From 310000dd283d0fe41af976d590b38680d9627a9a Mon Sep 17 00:00:00 2001 From: Derek Hulley Date: Wed, 28 Jul 2010 17:41:52 +0000 Subject: [PATCH] SAIL-240 (SAIL-294) AuditDAO: Web Script starter for AuditService incl. test git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@21472 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261 --- .../repository/audit/control.get.desc.xml | 13 +++ .../repository/audit/control.properties | 3 + .../web-scripts-application-context.xml | 69 +++++++----- .../scripts/audit/AbstractAuditWebScript.java | 101 ++++++++++++++++++ .../web/scripts/audit/AuditWebScriptTest.java | 76 +++++++++++++ .../repo/web/scripts/audit/ControlGet.java | 69 ++++++++++++ 6 files changed, 305 insertions(+), 26 deletions(-) create mode 100644 config/alfresco/templates/webscripts/org/alfresco/repository/audit/control.get.desc.xml create mode 100644 config/alfresco/templates/webscripts/org/alfresco/repository/audit/control.properties create mode 100644 source/java/org/alfresco/repo/web/scripts/audit/AbstractAuditWebScript.java create mode 100644 source/java/org/alfresco/repo/web/scripts/audit/AuditWebScriptTest.java create mode 100644 source/java/org/alfresco/repo/web/scripts/audit/ControlGet.java diff --git a/config/alfresco/templates/webscripts/org/alfresco/repository/audit/control.get.desc.xml b/config/alfresco/templates/webscripts/org/alfresco/repository/audit/control.get.desc.xml new file mode 100644 index 0000000000..72e2e99fd8 --- /dev/null +++ b/config/alfresco/templates/webscripts/org/alfresco/repository/audit/control.get.desc.xml @@ -0,0 +1,13 @@ + + Alfresco Audit Service Control + Get audit status for a given application and path + /api/audit/control?app={application?}&path={path?} + + admin + required + internal + + + + + diff --git a/config/alfresco/templates/webscripts/org/alfresco/repository/audit/control.properties b/config/alfresco/templates/webscripts/org/alfresco/repository/audit/control.properties new file mode 100644 index 0000000000..c8429d852b --- /dev/null +++ b/config/alfresco/templates/webscripts/org/alfresco/repository/audit/control.properties @@ -0,0 +1,3 @@ +# Audit Control Web Script I18N +audit.err.app.mandatory=Parameter 'app' is mandatory +audit.err.path.startsWith=Parameter 'path', when supplied, must start with '/' \ No newline at end of file diff --git a/config/alfresco/web-scripts-application-context.xml b/config/alfresco/web-scripts-application-context.xml index 8d44dfa4e4..492753748f 100644 --- a/config/alfresco/web-scripts-application-context.xml +++ b/config/alfresco/web-scripts-application-context.xml @@ -711,31 +711,31 @@ - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + + + + @@ -775,7 +775,7 @@ - + @@ -811,4 +811,21 @@ class="org.alfresco.repo.web.scripts.workflow.WorkflowDefinitionsGet" parent="abstractWorkflowWebScript"> + + + + + + + + + + + + + diff --git a/source/java/org/alfresco/repo/web/scripts/audit/AbstractAuditWebScript.java b/source/java/org/alfresco/repo/web/scripts/audit/AbstractAuditWebScript.java new file mode 100644 index 0000000000..7576281964 --- /dev/null +++ b/source/java/org/alfresco/repo/web/scripts/audit/AbstractAuditWebScript.java @@ -0,0 +1,101 @@ +/* + * Copyright (C) 2009-2010 Alfresco Software Limited. + * + * This file is part of Alfresco + * + * Alfresco is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * Alfresco is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with Alfresco. If not, see . + */ +package org.alfresco.repo.web.scripts.audit; + +import org.alfresco.service.cmr.audit.AuditService; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.springframework.extensions.surf.util.I18NUtil; +import org.springframework.extensions.webscripts.AbstractWebScript; +import org.springframework.extensions.webscripts.Status; +import org.springframework.extensions.webscripts.WebScriptException; +import org.springframework.extensions.webscripts.WebScriptRequest; + +/** + * Abstract implementation for scripts that access the {@link AuditService}. + * + * @author Derek Hulley + * @since 3.4 + */ +public abstract class AbstractAuditWebScript extends AbstractWebScript +{ + public static final String PARAM_APP = "app"; + public static final String PARAM_PATH="path"; + + /** + * Logger that can be used by subclasses. + */ + protected final Log logger = LogFactory.getLog(this.getClass()); + + protected AuditService auditService; + + /** + * @param auditService the service that provides the actual data + */ + public void setAuditService(AuditService auditService) + { + this.auditService = auditService; + } + + /** + * Return an I18N'd message for the given key or the key itself if not present + * + * @param args arguments to replace the variables in the message + */ + protected String getI18NMessage(String key, Object ... args) + { + return I18NUtil.getMessage(key, args); + } + + /** + * Get the application name from the request. + * + * @param mandatory true if the application name is expected + * @return Returns the application name or null if not present + */ + protected final String getApp(WebScriptRequest req, boolean mandatory) + { + // All URLs must contain the application + String paramApp = req.getParameter(PARAM_APP); + if (paramApp == null && mandatory) + { + throw new WebScriptException(Status.STATUS_BAD_REQUEST, "audit.err.app.mandatory"); + } + return paramApp; + } + /** + * Get the path from the request. If it is mandatory, then a value must have been supplied + * otherwise, at the very least, '/' is returned. + * @param mandatory true if the parameter is expected + * @return Returns the path or at least '/' (never null) + */ + protected String getPath(WebScriptRequest req) + { + String paramPath = req.getParameter(PARAM_PATH); + if (paramPath == null || paramPath.length() == 0) + { + paramPath = "/"; + } + else if (!paramPath.startsWith("/")) + { + throw new WebScriptException(Status.STATUS_BAD_REQUEST, "audit.err.path.startsWith"); + } + return paramPath; + } +} diff --git a/source/java/org/alfresco/repo/web/scripts/audit/AuditWebScriptTest.java b/source/java/org/alfresco/repo/web/scripts/audit/AuditWebScriptTest.java new file mode 100644 index 0000000000..21e450341d --- /dev/null +++ b/source/java/org/alfresco/repo/web/scripts/audit/AuditWebScriptTest.java @@ -0,0 +1,76 @@ +/* + * Copyright (C) 2005-2010 Alfresco Software Limited. + * + * This file is part of Alfresco + * + * Alfresco is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * Alfresco is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with Alfresco. If not, see . + */ +package org.alfresco.repo.web.scripts.audit; + +import org.alfresco.repo.security.authentication.AuthenticationUtil; +import org.alfresco.repo.web.scripts.BaseWebScriptTest; +import org.alfresco.service.cmr.audit.AuditService; +import org.json.JSONObject; +import org.springframework.context.ApplicationContext; +import org.springframework.extensions.webscripts.TestWebScriptServer; +import org.springframework.extensions.webscripts.TestWebScriptServer.Response; + +/** + * Test the audit web scripts + * + * @author Derek Hulley + * @since 3.4 + */ +public class AuditWebScriptTest extends BaseWebScriptTest +{ + private ApplicationContext ctx; + private AuditService auditService; + private String admin; + + @Override + protected void setUp() throws Exception + { + super.setUp(); + ctx = getServer().getApplicationContext(); + auditService = (AuditService) ctx.getBean("AuditService"); + admin = AuthenticationUtil.getAdminUserName(); + + AuthenticationUtil.setFullyAuthenticatedUser(admin); + } + + @Override + protected void tearDown() throws Exception + { + super.tearDown(); + } + + public void testGetWithoutPermissions() throws Exception + { + + } + + public void testGetIsAuditEnabledGlobally() throws Exception + { + boolean checkEnabled = auditService.isAuditEnabled(); + + String url = "/api/audit/control"; + TestWebScriptServer.GetRequest req = new TestWebScriptServer.GetRequest(url); + + //First, we'll try the request as a simple, non-admin user (expect a 401) + Response response = sendRequest(req, 200, admin); + JSONObject json = new JSONObject(response.getContentAsString()); + boolean enabled = json.getBoolean("enabled"); + assertEquals("Mismatched global audit enabled", checkEnabled, enabled); + } +} diff --git a/source/java/org/alfresco/repo/web/scripts/audit/ControlGet.java b/source/java/org/alfresco/repo/web/scripts/audit/ControlGet.java new file mode 100644 index 0000000000..962aa8388d --- /dev/null +++ b/source/java/org/alfresco/repo/web/scripts/audit/ControlGet.java @@ -0,0 +1,69 @@ +/* + * Copyright (C) 2005-2010 Alfresco Software Limited. + * + * This file is part of Alfresco + * + * Alfresco is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * Alfresco is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with Alfresco. If not, see . + */ +package org.alfresco.repo.web.scripts.audit; + +import java.io.IOException; +import java.io.StringWriter; + +import org.springframework.extensions.webscripts.Status; +import org.springframework.extensions.webscripts.WebScriptRequest; +import org.springframework.extensions.webscripts.WebScriptResponse; +import org.springframework.extensions.webscripts.json.JSONUtils; +import org.springframework.extensions.webscripts.json.JSONWriter; + +/** + * @author Derek Hulley + * @since 3.4 + */ +public class ControlGet extends AbstractAuditWebScript +{ + @Override + public void execute(WebScriptRequest req, WebScriptResponse res) throws IOException + { + String app = getApp(req, false); + String path = getPath(req); + + boolean enabled = false; + if (app == null) + { + enabled = auditService.isAuditEnabled(); + } + else + { + enabled = auditService.isAuditEnabled(app, path); + } + + // return the unique transfer id (the lock id) + StringWriter stringWriter = new StringWriter(300); + JSONWriter jsonWriter = new JSONWriter(stringWriter); + jsonWriter.startObject(); + jsonWriter.writeValue("app", app); + jsonWriter.writeValue("path", path); + jsonWriter.writeValue("enabled", enabled); + jsonWriter.endObject(); + String response = stringWriter.toString(); + + res.setContentType("application/json"); + res.setContentEncoding("UTF-8"); + int length = response.getBytes("UTF-8").length; + res.addHeader("Content-Length", "" + length); + res.setStatus(Status.STATUS_OK); + res.getWriter().write(response); + } +} \ No newline at end of file