-      .put("error_type", error.map(_.getClass.getSimpleName).orNull)
-      .put("error_message", error.map(_.getMessage).orNull)
-      .put("content_len", requestContext.contentLength)
-      .put("content_len_kb", requestContext.contentLength / 1024)
-      .put("type", requestContext.`type`)
-      .put("origin", requestContext.remoteAddress)
-      .put("destination", requestContext.localAddress)
-      .put("xff", requestContext.requestHeaders.getValue("X-Forwarded-For").flatMap(_.headOption).orNull)
-      .put("task_id", requestContext.taskId)
-      .put("req_method", requestContext.httpMethod)
-      .put("headers", requestContext.requestHeaders.names.asJava)
-      .put("path", requestContext.uriPath)
-      .put("user", SerializeUser.serialize(requestContext).orNull)
-      .put("impersonated_by", requestContext.impersonatedByUserName.orNull)
-      .put("action", requestContext.action)
-      .put("indices", if (requestContext.involvesIndices) requestContext.indices.toList.asJava else List.empty.asJava)
-      .put("acl_history", requestContext.history)
-      .mergeWith(requestContext.generalAuditEvents)
-  }
-
-  private implicit class JsonObjectOps(val mainJson: JSONObject) {
-    def mergeWith(secondaryJson: JSONObject): JSONObject = {
-      jsonKeys(secondaryJson).foldLeft(mainJson) {
-        case (json, name) if !json.has(name) =>
-          json.put(name, secondaryJson.get(name))
-        case (json, _) =>
-          json
-      }
-    }
+}
 
-    private def jsonKeys(json: JSONObject) = {
-      Option(JSONObject.getNames(json)).toList.flatten
-    }
-  }
+private[ror] object DefaultAuditLogSerializerV1 {
+  val defaultV1AuditFields: Map[AuditFieldName, AuditFieldValueDescriptor] = Map(
+    AuditFieldName("match") -> AuditFieldValueDescriptor.IsMatched,
+    AuditFieldName("block") -> AuditFieldValueDescriptor.Reason,
+    AuditFieldName("id") -> AuditFieldValueDescriptor.Id,
+    AuditFieldName("final_state") -> AuditFieldValueDescriptor.FinalState,
+    AuditFieldName("@timestamp") -> AuditFieldValueDescriptor.Timestamp,
+    AuditFieldName("correlation_id") -> AuditFieldValueDescriptor.CorrelationId,
+    AuditFieldName("processingMillis") -> AuditFieldValueDescriptor.ProcessingDurationMillis,
+    AuditFieldName("error_type") -> AuditFieldValueDescriptor.ErrorType,
+    AuditFieldName("error_message") -> AuditFieldValueDescriptor.ErrorMessage,
+    AuditFieldName("content_len") -> AuditFieldValueDescriptor.ContentLengthInBytes,
+    AuditFieldName("content_len_kb") -> AuditFieldValueDescriptor.ContentLengthInKb,
+    AuditFieldName("type") -> AuditFieldValueDescriptor.Type,
+    AuditFieldName("origin") -> AuditFieldValueDescriptor.RemoteAddress,
+    AuditFieldName("destination") -> AuditFieldValueDescriptor.LocalAddress,
+    AuditFieldName("xff") -> AuditFieldValueDescriptor.XForwardedForHttpHeader,
+    AuditFieldName("task_id") -> AuditFieldValueDescriptor.TaskId,
+    AuditFieldName("req_method") -> AuditFieldValueDescriptor.HttpMethod,
+    AuditFieldName("headers") -> AuditFieldValueDescriptor.HttpHeaderNames,
+    AuditFieldName("path") -> AuditFieldValueDescriptor.HttpPath,
+    AuditFieldName("user") -> AuditFieldValueDescriptor.User,
+    AuditFieldName("impersonated_by") -> AuditFieldValueDescriptor.ImpersonatedByUser,
+    AuditFieldName("action") -> AuditFieldValueDescriptor.Action,
+    AuditFieldName("indices") -> AuditFieldValueDescriptor.InvolvedIndices,
+    AuditFieldName("acl_history") -> AuditFieldValueDescriptor.AclHistory
+  )
 }

audit/src/main/scala/tech/beshu/ror/audit/instances/DefaultAuditLogSerializerV2.scala

