mirror of
https://github.com/Alfresco/alfresco-community-repo.git
synced 2025-07-31 17:39:05 +00:00
RM-5236 Audit event for removing group members.
Also tidy up title of audit events so that the user group display label is used if it exists.
This commit is contained in:
Tom Page
@@ -8,6 +8,7 @@ rm.audit.delete-person=Delete User
|
||||
rm.audit.create-userGroup=Create User Group
|
||||
rm.audit.delete-userGroup=Delete User Group
|
||||
rm.audit.addMember=Add To User Group
|
||||
rm.audit.removeMember=Remove From User Group
|
||||
rm.audit.linkTo=Link to
|
||||
rm.audit.moveTo=Move to
|
||||
rm.audit.copyTo=Copy to
|
||||
|
||||
@@ -84,6 +84,12 @@
|
||||
<property name="label" value="rm.audit.addMember"/>
|
||||
</bean>
|
||||
|
||||
<bean id="audit-event.removeMember" parent="audit-event" class="org.alfresco.module.org_alfresco_module_rm.audit.event.RemoveFromUserGroupAuditEvent">
|
||||
<property name="nodeService" ref="nodeService" />
|
||||
<property name="name" value="Remove From User Group"/>
|
||||
<property name="label" value="rm.audit.removeMember"/>
|
||||
</bean>
|
||||
|
||||
<bean id="audit-event.login-success" parent="audit-event" class="org.alfresco.module.org_alfresco_module_rm.audit.event.AuditEvent">
|
||||
<property name="name" value="Login.Success"/>
|
||||
<property name="label" value="rm.audit.login-succeeded"/>
|
||||
|
||||
@@ -27,8 +27,10 @@
|
||||
|
||||
package org.alfresco.module.org_alfresco_module_rm.audit;
|
||||
|
||||
import static org.alfresco.module.org_alfresco_module_rm.audit.event.UserGroupMembershipUtils.PARENT_GROUP;
|
||||
import static org.alfresco.module.org_alfresco_module_rm.dod5015.DOD5015Model.TYPE_DOD_5015_SITE;
|
||||
import static org.alfresco.module.org_alfresco_module_rm.model.rma.type.RmSiteType.DEFAULT_SITE_NAME;
|
||||
import static org.apache.commons.lang3.StringUtils.isBlank;
|
||||
|
||||
import java.io.BufferedWriter;
|
||||
import java.io.File;
|
||||
@@ -1602,14 +1604,36 @@ public class RecordsManagementAuditServiceImpl extends AbstractLifecycleBean
|
||||
case "Create User Group":
|
||||
if (entry.getAfterProperties() != null)
|
||||
{
|
||||
nodeName = (String) entry.getAfterProperties().get(ContentModel.PROP_AUTHORITY_NAME);
|
||||
nodeName = (String) entry.getAfterProperties().get(ContentModel.PROP_AUTHORITY_DISPLAY_NAME);
|
||||
if (isBlank(nodeName))
|
||||
{
|
||||
nodeName = (String) entry.getAfterProperties().get(ContentModel.PROP_AUTHORITY_NAME);
|
||||
}
|
||||
}
|
||||
break;
|
||||
|
||||
case "Delete User Group":
|
||||
if (entry.getBeforeProperties() != null)
|
||||
{
|
||||
nodeName = (String) entry.getBeforeProperties().get(ContentModel.PROP_AUTHORITY_NAME);
|
||||
nodeName = (String) entry.getBeforeProperties().get(ContentModel.PROP_AUTHORITY_DISPLAY_NAME);
|
||||
if (isBlank(nodeName))
|
||||
{
|
||||
nodeName = (String) entry.getBeforeProperties().get(ContentModel.PROP_AUTHORITY_NAME);
|
||||
}
|
||||
}
|
||||
break;
|
||||
|
||||
case "Add To User Group":
|
||||
if (entry.getAfterProperties() != null)
|
||||
{
|
||||
nodeName = (String) entry.getAfterProperties().get(PARENT_GROUP);
|
||||
}
|
||||
break;
|
||||
|
||||
case "Remove From User Group":
|
||||
if (entry.getBeforeProperties() != null)
|
||||
{
|
||||
nodeName = (String) entry.getBeforeProperties().get(PARENT_GROUP);
|
||||
}
|
||||
break;
|
||||
|
||||
|
||||
@@ -27,13 +27,12 @@
|
||||
|
||||
package org.alfresco.module.org_alfresco_module_rm.audit.event;
|
||||
|
||||
