REPO-2669 - REST API: Retrieve Node (alfresco-access) Audit Entries - add detailed JUnit tests (+ve & -ve):

- refactored the tests to minimize code duplication

src/test/java/org/alfresco/rest/api/tests/AuditAppTest.java

@@ -27,39 +27,55 @@ package org.alfresco.rest.api.tests;
 
 import static org.junit.Assert.assertFalse;
 import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
 import static org.junit.Assert.assertTrue;
 import static org.junit.Assert.fail;
 
+import java.net.URL;
+import java.util.Date;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
+import java.util.Random;
 
 import javax.servlet.http.HttpServletResponse;
 
+import org.alfresco.repo.audit.model.AuditModelRegistryImpl;
 import org.alfresco.repo.security.authentication.AuthenticationException;
 import org.alfresco.repo.security.authentication.AuthenticationUtil;
 import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork;
+import org.alfresco.repo.tenant.TenantUtil;
+import org.alfresco.repo.tenant.TenantUtil.TenantRunAsWork;
 import org.alfresco.rest.AbstractSingleNetworkSiteTest;
-import org.alfresco.rest.api.tests.client.PublicApiException;
+import org.alfresco.rest.api.tests.RepoService.TestSite;
-import org.alfresco.rest.api.tests.client.data.AuditEntry;
 import org.alfresco.rest.api.tests.client.PublicApiClient;
 import org.alfresco.rest.api.tests.client.PublicApiClient.AuditApps;
 import org.alfresco.rest.api.tests.client.PublicApiClient.ListResponse;
 import org.alfresco.rest.api.tests.client.PublicApiClient.Paging;
+import org.alfresco.rest.api.tests.client.PublicApiException;
 import org.alfresco.rest.api.tests.client.data.AuditApp;
+import org.alfresco.rest.api.tests.client.data.AuditEntry;
+import org.alfresco.rest.framework.resource.parameters.SortColumn;
 import org.alfresco.service.cmr.audit.AuditService;
+import org.alfresco.service.cmr.repository.NodeRef;
 import org.alfresco.service.cmr.security.AuthorityService;
 import org.alfresco.service.cmr.security.PermissionService;
+import org.alfresco.service.cmr.site.SiteVisibility;
+import org.alfresco.util.ISO8601DateFormat;
 import org.junit.After;
 import org.junit.Before;
 import org.junit.Test;
+import org.springframework.util.ResourceUtils;
 
+/**
+ * @author anechifor, aforascu, eknizat
+ */
 public class AuditAppTest extends AbstractSingleNetworkSiteTest 
 {
-
     protected PermissionService permissionService;
     protected AuthorityService authorityService;
     protected AuditService auditService;
+    protected static String AUDIT_APP_ID = "alfresco-access";
 
     @Before
     public void setup() throws Exception 
@@ -69,6 +85,13 @@ public class AuditAppTest extends AbstractSingleNetworkSiteTest
         permissionService = applicationContext.getBean("permissionService", PermissionService.class);
         authorityService = (AuthorityService) applicationContext.getBean("AuthorityService");
         auditService = applicationContext.getBean("AuditService", AuditService.class);
+
+        AuditModelRegistryImpl auditModelRegistry = (AuditModelRegistryImpl) applicationContext.getBean("auditModel.modelRegistry");
+
+        // Register the test model
+        URL testModelUrl = ResourceUtils.getURL("classpath:alfresco/audit/alfresco-audit-access.xml");
+        auditModelRegistry.registerModel(testModelUrl);
+        auditModelRegistry.loadAuditModels();
     }
 
     @After
@@ -80,17 +103,8 @@ public class AuditAppTest extends AbstractSingleNetworkSiteTest
     @Test
     public void testGetAuditApps() throws Exception 
     {
-        try
+        setRequestContext(networkOne.getId(), networkAdmin, DEFAULT_ADMIN_PWD);
-        {
+        testGetAuditAppsSkipPaging();
-
-            setRequestContext(networkOne.getId(), networkAdmin, DEFAULT_ADMIN_PWD);
-            testGetAuditAppsSkipPaging();
-
-        }
-        finally
-        {
-
-        }
     }
 
     @Test
@@ -118,7 +132,8 @@ public class AuditAppTest extends AbstractSingleNetworkSiteTest
             auditAppsProxy.getAuditApp("randomAuditId", HttpServletResponse.SC_FORBIDDEN);
         }
 
-        // Check that response code 501 is received when system audit is disabled
+        // Check that response code 501 is received when system audit is
+        // disabled
         {
             // Get an enabled audit application
             setRequestContext(networkOne.getId(), networkAdmin, DEFAULT_ADMIN_PWD);
@@ -148,7 +163,6 @@ public class AuditAppTest extends AbstractSingleNetworkSiteTest
     {
         // +ve: check skip count.
         {
-
             // Paging and list auditApp
 
             int skipCount = 0;
@@ -176,7 +190,8 @@ public class AuditAppTest extends AbstractSingleNetworkSiteTest
 
