From d8d01b077d53b006b07ed13a73b3825952ddddc3 Mon Sep 17 00:00:00 2001 From: jendib Date: Mon, 15 Feb 2016 22:28:13 +0100 Subject: [PATCH] Closes #69: Save and display originating user in audit log --- .../com/sismics/docs/core/dao/jpa/AclDao.java | 10 ++-- .../docs/core/dao/jpa/AuditLogDao.java | 14 +++--- .../sismics/docs/core/dao/jpa/CommentDao.java | 10 ++-- .../docs/core/dao/jpa/DocumentDao.java | 15 +++--- .../sismics/docs/core/dao/jpa/FileDao.java | 10 ++-- .../com/sismics/docs/core/dao/jpa/TagDao.java | 15 +++--- .../sismics/docs/core/dao/jpa/UserDao.java | 22 +++++---- .../sismics/docs/core/dao/jpa/dto/AclDto.java | 3 -- .../docs/core/dao/jpa/dto/AuditLogDto.java | 16 +++++-- .../docs/core/dao/jpa/dto/CommentDto.java | 3 -- .../docs/core/dao/jpa/dto/DocumentDto.java | 3 -- .../sismics/docs/core/dao/jpa/dto/TagDto.java | 3 -- .../docs/core/dao/jpa/dto/UserDto.java | 48 ++----------------- .../sismics/docs/core/model/jpa/AuditLog.java | 14 ++++++ .../sismics/docs/core/util/AuditLogUtil.java | 3 +- .../resources/db/update/dbupdate-006-0.sql | 2 + .../sismics/docs/core/dao/jpa/TestJpa.java | 2 +- .../docs/rest/resource/AclResource.java | 4 +- .../docs/rest/resource/AuditLogResource.java | 1 + .../docs/rest/resource/CommentResource.java | 4 +- .../docs/rest/resource/DocumentResource.java | 10 ++-- .../docs/rest/resource/FileResource.java | 4 +- .../docs/rest/resource/ShareResource.java | 2 +- .../docs/rest/resource/TagResource.java | 6 +-- .../docs/rest/resource/UserResource.java | 14 +++--- .../src/partial/docs/directive.auditlog.html | 8 +++- .../src/partial/docs/document.view.html | 3 +- .../docs/rest/TestAuditLogResource.java | 35 +++++++++++++- 28 files changed, 157 insertions(+), 127 deletions(-) diff --git a/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/AclDao.java b/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/AclDao.java index 5609fd98..af6f726c 100644 --- a/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/AclDao.java +++ b/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/AclDao.java @@ -26,10 +26,11 @@ public class AclDao { * Creates a new ACL. * * @param acl ACL + * @param userId User ID * @return New ID * @throws Exception */ - public String create(Acl acl) { + public String create(Acl acl, String userId) { // Create the UUID acl.setId(UUID.randomUUID().toString()); @@ -38,7 +39,7 @@ public class AclDao { em.persist(acl); // Create audit log - AuditLogUtil.create(acl, AuditLogType.CREATE); + AuditLogUtil.create(acl, AuditLogType.CREATE, userId); return acl.getId(); } @@ -125,9 +126,10 @@ public class AclDao { * @param sourceId Source ID * @param perm Permission * @param targetId Target ID + * @param userId User ID */ @SuppressWarnings("unchecked") - public void delete(String sourceId, PermType perm, String targetId) { + public void delete(String sourceId, PermType perm, String targetId, String userId) { EntityManager em = ThreadLocalContext.get().getEntityManager(); // Create audit log @@ -137,7 +139,7 @@ public class AclDao { q.setParameter("targetId", targetId); List aclList = q.getResultList(); for (Acl acl : aclList) { - AuditLogUtil.create(acl, AuditLogType.DELETE); + AuditLogUtil.create(acl, AuditLogType.DELETE, userId); } // Soft delete the ACLs diff --git a/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/AuditLogDao.java b/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/AuditLogDao.java index 0f87adbd..68609859 100644 --- a/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/AuditLogDao.java +++ b/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/AuditLogDao.java @@ -59,12 +59,13 @@ public class AuditLogDao { public void findByCriteria(PaginatedList paginatedList, AuditLogCriteria criteria, SortCriteria sortCriteria) throws Exception { Map parameterMap = new HashMap(); - String baseQuery = "select l.LOG_ID_C c0, l.LOG_CREATEDATE_D c1, l.LOG_IDENTITY_C c2, l.LOG_CLASSENTITY_C c3, l.LOG_TYPE_C c4, l.LOG_MESSAGE_C c5 from T_AUDIT_LOG l "; + StringBuilder baseQuery = new StringBuilder("select l.LOG_ID_C c0, l.LOG_CREATEDATE_D c1, u.USE_USERNAME_C c2, l.LOG_IDENTITY_C c3, l.LOG_CLASSENTITY_C c4, l.LOG_TYPE_C c5, l.LOG_MESSAGE_C c6 from T_AUDIT_LOG l "); + baseQuery.append(" join T_USER u on l.LOG_IDUSER_C = u.USE_ID_C "); List queries = Lists.newArrayList(); // Adds search criteria if (criteria.getDocumentId() != null) { - // ACL on document is not checked here, it's assumed + // ACL on document is not checked here, rights have been checked before queries.add(baseQuery + " where l.LOG_IDENTITY_C = :documentId "); queries.add(baseQuery + " where l.LOG_IDENTITY_C in (select f.FIL_ID_C from T_FILE f where f.FIL_IDDOC_C = :documentId) "); queries.add(baseQuery + " where l.LOG_IDENTITY_C in (select c.COM_ID_C from T_COMMENT c where c.COM_IDDOC_C = :documentId) "); @@ -73,11 +74,9 @@ public class AuditLogDao { } if (criteria.getUserId() != null) { - queries.add(baseQuery + " where l.LOG_IDENTITY_C = :userId "); - queries.add(baseQuery + " where l.LOG_IDENTITY_C in (select t.TAG_ID_C from T_TAG t where t.TAG_IDUSER_C = :userId) "); - // Show only logs from owned documents, ACL are lost on delete - queries.add(baseQuery + " where l.LOG_IDENTITY_C in (select d.DOC_ID_C from T_DOCUMENT d where d.DOC_IDUSER_C = :userId) "); - queries.add(baseQuery + " where l.LOG_IDENTITY_C in (select c.COM_ID_C from T_COMMENT c where c.COM_IDUSER_C = :userId) "); + // Get all logs originating from the user, not necessarly on owned items + // Filter out ACL logs + queries.add(baseQuery + " where l.LOG_IDUSER_C = :userId and l.LOG_CLASSENTITY_C != 'Acl' "); parameterMap.put("userId", criteria.getUserId()); } @@ -92,6 +91,7 @@ public class AuditLogDao { AuditLogDto auditLogDto = new AuditLogDto(); auditLogDto.setId((String) o[i++]); auditLogDto.setCreateTimestamp(((Timestamp) o[i++]).getTime()); + auditLogDto.setUsername((String) o[i++]); auditLogDto.setEntityId((String) o[i++]); auditLogDto.setEntityClass((String) o[i++]); auditLogDto.setType(AuditLogType.valueOf((String) o[i++])); diff --git a/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/CommentDao.java b/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/CommentDao.java index 59f9ac6c..12dee544 100644 --- a/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/CommentDao.java +++ b/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/CommentDao.java @@ -26,10 +26,11 @@ public class CommentDao { * Creates a new comment. * * @param comment Comment + * @param userId User ID * @return New ID * @throws Exception */ - public String create(Comment comment) { + public String create(Comment comment, String userId) { // Create the UUID comment.setId(UUID.randomUUID().toString()); @@ -39,7 +40,7 @@ public class CommentDao { em.persist(comment); // Create audit log - AuditLogUtil.create(comment, AuditLogType.CREATE); + AuditLogUtil.create(comment, AuditLogType.CREATE, userId); return comment.getId(); } @@ -48,8 +49,9 @@ public class CommentDao { * Deletes a comment. * * @param id Comment ID + * @param userId User ID */ - public void delete(String id) { + public void delete(String id, String userId) { EntityManager em = ThreadLocalContext.get().getEntityManager(); // Get the comment @@ -62,7 +64,7 @@ public class CommentDao { commentDb.setDeleteDate(dateNow); // Create audit log - AuditLogUtil.create(commentDb, AuditLogType.DELETE); + AuditLogUtil.create(commentDb, AuditLogType.DELETE, userId); } /** diff --git a/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/DocumentDao.java b/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/DocumentDao.java index ebf3a45b..f20090d6 100644 --- a/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/DocumentDao.java +++ b/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/DocumentDao.java @@ -38,10 +38,11 @@ public class DocumentDao { * Creates a new document. * * @param document Document + * @param userId User ID * @return New ID * @throws Exception */ - public String create(Document document) { + public String create(Document document, String userId) { // Create the UUID document.setId(UUID.randomUUID().toString()); @@ -50,7 +51,7 @@ public class DocumentDao { em.persist(document); // Create audit log - AuditLogUtil.create(document, AuditLogType.CREATE); + AuditLogUtil.create(document, AuditLogType.CREATE, userId); return document.getId(); } @@ -152,8 +153,9 @@ public class DocumentDao { * Deletes a document. * * @param id Document ID + * @param userId User ID */ - public void delete(String id) { + public void delete(String id, String userId) { EntityManager em = ThreadLocalContext.get().getEntityManager(); // Get the document @@ -182,7 +184,7 @@ public class DocumentDao { q.executeUpdate(); // Create audit log - AuditLogUtil.create(documentDb, AuditLogType.DELETE); + AuditLogUtil.create(documentDb, AuditLogType.DELETE, userId); } /** @@ -291,9 +293,10 @@ public class DocumentDao { * Update a document. * * @param document Document to update + * @param userId User ID * @return Updated document */ - public Document update(Document document) { + public Document update(Document document, String