SAIL-240 (SAIL-294) AuditDAO: Web Script starter for AuditService incl. test

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@21472 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261

config/alfresco/templates/webscripts/org/alfresco/repository/audit/control.get.desc.xml

@@ -0,0 +1,13 @@
+<webscript>
+  <shortname>Alfresco Audit Service Control</shortname>
+  <description>Get audit status for a given application and path</description>
+  <url>/api/audit/control?app={application?}&amp;path={path?}</url>
+  <format default="json" />
+  <authentication>admin</authentication>
+  <transaction allow="readonly">required</transaction>
+  <lifecycle>internal</lifecycle>
+  
+  <!--  turn off the multipart formdata processing -->
+  <formdata multipart-processing="false" />
+
+</webscript>

config/alfresco/templates/webscripts/org/alfresco/repository/audit/control.properties

@@ -0,0 +1,3 @@
+# Audit Control Web Script I18N
+audit.err.app.mandatory=Parameter 'app' is mandatory
+audit.err.path.startsWith=Parameter 'path', when supplied, must start with '/'

config/alfresco/web-scripts-application-context.xml

@@ -711,31 +711,31 @@
                         <property name="receiver" ref="transferReceiver" />
                     </bean>
                 </entry>
-            <entry key="prepare">
-               <bean class="org.alfresco.repo.web.scripts.transfer.PrepareTransferCommandProcessor">
-                  <property name="receiver" ref="transferReceiver" />
-               </bean>
-            </entry>
-            <entry key="commit">
-               <bean class="org.alfresco.repo.web.scripts.transfer.CommitTransferCommandProcessor">
-                  <property name="receiver" ref="transferReceiver" />
-               </bean>
-            </entry>
-            <entry key="abort">
-               <bean class="org.alfresco.repo.web.scripts.transfer.AbortTransferCommandProcessor">
-                  <property name="receiver" ref="transferReceiver" />
-               </bean>
-            </entry>
-           <entry key="messages">
-               <bean class="org.alfresco.repo.web.scripts.transfer.MessagesTransferCommandProcessor">
-                  <property name="receiver" ref="transferReceiver" />
-               </bean>
-            </entry>
-           <entry key="status">
-               <bean class="org.alfresco.repo.web.scripts.transfer.StatusCommandProcessor">
-                  <property name="receiver" ref="transferReceiver" />
-               </bean>
-            </entry>
+                <entry key="prepare">
+                   <bean class="org.alfresco.repo.web.scripts.transfer.PrepareTransferCommandProcessor">
+                      <property name="receiver" ref="transferReceiver" />
+                   </bean>
+                </entry>
+                <entry key="commit">
+                   <bean class="org.alfresco.repo.web.scripts.transfer.CommitTransferCommandProcessor">
+                      <property name="receiver" ref="transferReceiver" />
+                   </bean>
+                </entry>
+                <entry key="abort">
+                   <bean class="org.alfresco.repo.web.scripts.transfer.AbortTransferCommandProcessor">
+                      <property name="receiver" ref="transferReceiver" />
+                   </bean>
+                </entry>
+               <entry key="messages">
+                   <bean class="org.alfresco.repo.web.scripts.transfer.MessagesTransferCommandProcessor">
+                      <property name="receiver" ref="transferReceiver" />
+                   </bean>
+                </entry>
+               <entry key="status">
+                   <bean class="org.alfresco.repo.web.scripts.transfer.StatusCommandProcessor">
+                      <property name="receiver" ref="transferReceiver" />
+                   </bean>
+                </entry>
             </map>
         </property>
     </bean>
@@ -775,7 +775,7 @@
     
     
     <!--                                   -->
-    <!--      Workflow Service REST API        -->
+    <!--      Workflow Service REST API    -->
     <!--                                   -->
 
     <!-- abstract workflow web script -->
@@ -811,4 +811,21 @@
           class="org.alfresco.repo.web.scripts.workflow.WorkflowDefinitionsGet"
           parent="abstractWorkflowWebScript"></bean>
 
