SAIL-240 (SAIL-294) AuditDAO: Web Script starter for AuditService incl. test

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@21472 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
2025-08-21 18:09:20 +00:00 · 2010-07-28 17:41:52 +00:00
parent 21bab3d746
commit 310000dd28
6 changed files with 305 additions and 26 deletions
--- a/config/alfresco/templates/webscripts/org/alfresco/repository/audit/control.get.desc.xml
+++ b/config/alfresco/templates/webscripts/org/alfresco/repository/audit/control.get.desc.xml
@@ -0,0 +1,13 @@
 <webscript>
  <shortname>Alfresco Audit Service Control</shortname>
  <description>Get audit status for a given application and path</description>
  <url>/api/audit/control?app={application?}&amp;path={path?}</url>
  <format default="json" />
  <authentication>admin</authentication>
  <transaction allow="readonly">required</transaction>
  <lifecycle>internal</lifecycle>
  <!--  turn off the multipart formdata processing -->
  <formdata multipart-processing="false" />
 </webscript>
--- a/config/alfresco/templates/webscripts/org/alfresco/repository/audit/control.properties
+++ b/config/alfresco/templates/webscripts/org/alfresco/repository/audit/control.properties
@@ -0,0 +1,3 @@
 # Audit Control Web Script I18N
 audit.err.app.mandatory=Parameter 'app' is mandatory
 audit.err.path.startsWith=Parameter 'path', when supplied, must start with '/'
--- a/config/alfresco/web-scripts-application-context.xml
+++ b/config/alfresco/web-scripts-application-context.xml
@@ -811,4 +811,21 @@
          class="org.alfresco.repo.web.scripts.workflow.WorkflowDefinitionsGet"
          parent="abstractWorkflowWebScript"></bean>
    <!--                                   -->
    <!--      Workflow Service REST API    -->
    <!--                                   -->
    <!-- abstract audit web script -->
    <bean id="abstractAuditWebScript"
          class="org.alfresco.repo.web.scripts.audit.AbstractAuditWebscript"
          parent="webscript" abstract="true">
        <property name="auditService" ref="AuditService" />
    </bean>
    <!-- Gets the current audit state (enabled/disabled) for an application and path -->
    <bean id="webscript.org.alfresco.repository.audit.control.get"
          class="org.alfresco.repo.web.scripts.audit.ControlGet"
          parent="abstractAuditWebScript">
    </bean>
 </beans>
--- a/source/java/org/alfresco/repo/web/scripts/audit/AbstractAuditWebScript.java
+++ b/source/java/org/alfresco/repo/web/scripts/audit/AbstractAuditWebScript.java
@@ -0,0 +1,101 @@
 /*
 * Copyright (C) 2009-2010 Alfresco Software Limited.
 *
 * This file is part of Alfresco
 *
 * Alfresco is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Lesser General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * Alfresco is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public License
 * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
 */
 package org.alfresco.repo.web.scripts.audit;
 import org.alfresco.service.cmr.audit.AuditService;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.springframework.extensions.surf.util.I18NUtil;
 import org.springframework.extensions.webscripts.AbstractWebScript;
 import org.springframework.extensions.webscripts.Status;
 import org.springframework.extensions.webscripts.WebScriptException;
 import org.springframework.extensions.webscripts.WebScriptRequest;
 /**
 * Abstract implementation for scripts that access the {@link AuditService}.
 * 
 * @author Derek Hulley
 * @since 3.4
 */
 public abstract class AbstractAuditWebScript extends AbstractWebScript
 {
    public static final String PARAM_APP = "app";
    public static final String PARAM_PATH="path";
    /**
     * Logger that can be used by subclasses.
     */
    protected final Log logger = LogFactory.getLog(this.getClass());
    protected AuditService auditService;
    /**
     * @param auditService      the service that provides the actual data
     */
    public void setAuditService(AuditService auditService)
    {
        this.auditService = auditService;
    }
    /**
     * Return an I18N'd message for the given key or the key itself if not present
     * 
     * @param args              arguments to replace the variables in the message
     */
    protected String getI18NMessage(String key, Object ... args)
    {
        return I18NUtil.getMessage(key, args);
    }
    /**
     * Get the application name from the request.
     * 
     * @param mandatory         <tt>true</tt> if the application name is expected
     * @return                  Returns the application name or <tt>null</tt> if not present
     */
    protected final String getApp(WebScriptRequest req, boolean mandatory)
    {
        // All URLs must contain the application
        String paramApp = req.getParameter(PARAM_APP);
        if (paramApp == null && mandatory)
        {
            throw new WebScriptException(Status.STATUS_BAD_REQUEST, "audit.err.app.mandatory");
        }
        return paramApp;
    }
    /**
     * Get the path from the request.  If it is mandatory, then a value must have been supplied
     * otherwise, at the very least, '/' is returned.
