Google Git
Sign in
gerrit / apps / analytics-etl / a8138923afd41c31bc9b389cb28b7ec99fae01bd / . / auditlog / src / test / scala / com / gerritforge / analytics / auditlog / model / AuditEventSpec.scala
blob: a6ec23df302572f11f464953a33048610ff620ff [file] [log] [blame]
package com.gerritforge.analytics.auditlog.model
import org.json4s.MappingException
import org.json4s.ParserUtil.ParseException
import org.scalatest.{FlatSpec, Inside, Matchers}
import org.scalatest.TryValues._
class AuditEventSpec extends FlatSpec with Matchers with Inside {
"parsing a string that is not json" should "result in a ParseException failure" in {
val someJson = """this_is_not_a_valid_json"""
AuditEvent.fromJsonString(someJson).failure.exception shouldBe a[ParseException]
}
"parsing a json not representing an audit event log" should "result in a MappingException failure" in {
val someJson = """{"some": "json", "not": "expected"}"""
AuditEvent.fromJsonString(someJson).failure.exception shouldBe a[MappingException]
}
"A json representing an http audit event log" should "be parsed into a success of HttpAuditEvent" in {
val httpMethod = "POST"
val httpStatus = 200
val sessionId = "1r7ywi4vd3jk410dv60pvd19vk"
val accountId = 1009124
val accessPath = "GIT"
val timeAtStart = 1542240322369L
val what = "https://review.gerrithub.io/Mirantis/tcp-qa/git-upload-pack"
val elapsed = 12
val auditUUID = "audit:fe4cff68-d094-474a-9d97-502270b0b2e6"
val jsonEvent =
s"""
|{
| "type": "HttpAuditEvent",
| "event": {
| "http_method": "$httpMethod",
| "http_status": $httpStatus,
| "session_id": "$sessionId",
| "who": {
| "account_id": {
| "id": $accountId
| },
| "real_user": {
| "account_id": {
| "id": $accountId
| },
| "access_path": "UNKNOWN",
| "last_login_external_id_property_key": {}
| },
| "access_path": "$accessPath",
| "last_login_external_id_property_key": {}
| },
| "when": $timeAtStart,
| "what": "$what",
| "params": {},
| "time_at_start": $timeAtStart,
| "elapsed": $elapsed,
| "uuid": {
| "uuid": "$auditUUID"
| }
| }
|}
""".stripMargin
val triedEvent = AuditEvent.fromJsonString(jsonEvent)
inside (triedEvent.success.value) {
case HttpAuditEvent(gotHttpMethod, gotHttpStatus, gotSessionId, gotWho, gotTimeAtStart, gotWhat, gotElapsed, gotUUID) =>
gotHttpMethod shouldBe httpMethod
gotHttpStatus shouldBe httpStatus
gotSessionId shouldBe sessionId
gotWho shouldBe CurrentUser(accessPath = accessPath, accountId = Some(AccountId(accountId)))
gotTimeAtStart shouldBe timeAtStart
gotWhat shouldBe what
gotElapsed shouldBe elapsed
gotUUID.uuid shouldBe auditUUID
}
}
"A json representing a SSH audit event log" should "be parsed into a success of SshAuditEvent" in {
val sessionId = "2adc5bef"
val accountId = 1009124
val accessPath = "SSH_COMMAND"
val timeAtStart = 1542240322369L
val what = "gerrit.stream-events.-s.patchset-created.-s.change-restored.-s.comment-added"
val elapsed = 12
val auditUUID = "audit:dd74e098-9260-4720-9143-38a0a0a5e500"
val jsonEvent =
s"""
|{
| "type": "SshAuditEvent",
| "event": {
| "session_id": "$sessionId",
| "who": {
| "account_id": {
| "id": $accountId
| },
| "access_path": "$accessPath",
| "last_login_external_id_property_key": {}
| },
| "when": $timeAtStart,
| "what": "$what",
| "params": {},
| "result": "0",
| "time_at_start": $timeAtStart,
| "elapsed": $elapsed,
| "uuid": {
| "uuid": "$auditUUID"
| }
| }
|}
""".stripMargin
inside (AuditEvent.fromJsonString(jsonEvent).success.value) {
case SshAuditEvent(gotSessionId, gotWho, gotTimeAtStart, gotWhat, gotElapsed, gotUUID) =>
gotSessionId shouldBe sessionId
gotWho shouldBe Some(CurrentUser(accessPath = accessPath, accountId = Some(AccountId(accountId))))
gotTimeAtStart shouldBe timeAtStart
gotWhat shouldBe what
gotElapsed shouldBe elapsed
gotUUID.uuid shouldBe auditUUID
}
}
"A json representing a failed SSH authentication failure" should "be parsed into a success of SshAuditEvent" in {
val sessionId = "000000000000000000000000000"
val timeAtStart = 1542240154088L
val what = "AUTH"
val elapsed = 0
val auditUUID = "audit:8d40c495-7b51-4003-81f2-718bc04addf3"
val jsonEvent =
s"""
|{
| "type": "SshAuditEvent",
| "event": {
| "session_id": "$sessionId",
| "when": 1542240154088,
| "what": "$what",
| "params": {},
| "result": "FAIL",
| "time_at_start": $timeAtStart,
| "elapsed": $elapsed,
| "uuid": {
| "uuid": "$auditUUID"
| }
| }
|}
""".stripMargin
inside (AuditEvent.fromJsonString(jsonEvent).success.value) {
case SshAuditEvent(gotSessionId, gotWho, gotTimeAtStart, gotWhat, gotElapsed, gotUUID) =>
gotSessionId shouldBe sessionId
gotWho shouldBe None
gotTimeAtStart shouldBe timeAtStart
gotWhat shouldBe what
gotElapsed shouldBe elapsed
gotUUID.uuid shouldBe auditUUID
}
}
"A json representing an extended http audit event log" should "be parsed into a success of ExtendedHttpAuditEvent" in {
val httpMethod = "GET"
val httpStatus = 200
val sessionId = "aQ3Dprttdq3tT25AMDHhF7zKpMOph64XnW"
val accountId = 1011373
val accessPath = "REST_API"
val timeAtStart = 1542242297450L
val what = "/config/server/info"
val elapsed = 177
val auditUUID = "audit:5f10fea5-35d1-4252-b86f-99db7a9b549b"
val jsonEvent =
s"""
|{
| "type": "ExtendedHttpAuditEvent",
| "event": {
| "http_method": "$httpMethod",
| "http_status": $httpStatus,
| "session_id": "$sessionId",
| "who": {
| "account_id": {
| "id": $accountId
| },
| "access_path": "$accessPath",
| "last_login_external_id_property_key": {}
| },
| "when": 1542242297450,
| "what": "$what",
| "params": {},
| "time_at_start": $timeAtStart,
| "elapsed": $elapsed,
| "uuid": {
| "uuid": "$auditUUID"
| }
| }
|}
""".stripMargin
inside (AuditEvent.fromJsonString(jsonEvent).success.value) {
case ExtendedHttpAuditEvent(gotHttpMethod, gotHttpStatus, gotSessionId, gotWho, gotTimeAtStart, gotWhat, gotElapsed, gotUUID) =>
gotHttpMethod shouldBe httpMethod
gotHttpStatus shouldBe httpStatus
gotSessionId shouldBe sessionId
gotWho shouldBe CurrentUser(accessPath = accessPath, accountId = Some(AccountId(accountId)))
gotTimeAtStart shouldBe timeAtStart
gotWhat shouldBe what
gotElapsed shouldBe elapsed
gotUUID.uuid shouldBe auditUUID
}
}
}