userId) { EntityManager em = ThreadLocalContext.get().getEntityManager(); // Get the document @@ -316,7 +319,7 @@ public class DocumentDao { documentFromDb.setLanguage(document.getLanguage()); // Create audit log - AuditLogUtil.create(documentFromDb, AuditLogType.UPDATE); + AuditLogUtil.create(documentFromDb, AuditLogType.UPDATE, userId); return documentFromDb; } diff --git a/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/FileDao.java b/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/FileDao.java index 3aa3e310..96fe6eab 100644 --- a/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/FileDao.java +++ b/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/FileDao.java @@ -23,10 +23,11 @@ public class FileDao { * Creates a new file. * * @param file File + * @param userId User ID * @return New ID * @throws Exception */ - public String create(File file) { + public String create(File file, String userId) { // Create the UUID file.setId(UUID.randomUUID().toString()); @@ -36,7 +37,7 @@ public class FileDao { em.persist(file); // Create audit log - AuditLogUtil.create(file, AuditLogType.CREATE); + AuditLogUtil.create(file, AuditLogType.CREATE, userId); return file.getId(); } @@ -107,8 +108,9 @@ public class FileDao { * Deletes a file. * * @param id File ID + * @param userId User ID */ - public void delete(String id) { + public void delete(String id, String userId) { EntityManager em = ThreadLocalContext.get().getEntityManager(); // Get the file @@ -121,7 +123,7 @@ public class FileDao { fileDb.setDeleteDate(dateNow); // Create audit log - AuditLogUtil.create(fileDb, AuditLogType.DELETE); + AuditLogUtil.create(fileDb, AuditLogType.DELETE, userId); } /** diff --git a/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/TagDao.java b/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/TagDao.java index e12d91aa..9f0a8f4f 100644 --- a/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/TagDao.java +++ b/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/TagDao.java @@ -170,10 +170,11 @@ public class TagDao { * Creates a new tag. * * @param tag Tag + * @param userId User ID * @return New ID * @throws Exception */ - public String create(Tag tag) { + public String create(Tag tag, String userId) { // Create the UUID tag.setId(UUID.randomUUID().toString()); @@ -183,7 +184,7 @@ public class TagDao { em.persist(tag); // Create audit log - AuditLogUtil.create(tag, AuditLogType.CREATE); + AuditLogUtil.create(tag, AuditLogType.CREATE, userId); return tag.getId(); } @@ -230,8 +231,9 @@ public class TagDao { * Deletes a tag. * * @param tagId Tag ID + * @param userId User ID */ - public void delete(String tagId) { + public void delete(String tagId, String userId) { EntityManager em = ThreadLocalContext.get().getEntityManager(); // Get the tag @@ -250,7 +252,7 @@ public class TagDao { q.executeUpdate(); // Create audit log - AuditLogUtil.create(tagDb, AuditLogType.DELETE); + AuditLogUtil.create(tagDb, AuditLogType.DELETE, userId); } /** @@ -272,9 +274,10 @@ public class TagDao { * Update a tag. * * @param tag Tag to update + * @param userId User ID * @return Updated tag */ - public Tag update(Tag tag) { + public Tag update(Tag tag, String userId) { EntityManager em = ThreadLocalContext.get().getEntityManager(); // Get the tag @@ -288,7 +291,7 @@ public class TagDao { tagFromDb.setParentId(tag.getParentId()); // Create audit log - AuditLogUtil.create(tagFromDb, AuditLogType.UPDATE); + AuditLogUtil.create(tagFromDb, AuditLogType.UPDATE, userId); return tagFromDb; } diff --git a/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/UserDao.java b/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/UserDao.java index 55f1a134..ff005b5d 100644 --- a/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/UserDao.java +++ b/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/UserDao.java @@ -58,10 +58,11 @@ public class UserDao { * Creates a new user. * * @param user User to create + * @param userId User ID * @return User ID * @throws Exception */ - public String create(User user) throws Exception { + public String create(User user, String userId) throws Exception { // Create the user UUID user.setId(UUID.randomUUID().toString()); @@ -80,7 +81,7 @@ public class UserDao { em.persist(user); // Create audit log - AuditLogUtil.create(user, AuditLogType.CREATE); + AuditLogUtil.create(user, AuditLogType.CREATE, userId); return user.getId(); } @@ -89,9 +90,10 @@ public class UserDao { * Updates a user. * * @param user User to update + * @param userId User ID * @return