import static org.alfresco.module.org_alfresco_module_rm.audit.event.UserGroupMembershipUtils.makePropertiesMap;
|
||||
import static org.alfresco.repo.policy.Behaviour.NotificationFrequency.EVERY_EVENT;
|
||||
|
||||
import java.io.Serializable;
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
|
||||
import org.alfresco.model.ContentModel;
|
||||
import org.alfresco.repo.node.NodeServicePolicies.OnCreateChildAssociationPolicy;
|
||||
import org.alfresco.repo.policy.annotation.Behaviour;
|
||||
import org.alfresco.repo.policy.annotation.BehaviourBean;
|
||||
@@ -69,15 +68,7 @@ public class AddToUserGroupAuditEvent extends AuditEvent implements OnCreateChil
|
||||
@Behaviour(kind = BehaviourKind.ASSOCIATION, notificationFrequency = EVERY_EVENT, assocType = "cm:member")
|
||||
public void onCreateChildAssociation(ChildAssociationRef childAssocRef, boolean isNewNode)
|
||||
{
|
||||
Map<QName, Serializable> auditProperties = new HashMap<>();
|
||||
auditProperties.put(ContentModel.PROP_AUTHORITY_NAME,
|
||||
nodeService.getProperty(childAssocRef.getChildRef(), ContentModel.PROP_AUTHORITY_NAME));
|
||||
auditProperties.put(ContentModel.PROP_USERNAME,
|
||||
nodeService.getProperty(childAssocRef.getChildRef(), ContentModel.PROP_USERNAME));
|
||||
// (Ab)use link destination property here, as it vaguely sounds like where the authority ends up.
|
||||
auditProperties.put(ContentModel.PROP_LINK_DESTINATION,
|
||||
nodeService.getProperty(childAssocRef.getParentRef(), ContentModel.PROP_AUTHORITY_NAME));
|
||||
|
||||
recordsManagementAuditService.auditEvent(childAssocRef.getChildRef(), getName(), null, auditProperties);
|
||||
Map<QName, Serializable> auditProperties = makePropertiesMap(childAssocRef, nodeService);
|
||||
recordsManagementAuditService.auditEvent(childAssocRef.getChildRef(), getName(), null, auditProperties, true);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -67,8 +67,8 @@ public class CreateUserGroupAuditEvent extends AuditEvent implements OnCreateNod
|
||||
public void onCreateNode(ChildAssociationRef childAssocRef)
|
||||
{
|
||||
Map<QName, Serializable> auditProperties = new HashMap<>();
|
||||
auditProperties.put(ContentModel.PROP_AUTHORITY_NAME,
|
||||
nodeService.getProperty(childAssocRef.getChildRef(), ContentModel.PROP_AUTHORITY_NAME));
|
||||
auditProperties.put(ContentModel.PROP_AUTHORITY_DISPLAY_NAME,
|
||||
nodeService.getProperty(childAssocRef.getChildRef(), ContentModel.PROP_AUTHORITY_DISPLAY_NAME));
|
||||
|
||||
recordsManagementAuditService.auditEvent(childAssocRef.getChildRef(), getName(), null, auditProperties);
|
||||
}
|
||||
|
||||
@@ -73,8 +73,8 @@ public class DeleteUserGroupAuditEvent extends AuditEvent implements BeforeDelet
|
||||
{
|
||||
// Retrieve the authority name property to be audited
|
||||
Map<QName, Serializable> auditProperties = new HashMap<>();
|
||||
auditProperties.put(ContentModel.PROP_AUTHORITY_NAME,
|
||||
nodeService.getProperty(nodeRef, ContentModel.PROP_AUTHORITY_NAME));
|
||||
auditProperties.put(ContentModel.PROP_AUTHORITY_DISPLAY_NAME,
|
||||
nodeService.getProperty(nodeRef, ContentModel.PROP_AUTHORITY_DISPLAY_NAME));
|
||||
|
||||
//audit the property values before the delete event
|
||||
recordsManagementAuditService.auditEvent(nodeRef, getName(), auditProperties, null, true, false);
|
||||
|
||||
@@ -0,0 +1,74 @@
|
||||
/*
|
||||
* #%L
|
||||
* Alfresco Records Management Module
|
||||
* %%
|
||||
* Copyright (C) 2005 - 2018 Alfresco Software Limited
|
||||
* %%
|
||||
* This file is part of the Alfresco software.
