Merge branch 'main' into dependabot/maven/com.sap.cloud.sdk-sdk-bom-5.23.0

Author: mtsvetanov071

.github/workflows/codeql.yml

@@ -55,11 +55,11 @@ jobs:
         # your codebase is analyzed, see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v4
+      uses: actions/checkout@v5
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v3
+      uses: github/codeql-action/init@v4
       with:
         languages: ${{ matrix.language }}
         build-mode: ${{ matrix.build-mode }}
@@ -87,6 +87,6 @@ jobs:
         exit 1
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v3
+      uses: github/codeql-action/analyze@v4
       with:
         category: "/language:${{matrix.language}}"

.github/workflows/main-build-and-deploy-oss.yml

@@ -15,7 +15,7 @@ jobs:
   #  timeout-minutes: 15
   #  steps:
   #    - name: Checkout
-  #      uses: actions/checkout@v4
+  #      uses: actions/checkout@v5
   #    - name: Scan With Black Duck
   #      uses: ./.github/actions/scan-with-blackduck
   #      with:
@@ -28,7 +28,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           token: ${{ secrets.GH_TOKEN }}
       - name: Update version

.github/workflows/main-build.yml

@@ -17,7 +17,7 @@ jobs:
         java-version: [ 17, 21 ]
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Build
         uses: ./.github/actions/build
@@ -40,7 +40,7 @@ jobs:
   #   timeout-minutes: 15
   #   steps:
   #     - name: Checkout
-  #       uses: actions/checkout@v4
+  #       uses: actions/checkout@v5
   #     - name: Scan
   #      uses: ./.github/actions/scan-with-blackduck
   #      with:
@@ -54,10 +54,10 @@ jobs:
     needs: [build] # [build, scan]
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Set up Java ${{ env.JAVA_VERSION }}
-        uses: actions/setup-java@v4
+        uses: actions/setup-java@v5
         with:
           java-version: ${{ env.JAVA_VERSION }}
           distribution: sapmachine

.github/workflows/pull-request-build.yml

@@ -18,7 +18,7 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Build
         uses: ./.github/actions/build

CHANGELOG.md

@@ -5,6 +5,12 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## Version 0.0.2 - 2025-10-30
+
+### Added
+
+- Support for sending generic audit log events 
+
 ## Version 0.0.1 - 2025-07-04
 
 ### Added

cds-feature-auditlog-ng/src/main/java/com/sap/cds/feature/auditlog/ng/AuditLogNGCommunicator.java

@@ -68,7 +68,7 @@ public AuditLogNGCommunicator(ServiceBinding binding) {
         }
     }
 
-    public String sendBulkRequest(Object auditLogEvents) throws JsonProcessingException {
+    String sendBulkRequest(Object auditLogEvents) throws JsonProcessingException {
         logger.debug("Sending bulk request to audit log service");
         String bulkRequestJson = serializeBulkRequest(auditLogEvents);
         HttpPost request = new HttpPost(serviceUrl + AUDITLOG_EVENTS_ENDPOINT);

cds-feature-auditlog-ng/src/main/java/com/sap/cds/feature/auditlog/ng/AuditLogNGHandler.java

@@ -3,20 +3,22 @@
  */
 package com.sap.cds.feature.auditlog.ng;
 
+import static java.util.Objects.*;
+import static org.slf4j.LoggerFactory.*;
+
 import java.time.Instant;
 import java.util.Collection;
-import static java.util.Objects.requireNonNull;
+import java.util.Map;
 import java.util.UUID;
 import java.util.stream.Collectors;
 
 import org.slf4j.Logger;
-import static org.slf4j.LoggerFactory.getLogger;
 
-import com.fasterxml.jackson.core.JsonParseException;
 import com.fasterxml.jackson.core.JsonProcessingException;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.fasterxml.jackson.databind.node.ArrayNode;
 import com.fasterxml.jackson.databind.node.ObjectNode;
+import com.sap.cds.services.EventContext;
 import com.sap.cds.services.auditlog.Access;
 import com.sap.cds.services.auditlog.Attachment;
 import com.sap.cds.services.auditlog.Attribute;
@@ -62,22 +64,66 @@ public class AuditLogNGHandler implements EventHandler {
     }
 