     }
 
-    private ListResponse<AuditApp> getAuditApps(final PublicApiClient.Paging paging, String errorMessage, int expectedStatus) throws Exception
+    private ListResponse<AuditApp> getAuditApps(final PublicApiClient.Paging paging, String errorMessage,
+            int expectedStatus) throws Exception 
     {
         final AuditApps auditAppsProxy = publicApiClient.auditApps();
         return auditAppsProxy.getAuditApps(createParams(paging), errorMessage, expectedStatus);
@@ -228,7 +243,7 @@ public class AuditAppTest extends AbstractSingleNetworkSiteTest
         assertFalse(auditEntry.getId().toString().isEmpty());
         assertFalse(auditEntry.getAuditApplicationId().isEmpty());
 
-        if (auditApp.getId().equals("alfresco-access"))
+        if (auditApp.getId().equals(AUDIT_APP_ID)) 
         {
             assertTrue(auditEntry.getAuditApplicationId().toString().equals(auditAppid));
         }
@@ -236,8 +251,10 @@ public class AuditAppTest extends AbstractSingleNetworkSiteTest
 
     private String getFirstAuditAppId() throws PublicApiException 
     {
-        // Get one of the audit app ids ( fail test if there are no audit apps in the system )
+        // Get one of the audit app ids ( fail test if there are no audit apps
-        ListResponse<AuditApp> apps = publicApiClient.auditApps().getAuditApps(null, "Getting audit apps error ", HttpServletResponse.SC_OK);
+        // in the system )
+        ListResponse<AuditApp> apps = publicApiClient.auditApps().getAuditApps(null, "Getting audit apps error ",
+                HttpServletResponse.SC_OK);
         if (apps.getList().size() == 0) 
         {
             fail("There are no audit applications to run this test against.");
@@ -257,32 +274,36 @@ public class AuditAppTest extends AbstractSingleNetworkSiteTest
         // +ve
         // Disable audit app
         requestAuditApp.setIsEnabled(false);
-        responseAuditApp = publicApiClient.auditApps().updateAuditApp(appId,requestAuditApp,null, HttpServletResponse.SC_OK);
+        responseAuditApp = publicApiClient.auditApps().updateAuditApp(appId, requestAuditApp, null,
+                HttpServletResponse.SC_OK);
         assertFalse("Wrong response for request to disable audit app.", responseAuditApp.getIsEnabled());
         assertFalse("Disable audit app test failed.", publicApiClient.auditApps().getAuditApp(appId).getIsEnabled());
 
         // Enable audit app
         requestAuditApp.setIsEnabled(true);
-        responseAuditApp = publicApiClient.auditApps().updateAuditApp(appId,requestAuditApp,null, HttpServletResponse.SC_OK);
+        responseAuditApp = publicApiClient.auditApps().updateAuditApp(appId, requestAuditApp, null,
+                HttpServletResponse.SC_OK);
         assertTrue("Wrong response for request to enable audit app.", responseAuditApp.getIsEnabled());
         assertTrue("Enable audit app test failed.", publicApiClient.auditApps().getAuditApp(appId).getIsEnabled());
 
         // -ve
         // 400
-        publicApiClient.auditApps().update("audit-applications",appId,null,null,"badBody",null,"Was expecting error 400",HttpServletResponse.SC_BAD_REQUEST);
+        publicApiClient.auditApps().update("audit-applications", appId, null, null, "badBody", null,
+                "Was expecting error 400", HttpServletResponse.SC_BAD_REQUEST);
         // 401
         setRequestContext(networkOne.getId(), networkAdmin, "fakepswd");
-        publicApiClient.auditApps().updateAuditApp(appId,requestAuditApp,null, HttpServletResponse.SC_UNAUTHORIZED);
+        publicApiClient.auditApps().updateAuditApp(appId, requestAuditApp, null, HttpServletResponse.SC_UNAUTHORIZED);
         // 403
         setRequestContext(networkOne.getId(), user1, null);
-        publicApiClient.auditApps().updateAuditApp(appId,requestAuditApp,null, HttpServletResponse.SC_FORBIDDEN);
+        publicApiClient.auditApps().updateAuditApp(appId, requestAuditApp, null, HttpServletResponse.SC_FORBIDDEN);
         // 404
         setRequestContext(networkOne.getId(), networkAdmin, DEFAULT_ADMIN_PWD);
-        publicApiClient.auditApps().updateAuditApp("fakeid",requestAuditApp,null, HttpServletResponse.SC_NOT_FOUND);
+        publicApiClient.auditApps().updateAuditApp("fakeid", requestAuditApp, null, HttpServletResponse.SC_NOT_FOUND);
         // 501
         AuthenticationUtil.setFullyAuthenticatedUser(networkAdmin);
         disableSystemAudit();
-        publicApiClient.auditApps().updateAuditApp(appId,requestAuditApp,null, HttpServletResponse.SC_NOT_IMPLEMENTED);
+        publicApiClient.auditApps().updateAuditApp(appId, requestAuditApp, null,
+                HttpServletResponse.SC_NOT_IMPLEMENTED);
         enableSystemAudit();
     }
 