Updated user */ - public User update(User user) { + public User update(User user, String userId) { EntityManager em = ThreadLocalContext.get().getEntityManager(); // Get the user @@ -99,13 +101,13 @@ public class UserDao { q.setParameter("id", user.getId()); User userFromDb = (User) q.getSingleResult(); - // Update the user + // Update the user (except password) userFromDb.setEmail(user.getEmail()); userFromDb.setStorageQuota(user.getStorageQuota()); userFromDb.setStorageCurrent(user.getStorageCurrent()); // Create audit log - AuditLogUtil.create(userFromDb, AuditLogType.UPDATE); + AuditLogUtil.create(userFromDb, AuditLogType.UPDATE, userId); return user; } @@ -134,9 +136,10 @@ public class UserDao { * Update the user password. * * @param user User to update + * @param userId User ID * @return Updated user */ - public User updatePassword(User user) { + public User updatePassword(User user, String userId) { EntityManager em = ThreadLocalContext.get().getEntityManager(); // Get the user @@ -148,7 +151,7 @@ public class UserDao { userFromDb.setPassword(hashPassword(user.getPassword())); // Create audit log - AuditLogUtil.create(userFromDb, AuditLogType.UPDATE); + AuditLogUtil.create(userFromDb, AuditLogType.UPDATE, userId); return user; } @@ -206,8 +209,9 @@ public class UserDao { * Deletes a user. * * @param username User's username + * @param userId User ID */ - public void delete(String username) { + public void delete(String username, String userId) { EntityManager em = ThreadLocalContext.get().getEntityManager(); // Get the user @@ -245,7 +249,7 @@ public class UserDao { q.executeUpdate(); // Create audit log - AuditLogUtil.create(userFromDb, AuditLogType.DELETE); + AuditLogUtil.create(userFromDb, AuditLogType.DELETE, userId); } /** diff --git a/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/dto/AclDto.java b/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/dto/AclDto.java index 85051a38..4f8cd254 100644 --- a/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/dto/AclDto.java +++ b/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/dto/AclDto.java @@ -1,7 +1,5 @@ package com.sismics.docs.core.dao.jpa.dto; -import javax.persistence.Id; - import com.sismics.docs.core.constant.PermType; /** @@ -13,7 +11,6 @@ public class AclDto { /** * Acl ID. */ - @Id private String id; /** diff --git a/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/dto/AuditLogDto.java b/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/dto/AuditLogDto.java index 44e4e920..284efaa0 100644 --- a/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/dto/AuditLogDto.java +++ b/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/dto/AuditLogDto.java @@ -1,7 +1,5 @@ package com.sismics.docs.core.dao.jpa.dto; -import javax.persistence.Id; - import com.sismics.docs.core.constant.AuditLogType; /** @@ -13,9 +11,13 @@ public class AuditLogDto { /** * Audit log ID. */ - @Id private String id; + /** + * Username. + */ + private String username; + /** * Entity ID. */ @@ -49,6 +51,14 @@ public class AuditLogDto { this.id = id; } + public String getUsername() { + return username; + } + + public void setUsername(String username) { + this.username = username; + } + public String getEntityId() { return entityId; } diff --git a/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/dto/CommentDto.java b/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/dto/CommentDto.java index 1f2e6d41..648c4b25 100644 --- a/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/dto/CommentDto.java +++ b/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/dto/CommentDto.java @@ -1,7 +1,5 @@ package com.sismics.docs.core.dao.jpa.dto; -import javax.persistence.Id; - /** * Comment DTO. * @@ -11,7 +9,6 @@ public class CommentDto { /** * Comment ID. */ - @Id private String id; /** diff --git a/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/dto/DocumentDto.java b/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/dto/DocumentDto.java index e5ed2eb1..64009a0e 100644 --- a/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/dto/DocumentDto.java +++ b/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/dto/DocumentDto.java @@ -1,7 +1,5 @@ package com.sismics.docs.core.dao.jpa.dto; -import javax.persistence.Id; - /** * Document DTO. * @@ -11,7 +9,6 @@ public class DocumentDto { /** * Document ID. */ - @Id private String id; /** diff --git a/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/dto/TagDto.java b/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/dto/TagDto.java index 