|
||||
* -
|
||||
* If the software was purchased under a paid Alfresco license, the terms of
|
||||
* the paid license agreement will prevail. Otherwise, the software is
|
||||
* provided under the following open source license terms:
|
||||
* -
|
||||
* Alfresco is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Lesser General Public License as published by
|
||||
* the Free Software Foundation, either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
* -
|
||||
* Alfresco is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Lesser General Public License for more details.
|
||||
* -
|
||||
* You should have received a copy of the GNU Lesser General Public License
|
||||
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
|
||||
* #L%
|
||||
*/
|
||||
|
||||
package org.alfresco.module.org_alfresco_module_rm.audit.event;
|
||||
|
||||
import static org.alfresco.module.org_alfresco_module_rm.audit.event.UserGroupMembershipUtils.makePropertiesMap;
|
||||
import static org.alfresco.repo.policy.Behaviour.NotificationFrequency.EVERY_EVENT;
|
||||
|
||||
import java.io.Serializable;
|
||||
import java.util.Map;
|
||||
|
||||
import org.alfresco.repo.node.NodeServicePolicies.OnDeleteChildAssociationPolicy;
|
||||
import org.alfresco.repo.policy.annotation.Behaviour;
|
||||
import org.alfresco.repo.policy.annotation.BehaviourBean;
|
||||
import org.alfresco.repo.policy.annotation.BehaviourKind;
|
||||
import org.alfresco.service.cmr.repository.ChildAssociationRef;
|
||||
import org.alfresco.service.cmr.repository.NodeService;
|
||||
import org.alfresco.service.namespace.QName;
|
||||
|
||||
/**
|
||||
* Remove an authority from a user group.
|
||||
*
|
||||
* @author Tom Page
|
||||
* @since 2.7
|
||||
*/
|
||||
@BehaviourBean(defaultType = "cm:authorityContainer")
|
||||
public class RemoveFromUserGroupAuditEvent extends AuditEvent implements OnDeleteChildAssociationPolicy
|
||||
{
|
||||
/** Node Service */
|
||||
private NodeService nodeService;
|
||||
|
||||
/**
|
||||
* Sets the node service
|
||||
*
|
||||
* @param nodeService nodeService to set
|
||||
*/
|
||||
public void setNodeService(NodeService nodeService)
|
||||
{
|
||||
this.nodeService = nodeService;
|
||||
}
|
||||
|
||||
/** Behaviour to audit removing an authority from a user group. */
|
||||
@Override
|
||||
@Behaviour(kind = BehaviourKind.ASSOCIATION, notificationFrequency = EVERY_EVENT, assocType = "cm:member")
|
||||
public void onDeleteChildAssociation(ChildAssociationRef childAssocRef)
|
||||
{
|
||||
Map<QName, Serializable> auditProperties = makePropertiesMap(childAssocRef, nodeService);
|
||||
recordsManagementAuditService.auditEvent(childAssocRef.getChildRef(), getName(), auditProperties, null, true);
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,92 @@
|
||||
/*
|
||||
* #%L
|
||||
* Alfresco Records Management Module
|
||||
* %%
|
||||
* Copyright (C) 2005 - 2018 Alfresco Software Limited
|
||||
* %%
|
||||
* This file is part of the Alfresco software.