@@ -298,7 +319,6 @@ public class AuditAppTest extends AbstractSingleNetworkSiteTest
                 fail("Failed to enable system audit for testing");
             }
         }
-
     }
 
     protected void disableSystemAudit() 
@@ -313,41 +333,39 @@ public class AuditAppTest extends AbstractSingleNetworkSiteTest
                 fail("Failed to disable system audit for testing");
             }
         }
-
     }
 
     @Test
-    public void testGetAuditEntries() throws Exception
+    public void testAuditEntries() throws Exception 
     {
         final AuditApps auditAppsProxy = publicApiClient.auditApps();
 
         // Get and enable audit app
         setRequestContext(networkOne.getId(), networkAdmin, DEFAULT_ADMIN_PWD);
+        AuditApp auditApp = auditAppsProxy.getAuditApp("alfresco-access");
 
-        // TODO note "alfresco-access" apparently fails on build m/c - is it enabled by default (will also be required later for "retrieve node audit entries" ?
+        testGetAuditEntries(auditAppsProxy, auditApp);
-        //AuditApp auditApp = auditAppsProxy.getAuditApp("alfresco-access");
+        testAuditEntriesSorting(auditAppsProxy, auditApp);
-        AuditApp auditApp = auditAppsProxy.getAuditApp(getFirstAuditAppId());
+        testAuditEntriesWhereDate(auditAppsProxy, auditApp);
-
+        testAuditEntriesWhereId(auditAppsProxy, auditApp);
-        // TODO - make sure we've have recorded audit entries 
+        testAuditEntriesWithInclude(auditAppsProxy, auditApp);
-        // TODO - test filtering, sorting, paging, include values .. etc (note: need audit entries to be recorded)
+        testAuditEntriesSkipCount(auditAppsProxy, auditApp);
+        testRetrieveAuditEntry(auditAppsProxy, auditApp);
+        testDeleteAuditEntry(auditAppsProxy, auditApp);
+        testDeleteAuditEntries(auditAppsProxy, auditApp);
+    }
 
+    private void testGetAuditEntries(AuditApps auditAppsProxy, AuditApp auditApp) throws Exception 
+    {
         // Positive tests
-        ListResponse<AuditEntry> auditEntries = auditAppsProxy.getAuditAppEntries(auditApp.getId(), null, HttpServletResponse.SC_OK);
+        ListResponse<AuditEntry> auditEntries = auditAppsProxy.getAuditAppEntries(auditApp.getId(), null,
-        // assertTrue(auditEntries.getList().size() > 0); // TODO
+                HttpServletResponse.SC_OK);
         for (AuditEntry ae : auditEntries.getList()) 
         {
             validateAuditEntryFields(ae, auditApp);
         }
 
         // Negative tests
-        // 400
-        // TODO - remove comment after fix is done
-        //Map<String, String> wrongParams = new HashMap<String, String>();
-        //wrongParams.put("wrongkey", "wrongvalue");
-        //wrongParams.put("wrongkey1", "wrongvalue1");
-
-        //setRequestContext(networkOne.getId(), networkAdmin, DEFAULT_ADMIN_PWD);
-        //auditAppsProxy.getAuditAppEntries(auditApp.getId(), wrongParams, HttpServletResponse.SC_BAD_REQUEST);
         // 401
         setRequestContext(networkOne.getId(), networkAdmin, "wrongPassword");
         auditAppsProxy.getAuditAppEntries(auditApp.getId(), null, HttpServletResponse.SC_UNAUTHORIZED);
@@ -355,9 +373,8 @@ public class AuditAppTest extends AbstractSingleNetworkSiteTest
         setRequestContext(networkOne.getId(), user1, null);
         auditAppsProxy.getAuditAppEntries(auditApp.getId(), null, HttpServletResponse.SC_FORBIDDEN);
         // 404
-        // TODO - remove comment after fix is done
+        setRequestContext(networkOne.getId(), networkAdmin, DEFAULT_ADMIN_PWD);
-        //setRequestContext(networkOne.getId(), networkAdmin, DEFAULT_ADMIN_PWD);
+        auditAppsProxy.getAuditAppEntries("randomId", null, HttpServletResponse.SC_NOT_FOUND);
-        //auditAppsProxy.getAuditAppEntries("randomId", null, HttpServletResponse.SC_NOT_FOUND);
         // 501
         setRequestContext(networkOne.getId(), networkAdmin, DEFAULT_ADMIN_PWD);
         AuthenticationUtil.setFullyAuthenticatedUser(networkAdmin);
@@ -366,6 +383,277 @@ public class AuditAppTest extends AbstractSingleNetworkSiteTest
         enableSystemAudit();
     }
 