6666015d..c4f38506 100644 --- a/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/dto/TagDto.java +++ b/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/dto/TagDto.java @@ -1,7 +1,5 @@ package com.sismics.docs.core.dao.jpa.dto; -import javax.persistence.Id; - /** * Tag DTO. * @@ -11,7 +9,6 @@ public class TagDto { /** * Tag ID. */ - @Id private String id; /** diff --git a/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/dto/UserDto.java b/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/dto/UserDto.java index 2dda296e..a8331909 100644 --- a/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/dto/UserDto.java +++ b/docs-core/src/main/java/com/sismics/docs/core/dao/jpa/dto/UserDto.java @@ -37,69 +37,38 @@ public class UserDto { */ private Long storageCurrent; - /** - * Getter of id. - * - * @return id - */ public String getId() { return id; } - /** - * Setter of id. - * - * @param id id - */ public void setId(String id) { this.id = id; } - /** - * Getter of username. - * - * @return username - */ public String getUsername() { return username; } - /** - * Setter of username. - * - * @param username username - */ public void setUsername(String username) { this.username = username; } - /** - * Getter of email. - * - * @return email - */ public String getEmail() { return email; } - /** - * Setter of email. - * - * @param email email - */ public void setEmail(String email) { this.email = email; } - /** - * Getter of createTimestamp. - * - * @return createTimestamp - */ public Long getCreateTimestamp() { return createTimestamp; } + public void setCreateTimestamp(Long createTimestamp) { + this.createTimestamp = createTimestamp; + } + public Long getStorageQuota() { return storageQuota; } @@ -115,13 +84,4 @@ public class UserDto { public void setStorageCurrent(Long storageCurrent) { this.storageCurrent = storageCurrent; } - - /** - * Setter of createTimestamp. - * - * @param createTimestamp createTimestamp - */ - public void setCreateTimestamp(Long createTimestamp) { - this.createTimestamp = createTimestamp; - } } diff --git a/docs-core/src/main/java/com/sismics/docs/core/model/jpa/AuditLog.java b/docs-core/src/main/java/com/sismics/docs/core/model/jpa/AuditLog.java index ce29e1f9..3b831891 100644 --- a/docs-core/src/main/java/com/sismics/docs/core/model/jpa/AuditLog.java +++ b/docs-core/src/main/java/com/sismics/docs/core/model/jpa/AuditLog.java @@ -27,6 +27,12 @@ public class AuditLog { @Column(name = "LOG_ID_C", length = 36) private String id; + /** + * User ID. + */ + @Column(name = "LOG_IDUSER_C", nullable = false, length = 36) + private String userId; + /** * Entity ID. */ @@ -66,6 +72,14 @@ public class AuditLog { this.id = id; } + public String getUserId() { + return userId; + } + + public void setUserId(String userId) { + this.userId = userId; + } + public String getEntityId() { return entityId; } diff --git a/docs-core/src/main/java/com/sismics/docs/core/util/AuditLogUtil.java b/docs-core/src/main/java/com/sismics/docs/core/util/AuditLogUtil.java index ffc3d089..259c11d7 100644 --- a/docs-core/src/main/java/com/sismics/docs/core/util/AuditLogUtil.java +++ b/docs-core/src/main/java/com/sismics/docs/core/util/AuditLogUtil.java @@ -20,7 +20,7 @@ public class AuditLogUtil { * @param entity Entity * @param type Audit log type */ - public static void create(Loggable loggable, AuditLogType type) { + public static void create(Loggable loggable, AuditLogType type, String userId) { // Get the entity ID EntityManager em = ThreadLocalContext.get().getEntityManager(); String entityId = (String) em.getEntityManagerFactory().getPersistenceUnitUtil().getIdentifier(loggable); @@ -28,6 +28,7 @@ public class AuditLogUtil { // Create the audit log AuditLogDao auditLogDao = new AuditLogDao(); AuditLog auditLog = new AuditLog(); + auditLog.setUserId(userId); auditLog.setEntityId(entityId); auditLog.setEntityClass(loggable.getClass().getSimpleName()); auditLog.setType(type); diff --git a/docs-core/src/main/resources/db/update/dbupdate-006-0.sql b/docs-core/src/main/resources/db/update/dbupdate-006-0.sql index 175567c7..3b707784 100644 --- a/docs-core/src/main/resources/db/update/dbupdate-006-0.sql +++ b/docs-core/src/main/resources/db/update/dbupdate-006-0.sql @@ -6,6 +6,8 @@ alter table T_DOCUMENT add column DOC_SOURCE_C varchar(500); alter table T_DOCUMENT add column DOC_TYPE_C varchar(500); alter table T_DOCUMENT add column DOC_COVERAGE_C varchar(500); alter table T_DOCUMENT add column DOC_RIGHTS_C varchar(500); +alter table T_AUDIT_LOG add column LOG_IDUSER_C varchar(36) not