mirror of
https://github.com/sismics/docs.git
synced 2025-12-15 10:46:26 +00:00
Closes #69: Save and display originating user in audit log
This commit is contained in:
jendib
@@ -77,7 +77,7 @@ public class AclResource extends BaseResource {
|
||||
|
||||
// Avoid duplicates
|
||||
if (!aclDao.checkPermission(acl.getSourceId(), acl.getPerm(), acl.getTargetId())) {
|
||||
aclDao.create(acl);
|
||||
aclDao.create(acl, principal.getId());
|
||||
|
||||
// Returns the ACL
|
||||
JsonObjectBuilder response = Json.createObjectBuilder()
|
||||
@@ -126,7 +126,7 @@ public class AclResource extends BaseResource {
|
||||
}
|
||||
|
||||
// Delete the ACL
|
||||
aclDao.delete(sourceId, perm, targetId);
|
||||
aclDao.delete(sourceId, perm, targetId, principal.getId());
|
||||
|
||||
// Always return OK
|
||||
JsonObjectBuilder response = Json.createObjectBuilder()
|
||||
|
||||
@@ -68,6 +68,7 @@ public class AuditLogResource extends BaseResource {
|
||||
for (AuditLogDto auditLogDto : paginatedList.getResultList()) {
|
||||
logs.add(Json.createObjectBuilder()
|
||||
.add("id", auditLogDto.getId())
|
||||
.add("username", auditLogDto.getUsername())
|
||||
.add("target", auditLogDto.getEntityId())
|
||||
.add("class", auditLogDto.getEntityClass())
|
||||
.add("type", auditLogDto.getType().name())
|
||||
|
||||
@@ -61,7 +61,7 @@ public class CommentResource extends BaseResource {
|
||||
comment.setContent(content);
|
||||
comment.setUserId(principal.getId());
|
||||
CommentDao commentDao = new CommentDao();
|
||||
commentDao.create(comment);
|
||||
commentDao.create(comment, principal.getId());
|
||||
|
||||
// Returns the comment
|
||||
JsonObjectBuilder response = Json.createObjectBuilder()
|
||||
@@ -103,7 +103,7 @@ public class CommentResource extends BaseResource {
|
||||
}
|
||||
|
||||
// Delete the comment
|
||||
commentDao.delete(id);
|
||||
commentDao.delete(id, principal.getId());
|
||||
|
||||
// Always return OK
|
||||
JsonObjectBuilder response = Json.createObjectBuilder()
|
||||
|
||||
@@ -449,7 +449,7 @@ public class DocumentResource extends BaseResource {
|
||||
} else {
|
||||
document.setCreateDate(createDate);
|
||||
}
|
||||
String documentId = documentDao.create(document);
|
||||
String documentId = documentDao.create(document, principal.getId());
|
||||
|
||||
// Create read ACL
|
||||
AclDao aclDao = new AclDao();
|
||||
@@ -457,14 +457,14 @@ public class DocumentResource extends BaseResource {
|
||||
acl.setPerm(PermType.READ);
|
||||
acl.setSourceId(documentId);
|
||||
acl.setTargetId(principal.getId());
|
||||
aclDao.create(acl);
|
||||
aclDao.create(acl, principal.getId());
|
||||
|
||||
// Create write ACL
|
||||
acl = new Acl();
|
||||
acl.setPerm(PermType.WRITE);
|
||||
acl.setSourceId(documentId);
|
||||
acl.setTargetId(principal.getId());
|
||||
aclDao.create(acl);
|
||||
aclDao.create(acl, principal.getId());
|
||||
|
||||
// Update tags
|
||||
updateTagList(documentId, tagList);
|
||||
@@ -570,7 +570,7 @@ public class DocumentResource extends BaseResource {
|
||||
document.setLanguage(language);
|
||||
}
|
||||
|
||||
document = documentDao.update(document);
|
||||
document = documentDao.update(document, principal.getId());
|
||||
|
||||
// Update tags
|
||||
updateTagList(id, tagList);
|
||||
@@ -634,7 +634,7 @@ public class DocumentResource extends BaseResource {
|
||||
}
|
||||
|
||||
// Delete the document
|
||||
documentDao.delete(document.getId());
|
||||
documentDao.delete(document.getId(), principal.getId());
|
||||
|
||||
// Raise file deleted events
|
||||
for (File file : fileList) {
|
||||
|
||||
@@ -145,7 +145,7 @@ public class FileResource extends BaseResource {
|
||||
file.setDocumentId(documentId);
|
||||
file.setMimeType(mimeType);
|
||||
file.setUserId(principal.getId());
|
||||