+    private void testAuditEntriesSorting(AuditApps auditAppsProxy, AuditApp auditApp) throws Exception 
+    {
+        // paging
+        Paging paging = getPaging(0, 10);
+        Map<String, String> otherParams = new HashMap<>();
+
+        // Default order.
+        addOrderBy(otherParams, org.alfresco.rest.api.Audit.CREATED_AT, null);
+        ListResponse<AuditEntry> auditEntries = auditAppsProxy.getAuditAppEntries(auditApp.getId(),
+                createParams(paging, otherParams), HttpServletResponse.SC_OK);
+        assertNotNull(auditEntries);
+        assertTrue("audit entry size more that 2", auditEntries.getList().size() > 1);
+        assertTrue("auditEntries order not valid",
+                auditEntries.getList().get(0).getCreatedAt().before(auditEntries.getList().get(1).getCreatedAt()));
+
+    }
+
+    private void testAuditEntriesWhereDate(AuditApps auditAppsProxy, AuditApp auditApp) throws Exception 
+    {
+        // paging
+        Paging paging = getPaging(0, 10);
+
+        Date dateBefore = new Date();
+
+        String dateBeforeWhere = ISO8601DateFormat.format(dateBefore);
+
+        createUser("usern-" + RUNID, "userNPassword", networkOne);
+
+        login("usern-" + RUNID, "userNPassword");
+
+        Date dateAfter = new Date();
+
+        String dateAfterWhere = ISO8601DateFormat.format(dateAfter);
+
+        Map<String, String> otherParams = new HashMap<>();
+        otherParams.put("where", "(" + org.alfresco.rest.api.Audit.CREATED_AT + " between (" + "\'" + dateBeforeWhere + "\'" + ", " + "\'"
+                + dateAfterWhere + "\'" + "))");
+
+        ListResponse<AuditEntry> auditEntries = auditAppsProxy.getAuditAppEntries(auditApp.getId(), createParams(paging, otherParams),
+                HttpServletResponse.SC_OK);
+        assertNotNull(auditEntries);
+        assertTrue(auditEntries.getList().size() > 0);
+
+        for (AuditEntry ae : auditEntries.getList())
+        {
+            validateAuditEntryFields(ae, auditApp);
+        }
+
+        //
+        // note: sanity test parsing of a few ISO8601 formats (non-exhaustive) - eg. +01:00, +0000, Z
+        //
+
+        otherParams.put("where", "(" + org.alfresco.rest.api.Audit.CREATED_AT + " between ("
+                + "\'2016-06-02T12:13:51.593+01:00\'" + ", " + "\'2017-06-04T10:05:16.536+01:00\'" + "))");
+        auditAppsProxy.getAuditAppEntries(auditApp.getId(), createParams(paging, otherParams), HttpServletResponse.SC_OK);
+
+        otherParams.put("where", "(" + org.alfresco.rest.api.Audit.CREATED_AT + " between ("
+                + "\'2016-06-02T11:13:51.593+0000\'" + ", " + "\'2017-06-04T09:05:16.536+0000\'" + "))");
+        auditAppsProxy.getAuditAppEntries(auditApp.getId(), createParams(paging, otherParams), HttpServletResponse.SC_OK);
+
+        otherParams.put("where", "(" + org.alfresco.rest.api.Audit.CREATED_AT + " between ("
+                + "\'2016-06-02T11:13:51.593Z\'" + ", " + "\'2017-06-04T09:05:16.536Z\'" + "))");
+        auditAppsProxy.getAuditAppEntries(auditApp.getId(), createParams(paging, otherParams), HttpServletResponse.SC_OK);
+
+        // Negative tests
+        otherParams = new HashMap<>();
+        otherParams.put("where", "(" + org.alfresco.rest.api.Audit.CREATED_AT + " between ("
+                + "\'2017-06-04T10:05:16.536+01:00\'" + ", " + "\'2016-06-02T12:13:51.593+01:00\'" + "))");
+        auditAppsProxy.getAuditAppEntries(auditApp.getId(), createParams(paging, otherParams), HttpServletResponse.SC_BAD_REQUEST);
+    }
+
+    private void testAuditEntriesWhereId(AuditApps auditAppsProxy, AuditApp auditApp) throws Exception 
+    {
+        // paging
+        Paging paging = getPaging(0, 10);
+
+        // where params
+        Map<String, String> otherParams = new HashMap<>();
+        otherParams.put("where", "(" + org.alfresco.rest.api.Audit.ID + " between (" + "\'1\' , \'10\'" + "))");
+
+        ListResponse<AuditEntry> auditEntries = auditAppsProxy.getAuditAppEntries(auditApp.getId(),
+                createParams(paging, otherParams), HttpServletResponse.SC_OK);
+        assertNotNull(auditEntries);
+
+        // Negative tests
+        otherParams = new HashMap<>();
+        otherParams.put("where", "(" + org.alfresco.rest.api.Audit.CREATED_AT + " between between (" + "\'10\' , \'1\'" + "))");