null default 'admin'; + create memory table T_VOCABULARY ( VOC_ID_C varchar(36) not null, VOC_NAME_C varchar(50) not null, VOC_VALUE_C varchar(500) not null, VOC_ORDER_N int not null, primary key (VOC_ID_C) ); insert into T_VOCABULARY(VOC_ID_C, VOC_NAME_C, VOC_VALUE_C, VOC_ORDER_N) values('type-collection', 'type', 'Collection', 0); diff --git a/docs-core/src/test/java/com/sismics/docs/core/dao/jpa/TestJpa.java b/docs-core/src/test/java/com/sismics/docs/core/dao/jpa/TestJpa.java index 8abad9c7..f53a2847 100644 --- a/docs-core/src/test/java/com/sismics/docs/core/dao/jpa/TestJpa.java +++ b/docs-core/src/test/java/com/sismics/docs/core/dao/jpa/TestJpa.java @@ -23,7 +23,7 @@ public class TestJpa extends BaseTransactionalTest { user.setStorageCurrent(0l); user.setStorageQuota(10l); user.setPrivateKey("AwesomePrivateKey"); - String id = userDao.create(user); + String id = userDao.create(user, "me"); TransactionUtil.commit(); diff --git a/docs-web/src/main/java/com/sismics/docs/rest/resource/AclResource.java b/docs-web/src/main/java/com/sismics/docs/rest/resource/AclResource.java index 58ef4f02..5c978d41 100644 --- a/docs-web/src/main/java/com/sismics/docs/rest/resource/AclResource.java +++ b/docs-web/src/main/java/com/sismics/docs/rest/resource/AclResource.java @@ -77,7 +77,7 @@ public class AclResource extends BaseResource { // Avoid duplicates if (!aclDao.checkPermission(acl.getSourceId(), acl.getPerm(), acl.getTargetId())) { - aclDao.create(acl); + aclDao.create(acl, principal.getId()); // Returns the ACL JsonObjectBuilder response = Json.createObjectBuilder() @@ -126,7 +126,7 @@ public class AclResource extends BaseResource { } // Delete the ACL - aclDao.delete(sourceId, perm, targetId); + aclDao.delete(sourceId, perm, targetId, principal.getId()); // Always return OK JsonObjectBuilder response = Json.createObjectBuilder() diff --git a/docs-web/src/main/java/com/sismics/docs/rest/resource/AuditLogResource.java b/docs-web/src/main/java/com/sismics/docs/rest/resource/AuditLogResource.java index a1ad4e72..8aa4ac24 100644 --- a/docs-web/src/main/java/com/sismics/docs/rest/resource/AuditLogResource.java +++ b/docs-web/src/main/java/com/sismics/docs/rest/resource/AuditLogResource.java @@ -68,6 +68,7 @@ public class AuditLogResource extends BaseResource { for (AuditLogDto auditLogDto : paginatedList.getResultList()) { logs.add(Json.createObjectBuilder() .add("id", auditLogDto.getId()) + .add("username", auditLogDto.getUsername()) .add("target", auditLogDto.getEntityId()) .add("class", auditLogDto.getEntityClass()) .add("type", auditLogDto.getType().name()) diff --git a/docs-web/src/main/java/com/sismics/docs/rest/resource/CommentResource.java b/docs-web/src/main/java/com/sismics/docs/rest/resource/CommentResource.java index 95376208..28dc162d 100644 --- a/docs-web/src/main/java/com/sismics/docs/rest/resource/CommentResource.java +++ b/docs-web/src/main/java/com/sismics/docs/rest/resource/CommentResource.java @@ -61,7 +61,7 @@ public class CommentResource extends BaseResource { comment.setContent(content); comment.setUserId(principal.getId()); CommentDao commentDao = new CommentDao(); - commentDao.create(comment); + commentDao.create(comment, principal.getId()); // Returns the comment JsonObjectBuilder response = Json.createObjectBuilder() @@ -103,7 +103,7 @@ public class CommentResource extends BaseResource { } // Delete the comment - commentDao.delete(id); + commentDao.delete(id, principal.getId()); // Always return OK JsonObjectBuilder response = Json.createObjectBuilder() diff --git a/docs-web/src/main/java/com/sismics/docs/rest/resource/DocumentResource.java b/docs-web/src/main/java/com/sismics/docs/rest/resource/DocumentResource.java index bb798b1a..c99b1d46 100644 --- a/docs-web/src/main/java/com/sismics/docs/rest/resource/DocumentResource.java +++ b/docs-web/src/main/java/com/sismics/docs/rest/resource/DocumentResource.java @@ -449,7 +449,7 @@ public class DocumentResource extends BaseResource { } else { document.setCreateDate(createDate); } - String documentId = documentDao.create(document); + String documentId = documentDao.create(document, principal.getId()); // Create read ACL AclDao aclDao = new AclDao(); @@ -457,14 +457,14 @@ public class DocumentResource extends BaseResource { acl.setPerm(PermType.READ); acl.setSourceId(documentId); acl.setTargetId(principal.getId()); - aclDao.create(acl); + aclDao.create(acl, principal.getId()); // Create write ACL acl = new Acl(); acl.setPerm(PermType.WRITE); acl.setSourceId(documentId); acl.setTargetId(principal.getId()); - aclDao.create(acl); + aclDao.create(acl, principal.getId()); // Update