String fileId = fileDao.create(file);
|
||||
String fileId = fileDao.create(file, principal.getId());
|
||||
|
||||
// Guess the mime type a second time, for open document format (first detected as simple ZIP file)
|
||||
file.setMimeType(MimeTypeUtil.guessOpenDocumentFormat(file, fileInputStream));
|
||||
@@ -362,7 +362,7 @@ public class FileResource extends BaseResource {
|
||||
}
|
||||
|
||||
// Delete the file
|
||||
fileDao.delete(file.getId());
|
||||
fileDao.delete(file.getId(), principal.getId());
|
||||
|
||||
// Update the user quota
|
||||
UserDao userDao = new UserDao();
|
||||
|
||||
@@ -69,7 +69,7 @@ public class ShareResource extends BaseResource {
|
||||
acl.setSourceId(documentId);
|
||||
acl.setPerm(PermType.READ);
|
||||
acl.setTargetId(share.getId());
|
||||
aclDao.create(acl);
|
||||
aclDao.create(acl, principal.getId());
|
||||
|
||||
// Returns the created ACL
|
||||
JsonObjectBuilder response = Json.createObjectBuilder()
|
||||
|
||||
@@ -137,7 +137,7 @@ public class TagResource extends BaseResource {
|
||||
tag.setColor(color);
|
||||
tag.setUserId(principal.getId());
|
||||
tag.setParentId(parentId);
|
||||
String id = tagDao.create(tag);
|
||||
String id = tagDao.create(tag, principal.getId());
|
||||
|
||||
JsonObjectBuilder response = Json.createObjectBuilder()
|
||||
.add("id", id);
|
||||
@@ -203,7 +203,7 @@ public class TagResource extends BaseResource {
|
||||
// Parent tag is always updated to have the possibility to delete it
|
||||
tag.setParentId(parentId);
|
||||
|
||||
tagDao.update(tag);
|
||||
tagDao.update(tag, principal.getId());
|
||||
|
||||
JsonObjectBuilder response = Json.createObjectBuilder()
|
||||
.add("id", id);
|
||||
@@ -232,7 +232,7 @@ public class TagResource extends BaseResource {
|
||||
}
|
||||
|
||||
// Delete the tag
|
||||
tagDao.delete(tagId);
|
||||
tagDao.delete(tagId, principal.getId());
|
||||
|
||||
// Always return OK
|
||||
JsonObjectBuilder response = Json.createObjectBuilder()
|
||||
|
||||
@@ -105,7 +105,7 @@ public class UserResource extends BaseResource {
|
||||
// Create the user
|
||||
UserDao userDao = new UserDao();
|
||||
try {
|
||||
userDao.create(user);
|
||||
userDao.create(user, principal.getId());
|
||||
} catch (Exception e) {
|
||||
if ("AlreadyExistingUsername".equals(e.getMessage())) {
|
||||
throw new ServerException("AlreadyExistingUsername", "Login already used", e);
|
||||
@@ -145,12 +145,12 @@ public class UserResource extends BaseResource {
|
||||
if (email != null) {
|
||||
user.setEmail(email);
|
||||
}
|
||||
user = userDao.update(user);
|
||||
user = userDao.update(user, principal.getId());
|
||||
|
||||
// Change the password
|
||||
if (StringUtils.isNotBlank(password)) {
|
||||
user.setPassword(password);
|
||||
userDao.updatePassword(user);
|
||||
userDao.updatePassword(user, principal.getId());
|
||||
}
|
||||
|
||||
// Always return OK
|
||||
@@ -198,12 +198,12 @@ public class UserResource extends BaseResource {
|
||||
Long storageQuota = ValidationUtil.validateLong(storageQuotaStr, "storage_quota");
|
||||
user.setStorageQuota(storageQuota);
|
||||
}
|
||||
user = userDao.update(user);
|
||||
user = userDao.update(user, principal.getId());
|
||||
|
||||
// Change the password
|
||||
if (StringUtils.isNotBlank(password)) {
|
||||
user.setPassword(password);
|
||||
userDao.updatePassword(user);
|
||||
userDao.updatePassword(user, principal.getId());
|
||||
}
|
||||
|
||||
// Always return OK
|
||||
@@ -356,7 +356,7 @@ public class UserResource extends BaseResource {
|
||||
|
||||
// Delete the user
|
||||
UserDao userDao = new UserDao();
|
||||
userDao.delete(principal.getName());
|
||||
userDao.delete(principal.getName(), principal.getId());
|
||||
|
||||
// Raise deleted events for documents
|
||||
for (Document document : documentList) {