+        auditAppsProxy.getAuditAppEntries(auditApp.getId(), createParams(paging, otherParams), HttpServletResponse.SC_BAD_REQUEST);
+    }
+
+    private void testAuditEntriesWithInclude(AuditApps auditAppsProxy, AuditApp auditApp) throws Exception 
+    {
+        Paging paging = getPaging(0, 10);
+        Map<String, String> otherParams = new HashMap<>();
+        ListResponse<AuditEntry> auditEntriesWithoutValues = auditAppsProxy.getAuditAppEntries(auditApp.getId(), createParams(paging, otherParams),
+                HttpServletResponse.SC_OK);
+        assertNotNull(auditEntriesWithoutValues);
+
+        for (AuditEntry ae : auditEntriesWithoutValues.getList())
+        {
+            validateAuditEntryFields(ae, auditApp);
+            assertNull(ae.getValues());
+        }
+
+        otherParams.put("include", org.alfresco.rest.api.Audit.PARAM_INCLUDE_VALUES);
+        // list auditEntries with values
+        ListResponse<AuditEntry> auditEntriesWithValues = auditAppsProxy.getAuditAppEntries(auditApp.getId(), createParams(paging, otherParams),
+                HttpServletResponse.SC_OK);
+        assertNotNull(auditEntriesWithValues);
+
+        for (AuditEntry ae : auditEntriesWithValues.getList())
+        {
+            validateAuditEntryFields(ae, auditApp);
+            assertNotNull(ae.getValues());
+            assertTrue("audit values not empty", ae.getValues().keySet().size() > 0);
+        }
+
+    }
+
+    private void testAuditEntriesSkipCount(AuditApps auditAppsProxy, AuditApp auditApp) throws Exception 
+    {
+        int skipCount = 0;
+        int maxItems = 4;
+        Paging paging = getPaging(skipCount, maxItems);
+
+        Map<String, String> otherParams = new HashMap<>();
+        ListResponse<AuditEntry> resp = auditAppsProxy.getAuditAppEntries(auditApp.getId(),
+                createParams(paging, otherParams), HttpServletResponse.SC_OK);
+
+        // Paging and list groups with skip count.
+        skipCount = 2;
+        maxItems = 2;
+        paging = getPaging(skipCount, maxItems);
+
+        ListResponse<AuditEntry> sublistResponse = auditAppsProxy.getAuditAppEntries(auditApp.getId(),
+                createParams(paging, otherParams), HttpServletResponse.SC_OK);
+        List<AuditEntry> expectedSublist = sublist(resp.getList(), skipCount, maxItems);
+        checkList(expectedSublist, sublistResponse.getPaging(), sublistResponse);
+    }
+
+    private void testRetrieveAuditEntry(AuditApps auditAppsProxy, AuditApp auditApp) throws Exception
+    {
+        int skipCount = 0;
+        int maxItems = 4;
+        Paging paging = getPaging(skipCount, maxItems);
+
+        Map<String, String> otherParams = new HashMap<>();
+        ListResponse<AuditEntry> resp = auditAppsProxy.getAuditAppEntries(auditApp.getId(),
+                createParams(paging, otherParams), HttpServletResponse.SC_OK);
+        String id = resp.getList().get(0).getId().toString();
+        
+        //Positive tests
+        //200 - without parameters
+        AuditEntry entryResp = auditAppsProxy.getAuditEntry(auditApp.getId(), id, null, HttpServletResponse.SC_OK);
+        validateAuditEntryFields(entryResp, auditApp);
+        assertNull(entryResp.getValues());
+
+        //200 - with parameters
+        otherParams.put("include", "values");
+        entryResp = auditAppsProxy.getAuditEntry(auditApp.getId(), id, otherParams, HttpServletResponse.SC_OK);
+        validateAuditEntryFields(entryResp, auditApp);
+        assertNotNull(entryResp.getValues());
+        
+        // Negative tests
+        // 400
+        auditAppsProxy.getAuditEntry(auditApp.getId(), id+"invalidIdText", null, HttpServletResponse.SC_BAD_REQUEST);
+        // 401
+        setRequestContext(networkOne.getId(), networkAdmin, "wrongPassword");
+        auditAppsProxy.getAuditEntry(auditApp.getId(), id, null, HttpServletResponse.SC_UNAUTHORIZED);
+        // 403
+        setRequestContext(networkOne.getId(), user1, null);
+        auditAppsProxy.getAuditEntry(auditApp.getId(), id, null, HttpServletResponse.SC_FORBIDDEN);
+        // 404
+        setRequestContext(networkOne.getId(), networkAdmin, DEFAULT_ADMIN_PWD);
+        auditAppsProxy.getAuditEntry(auditApp.getId(), "" + Math.abs(new Random().nextLong()), null, HttpServletResponse.SC_NOT_FOUND);
+        // 501
