From c6b3046e28f350144e56366219eec94836bdee76 Mon Sep 17 00:00:00 2001
From: Dedeepya T <dedeepya27@yahoo.co.in>
Date: Thu, 21 Oct 2021 20:24:41 +0530
Subject: [PATCH] QPID-8567:[Broker-J]Added rule identity to the allow and deny
 loggers of ACL

---
 .../server/logging/messages/AccessControlMessages.java | 10 +++++-----
 .../messages/AccessControl_logmessages.properties      |  4 ++--
 .../qpid/server/security/access/config/RuleSet.java    |  4 ++--
 3 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/broker-core/src/main/java/org/apache/qpid/server/logging/messages/AccessControlMessages.java b/broker-core/src/main/java/org/apache/qpid/server/logging/messages/AccessControlMessages.java
index 84be31e516..815fad5640 100644
--- a/broker-core/src/main/java/org/apache/qpid/server/logging/messages/AccessControlMessages.java
+++ b/broker-core/src/main/java/org/apache/qpid/server/logging/messages/AccessControlMessages.java
@@ -91,16 +91,16 @@ public class AccessControlMessages
 
     /**
      * Log a AccessControl message of the Format:
-     * <pre>ACL-1001 : Allowed : {0} {1} {2}</pre>
+     * <pre>ACL-1001 : Allowed : {0} {1} {2} [{3}]</pre>
      * Optional values are contained in [square brackets] and are numbered
      * sequentially in the method call.
      *
      */
-    public static LogMessage ALLOWED(String param1, String param2, String param3)
+    public static LogMessage ALLOWED(String param1, String param2, String param3, String param4)
     {
         String rawMessage = _messages.getString("ALLOWED");
 
-        final Object[] messageArguments = {param1, param2, param3};
+        final Object[] messageArguments = {param1, param2, param3, param4};
         // Create a new MessageFormat to ensure thread safety.
         // Sharing a MessageFormat and using applyPattern is not thread safe
         MessageFormat formatter = new MessageFormat(rawMessage, _currentLocale);
@@ -331,11 +331,11 @@ public int hashCode()
      * sequentially in the method call.
      *
      */
-    public static LogMessage DENIED(String param1, String param2, String param3)
+    public static LogMessage DENIED(String param1, String param2, String param3, String param4)
     {
         String rawMessage = _messages.getString("DENIED");
 
-        final Object[] messageArguments = {param1, param2, param3};
+        final Object[] messageArguments = {param1, param2, param3, param4};
         // Create a new MessageFormat to ensure thread safety.
         // Sharing a MessageFormat and using applyPattern is not thread safe
         MessageFormat formatter = new MessageFormat(rawMessage, _currentLocale);
diff --git a/broker-core/src/main/java/org/apache/qpid/server/logging/messages/AccessControl_logmessages.properties b/broker-core/src/main/java/org/apache/qpid/server/logging/messages/AccessControl_logmessages.properties
index 232174dcae..253c9b9626 100644
--- a/broker-core/src/main/java/org/apache/qpid/server/logging/messages/AccessControl_logmessages.properties
+++ b/broker-core/src/main/java/org/apache/qpid/server/logging/messages/AccessControl_logmessages.properties
@@ -20,10 +20,10 @@
 # Access Control logging message i18n strings.
 
 # 'accept-log' rule message
-ALLOWED = ACL-1001 : Allowed : {0} {1} {2}
+ALLOWED = ACL-1001 : Allowed : {0} {1} {2} [{3}]
 
 # 'deny-log' rule message
-DENIED = ACL-1002 : Denied : {0} {1} {2}
+DENIED = ACL-1002 : Denied : {0} {1} {2} [{3}]
 
 CREATE = ACL-1011 : Create "{0}"
 OPEN = ACL-1012 : Open
diff --git a/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/RuleSet.java b/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/RuleSet.java
index 6b3371c854..052a0ee02d 100644
--- a/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/RuleSet.java
+++ b/broker-plugins/access-control/src/main/java/org/apache/qpid/server/security/access/config/RuleSet.java
@@ -190,14 +190,14 @@ public Result check(Subject subject,
                         getEventLogger().message(AccessControlMessages.ALLOWED(
                                 action.getOperation().toString(),
                                 action.getObjectType().toString(),
-                                action.getProperties().toString()));
+                                action.getProperties().toString(), rule.getIdentity().toString()));
                     }
                     else
                     {
                         getEventLogger().message(AccessControlMessages.DENIED(
                                 action.getOperation().toString(),
                                 action.getObjectType().toString(),
-                                action.getProperties().toString()));
+                                action.getProperties().toString(), rule.getIdentity().toString()));
                     }
                 }