+    <!--                                   -->
+    <!--      Workflow Service REST API    -->
+    <!--                                   -->
+
+    <!-- abstract audit web script -->
+    <bean id="abstractAuditWebScript"
+          class="org.alfresco.repo.web.scripts.audit.AbstractAuditWebscript"
+          parent="webscript" abstract="true">
+        <property name="auditService" ref="AuditService" />
+    </bean>
+
+    <!-- Gets the current audit state (enabled/disabled) for an application and path -->
+    <bean id="webscript.org.alfresco.repository.audit.control.get"
+          class="org.alfresco.repo.web.scripts.audit.ControlGet"
+          parent="abstractAuditWebScript">
+    </bean>
+
 </beans>

source/java/org/alfresco/repo/web/scripts/audit/AbstractAuditWebScript.java

@@ -0,0 +1,101 @@
+/*
+ * Copyright (C) 2009-2010 Alfresco Software Limited.
+ *
+ * This file is part of Alfresco
+ *
+ * Alfresco is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Alfresco is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
+ */
+package org.alfresco.repo.web.scripts.audit;
+
+import org.alfresco.service.cmr.audit.AuditService;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.springframework.extensions.surf.util.I18NUtil;
+import org.springframework.extensions.webscripts.AbstractWebScript;
+import org.springframework.extensions.webscripts.Status;
+import org.springframework.extensions.webscripts.WebScriptException;
+import org.springframework.extensions.webscripts.WebScriptRequest;
+
+/**
+ * Abstract implementation for scripts that access the {@link AuditService}.
+ * 
+ * @author Derek Hulley
+ * @since 3.4
+ */
+public abstract class AbstractAuditWebScript extends AbstractWebScript
+{
+    public static final String PARAM_APP = "app";
+    public static final String PARAM_PATH="path";
+    
+    /**
+     * Logger that can be used by subclasses.
+     */
+    protected final Log logger = LogFactory.getLog(this.getClass());
+    
+    protected AuditService auditService;
+    
+    /**
+     * @param auditService      the service that provides the actual data
+     */
+    public void setAuditService(AuditService auditService)
+    {
+        this.auditService = auditService;
+    }
+
+    /**
+     * Return an I18N'd message for the given key or the key itself if not present
+     * 
+     * @param args              arguments to replace the variables in the message
+     */
+    protected String getI18NMessage(String key, Object ... args)
+    {
+        return I18NUtil.getMessage(key, args);
+    }
+    
+    /**
+     * Get the application name from the request.
+     * 
+     * @param mandatory         <tt>true</tt> if the application name is expected
+     * @return                  Returns the application name or <tt>null</tt> if not present
+     */
+    protected final String getApp(WebScriptRequest req, boolean mandatory)
+    {
+        // All URLs must contain the application
+        String paramApp = req.getParameter(PARAM_APP);
+        if (paramApp == null && mandatory)
+        {
+            throw new WebScriptException(Status.STATUS_BAD_REQUEST, "audit.err.app.mandatory");
+        }
+        return paramApp;
+    }
+    /**
+     * Get the path from the request.  If it is mandatory, then a value must have been supplied
+     * otherwise, at the very least, '/' is returned.
+     * @param mandatory         <tt>true</tt> if the parameter is expected
+     * @return                  Returns the path or at least '/' (never <tt>null</tt>)
+     */
+    protected String getPath(WebScriptRequest req)
+    {
+        String paramPath = req.getParameter(PARAM_PATH);
+        if (paramPath == null || paramPath.length() == 0)
+        {
+            paramPath = "/";
+        }
+        else if (!paramPath.startsWith("/"))
+        {
+            throw new WebScriptException(Status.STATUS_BAD_REQUEST, "audit.err.path.startsWith");
+        }
+        return paramPath;
+    }
+}