+        setRequestContext(networkOne.getId(), networkAdmin, DEFAULT_ADMIN_PWD);
+        AuthenticationUtil.setFullyAuthenticatedUser(networkAdmin);
+        disableSystemAudit();
+        auditAppsProxy.getAuditEntry(auditApp.getId(), id, null, HttpServletResponse.SC_NOT_IMPLEMENTED);
+        enableSystemAudit();
+    }
+
+    private void testDeleteAuditEntry(AuditApps auditAppsProxy, AuditApp auditApp) throws Exception
+    {
+        int skipCount = 0;
+        int maxItems = 4;
+        Paging paging = getPaging(skipCount, maxItems);
+
+        Map<String, String> otherParams = new HashMap<>();
+        ListResponse<AuditEntry> resp = auditAppsProxy.getAuditAppEntries(auditApp.getId(),
+                createParams(paging, otherParams), HttpServletResponse.SC_OK);
+        String id = resp.getList().get(0).getId().toString();
+
+        // Negative tests
+        // 400
+        auditAppsProxy.getAuditEntry(auditApp.getId(), id+"invalidIdText", null, HttpServletResponse.SC_BAD_REQUEST);
+        // 401
+        setRequestContext(networkOne.getId(), networkAdmin, "wrongPassword");
+        auditAppsProxy.deleteAuditEntry(auditApp.getId(), id, null, HttpServletResponse.SC_UNAUTHORIZED);
+        // 403
+        setRequestContext(networkOne.getId(), user1, null);
+        auditAppsProxy.deleteAuditEntry(auditApp.getId(), id, null, HttpServletResponse.SC_FORBIDDEN);
+        // 404
+        setRequestContext(networkOne.getId(), networkAdmin, DEFAULT_ADMIN_PWD);
+        auditAppsProxy.deleteAuditEntry(auditApp.getId(), "" + Math.abs(new Random().nextLong()), null, HttpServletResponse.SC_NOT_FOUND);
+        // 501
+        setRequestContext(networkOne.getId(), networkAdmin, DEFAULT_ADMIN_PWD);
+        AuthenticationUtil.setFullyAuthenticatedUser(networkAdmin);
+        disableSystemAudit();
+        auditAppsProxy.deleteAuditEntry(auditApp.getId(), id, null, HttpServletResponse.SC_NOT_IMPLEMENTED);
+        enableSystemAudit();
+
+        //Positive tests
+        //204
+        auditAppsProxy.deleteAuditEntry(auditApp.getId(), id, null, HttpServletResponse.SC_NO_CONTENT);
+    }
+
+    private void testDeleteAuditEntries(AuditApps auditAppsProxy, AuditApp auditApp) throws Exception
+    {
+        int skipCount = 0;
+        int maxItems = 4;
+        Paging paging = getPaging(skipCount, maxItems);
+
+        Map<String, String> otherParams = new HashMap<>();
+        ListResponse<AuditEntry> resp = auditAppsProxy.getAuditAppEntries(auditApp.getId(), createParams(paging, otherParams),
+                HttpServletResponse.SC_OK);
+        String dateBefore = ISO8601DateFormat.format(resp.getList().get(0).getCreatedAt());
+        String dateAfter = ISO8601DateFormat.format(resp.getList().get(2).getCreatedAt());
+        Long secondDeleteEntryId = resp.getList().get(1).getId();
+        Long lastDeleteEntryId = resp.getList().get(2).getId();
+
+        // Negative tests
+        // 400 - switched dates and consecutive switched IDs
+        otherParams.put("where", "(" + org.alfresco.rest.api.Audit.CREATED_AT + " between (" + "\'" + dateAfter + "\'" + ", " + "\'"
+                + dateBefore + "\'" + "))");
+        auditAppsProxy.deleteAuditEntries(auditApp.getId(), otherParams, HttpServletResponse.SC_BAD_REQUEST);
+
+        otherParams.put("where", "(" + org.alfresco.rest.api.Audit.ID + " between (" + "\'" + lastDeleteEntryId + "\'" + ", " + "\'"
+                + secondDeleteEntryId + "\'" + "))");
+        auditAppsProxy.deleteAuditEntries(auditApp.getId(), otherParams, HttpServletResponse.SC_BAD_REQUEST);
+        // 401
+        // put correct dates back
+        otherParams.put("where", "(" + org.alfresco.rest.api.Audit.CREATED_AT + " between (" + "\'" + dateBefore + "\'" + ", " + "\'"
+                + dateAfter + "\'" + "))");
+        setRequestContext(networkOne.getId(), networkAdmin, "wrongPassword");
+        auditAppsProxy.deleteAuditEntries(auditApp.getId(), otherParams, HttpServletResponse.SC_UNAUTHORIZED);
+        // 403
+        setRequestContext(networkOne.getId(), user1, null);
+        auditAppsProxy.deleteAuditEntries(auditApp.getId(), otherParams, HttpServletResponse.SC_FORBIDDEN);
+        // 404
+        setRequestContext(networkOne.getId(), networkAdmin, DEFAULT_ADMIN_PWD);
+        auditAppsProxy.deleteAuditEntries("invalidAppId", otherParams, HttpServletResponse.SC_NOT_FOUND);
