ZOOKEEPER-4725: Record TTL node creations in audit log

ztzg · kezhuw · commit a99d4ef89a27 · 2025-03-25T00:31:17.000+08:00
Reviewers: kezhuw Author: ztzg Closes #2039 from ztzg/ZOOKEEPER-4725-audit-create-ttl (cherry picked from commit 10328b3)
diff --git a/zookeeper-server/src/main/java/org/apache/zookeeper/audit/AuditHelper.java b/zookeeper-server/src/main/java/org/apache/zookeeper/audit/AuditHelper.java
@@ -28,6 +28,7 @@
 import org.apache.zookeeper.ZooDefs;
 import org.apache.zookeeper.audit.AuditEvent.Result;
 import org.apache.zookeeper.proto.CreateRequest;
+import org.apache.zookeeper.proto.CreateTTLRequest;
 import org.apache.zookeeper.proto.DeleteRequest;
 import org.apache.zookeeper.proto.SetACLRequest;
 import org.apache.zookeeper.proto.SetDataRequest;
@@ -69,11 +70,19 @@ public static void addAuditLog(Request request, ProcessTxnResult txnResult, bool
                 case ZooDefs.OpCode.createContainer:
                     op = AuditConstants.OP_CREATE;
                     CreateRequest createRequest = request.readRequestRecord(CreateRequest::new);
-                    createMode = getCreateMode(createRequest);
+                    createMode = getCreateMode(createRequest.getFlags());
                     if (failedTxn) {
                         path = createRequest.getPath();
                     }
                     break;
+                case ZooDefs.OpCode.createTTL:
+                    op = AuditConstants.OP_CREATE;
+                    CreateTTLRequest createTtlRequest = request.readRequestRecord(CreateTTLRequest::new);
+                    createMode = getCreateMode(createTtlRequest.getFlags());
+                    if (failedTxn) {
+                        path = createTtlRequest.getPath();
+                    }
+                    break;
                 case ZooDefs.OpCode.delete:
                 case ZooDefs.OpCode.deleteContainer:
                     op = AuditConstants.OP_DELETE;
@@ -172,8 +181,8 @@ private static void log(String user, String operation, String znode, String acl,
         ZKAuditProvider.log(user, operation, znode, acl, createMode, session, ip, result);
     }
 
-    private static String getCreateMode(CreateRequest createRequest) throws KeeperException {
-        return CreateMode.fromFlag(createRequest.getFlags()).toString().toLowerCase();
+    private static String getCreateMode(int createFlags) throws KeeperException {
+        return CreateMode.fromFlag(createFlags).toString().toLowerCase();
     }
 
     private static Map<String, String> getCreateModes(Request request)
@@ -188,7 +197,7 @@ private static Map<String, String> getCreateModes(Request request)
                     || op.getType() == ZooDefs.OpCode.createContainer) {
                 CreateRequest requestRecord = (CreateRequest) op.toRequestRecord();
                 createModes.put(requestRecord.getPath(),
-                        getCreateMode(requestRecord));
+                        getCreateMode(requestRecord.getFlags()));
             }
         }
         return createModes;
diff --git a/zookeeper-server/src/test/java/org/apache/zookeeper/audit/Slf4JAuditLoggerTest.java b/zookeeper-server/src/test/java/org/apache/zookeeper/audit/Slf4JAuditLoggerTest.java
@@ -63,6 +63,7 @@ public class Slf4JAuditLoggerTest extends QuorumPeerTestBase {
     @BeforeAll
     public static void setUpBeforeClass() throws Exception {
         System.setProperty(ZKAuditProvider.AUDIT_ENABLE, "true");
+        System.setProperty("zookeeper.extendedTypesEnabled", "true");
         // setup the logger to capture all logs
         LoggerTestTool loggerTestTool = new LoggerTestTool(Slf4jAuditLogger.class);
         os = loggerTestTool.getOutputStream();
@@ -103,6 +104,32 @@ public void testCreateAuditLogs()
                         null, createMode), readAuditLog(os));
     }
 
+    @Test
+    public void testCreateWithTtlAuditLogs()
+            throws KeeperException, InterruptedException, IOException {
+        final CreateMode createMode = CreateMode.PERSISTENT_WITH_TTL;
+        final String path = "/createTtlPath";
+        zk.create(path, "".getBytes(), ZooDefs.Ids.OPEN_ACL_UNSAFE,
+                createMode, null, 3600);
+        // success log
+        verifyLog(
+                getAuditLog(AuditConstants.OP_CREATE, path, Result.SUCCESS,
+                        null, createMode.toString().toLowerCase()), readAuditLog(os));
+    }
+
+    @Test
+    public void testCreateSeqWithTtlAuditLogs()
+            throws KeeperException, InterruptedException, IOException {
+        final CreateMode createMode = CreateMode.PERSISTENT_SEQUENTIAL_WITH_TTL;
+        String path = "/createTtlPath";
+        path = zk.create(path, "".getBytes(), ZooDefs.Ids.OPEN_ACL_UNSAFE,
+                createMode, null, 3600);
+        // success log
+        verifyLog(
+                getAuditLog(AuditConstants.OP_CREATE, path, Result.SUCCESS,
+                        null, createMode.toString().toLowerCase()), readAuditLog(os));
+    }
+
     @Test
     public void testDeleteAuditLogs()
             throws InterruptedException, IOException, KeeperException {
@@ -406,6 +433,7 @@ private void waitForDeletion(ZooKeeper zooKeeper, String path)
 
     @AfterAll
     public static void tearDownAfterClass() {
+        System.clearProperty("zookeeper.extendedTypesEnabled");
         System.clearProperty(ZKAuditProvider.AUDIT_ENABLE);
         for (int i = 0; i < SERVER_COUNT; i++) {
             try {