@@ -17,16 +17,51 @@
 package tech.beshu.ror.audit.instances
 
 import org.json.JSONObject
-import tech.beshu.ror.audit.{AuditEnvironmentContext, AuditResponseContext}
+import tech.beshu.ror.audit._
+import tech.beshu.ror.audit.AuditResponseContext.Verbosity
+import tech.beshu.ror.audit.utils.AuditSerializationHelper.AllowedEventMode.Include
+import tech.beshu.ror.audit.utils.AuditSerializationHelper.{AuditFieldName, AuditFieldValueDescriptor}
+import tech.beshu.ror.audit.instances.DefaultAuditLogSerializerV2.defaultV2AuditFields
+import tech.beshu.ror.audit.utils.AuditSerializationHelper
 
-class DefaultAuditLogSerializerV2(environmentContext: AuditEnvironmentContext) extends DefaultAuditLogSerializerV1 {
+class DefaultAuditLogSerializerV2 extends AuditLogSerializer {
 
-  override def onResponse(responseContext: AuditResponseContext): Option[JSONObject] = {
-    lazy val additionalFields = Map(
-      "es_node_name" -> environmentContext.esNodeName,
-      "es_cluster_name" -> environmentContext.esClusterName
+  override def onResponse(responseContext: AuditResponseContext): Option[JSONObject] =
+    AuditSerializationHelper.serialize(
+      responseContext = responseContext,
+      fields = defaultV2AuditFields,
+      allowedEventMode = Include(Set(Verbosity.Info))
     )
-    super.onResponse(responseContext)
-      .map(additionalFields.foldLeft(_) { case (soFar, (key, value)) => soFar.put(key, value) })
-  }
+
+}
+
+private[ror] object DefaultAuditLogSerializerV2 {
+  val defaultV2AuditFields: Map[AuditFieldName, AuditFieldValueDescriptor] = Map(
+    AuditFieldName("match") -> AuditFieldValueDescriptor.IsMatched,
+    AuditFieldName("block") -> AuditFieldValueDescriptor.Reason,
+    AuditFieldName("id") -> AuditFieldValueDescriptor.Id,
+    AuditFieldName("final_state") -> AuditFieldValueDescriptor.FinalState,
+    AuditFieldName("@timestamp") -> AuditFieldValueDescriptor.Timestamp,
+    AuditFieldName("correlation_id") -> AuditFieldValueDescriptor.CorrelationId,
+    AuditFieldName("processingMillis") -> AuditFieldValueDescriptor.ProcessingDurationMillis,
+    AuditFieldName("error_type") -> AuditFieldValueDescriptor.ErrorType,
+    AuditFieldName("error_message") -> AuditFieldValueDescriptor.ErrorMessage,
+    AuditFieldName("content_len") -> AuditFieldValueDescriptor.ContentLengthInBytes,
+    AuditFieldName("content_len_kb") -> AuditFieldValueDescriptor.ContentLengthInKb,
+    AuditFieldName("type") -> AuditFieldValueDescriptor.Type,
+    AuditFieldName("origin") -> AuditFieldValueDescriptor.RemoteAddress,
+    AuditFieldName("destination") -> AuditFieldValueDescriptor.LocalAddress,
+    AuditFieldName("xff") -> AuditFieldValueDescriptor.XForwardedForHttpHeader,
+    AuditFieldName("task_id") -> AuditFieldValueDescriptor.TaskId,
+    AuditFieldName("req_method") -> AuditFieldValueDescriptor.HttpMethod,
+    AuditFieldName("headers") -> AuditFieldValueDescriptor.HttpHeaderNames,
+    AuditFieldName("path") -> AuditFieldValueDescriptor.HttpPath,
+    AuditFieldName("user") -> AuditFieldValueDescriptor.User,
+    AuditFieldName("impersonated_by") -> AuditFieldValueDescriptor.ImpersonatedByUser,
+    AuditFieldName("action") -> AuditFieldValueDescriptor.Action,
+    AuditFieldName("indices") -> AuditFieldValueDescriptor.InvolvedIndices,
+    AuditFieldName("acl_history") -> AuditFieldValueDescriptor.AclHistory,
+    AuditFieldName("es_node_name") -> AuditFieldValueDescriptor.EsNodeName,
+    AuditFieldName("es_cluster_name") -> AuditFieldValueDescriptor.EsClusterName
+  )
 }