+        // 501
+        setRequestContext(networkOne.getId(), networkAdmin, DEFAULT_ADMIN_PWD);
+        AuthenticationUtil.setFullyAuthenticatedUser(networkAdmin);
+        disableSystemAudit();
+        auditAppsProxy.deleteAuditEntries(auditApp.getId(), otherParams, HttpServletResponse.SC_NOT_IMPLEMENTED);;
+        enableSystemAudit();
+
+        // Positive tests
+        // 200
+        auditAppsProxy.deleteAuditEntries(auditApp.getId(), otherParams, HttpServletResponse.SC_NO_CONTENT);
+
+        // check that the entries were deleted.
+        // firstEntry should have id > than lastDeleteEntryId
+        resp = auditAppsProxy.getAuditAppEntries(auditApp.getId(), createParams(paging, new HashMap<>()),
+                HttpServletResponse.SC_OK);
+        assertTrue("Entries were not deleted", resp.getList().get(0).getId() > lastDeleteEntryId);
+    }
+
     /**
      * Perform a login attempt (to be used to create audit entries)
      */
@@ -391,4 +679,212 @@ public class AuditAppTest extends AbstractSingleNetworkSiteTest
         };
         AuthenticationUtil.runAs(failureWork, AuthenticationUtil.getSystemUserName());
     }
+
+    protected Map<String, String> createParams(Paging paging, Map<String, String> otherParams) 
+    {
+        Map<String, String> params = new HashMap<String, String>(2);
+        if (paging != null) 
+        {
+            if (paging.getSkipCount() != null) 
+            {
+                params.put("skipCount", String.valueOf(paging.getSkipCount()));
+            }
+            if (paging.getMaxItems() != null) 
+            {
+                params.put("maxItems", String.valueOf(paging.getMaxItems()));
+            }
+        }
+        if (otherParams != null) 
+        {
+            params.putAll(otherParams);
+        }
+        return params;
+    }
+
+    private void addOrderBy(Map<String, String> otherParams, String sortColumn, Boolean asc) 
+    {
+        otherParams.put("orderBy",
+                sortColumn + (asc != null ? " " + (asc ? SortColumn.ASCENDING : SortColumn.DESCENDING) : ""));
+    }
+    
+    private NodeRef createFolderNode()
+    {
+        NodeRef nodeRef = TenantUtil.runAsUserTenant(new TenantRunAsWork<NodeRef>()
+        {
+            @Override
+            public NodeRef doWork() throws Exception
+            {
+                TestSite site = networkOne.createSite(SiteVisibility.PRIVATE);
+                NodeRef nodeRef = repoService.createDocument(site.getContainerNodeRef("documentLibrary"), "Test Doc", "Test Content");
+                return nodeRef;
+            }
+        }, user1, networkOne.getId());
+        return nodeRef;
+    }
+
+    @Test
+    public void testAuditEntriesByNodeRefId() throws Exception
+    {
+        setRequestContext(networkOne.getId(), networkAdmin, DEFAULT_ADMIN_PWD);
+        final AuditApps auditAppsProxy = publicApiClient.auditApps();
+        NodeRef nodeRef = createFolderNode();
+
+        testGetAuditEntriesByNodeRefId(auditAppsProxy, nodeRef);
+        testAuditEntriesSortingByNodeRefId(auditAppsProxy, nodeRef);
+        testAuditEntriesWhereDateByNodeRefId(auditAppsProxy, nodeRef);
+        testAuditEntriesWithIncludeByNodeRefId(auditAppsProxy, nodeRef);
+        testAuditEntriesSkipCountByNodeRefId(auditAppsProxy, nodeRef);
+    }
+
+    private void testAuditEntriesSkipCountByNodeRefId(AuditApps auditAppsProxy, NodeRef nodeRef) throws Exception
+    {
+        int skipCount = 0;
+        int maxItems = 4;
+        final Paging paging = getPaging(skipCount, maxItems);
+        Map<String, String> params;
+
+        Map<String, String> otherParams = new HashMap<>();
+        params = createParams(paging, otherParams);
+        ListResponse<AuditEntry> resp = getNodeRefAuditEntries(auditAppsProxy, user1, networkOne.getId(), nodeRef.getId(), params, HttpServletResponse.SC_OK);
+
+        // Paging and list groups with skip count.
+        skipCount = 2;
+        maxItems = 2;
+        final Paging pagingSkip = getPaging(skipCount, maxItems);
+        params = createParams(pagingSkip, otherParams);
+        ListResponse<AuditEntry> sublistResponse = getNodeRefAuditEntries(auditAppsProxy, user1, networkOne.getId(), nodeRef.getId(), params,
+                HttpServletResponse.SC_OK);
+
