diff --git a/build.gradle b/build.gradle
index 88e9b49fc..3280e2dbc 100644
--- a/build.gradle
+++ b/build.gradle
@@ -127,6 +127,11 @@ subprojects {
imports {
mavenBom("org.springframework.boot:spring-boot-dependencies:${versions.springBoot}")
}
+ dependencies {
+ //upgrading tomcat manually until Spring-Boot 2.3.2 is released to resolve a security vulnerability
+ dependency 'org.apache.tomcat.embed:tomcat-embed-core:9.0.37'
+ dependency 'org.apache.tomcat.embed:tomcat-embed-websocket:9.0.37'
+ }
}
dependencies {
diff --git a/cerberus-web/src/main/java/com/nike/cerberus/event/filter/AuditLoggingFilter.java b/cerberus-web/src/main/java/com/nike/cerberus/event/filter/AuditLoggingFilter.java
index a9b0a3ddc..642db8d65 100644
--- a/cerberus-web/src/main/java/com/nike/cerberus/event/filter/AuditLoggingFilter.java
+++ b/cerberus-web/src/main/java/com/nike/cerberus/event/filter/AuditLoggingFilter.java
@@ -135,7 +135,12 @@ protected void doFilterInternal(
.originatingClass(this.getClass().getSimpleName())
.traceId(getTraceId());
- Optional.ofNullable(sdbAccessRequest.getSdbSlug()).ifPresent(eventContext::sdbNameSlug);
+ if (auditLoggingFilterDetails.getSdbNameSlug() != null
+ && !auditLoggingFilterDetails.getSdbNameSlug().isEmpty()) {
+ eventContext.sdbNameSlug(auditLoggingFilterDetails.getSdbNameSlug());
+ } else {
+ Optional.ofNullable(sdbAccessRequest.getSdbSlug()).ifPresent(eventContext::sdbNameSlug);
+ }
AuditableEvent event = new AuditableEvent(this, eventContext.build());
diff --git a/cerberus-web/src/main/java/com/nike/cerberus/event/filter/AuditLoggingFilterDetails.java b/cerberus-web/src/main/java/com/nike/cerberus/event/filter/AuditLoggingFilterDetails.java
index 3b1af41f0..9fbae3b86 100644
--- a/cerberus-web/src/main/java/com/nike/cerberus/event/filter/AuditLoggingFilterDetails.java
+++ b/cerberus-web/src/main/java/com/nike/cerberus/event/filter/AuditLoggingFilterDetails.java
@@ -27,4 +27,5 @@
@Scope(value = WebApplicationContext.SCOPE_REQUEST, proxyMode = ScopedProxyMode.TARGET_CLASS)
public class AuditLoggingFilterDetails {
private String action;
+ private String sdbNameSlug;
}
diff --git a/cerberus-web/src/main/java/com/nike/cerberus/service/SafeDepositBoxService.java b/cerberus-web/src/main/java/com/nike/cerberus/service/SafeDepositBoxService.java
index 22ec16a17..bdfd98520 100644
--- a/cerberus-web/src/main/java/com/nike/cerberus/service/SafeDepositBoxService.java
+++ b/cerberus-web/src/main/java/com/nike/cerberus/service/SafeDepositBoxService.java
@@ -26,14 +26,12 @@
import com.nike.cerberus.dao.UserGroupDao;
import com.nike.cerberus.domain.*;
import com.nike.cerberus.error.DefaultApiError;
+import com.nike.cerberus.event.filter.AuditLoggingFilterDetails;
import com.nike.cerberus.record.RoleRecord;
import com.nike.cerberus.record.SafeDepositBoxRecord;
import com.nike.cerberus.record.UserGroupRecord;
import com.nike.cerberus.security.CerberusPrincipal;
-import com.nike.cerberus.util.AwsIamRoleArnParser;
-import com.nike.cerberus.util.DateTimeSupplier;
-import com.nike.cerberus.util.Slugger;
-import com.nike.cerberus.util.UuidSupplier;
+import com.nike.cerberus.util.*;
import java.time.OffsetDateTime;
import java.util.LinkedList;
import java.util.List;
@@ -65,6 +63,7 @@ public class SafeDepositBoxService {
private final SecureDataService secureDataService;
private final SecureDataVersionDao secureDataVersionDao;
private final Boolean userGroupsCaseSensitive;
+ private final AuditLoggingFilterDetails auditLoggingFilterDetails;
@Autowired
public SafeDepositBoxService(
@@ -80,7 +79,9 @@ public SafeDepositBoxService(
AwsIamRoleArnParser awsIamRoleArnParser,
SecureDataService secureDataService,
SecureDataVersionDao secureDataVersionDao,
- @Value(USER_GROUPS_CASE_SENSITIVE) Boolean userGroupsCaseSensitive) {
+ @Value(USER_GROUPS_CASE_SENSITIVE) Boolean userGroupsCaseSensitive,
+ SdbAccessRequest sdbAccessRequest,
+ AuditLoggingFilterDetails auditLoggingFilterDetails) {
this.safeDepositBoxDao = safeDepositBoxDao;
this.userGroupDao = userGroupDao;
@@ -95,6 +96,7 @@ public SafeDepositBoxService(
this.secureDataService = secureDataService;
this.secureDataVersionDao = secureDataVersionDao;
this.userGroupsCaseSensitive = userGroupsCaseSensitive;
+ this.auditLoggingFilterDetails = auditLoggingFilterDetails;
}
/**
@@ -298,7 +300,6 @@ public SafeDepositBoxV2 updateSafeDepositBoxV2(
final String id) {
final SafeDepositBoxV2 currentBox = getSDBAndValidatePrincipalAssociationV2(id);
-
String principalName = authPrincipal.getName();
final OffsetDateTime now = dateTimeSupplier.get();
final SafeDepositBoxRecord boxToUpdate =
@@ -316,6 +317,12 @@ public SafeDepositBoxV2 updateSafeDepositBoxV2(
modifyUserGroupPermissions(currentBox, userGroupPermissionSet, principalName, now);
modifyIamPrincipalPermissions(currentBox, iamRolePermissionSet, principalName, now);
+ auditLoggingFilterDetails.setAction(
+ String.format(
+ "Update details for SDB with name: '%s' and id: '%s'",
+ currentBox.getName(), currentBox.getId()));
+ auditLoggingFilterDetails.setSdbNameSlug(slugger.toSlug(currentBox.getName()));
+
return getSDBAndValidatePrincipalAssociationV2(id);
}
diff --git a/gradle/verification-metadata.xml b/gradle/verification-metadata.xml
index ad957b2dc..7386b79af 100644
--- a/gradle/verification-metadata.xml
+++ b/gradle/verification-metadata.xml
@@ -2864,20 +2864,20 @@
-
-
-
+
+
+
-
-
+
+
-
-
-
+
+
+
-
-
+
+
diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties
index a4b442974..2fdec0704 100644
--- a/gradle/wrapper/gradle-wrapper.properties
+++ b/gradle/wrapper/gradle-wrapper.properties
@@ -1,5 +1,6 @@
+#Wed Jul 22 09:07:19 PDT 2020
+distributionUrl=https\://services.gradle.org/distributions/gradle-6.3-all.zip
distributionBase=GRADLE_USER_HOME
distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-6.3-bin.zip
-zipStoreBase=GRADLE_USER_HOME
zipStorePath=wrapper/dists
+zipStoreBase=GRADLE_USER_HOME