audit/src/main/scala/tech/beshu/ror/audit/instances/FullAuditLogSerializer.scala

@@ -0,0 +1,34 @@
+/*
+ *    This file is part of ReadonlyREST.
+ *
+ *    ReadonlyREST is free software: you can redistribute it and/or modify
+ *    it under the terms of the GNU General Public License as published by
+ *    the Free Software Foundation, either version 3 of the License, or
+ *    (at your option) any later version.
+ *
+ *    ReadonlyREST is distributed in the hope that it will be useful,
+ *    but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *    GNU General Public License for more details.
+ *
+ *    You should have received a copy of the GNU General Public License
+ *    along with ReadonlyREST.  If not, see http://www.gnu.org/licenses/
+ */
+package tech.beshu.ror.audit.instances
+
+import org.json.JSONObject
+import tech.beshu.ror.audit.utils.AuditSerializationHelper.AllowedEventMode.IncludeAll
+import tech.beshu.ror.audit.instances.DefaultAuditLogSerializerV2.defaultV2AuditFields
+import tech.beshu.ror.audit.utils.AuditSerializationHelper
+import tech.beshu.ror.audit.{AuditLogSerializer, AuditResponseContext}
+
+class FullAuditLogSerializer extends AuditLogSerializer {
+
+  override def onResponse(responseContext: AuditResponseContext): Option[JSONObject] =
+    AuditSerializationHelper.serialize(
+      responseContext = responseContext,
+      fields = defaultV2AuditFields,
+      allowedEventMode = IncludeAll
+    )
+
+}

audit/src/main/scala/tech/beshu/ror/audit/instances/FullAuditLogWithQuerySerializer.scala

@@ -0,0 +1,34 @@
+/*
+ *    This file is part of ReadonlyREST.
+ *
+ *    ReadonlyREST is free software: you can redistribute it and/or modify
+ *    it under the terms of the GNU General Public License as published by
+ *    the Free Software Foundation, either version 3 of the License, or
+ *    (at your option) any later version.
+ *
+ *    ReadonlyREST is distributed in the hope that it will be useful,
+ *    but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *    GNU General Public License for more details.
+ *
+ *    You should have received a copy of the GNU General Public License
+ *    along with ReadonlyREST.  If not, see http://www.gnu.org/licenses/
+ */
+package tech.beshu.ror.audit.instances
+
+import org.json.JSONObject
+import tech.beshu.ror.audit.utils.AuditSerializationHelper.AllowedEventMode.IncludeAll
+import tech.beshu.ror.audit.instances.QueryAuditLogSerializerV2.queryV2AuditFields
+import tech.beshu.ror.audit.utils.AuditSerializationHelper
+import tech.beshu.ror.audit.{AuditEnvironmentContext, AuditLogSerializer, AuditResponseContext}
+
+class FullAuditLogWithQuerySerializer extends AuditLogSerializer {
+
+  override def onResponse(responseContext: AuditResponseContext): Option[JSONObject] =
+    AuditSerializationHelper.serialize(
+      responseContext = responseContext,
+      fields = queryV2AuditFields,
+      allowedEventMode = IncludeAll
+    )
+
+}

audit/src/main/scala/tech/beshu/ror/audit/instances/QueryAuditLogSerializer.scala

