001/* 002 * CDDL HEADER START 003 * 004 * The contents of this file are subject to the terms of the 005 * Common Development and Distribution License, Version 1.0 only 006 * (the "License"). You may not use this file except in compliance 007 * with the License. 008 * 009 * You can obtain a copy of the license at 010 * http://www.opensource.org/licenses/cddl1.php. 011 * See the License for the specific language governing permissions 012 * and limitations under the License. 013 * 014 * When distributing Covered Code, include this CDDL HEADER in each 015 * file. If applicable, add the following below this CDDL HEADER, 016 * with the fields enclosed by brackets "[]" replaced with your own 017 * identifying information: 018 * Portions Copyright [yyyy] [name of copyright owner] 019 * 020 * CDDL HEADER END 021 * 022 * 023 * Portions Copyright 2022-2023 Ping Identity Corporation 024 */ 025package com.unboundid.directory.sdk.ds.types; 026 027 028 029import com.unboundid.ldap.sdk.Attribute; 030import com.unboundid.util.ThreadSafety; 031import com.unboundid.util.ThreadSafetyLevel; 032 033 034 035/** 036 * This enum defines the severity levels that may be used for data security 037 * audit report entries. Note that audit severity values are considered 038 * ordered, so something configured to report on items with a "warning" severity 039 * should also report on items with an "error" severity, "notice" includes both 040 * "warning" and "error", and "verbose" includes all severities. 041 */ 042@ThreadSafety(level=ThreadSafetyLevel.COMPLETELY_THREADSAFE) 043public enum AuditSeverity 044{ 045 /** 046 * A severity level indicating a significant problem. 047 */ 048 ERROR("error"), 049 050 051 052 /** 053 * A security level indicating a warning. 054 */ 055 WARNING("warning"), 056 057 058 059 /** 060 * A security level indicating something that may be important for 061 * administrators to see. 062 */ 063 NOTICE("notice"), 064 065 066 067 /** 068 * A security level indicating something that may not be important in most 069 * cases and may only be exposed for debugging purposes. 070 */ 071 VERBOSE("verbose"); 072 073 074 075 // An attribute that may be used to include this severity in a report entry. 076 private final Attribute reportEntryAttribute; 077 078 079 080 /** 081 * Creates a new audit severity element with the given name. 082 * 083 * @param name The name for this audit severity element. 084 */ 085 AuditSeverity(final String name) 086 { 087 reportEntryAttribute = new Attribute("ds-audit-severity", name); 088 } 089 090 091 092 /** 093 * Retrieves an attribute that may be used to represent this severity in 094 * report entries. 095 * 096 * @return An attribute that may be used to represent this severity in 097 * report entries. 098 */ 099 public Attribute getReportEntryAttribute() 100 { 101 return reportEntryAttribute; 102 } 103 104 105 106 /** 107 * Indicates whether an item with the given severity should be handled by 108 * something configured to report on items with this severity. 109 * 110 * @param s The severity for which to make the determination. 111 * 112 * @return {@code true} if an item with the given severity should be handled 113 * by something configured to report on items with this severity, or 114 * {@code false} if not. 115 */ 116 public boolean includes(final AuditSeverity s) 117 { 118 switch (this) 119 { 120 case ERROR: 121 return (s == ERROR); 122 case WARNING: 123 return ((s == ERROR) || (s == WARNING)); 124 case NOTICE: 125 return ((s == ERROR) || (s == WARNING) || (s == NOTICE)); 126 case VERBOSE: 127 return true; 128 default: 129 // This should never happen. 130 return false; 131 } 132 } 133}