     @On
-    public void handleSecurityEvent(SecurityLogContext context) {
+    public void handleGeneralEvent(EventContext context) {
         try {
-            ArrayNode alsEvents = createSecurityEvent(context);
-            communicator.sendBulkRequest(alsEvents);
-        } catch (JsonParseException e) {
-            LOGGER.error("Audit Log write exception occurred for security event", e);
+            if (context instanceof SecurityLogContext || context.getEvent().equals("securityLog")) {
+                LOGGER.debug("Handling security log event");
+                handleSecurityEvent(context.as(SecurityLogContext.class));
+                return;
+            } else if (context instanceof DataAccessLogContext || context.getEvent().equals("dataAccessLog")) {
+                LOGGER.debug("Handling data access log event");
+                handleDataAccessEvent(context.as(DataAccessLogContext.class));
+                return;
+            } else if (context instanceof ConfigChangeLogContext || context.getEvent().equals("configChangeLog")) {
+                LOGGER.debug("Handling configuration change log event");
+                handleConfigChangeEvent(context.as(ConfigChangeLogContext.class));
+                return;
+            } else if (context instanceof DataModificationLogContext || context.getEvent().equals("dataModificationLog")) {
+                LOGGER.debug("Handling data modification log event");
+                handleDataModificationEvent(context.as(DataModificationLogContext.class));
+                return;
+            } else {
+                ArrayNode alsEvents = createGeneralEvent(context);
+                communicator.sendBulkRequest(alsEvents);
+            }
+        } catch (JsonProcessingException e) {
+            LOGGER.error("Audit Log write exception occurred", e);
             throw new ErrorStatusException(CdsErrorStatuses.AUDITLOG_SERVICE_INVALID_MESSAGE, e);
         } catch (ErrorStatusException e) {
-            LOGGER.error("Audit Log service not available for security event", e);
+            LOGGER.error("Audit Log service not available", e);
             throw new ErrorStatusException(CdsErrorStatuses.AUDITLOG_SERVICE_NOT_AVAILABLE, e);
-       } catch (Exception e) {
-            LOGGER.error("Unexpected exception while handling security event", e);
+        } catch (Exception e) {
+            LOGGER.error("Unexpected exception", e);
             throw new ErrorStatusException(CdsErrorStatuses.AUDITLOG_SERVICE_INVALID_MESSAGE, e);
         }
     }
 
+    private ArrayNode createGeneralEvent(EventContext context) throws JsonProcessingException {
+        UserInfo userInfo = requireNonNull(context.getUserInfo(), "UserInfo in EventContext must not be null");
+        String eventType = requireNonNull((String) context.getEvent(), "EventType in EventContext must not be null");
+        Map<String, Object> data = (Map<String, Object>) context.get("data");
+        String eventJson = (String) data.get("event");
+
+        ObjectNode eventEnvelope = buildEventEnvelope(OBJECT_MAPPER, eventType, userInfo);
+        ObjectNode metadata = buildEventMetadata();
+        ObjectNode parsedEventNode = (ObjectNode) OBJECT_MAPPER.readTree(eventJson);
+        ObjectNode wrappedDataNode = OBJECT_MAPPER.createObjectNode();
+        wrappedDataNode.set(eventType, parsedEventNode);
+        ObjectNode alsData = buildAuditLogEventData(metadata, wrappedDataNode);
+        eventEnvelope.set("data", alsData);
+
+        ArrayNode result = OBJECT_MAPPER.createArrayNode();
+        result.add(eventEnvelope);
+
+        LOGGER.debug("Created general event for Audit Log NG: {}", result.toString());
+        return result;
+    }
+
+    public void handleSecurityEvent(SecurityLogContext context) throws JsonProcessingException {
+        ArrayNode alsEvents = createSecurityEvent(context);
+        communicator.sendBulkRequest(alsEvents);
+    }
+
     /**
      * Creates an ArrayNode representing security events for the Audit Log service.
      *
@@ -141,21 +187,9 @@ private ObjectNode createLegacySecurityOrigEvent(UserInfo userInfo, SecurityLog
         return envelop;
     }
 