|
||||
* -
|
||||
* If the software was purchased under a paid Alfresco license, the terms of
|
||||
* the paid license agreement will prevail. Otherwise, the software is
|
||||
* provided under the following open source license terms:
|
||||
* -
|
||||
* Alfresco is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Lesser General Public License as published by
|
||||
* the Free Software Foundation, either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
* -
|
||||
* Alfresco is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Lesser General Public License for more details.
|
||||
* -
|
||||
* You should have received a copy of the GNU Lesser General Public License
|
||||
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
|
||||
* #L%
|
||||
*/
|
||||
|
||||
package org.alfresco.module.org_alfresco_module_rm.audit.event;
|
||||
|
||||
import static org.apache.commons.lang3.StringUtils.isBlank;
|
||||
|
||||
import java.io.Serializable;
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
|
||||
import org.alfresco.model.ContentModel;
|
||||
import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel;
|
||||
import org.alfresco.service.cmr.repository.ChildAssociationRef;
|
||||
import org.alfresco.service.cmr.repository.NodeRef;
|
||||
import org.alfresco.service.cmr.repository.NodeService;
|
||||
import org.alfresco.service.namespace.QName;
|
||||
|
||||
/**
|
||||
* Utility class for creating audit events about user group membership.
|
||||
*
|
||||
* @author Tom Page
|
||||
* @since 2.7
|
||||
*/
|
||||
public class UserGroupMembershipUtils
|
||||
{
|
||||
/** A QName to display for the parent group's name. */
|
||||
public static final QName PARENT_GROUP = QName.createQName(RecordsManagementModel.RM_URI, "Parent Group");
|
||||
/** A QName to display for a child group's name. */
|
||||
private static final QName CHILD_GROUP = QName.createQName(RecordsManagementModel.RM_URI, "Child Group");
|
||||
|
||||
/**
|
||||
* Create a properties map from the given cm:member association.
|
||||
*
|
||||
* @param childAssocRef The association to use.
|
||||
* @param nodeService The node service.
|
||||
* @return A map containing the names of the parent and child.
|
||||
*/
|
||||
public static Map<QName, Serializable> makePropertiesMap(ChildAssociationRef childAssocRef, NodeService nodeService)
|
||||
{
|
||||
Map<QName, Serializable> auditProperties = new HashMap<>();
|
||||
// Set exactly one of the child group property or the child user name property.
|
||||
String childGroupName = getUserGroupName(childAssocRef.getChildRef(), nodeService);
|
||||
if (!isBlank(childGroupName))
|
||||
{
|
||||
auditProperties.put(CHILD_GROUP, childGroupName);
|
||||
}
|
||||
String childUserName = (String) nodeService.getProperty(childAssocRef.getChildRef(), ContentModel.PROP_USERNAME);
|
||||
if (!isBlank(childUserName))
|
||||
{
|
||||
auditProperties.put(ContentModel.PROP_USERNAME, childUserName);
|
||||
}
|
||||
// Set the parent group name.
|
||||
auditProperties.put(PARENT_GROUP, getUserGroupName(childAssocRef.getParentRef(), nodeService));
|
||||
return auditProperties;
|
||||
}
|
||||
|
||||
/** Get a name that can be displayed for the user group. */
|
||||
private static String getUserGroupName(NodeRef nodeRef, NodeService nodeService)
|
||||
{
|
||||
String groupName = (String) nodeService.getProperty(nodeRef, ContentModel.PROP_AUTHORITY_DISPLAY_NAME);
|
||||
if (isBlank(groupName))
|
||||
{
|
||||
groupName = (String) nodeService.getProperty(nodeRef, ContentModel.PROP_AUTHORITY_NAME);
|
||||
}
|
||||
return groupName;
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user