tags updateTagList(documentId, tagList); @@ -570,7 +570,7 @@ public class DocumentResource extends BaseResource { document.setLanguage(language); } - document = documentDao.update(document); + document = documentDao.update(document, principal.getId()); // Update tags updateTagList(id, tagList); @@ -634,7 +634,7 @@ public class DocumentResource extends BaseResource { } // Delete the document - documentDao.delete(document.getId()); + documentDao.delete(document.getId(), principal.getId()); // Raise file deleted events for (File file : fileList) { diff --git a/docs-web/src/main/java/com/sismics/docs/rest/resource/FileResource.java b/docs-web/src/main/java/com/sismics/docs/rest/resource/FileResource.java index c79dba41..b371cff8 100644 --- a/docs-web/src/main/java/com/sismics/docs/rest/resource/FileResource.java +++ b/docs-web/src/main/java/com/sismics/docs/rest/resource/FileResource.java @@ -145,7 +145,7 @@ public class FileResource extends BaseResource { file.setDocumentId(documentId); file.setMimeType(mimeType); file.setUserId(principal.getId()); - String fileId = fileDao.create(file); + String fileId = fileDao.create(file, principal.getId()); // Guess the mime type a second time, for open document format (first detected as simple ZIP file) file.setMimeType(MimeTypeUtil.guessOpenDocumentFormat(file, fileInputStream)); @@ -362,7 +362,7 @@ public class FileResource extends BaseResource { } // Delete the file - fileDao.delete(file.getId()); + fileDao.delete(file.getId(), principal.getId()); // Update the user quota UserDao userDao = new UserDao(); diff --git a/docs-web/src/main/java/com/sismics/docs/rest/resource/ShareResource.java b/docs-web/src/main/java/com/sismics/docs/rest/resource/ShareResource.java index 8a0d8949..869af2cb 100644 --- a/docs-web/src/main/java/com/sismics/docs/rest/resource/ShareResource.java +++ b/docs-web/src/main/java/com/sismics/docs/rest/resource/ShareResource.java @@ -69,7 +69,7 @@ public class ShareResource extends BaseResource { acl.setSourceId(documentId); acl.setPerm(PermType.READ); acl.setTargetId(share.getId()); - aclDao.create(acl); + aclDao.create(acl, principal.getId()); // Returns the created ACL JsonObjectBuilder response = Json.createObjectBuilder() diff --git a/docs-web/src/main/java/com/sismics/docs/rest/resource/TagResource.java b/docs-web/src/main/java/com/sismics/docs/rest/resource/TagResource.java index e13fb78e..8caf253e 100644 --- a/docs-web/src/main/java/com/sismics/docs/rest/resource/TagResource.java +++ b/docs-web/src/main/java/com/sismics/docs/rest/resource/TagResource.java @@ -137,7 +137,7 @@ public class TagResource extends BaseResource { tag.setColor(color); tag.setUserId(principal.getId()); tag.setParentId(parentId); - String id = tagDao.create(tag); + String id = tagDao.create(tag, principal.getId()); JsonObjectBuilder response = Json.createObjectBuilder() .add("id", id); @@ -203,7 +203,7 @@ public class TagResource extends BaseResource { // Parent tag is always updated to have the possibility to delete it tag.setParentId(parentId); - tagDao.update(tag); + tagDao.update(tag, principal.getId()); JsonObjectBuilder response = Json.createObjectBuilder() .add("id", id); @@ -232,7 +232,7 @@ public class TagResource extends BaseResource { } // Delete the tag - tagDao.delete(tagId); + tagDao.delete(tagId, principal.getId()); // Always return OK JsonObjectBuilder response = Json.createObjectBuilder() diff --git a/docs-web/src/main/java/com/sismics/docs/rest/resource/UserResource.java b/docs-web/src/main/java/com/sismics/docs/rest/resource/UserResource.java index 0568191a..aed31171 100644 --- a/docs-web/src/main/java/com/sismics/docs/rest/resource/UserResource.java +++ b/docs-web/src/main/java/com/sismics/docs/rest/resource/UserResource.java @@ -105,7 +105,7 @@ public class UserResource extends BaseResource { // Create the user UserDao userDao = new UserDao(); try { - userDao.create(user); + userDao.create(user, principal.getId()); } catch (Exception e) { if ("AlreadyExistingUsername".equals(e.getMessage())) { throw new ServerException("AlreadyExistingUsername", "Login already used", e); @@ -145,12 +145,12 @@ public class UserResource extends BaseResource { if (email != null) { user.setEmail(email); } - user = userDao.update(user); + user = userDao.update(user, principal.getId()); // Change the password if (StringUtils.isNotBlank(password)) { user.setPassword(password); - userDao.updatePassword(user); + userDao.updatePassword(user, principal.getId()); } // Always