-    @On
-    public void handleDataAccessEvent(DataAccessLogContext context) {
-        try {
-            ArrayNode alsEvents = createAlsDataAccessEvents(context);
-            communicator.sendBulkRequest(alsEvents);
-        } catch (JsonParseException e) {
-            LOGGER.error("Audit Log write exception occurred for data access event", e);
-            throw new ErrorStatusException(CdsErrorStatuses.AUDITLOG_SERVICE_INVALID_MESSAGE, e);
-        } catch (ErrorStatusException e) {
-            LOGGER.error("Audit Log service not available for data access event", e);
-            throw new ErrorStatusException(CdsErrorStatuses.AUDITLOG_SERVICE_NOT_AVAILABLE, e);
-       } catch (Exception e) {
-            LOGGER.error("Unexpected exception while handling data access event", e);
-            throw new ErrorStatusException(CdsErrorStatuses.AUDITLOG_SERVICE_INVALID_MESSAGE, e);
-        }
+    public void handleDataAccessEvent(DataAccessLogContext context) throws JsonProcessingException {
+        ArrayNode alsEvents = createAlsDataAccessEvents(context);
+        communicator.sendBulkRequest(alsEvents);
     }
 
     /**
@@ -221,21 +255,9 @@ private void addAttributeAccessEvents(UserInfo userInfo, ArrayNode eventArray, A
         }
     }
 
-    @On
-    public void handleConfigChangeEvent(ConfigChangeLogContext context) {
-        try {
-            ArrayNode alsEvents = createAlsConfigChangeEvents(context);
-            communicator.sendBulkRequest(alsEvents);
-        } catch (JsonParseException e) {
-            LOGGER.error("Audit Log write exception occurred for configuration change event", e);
-            throw new ErrorStatusException(CdsErrorStatuses.AUDITLOG_SERVICE_INVALID_MESSAGE, e);
-        } catch (ErrorStatusException e) {
-            LOGGER.error("Audit Log service not available for configuration change event", e);
-            throw new ErrorStatusException(CdsErrorStatuses.AUDITLOG_SERVICE_NOT_AVAILABLE, e);
-       } catch (Exception e) {
-            LOGGER.error("Unexpected exception while handling configuration change event", e);
-            throw new ErrorStatusException(CdsErrorStatuses.AUDITLOG_SERVICE_INVALID_MESSAGE, e);
-        }
+    public void handleConfigChangeEvent(ConfigChangeLogContext context) throws JsonProcessingException {
+        ArrayNode alsEvents = createAlsConfigChangeEvents(context);
+        communicator.sendBulkRequest(alsEvents);
     }
 
     /**
@@ -280,21 +302,9 @@ private ObjectNode buildConfigChangeEvent(UserInfo userInfo, ConfigChange config
         return buildAlsEvent("configurationChange", userInfo, metadata, "configurationChange", changeNode);
     }
 
-    @On
-    public void handleDataModificationEvent(DataModificationLogContext context) {
-        try {
-            ArrayNode alsEvents = createAlsDataModificationEvents(context);
-            communicator.sendBulkRequest(alsEvents);
-        } catch (JsonParseException e) {
-            LOGGER.error("Audit Log write exception occurred for data modification event", e);
-            throw new ErrorStatusException(CdsErrorStatuses.AUDITLOG_SERVICE_INVALID_MESSAGE, e);
-        } catch (ErrorStatusException e) {
-            LOGGER.error("Audit Log service not available for data modification event", e);
-            throw new ErrorStatusException(CdsErrorStatuses.AUDITLOG_SERVICE_NOT_AVAILABLE, e);
-       } catch (Exception e) {
-            LOGGER.error("Unexpected exception while handling data modification event", e);
-            throw new ErrorStatusException(CdsErrorStatuses.AUDITLOG_SERVICE_INVALID_MESSAGE, e);
-        }
+    public void handleDataModificationEvent(DataModificationLogContext context) throws JsonProcessingException {
+        ArrayNode alsEvents = createAlsDataModificationEvents(context);
+        communicator.sendBulkRequest(alsEvents);
     }
 
     /**
@@ -473,9 +483,8 @@ private ObjectNode buildDataAccessNode(Access access, String attribute, String a
      */
     private void addValueDetails(ObjectNode node, ChangedAttribute attribute, String fieldName) {
         String attributeName = requireNonNull(attribute.getName(), "ChangedAttribute.getName() is null");
-        String newValue = requireNonNull(attribute.getNewValue(), "ChangedAttribute.getNewValue() is null");
         node.put(fieldName, attributeName);
-        node.put("newValue", newValue);
+        node.put("newValue", attribute.getNewValue() != null ? attribute.getNewValue() : "null");
         node.put("oldValue", attribute.getOldValue() != null ? attribute.getOldValue() : "null");
     }