|
||||
@@ -413,7 +413,7 @@ public class UserResource extends BaseResource {
|
||||
List<File> fileList = fileDao.findByUserId(user.getId());
|
||||
|
||||
// Delete the user
|
||||
userDao.delete(user.getUsername());
|
||||
userDao.delete(user.getUsername(), principal.getId());
|
||||
|
||||
// Raise deleted events for documents
|
||||
for (Document document : documentList) {
|
||||
|
||||
@@ -1,6 +1,12 @@
|
||||
<table class="table">
|
||||
<tr ng-repeat="log in logs">
|
||||
<td>{{ log.create_date | date: 'yyyy-MM-dd HH:mm' }}</td>
|
||||
<td width="20%">{{ log.create_date | date: 'yyyy-MM-dd HH:mm' }}</td>
|
||||
<td width="20%">
|
||||
<a ng-href="#/user/{{ log.username }}">
|
||||
<span class="glyphicon glyphicon-user"></span>
|
||||
{{ log.username }}
|
||||
</a>
|
||||
</td>
|
||||
<td>
|
||||
{{ log.class }}
|
||||
<span ng-switch="log.type">
|
||||
|
||||
@@ -36,7 +36,8 @@
|
||||
|
||||
<div class="page-header">
|
||||
<h1>
|
||||
{{ document.title }} <small>{{ document.create_date | date: 'yyyy-MM-dd' }} by {{ document.creator }}</small>
|
||||
{{ document.title }} <small>{{ document.create_date | date: 'yyyy-MM-dd' }}
|
||||
by <a href="#/user/{{ document.creator }}">{{ document.creator }}</a></small>
|
||||
<img ng-if="document" ng-src="img/flag/{{ document.language }}.png" title="{{ document.language }}" />
|
||||
</h1>
|
||||
|
||||
|
||||
@@ -59,13 +59,25 @@ public class TestAuditLogResource extends BaseJerseyTest {
|
||||
.get(JsonObject.class);
|
||||
JsonArray logs = json.getJsonArray("logs");
|
||||
Assert.assertTrue(logs.size() == 3);
|
||||
Assert.assertEquals(countByClass(logs, "Document"), 1);
|
||||
Assert.assertEquals(countByClass(logs, "Acl"), 2);
|
||||
Assert.assertEquals("auditlog1", logs.getJsonObject(0).getString("username"));
|
||||
Assert.assertNotNull(logs.getJsonObject(0).getString("id"));
|
||||
Assert.assertNotNull(logs.getJsonObject(0).getString("target"));
|
||||
Assert.assertNotNull(logs.getJsonObject(0).getString("type"));
|
||||
Assert.assertNotNull(logs.getJsonObject(0).getString("message"));
|
||||
Assert.assertNotNull(logs.getJsonObject(0).getJsonNumber("create_date"));
|
||||
Assert.assertEquals("auditlog1", logs.getJsonObject(1).getString("username"));
|
||||
Assert.assertEquals("auditlog1", logs.getJsonObject(2).getString("username"));
|
||||
|
||||
// Get all logs for the current user
|
||||
json = target().path("/auditlog").request()
|
||||
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, auditlog1Token)
|
||||
.get(JsonObject.class);
|
||||
logs = json.getJsonArray("logs");
|
||||
Assert.assertTrue(logs.size() == 3);
|
||||
Assert.assertTrue(logs.size() == 2);
|
||||
Assert.assertEquals(countByClass(logs, "Document"), 1);
|
||||
Assert.assertEquals(countByClass(logs, "Tag"), 1);
|
||||
|
||||
// Deletes a tag
|
||||
json = target().path("/tag/" + tag1Id).request()
|
||||
@@ -78,6 +90,25 @@ public class TestAuditLogResource extends BaseJerseyTest {
|
||||
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, auditlog1Token)
|
||||
.get(JsonObject.class);
|
||||
logs = json.getJsonArray("logs");
|
||||
Assert.assertTrue(logs.size() == 4);
|
||||
Assert.assertTrue(logs.size() == 3);
|
||||
Assert.assertEquals(countByClass(logs, "Document"), 1);
|
||||
Assert.assertEquals(countByClass(logs, "Tag"), 2);
|
||||
}
|
||||
|
||||
/**
|
||||
* Count logs by class.
|
||||
*
|
||||
* @param logs Logs
|
||||
* @param clazz Class
|
||||
* @return Count by class
|
||||
*/
|
||||
private int countByClass(JsonArray logs, String clazz) {
|
||||
int count = 0;
|
||||
for (int i = 0; i < logs.size(); i++) {
|
||||
if (logs.getJsonObject(i).getString("class").equals(clazz)) {
|
||||
count++;
|
||||
}
|
||||
}
|
||||
return count;
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user