     * @param mandatory         <tt>true</tt> if the parameter is expected
     * @return                  Returns the path or at least '/' (never <tt>null</tt>)
     */
    protected String getPath(WebScriptRequest req)
    {
        String paramPath = req.getParameter(PARAM_PATH);
        if (paramPath == null || paramPath.length() == 0)
        {
            paramPath = "/";
        }
        else if (!paramPath.startsWith("/"))
        {
            throw new WebScriptException(Status.STATUS_BAD_REQUEST, "audit.err.path.startsWith");
        }
        return paramPath;
    }
 }
--- a/source/java/org/alfresco/repo/web/scripts/audit/AuditWebScriptTest.java
+++ b/source/java/org/alfresco/repo/web/scripts/audit/AuditWebScriptTest.java
@@ -0,0 +1,76 @@
 /*
 * Copyright (C) 2005-2010 Alfresco Software Limited.
 *
 * This file is part of Alfresco
 *
 * Alfresco is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Lesser General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * Alfresco is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public License
 * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
 */
 package org.alfresco.repo.web.scripts.audit;
 import org.alfresco.repo.security.authentication.AuthenticationUtil;
 import org.alfresco.repo.web.scripts.BaseWebScriptTest;
 import org.alfresco.service.cmr.audit.AuditService;
 import org.json.JSONObject;
 import org.springframework.context.ApplicationContext;
 import org.springframework.extensions.webscripts.TestWebScriptServer;
 import org.springframework.extensions.webscripts.TestWebScriptServer.Response;
 /**
 * Test the audit web scripts
 * 
 * @author Derek Hulley
 * @since 3.4
 */
 public class AuditWebScriptTest extends BaseWebScriptTest
 {
    private ApplicationContext ctx;
    private AuditService auditService;
    private String admin;
    @Override
    protected void setUp() throws Exception
    {
        super.setUp();
        ctx = getServer().getApplicationContext();
        auditService = (AuditService) ctx.getBean("AuditService");
        admin = AuthenticationUtil.getAdminUserName();
        AuthenticationUtil.setFullyAuthenticatedUser(admin);
    }
    @Override
    protected void tearDown() throws Exception
    {
        super.tearDown();
    }
    public void testGetWithoutPermissions() throws Exception
    {
    }
    public void testGetIsAuditEnabledGlobally() throws Exception
    {
        boolean checkEnabled = auditService.isAuditEnabled();
        String url = "/api/audit/control";
        TestWebScriptServer.GetRequest req = new TestWebScriptServer.GetRequest(url);
        //First, we'll try the request as a simple, non-admin user (expect a 401)
        Response response = sendRequest(req, 200, admin);
        JSONObject json = new JSONObject(response.getContentAsString());
        boolean enabled = json.getBoolean("enabled");
        assertEquals("Mismatched global audit enabled", checkEnabled, enabled);
    }
 }
--- a/source/java/org/alfresco/repo/web/scripts/audit/ControlGet.java
+++ b/source/java/org/alfresco/repo/web/scripts/audit/ControlGet.java
@@ -0,0 +1,69 @@
 /*
 * Copyright (C) 2005-2010 Alfresco Software Limited.
 *
 * This file is part of Alfresco
 *
 * Alfresco is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Lesser General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * Alfresco is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public License
 * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
 */
 package org.alfresco.repo.web.scripts.audit;
 import java.io.IOException;
 import java.io.StringWriter;
 import org.springframework.extensions.webscripts.Status;
 import org.springframework.extensions.webscripts.WebScriptRequest;
 import org.springframework.extensions.webscripts.WebScriptResponse;
 import org.springframework.extensions.webscripts.json.JSONUtils;
 import org.springframework.extensions.webscripts.json.JSONWriter;
 /**
 * @author Derek Hulley
 * @since 3.4
 */
 public class ControlGet extends AbstractAuditWebScript
 {
    @Override
    public void execute(WebScriptRequest req, WebScriptResponse res) throws IOException
    {
        String app = getApp(req, false);
        String path = getPath(req);
        boolean enabled = false;
        if (app == null)
        {
            enabled = auditService.isAuditEnabled();
        }
        else
        {
            enabled = auditService.isAuditEnabled(app, path);
        }
        // return the unique transfer id (the lock id)
        StringWriter stringWriter = new StringWriter(300);
        JSONWriter jsonWriter = new JSONWriter(stringWriter);
        jsonWriter.startObject();
        jsonWriter.writeValue("app", app);
        jsonWriter.writeValue("path", path);
        jsonWriter.writeValue("enabled", enabled);
        jsonWriter.endObject();
        String response = stringWriter.toString();
        res.setContentType("application/json");
        res.setContentEncoding("UTF-8");
        int length = response.getBytes("UTF-8").length;
        res.addHeader("Content-Length", "" + length);
        res.setStatus(Status.STATUS_OK);
        res.getWriter().write(response);
    }
 }