source/java/org/alfresco/repo/web/scripts/audit/AuditWebScriptTest.java

@@ -0,0 +1,76 @@
+/*
+ * Copyright (C) 2005-2010 Alfresco Software Limited.
+ *
+ * This file is part of Alfresco
+ *
+ * Alfresco is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Alfresco is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
+ */
+package org.alfresco.repo.web.scripts.audit;
+
+import org.alfresco.repo.security.authentication.AuthenticationUtil;
+import org.alfresco.repo.web.scripts.BaseWebScriptTest;
+import org.alfresco.service.cmr.audit.AuditService;
+import org.json.JSONObject;
+import org.springframework.context.ApplicationContext;
+import org.springframework.extensions.webscripts.TestWebScriptServer;
+import org.springframework.extensions.webscripts.TestWebScriptServer.Response;
+
+/**
+ * Test the audit web scripts
+ * 
+ * @author Derek Hulley
+ * @since 3.4
+ */
+public class AuditWebScriptTest extends BaseWebScriptTest
+{
+    private ApplicationContext ctx;
+    private AuditService auditService;
+    private String admin;
+
+    @Override
+    protected void setUp() throws Exception
+    {
+        super.setUp();
+        ctx = getServer().getApplicationContext();
+        auditService = (AuditService) ctx.getBean("AuditService");
+        admin = AuthenticationUtil.getAdminUserName();
+        
+        AuthenticationUtil.setFullyAuthenticatedUser(admin);
+    }
+
+    @Override
+    protected void tearDown() throws Exception
+    {
+        super.tearDown();
+    }
+    
+    public void testGetWithoutPermissions() throws Exception
+    {
+        
+    }
+    
+    public void testGetIsAuditEnabledGlobally() throws Exception
+    {
+        boolean checkEnabled = auditService.isAuditEnabled();
+
+        String url = "/api/audit/control";
+        TestWebScriptServer.GetRequest req = new TestWebScriptServer.GetRequest(url);
+        
+        //First, we'll try the request as a simple, non-admin user (expect a 401)
+        Response response = sendRequest(req, 200, admin);
+        JSONObject json = new JSONObject(response.getContentAsString());
+        boolean enabled = json.getBoolean("enabled");
+        assertEquals("Mismatched global audit enabled", checkEnabled, enabled);
+    }
+}

source/java/org/alfresco/repo/web/scripts/audit/ControlGet.java

@@ -0,0 +1,69 @@
+/*
+ * Copyright (C) 2005-2010 Alfresco Software Limited.
+ *
+ * This file is part of Alfresco
+ *
+ * Alfresco is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Alfresco is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
+ */
+package org.alfresco.repo.web.scripts.audit;
+
+import java.io.IOException;
+import java.io.StringWriter;
+
+import org.springframework.extensions.webscripts.Status;
+import org.springframework.extensions.webscripts.WebScriptRequest;
+import org.springframework.extensions.webscripts.WebScriptResponse;
+import org.springframework.extensions.webscripts.json.JSONUtils;
+import org.springframework.extensions.webscripts.json.JSONWriter;
+
+/**
+ * @author Derek Hulley
+ * @since 3.4
+ */
+public class ControlGet extends AbstractAuditWebScript
+{
+    @Override
+    public void execute(WebScriptRequest req, WebScriptResponse res) throws IOException
+    {
+        String app = getApp(req, false);
+        String path = getPath(req);
+        
+        boolean enabled = false;
+        if (app == null)
+        {
+            enabled = auditService.isAuditEnabled();
+        }
+        else
+        {
+            enabled = auditService.isAuditEnabled(app, path);
+        }
+        
+        // return the unique transfer id (the lock id)
+        StringWriter stringWriter = new StringWriter(300);
+        JSONWriter jsonWriter = new JSONWriter(stringWriter);
+        jsonWriter.startObject();
+        jsonWriter.writeValue("app", app);
+        jsonWriter.writeValue("path", path);
+        jsonWriter.writeValue("enabled", enabled);
+        jsonWriter.endObject();
+        String response = stringWriter.toString();
+        
+        res.setContentType("application/json");
+        res.setContentEncoding("UTF-8");
+        int length = response.getBytes("UTF-8").length;
+        res.addHeader("Content-Length", "" + length);
+        res.setStatus(Status.STATUS_OK);
+        res.getWriter().write(response);
+    }
+}