diff --git a/docs-core/src/main/java/com/sismics/docs/core/dao/AuditLogDao.java b/docs-core/src/main/java/com/sismics/docs/core/dao/AuditLogDao.java index b501fa81..037ef676 100644 --- a/docs-core/src/main/java/com/sismics/docs/core/dao/AuditLogDao.java +++ b/docs-core/src/main/java/com/sismics/docs/core/dao/AuditLogDao.java @@ -27,7 +27,6 @@ public class AuditLogDao { * * @param auditLog Audit log * @return New ID - * @throws Exception */ public String create(AuditLog auditLog) { // Create the UUID @@ -47,10 +46,9 @@ public class AuditLogDao { * @param paginatedList List of audit logs (updated by side effects) * @param criteria Search criteria * @param sortCriteria Sort criteria - * @return List of audit logs */ public void findByCriteria(PaginatedList paginatedList, AuditLogCriteria criteria, SortCriteria sortCriteria) { - Map parameterMap = new HashMap(); + Map parameterMap = new HashMap<>(); StringBuilder baseQuery = new StringBuilder("select l.LOG_ID_C c0, l.LOG_CREATEDATE_D c1, u.USE_USERNAME_C c2, l.LOG_IDENTITY_C c3, l.LOG_CLASSENTITY_C c4, l.LOG_TYPE_C c5, l.LOG_MESSAGE_C c6 from T_AUDIT_LOG l "); baseQuery.append(" join T_USER u on l.LOG_IDUSER_C = u.USE_ID_C "); @@ -67,10 +65,15 @@ public class AuditLogDao { } if (criteria.getUserId() != null) { - // Get all logs originating from the user, not necessarly on owned items - // Filter out ACL logs - queries.add(baseQuery + " where l.LOG_IDUSER_C = :userId and l.LOG_CLASSENTITY_C != 'Acl' "); - parameterMap.put("userId", criteria.getUserId()); + if (criteria.isAdmin()) { + // For admin users, display all logs except ACL logs + queries.add(baseQuery + " where l.LOG_CLASSENTITY_C != 'Acl' "); + } else { + // Get all logs originating from the user, not necessarly on owned items + // Filter out ACL logs + queries.add(baseQuery + " where l.LOG_IDUSER_C = :userId and l.LOG_CLASSENTITY_C != 'Acl' "); + parameterMap.put("userId", criteria.getUserId()); + } } // Perform the search @@ -78,7 +81,7 @@ public class AuditLogDao { List l = PaginatedLists.executePaginatedQuery(paginatedList, queryParam, sortCriteria); // Assemble results - List auditLogDtoList = new ArrayList(); + List auditLogDtoList = new ArrayList<>(); for (Object[] o : l) { int i = 0; AuditLogDto auditLogDto = new AuditLogDto(); diff --git a/docs-core/src/main/java/com/sismics/docs/core/dao/criteria/AuditLogCriteria.java b/docs-core/src/main/java/com/sismics/docs/core/dao/criteria/AuditLogCriteria.java index eca636f6..890adae2 100644 --- a/docs-core/src/main/java/com/sismics/docs/core/dao/criteria/AuditLogCriteria.java +++ b/docs-core/src/main/java/com/sismics/docs/core/dao/criteria/AuditLogCriteria.java @@ -16,6 +16,11 @@ public class AuditLogCriteria { * User ID. */ private String userId; + + /** + * The search is done for an admin user. + */ + private boolean isAdmin = false; public String getDocumentId() { return documentId; @@ -32,4 +37,13 @@ public class AuditLogCriteria { public void setUserId(String userId) { this.userId = userId; } + + public boolean isAdmin() { + return isAdmin; + } + + public AuditLogCriteria setAdmin(boolean admin) { + isAdmin = admin; + return this; + } } diff --git a/docs-web/src/main/java/com/sismics/docs/rest/resource/AuditLogResource.java b/docs-web/src/main/java/com/sismics/docs/rest/resource/AuditLogResource.java index 51bcd0cb..1c12c314 100644 --- a/docs-web/src/main/java/com/sismics/docs/rest/resource/AuditLogResource.java +++ b/docs-web/src/main/java/com/sismics/docs/rest/resource/AuditLogResource.java @@ -6,6 +6,7 @@ import com.sismics.docs.core.dao.AclDao; import com.sismics.docs.core.dao.AuditLogDao; import com.sismics.docs.core.dao.criteria.AuditLogCriteria; import com.sismics.docs.core.dao.dto.AuditLogDto; +import com.sismics.docs.core.util.SecurityUtil; import com.sismics.docs.core.util.jpa.PaginatedList; import com.sismics.docs.core.util.jpa.PaginatedLists; import com.sismics.docs.core.util.jpa.SortCriteria; @@ -65,6 +66,7 @@ public class AuditLogResource extends BaseResource { if (Strings.isNullOrEmpty(documentId)) { // Search logs for a user criteria.setUserId(principal.getId()); + criteria.setAdmin(SecurityUtil.skipAclCheck(getTargetIdList(null))); } else { // Check ACL on the document AclDao aclDao = new AclDao(); diff --git a/docs-web/src/main/java/com/sismics/docs/rest/resource/UserResource.java b/docs-web/src/main/java/com/sismics/docs/rest/resource/UserResource.java index 1b01b094..94097186 100644 --- a/docs-web/src/main/java/com/sismics/docs/rest/resource/UserResource.java +++ b/docs-web/src/main/java/com/sismics/docs/rest/resource/UserResource.java @@ -680,6 +680,7 @@ public class UserResource extends BaseResource { * @apiParam {String} username Username * @apiSuccess {String} username Username * @apiSuccess {String} email E-mail + * @apiSuccess {Boolean} totp_enabled True if TOTP authentication is enabled * @apiSuccess {Number} storage_quota Storage quota (in bytes) * @apiSuccess {Number} storage_current Quota used (in bytes) * @apiSuccess {String[]} groups Groups @@ -720,6 +721,7 @@ public class UserResource extends BaseResource { .add("username", user.getUsername()) .add("groups", groups) .add("email", user.getEmail()) + .add("totp_enabled", user.getTotpKey() != null) .add("storage_quota", user.getStorageQuota()) .add("storage_current", user.getStorageCurrent()) .add("disabled", user.getDisableDate() != null); @@ -739,6 +741,7 @@ public class UserResource extends BaseResource { * @apiSuccess {String} users.id ID * @apiSuccess {String} users.username Username * @apiSuccess {String} users.email E-mail + * @apiSuccess {Boolean} users.totp_enabled True if TOTP authentication is enabled * @apiSuccess {Number} users.storage_quota Storage quota (in bytes) * @apiSuccess {Number} users.storage_current Quota used (in bytes) * @apiSuccess {Number} users.create_date Create date (timestamp) @@ -781,8 +784,8 @@ public class UserResource extends BaseResource { users.add(Json.createObjectBuilder() .add("id", userDto.getId()) .add("username", userDto.getUsername()) - .add("totp_enabled", userDto.getTotpKey() != null) .add("email", userDto.getEmail()) + .add("totp_enabled", userDto.getTotpKey() != null) .add("storage_quota", userDto.getStorageQuota()) .add("storage_current", userDto.getStorageCurrent()) .add("create_date", userDto.getCreateTimestamp())