return OK @@ -198,12 +198,12 @@ public class UserResource extends BaseResource { Long storageQuota = ValidationUtil.validateLong(storageQuotaStr, "storage_quota"); user.setStorageQuota(storageQuota); } - user = userDao.update(user); + user = userDao.update(user, principal.getId()); // Change the password if (StringUtils.isNotBlank(password)) { user.setPassword(password); - userDao.updatePassword(user); + userDao.updatePassword(user, principal.getId()); } // Always return OK @@ -356,7 +356,7 @@ public class UserResource extends BaseResource { // Delete the user UserDao userDao = new UserDao(); - userDao.delete(principal.getName()); + userDao.delete(principal.getName(), principal.getId()); // Raise deleted events for documents for (Document document : documentList) { @@ -413,7 +413,7 @@ public class UserResource extends BaseResource { List fileList = fileDao.findByUserId(user.getId()); // Delete the user - userDao.delete(user.getUsername()); + userDao.delete(user.getUsername(), principal.getId()); // Raise deleted events for documents for (Document document : documentList) { diff --git a/docs-web/src/main/webapp/src/partial/docs/directive.auditlog.html b/docs-web/src/main/webapp/src/partial/docs/directive.auditlog.html index 483bf18b..0b7734f1 100644 --- a/docs-web/src/main/webapp/src/partial/docs/directive.auditlog.html +++ b/docs-web/src/main/webapp/src/partial/docs/directive.auditlog.html @@ -1,6 +1,12 @@ - + +
{{ log.create_date | date: 'yyyy-MM-dd HH:mm' }}{{ log.create_date | date: 'yyyy-MM-dd HH:mm' }} + + + {{ log.username }} + + {{ log.class }} diff --git a/docs-web/src/main/webapp/src/partial/docs/document.view.html b/docs-web/src/main/webapp/src/partial/docs/document.view.html index 27fc32be..ec003ceb 100644 --- a/docs-web/src/main/webapp/src/partial/docs/document.view.html +++ b/docs-web/src/main/webapp/src/partial/docs/document.view.html @@ -36,7 +36,8 @@

- {{ document.title }} {{ document.create_date | date: 'yyyy-MM-dd' }} by {{ document.creator }} + {{ document.title }} {{ document.create_date | date: 'yyyy-MM-dd' }} + by {{ document.creator }}

diff --git a/docs-web/src/test/java/com/sismics/docs/rest/TestAuditLogResource.java b/docs-web/src/test/java/com/sismics/docs/rest/TestAuditLogResource.java index 1523a1ff..3ec5f011 100644 --- a/docs-web/src/test/java/com/sismics/docs/rest/TestAuditLogResource.java +++ b/docs-web/src/test/java/com/sismics/docs/rest/TestAuditLogResource.java @@ -59,13 +59,25 @@ public class TestAuditLogResource extends BaseJerseyTest { .get(JsonObject.class); JsonArray logs = json.getJsonArray("logs"); Assert.assertTrue(logs.size() == 3); + Assert.assertEquals(countByClass(logs, "Document"), 1); + Assert.assertEquals(countByClass(logs, "Acl"), 2); + Assert.assertEquals("auditlog1", logs.getJsonObject(0).getString("username")); + Assert.assertNotNull(logs.getJsonObject(0).getString("id")); + Assert.assertNotNull(logs.getJsonObject(0).getString("target")); + Assert.assertNotNull(logs.getJsonObject(0).getString("type")); + Assert.assertNotNull(logs.getJsonObject(0).getString("message")); + Assert.assertNotNull(logs.getJsonObject(0).getJsonNumber("create_date")); + Assert.assertEquals("auditlog1", logs.getJsonObject(1).getString("username")); + Assert.assertEquals("auditlog1", logs.getJsonObject(2).getString("username")); // Get all logs for the current user json = target().path("/auditlog").request() .cookie(TokenBasedSecurityFilter.COOKIE_NAME, auditlog1Token) .get(JsonObject.class); logs = json.getJsonArray("logs"); - Assert.assertTrue(logs.size() == 3); + Assert.assertTrue(logs.size() == 2); + Assert.assertEquals(countByClass(logs, "Document"), 1); + Assert.assertEquals(countByClass(logs, "Tag"), 1); // Deletes a tag json = target().path("/tag/" + tag1Id).request() @@ -78,6 +90,25 @@ public class TestAuditLogResource extends BaseJerseyTest { .cookie(TokenBasedSecurityFilter.COOKIE_NAME, auditlog1Token) .get(JsonObject.class); logs = json.getJsonArray("logs"); - Assert.assertTrue(logs.size() == 4); + Assert.assertTrue(logs.size() == 3); + Assert.assertEquals(countByClass(logs, "Document"), 1); + Assert.assertEquals(countByClass(logs, "Tag"), 2); + } + + /** + * Count logs by class. + * + * @param logs Logs + * @param clazz Class + * @return Count by class + */ + private int countByClass(JsonArray logs, String clazz) { + int count = 0; + for (int i = 0; i < logs.size(); i++) { + if (logs.getJsonObject(i).getString("class").equals(clazz)) { + count++; + } + } + return count; } } \ No newline at end of file