Closes #257: admin users can see all logs

2025-12-13 01:36:18 +00:00 · 2018-11-09 14:49:34 +01:00
parent 42828efa19
commit d8d5249a23
4 changed files with 31 additions and 9 deletions
--- a/docs-core/src/main/java/com/sismics/docs/core/dao/AuditLogDao.java
+++ b/docs-core/src/main/java/com/sismics/docs/core/dao/AuditLogDao.java
@@ -27,7 +27,6 @@ public class AuditLogDao {
     * 
     * @param auditLog Audit log
     * @return New ID
-     * @throws Exception
     */
    public String create(AuditLog auditLog) {
        // Create the UUID
@@ -47,10 +46,9 @@ public class AuditLogDao {
     * @param paginatedList List of audit logs (updated by side effects)
     * @param criteria Search criteria
     * @param sortCriteria Sort criteria
-     * @return List of audit logs
     */
    public void findByCriteria(PaginatedList<AuditLogDto> paginatedList, AuditLogCriteria criteria, SortCriteria sortCriteria) {
-        Map<String, Object> parameterMap = new HashMap<String, Object>();
+        Map<String, Object> parameterMap = new HashMap<>();
        
        StringBuilder baseQuery = new StringBuilder("select l.LOG_ID_C c0, l.LOG_CREATEDATE_D c1, u.USE_USERNAME_C c2, l.LOG_IDENTITY_C c3, l.LOG_CLASSENTITY_C c4, l.LOG_TYPE_C c5, l.LOG_MESSAGE_C c6 from T_AUDIT_LOG l ");
        baseQuery.append(" join T_USER u on l.LOG_IDUSER_C = u.USE_ID_C ");
@@ -67,10 +65,15 @@ public class AuditLogDao {
        }
        
        if (criteria.getUserId() != null) {
-            // Get all logs originating from the user, not necessarly on owned items
-            // Filter out ACL logs
-            queries.add(baseQuery + " where l.LOG_IDUSER_C = :userId and l.LOG_CLASSENTITY_C != 'Acl' ");
-            parameterMap.put("userId", criteria.getUserId());
+            if (criteria.isAdmin()) {
+                // For admin users, display all logs except ACL logs
+                queries.add(baseQuery + " where l.LOG_CLASSENTITY_C != 'Acl' ");
+            } else {
+                // Get all logs originating from the user, not necessarly on owned items
+                // Filter out ACL logs
+                queries.add(baseQuery + " where l.LOG_IDUSER_C = :userId and l.LOG_CLASSENTITY_C != 'Acl' ");
+                parameterMap.put("userId", criteria.getUserId());
+            }
        }
        
        // Perform the search
@@ -78,7 +81,7 @@ public class AuditLogDao {
        List<Object[]> l = PaginatedLists.executePaginatedQuery(paginatedList, queryParam, sortCriteria);
        
        // Assemble results
-        List<AuditLogDto> auditLogDtoList = new ArrayList<AuditLogDto>();
+        List<AuditLogDto> auditLogDtoList = new ArrayList<>();
        for (Object[] o : l) {
            int i = 0;
            AuditLogDto auditLogDto = new AuditLogDto();
--- a/docs-core/src/main/java/com/sismics/docs/core/dao/criteria/AuditLogCriteria.java
+++ b/docs-core/src/main/java/com/sismics/docs/core/dao/criteria/AuditLogCriteria.java
@@ -16,6 +16,11 @@ public class AuditLogCriteria {
     * User ID.
     */
    private String userId;
+
+    /**
+     * The search is done for an admin user.
+     */
+    private boolean isAdmin = false;
    
    public String getDocumentId() {
        return documentId;
@@ -32,4 +37,13 @@ public class AuditLogCriteria {
    public void setUserId(String userId) {
        this.userId = userId;
    }
+
+    public boolean isAdmin() {
+        return isAdmin;
+    }
+
+    public AuditLogCriteria setAdmin(boolean admin) {
+        isAdmin = admin;
+        return this;
+    }
 }