@@ -16,6 +16,4 @@
  */
 package tech.beshu.ror.audit.instances
 
-import tech.beshu.ror.audit.AuditEnvironmentContext
-
-class QueryAuditLogSerializer(environmentContext: AuditEnvironmentContext) extends QueryAuditLogSerializerV2(environmentContext)
+class QueryAuditLogSerializer extends QueryAuditLogSerializerV2

audit/src/main/scala/tech/beshu/ror/audit/instances/QueryAuditLogSerializerV1.scala

@@ -17,12 +17,26 @@
 package tech.beshu.ror.audit.instances
 
 import org.json.JSONObject
-import tech.beshu.ror.audit.AuditResponseContext
+import tech.beshu.ror.audit._
+import tech.beshu.ror.audit.AuditResponseContext.Verbosity
+import tech.beshu.ror.audit.utils.AuditSerializationHelper.AllowedEventMode.Include
+import tech.beshu.ror.audit.utils.AuditSerializationHelper.{AllowedEventMode, AuditFieldName, AuditFieldValueDescriptor}
+import tech.beshu.ror.audit.instances.QueryAuditLogSerializerV1.queryV1AuditFields
+import tech.beshu.ror.audit.utils.AuditSerializationHelper
 
-class QueryAuditLogSerializerV1 extends DefaultAuditLogSerializerV1 {
+class QueryAuditLogSerializerV1 extends AuditLogSerializer {
 
-  override def onResponse(responseContext: AuditResponseContext): Option[JSONObject] = {
-    super.onResponse(responseContext)
-      .map(_.put("content", responseContext.requestContext.content))
-  }
-}
+  override def onResponse(responseContext: AuditResponseContext): Option[JSONObject] =
+    AuditSerializationHelper.serialize(
+      responseContext = responseContext,
+      fields = queryV1AuditFields,
+      allowedEventMode = Include(Set(Verbosity.Info))
+    )
+
+}
+
+private[ror] object QueryAuditLogSerializerV1 {
+  val queryV1AuditFields: Map[AuditFieldName, AuditFieldValueDescriptor] =
+    DefaultAuditLogSerializerV1.defaultV1AuditFields ++
+      Map(AuditFieldName("content") -> AuditFieldValueDescriptor.Content)
+}

audit/src/main/scala/tech/beshu/ror/audit/instances/QueryAuditLogSerializerV2.scala

@@ -17,12 +17,26 @@
 package tech.beshu.ror.audit.instances
 
 import org.json.JSONObject
-import tech.beshu.ror.audit.{AuditEnvironmentContext, AuditResponseContext}
+import tech.beshu.ror.audit._
+import tech.beshu.ror.audit.AuditResponseContext.Verbosity
+import tech.beshu.ror.audit.utils.AuditSerializationHelper.AllowedEventMode.Include
+import tech.beshu.ror.audit.utils.AuditSerializationHelper.{AuditFieldName, AuditFieldValueDescriptor}
+import tech.beshu.ror.audit.instances.QueryAuditLogSerializerV2.queryV2AuditFields
+import tech.beshu.ror.audit.utils.AuditSerializationHelper
 
-class QueryAuditLogSerializerV2(environmentContext: AuditEnvironmentContext) extends DefaultAuditLogSerializerV2(environmentContext) {
+class QueryAuditLogSerializerV2 extends AuditLogSerializer {
 
-  override def onResponse(responseContext: AuditResponseContext): Option[JSONObject] = {
-    super.onResponse(responseContext)
-      .map(_.put("content", responseContext.requestContext.content))
-  }
-}
+  override def onResponse(responseContext: AuditResponseContext): Option[JSONObject] =
+    AuditSerializationHelper.serialize(
+      responseContext = responseContext,
+      fields = queryV2AuditFields,
+      allowedEventMode = Include(Set(Verbosity.Info))
+    )
+
+}
+
+private[ror] object QueryAuditLogSerializerV2 {
+  val queryV2AuditFields: Map[AuditFieldName, AuditFieldValueDescriptor] =
+    DefaultAuditLogSerializerV2.defaultV2AuditFields ++
+      Map(AuditFieldName("content") -> AuditFieldValueDescriptor.Content)
+}