From adfa1174e944b3b2c7857f8c32a911dd93c14c4e Mon Sep 17 00:00:00 2001
From: swaranga-netflix <114035979+swaranga-netflix@users.noreply.github.com>
Date: Tue, 17 Jan 2023 09:19:47 -0800
Subject: [PATCH] Add a logger for create-tables with unauthenticated or
 metacat user (#522)

Add a logger for create-tables with unauthenticated or metacat user
---
 .../main/api/v1/MetacatController.java        | 48 ++++++++++++++++++-
 1 file changed, 47 insertions(+), 1 deletion(-)

diff --git a/metacat-main/src/main/java/com/netflix/metacat/main/api/v1/MetacatController.java b/metacat-main/src/main/java/com/netflix/metacat/main/api/v1/MetacatController.java
index fc1c4a7f9..d17d12301 100644
--- a/metacat-main/src/main/java/com/netflix/metacat/main/api/v1/MetacatController.java
+++ b/metacat-main/src/main/java/com/netflix/metacat/main/api/v1/MetacatController.java
@@ -14,6 +14,7 @@
 package com.netflix.metacat.main.api.v1;
 
 import com.google.common.base.Preconditions;
+import com.netflix.metacat.common.MetacatRequestContext;
 import com.netflix.metacat.common.NameDateDto;
 import com.netflix.metacat.common.QualifiedName;
 import com.netflix.metacat.common.dto.CatalogDto;
@@ -38,11 +39,13 @@
 import com.netflix.metacat.main.services.MViewService;
 import com.netflix.metacat.main.services.MetacatServiceHelper;
 import com.netflix.metacat.main.services.TableService;
+import com.netflix.spectator.api.Registry;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import io.swagger.annotations.ApiParam;
 import io.swagger.annotations.ApiResponse;
 import io.swagger.annotations.ApiResponses;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.MediaType;
@@ -53,12 +56,19 @@
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.ResponseStatus;
 import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.context.request.RequestAttributes;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
 
 import javax.annotation.Nullable;
+import javax.servlet.http.HttpServletRequest;
 import javax.validation.Valid;
 import java.net.HttpURLConnection;
 import java.util.Collections;
+import java.util.Enumeration;
+import java.util.HashMap;
 import java.util.List;
+import java.util.Map;
 import java.util.Optional;
 import java.util.function.Supplier;
 
@@ -76,6 +86,7 @@
     produces = MediaType.APPLICATION_JSON_VALUE,
     consumes = MediaType.APPLICATION_JSON_VALUE
 )
+@Slf4j
 public class MetacatController implements MetacatV1 {
     private final CatalogService catalogService;
     private final DatabaseService databaseService;
@@ -83,6 +94,7 @@ public class MetacatController implements MetacatV1 {
     private final TableService tableService;
     private final RequestWrapper requestWrapper;
     private final Config config;
+    private final Registry registry;
 
     /**
      * Constructor.
@@ -93,6 +105,7 @@ public class MetacatController implements MetacatV1 {
      * @param tableService    table service
      * @param requestWrapper  request wrapper obj
      * @param config Config
+     * @param registry the spectator registry
      */
     @Autowired
     public MetacatController(
@@ -101,7 +114,8 @@ public MetacatController(
         final MViewService mViewService,
         final TableService tableService,
         final RequestWrapper requestWrapper,
-        final Config config
+        final Config config,
+        final Registry registry
         ) {
         this.catalogService = catalogService;
         this.databaseService = databaseService;
@@ -109,6 +123,7 @@ public MetacatController(
         this.tableService = tableService;
         this.requestWrapper = requestWrapper;
         this.config = config;
+        this.registry = registry;
     }
 
     /**
@@ -250,6 +265,37 @@ public TableDto createTable(
         @ApiParam(value = "The table information", required = true)
         @Valid @RequestBody final TableDto table
     ) {
+        final MetacatRequestContext requestContext = MetacatContextManager.getContext();
+        if (requestContext.getUserName() == null || "metacat".equals(requestContext.getUserName())) {
+            registry.counter(
+                "unauth.user.create.table", "catalog", catalogName, "database", databaseName).increment();
+
+            final Map<String, String> requestHeaders = new HashMap<>();
+
+            final RequestAttributes requestAttributes = RequestContextHolder.getRequestAttributes();
+
+            if (requestAttributes instanceof ServletRequestAttributes) {
+                final ServletRequestAttributes servletRequestAttributes = (ServletRequestAttributes) requestAttributes;
+
+                final HttpServletRequest servletRequest = servletRequestAttributes.getRequest();
+
+                if (servletRequest != null) {
+                    final Enumeration<String> headerNames = servletRequest.getHeaderNames();
+
+                    if (headerNames != null) {
+                        while (headerNames.hasMoreElements()) {
+                            final String header = headerNames.nextElement();
+                            requestHeaders.put(header, servletRequest.getHeader(header));
+                        }
+                    }
+                }
+            }
+
+            log.info("Create table with unknown user. "
+                    + "catalog: {}, database: {}, table-name: {}, table-info: {}, context: {}, headers: {}",
+                catalogName, databaseName, tableName, table, requestContext, requestHeaders);
+        }
+
         final QualifiedName name = this.requestWrapper.qualifyName(
             () -> QualifiedName.ofTable(catalogName, databaseName, tableName)
         );