Merge pull request #1843 from akto-api-security/feature/rbac_logs

add logs to rbac
akto-api-security · Dec 20, 2024 · 21b2a47 · 21b2a47
2 parents 206b831 + 821d2fe
commit 21b2a47
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 0 deletions.
diff --git a/libs/dao/src/main/java/com/akto/dao/RBACDao.java b/libs/dao/src/main/java/com/akto/dao/RBACDao.java
@@ -3,6 +3,8 @@
 import com.akto.util.Pair;
 import com.mongodb.client.model.Projections;
 import org.bson.conversions.Bson;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 import com.akto.dao.context.Context;
 import com.akto.dto.RBAC;
@@ -21,6 +23,8 @@
 public class RBACDao extends CommonContextDao<RBAC> {
     public static final RBACDao instance = new RBACDao();
 
+    private static final Logger logger = LoggerFactory.getLogger(RBACDao.class);
+
     //Caching for RBACDAO
     private static final ConcurrentHashMap<Pair<Integer, Integer>, Pair<Role, Integer>> userRolesMap = new ConcurrentHashMap<>();
     private static final int EXPIRY_TIME = 15 * 60; // 15 minute
@@ -96,17 +100,22 @@ public List<Integer> getUserCollectionsById(int userId, int accountId) {
                 Projections.include(RBAC.API_COLLECTIONS_ID, RBAC.ROLE));
 
         if (rbac == null) {
+            logger.info(String.format("Rbac not found userId: %d accountId: %d", userId, accountId));
             return new ArrayList<>();
         }
 
         if (RBAC.Role.ADMIN.equals(rbac.getRole())) {
+            logger.info(String.format("Rbac is admin userId: %d accountId: %d", userId, accountId));
             return null;
         }
 
         if (rbac.getApiCollectionsId() == null) {
+            logger.info(String.format("Rbac collections not found userId: %d accountId: %d", userId, accountId));
             return new ArrayList<>();
         }
 
+        logger.info(String.format("Rbac found userId: %d accountId: %d", userId, accountId));
+
         return rbac.getApiCollectionsId();
     }
 

diff --git a/libs/dao/src/main/java/com/akto/dto/rbac/UsersCollectionsList.java b/libs/dao/src/main/java/com/akto/dto/rbac/UsersCollectionsList.java
@@ -11,10 +11,15 @@
 import java.util.List;
 import java.util.concurrent.ConcurrentHashMap;
 
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
 public class UsersCollectionsList {
     private static final ConcurrentHashMap<Pair<Integer, Integer>, Pair<List<Integer>, Integer>> usersCollectionMap = new ConcurrentHashMap<>();
     private static final int EXPIRY_TIME = 15 * 60;
 
+    private static final Logger logger = LoggerFactory.getLogger(UsersCollectionsList.class);
+
     public static void deleteCollectionIdsFromCache(int userId, int accountId) {
         Pair<Integer, Integer> key = new Pair<>(userId, accountId);
         usersCollectionMap.remove(key);
@@ -44,13 +49,15 @@ public static List<Integer> getCollectionsIdForUser(int userId, int accountId) {
             if (organization == null ||
                     organization.getFeatureWiseAllowed() == null ||
                     organization.getFeatureWiseAllowed().isEmpty()) {
+                logger.info("UsersCollectionsList org details not available");
                 collectionList = null;
             // feature accessible
             } else if (organization != null &&
                     organization.getFeatureWiseAllowed() != null &&
                     !organization.getFeatureWiseAllowed().isEmpty() &&
                     organization.getFeatureWiseAllowed().containsKey(RBAC_FEATURE) &&
                     organization.getFeatureWiseAllowed().get(RBAC_FEATURE).getIsGranted()) {
+                logger.info("UsersCollectionsList rbac feature found");
                 collectionList = RBACDao.instance.getUserCollectionsById(userId, accountId);
             // feature not accessible
             } else {