+        List<AuditEntry> expectedSublist = sublist(resp.getList(), skipCount, maxItems);
+        checkList(expectedSublist, sublistResponse.getPaging(), sublistResponse);
+
+    }
+
+    private void testAuditEntriesWithIncludeByNodeRefId(AuditApps auditAppsProxy, NodeRef nodeRef) throws Exception
+    {
+        Paging paging = getPaging(0, 10);
+        Map<String, String> otherParams = new HashMap<>();
+        Map<String, String> params = createParams(paging, otherParams);
+
+        ListResponse<AuditEntry> auditEntriesWithoutValues = getNodeRefAuditEntries(auditAppsProxy, user1, networkOne.getId(), nodeRef.getId(), params,
+                HttpServletResponse.SC_OK);
+        assertNotNull(auditEntriesWithoutValues);
+
+        AuditApp auditApp = auditAppsProxy.getAuditApp("alfresco-access");
+        for (AuditEntry ae : auditEntriesWithoutValues.getList())
+        {
+            validateAuditEntryFields(ae, auditApp);
+            assertNull(ae.getValues());
+        }
+
+        otherParams.put("include", org.alfresco.rest.api.Audit.PARAM_INCLUDE_VALUES);
+        params = createParams(paging, otherParams);
+        // list auditEntries with values
+        ListResponse<AuditEntry> auditEntriesWithValues = getNodeRefAuditEntries(auditAppsProxy, user1, networkOne.getId(), nodeRef.getId(), params,
+                HttpServletResponse.SC_OK);
+        assertNotNull(auditEntriesWithValues);
+
+        for (AuditEntry ae : auditEntriesWithValues.getList())
+        {
+            validateAuditEntryFields(ae, auditApp);
+            assertNotNull(ae.getValues());
+            assertTrue("audit values not empty", ae.getValues().keySet().size() > 0);
+        }
+    }
+
+    private void testAuditEntriesWhereDateByNodeRefId(AuditApps auditAppsProxy, NodeRef nodeRef) throws Exception
+    {
+        // paging
+        Paging paging = getPaging(0, 10);
+        final Map<String, String> otherParams = new HashMap<>();
+        Map<String, String> params;
+
+        //
+        // note: sanity test parsing of a few ISO8601 formats (non-exhaustive) -
+        // eg. +01:00, +0000, Z
+        //
+
+        otherParams.put("where", "(" + org.alfresco.rest.api.Audit.CREATED_AT + " between (" + "\'2016-06-02T12:13:51.593+01:00\'" + ", "
+                + "\'2017-06-04T10:05:16.536+01:00\'" + "))");
+        params = createParams(paging, otherParams);
+        getNodeRefAuditEntries(auditAppsProxy, user1, networkOne.getId(), nodeRef.getId(), params, HttpServletResponse.SC_OK);
+
+        otherParams.put("where", "(" + org.alfresco.rest.api.Audit.CREATED_AT + " between (" + "\'2016-06-02T11:13:51.593+0000\'" + ", "
+                + "\'2017-06-04T09:05:16.536+0000\'" + "))");
+        params = createParams(paging, otherParams);
+        getNodeRefAuditEntries(auditAppsProxy, user1, networkOne.getId(), nodeRef.getId(), params, HttpServletResponse.SC_OK);
+
+        otherParams.put("where", "(" + org.alfresco.rest.api.Audit.CREATED_AT + " between (" + "\'2016-06-02T11:13:51.593Z\'" + ", "
+                + "\'2017-06-04T09:05:16.536Z\'" + "))");
+        params = createParams(paging, otherParams);
+        getNodeRefAuditEntries(auditAppsProxy, user1, networkOne.getId(), nodeRef.getId(), params, HttpServletResponse.SC_OK);
+
+        otherParams.put("where", "(" + org.alfresco.rest.api.Audit.CREATED_AT + " between (" + "\'2017-06-04T10:05:16.536+01:00\'" + ", "
+                + "\'2016-06-02T12:13:51.593+01:00\'" + "))");
+        params = createParams(paging, otherParams);
+        getNodeRefAuditEntries(auditAppsProxy, user1, networkOne.getId(), nodeRef.getId(), params, HttpServletResponse.SC_BAD_REQUEST);
+    }
+
+    private void testGetAuditEntriesByNodeRefId(AuditApps auditAppsProxy, NodeRef nodeRef) throws Exception
+    {
+
+        ListResponse<AuditEntry> auditEntries = getNodeRefAuditEntries(auditAppsProxy, user1, networkOne.getId(), nodeRef.getId(), null,
+                HttpServletResponse.SC_OK);
+
+        AuditApp auditApp = auditAppsProxy.getAuditApp("alfresco-access");
+        for (AuditEntry ae : auditEntries.getList())
+        {
+            validateAuditEntryFields(ae,auditApp);
+        }
+
+        // Negative tests
+        // 401
+        setRequestContext(networkOne.getId(), networkAdmin, "wrongPassword");
+        auditAppsProxy.getAuditAppEntries(nodeRef.getId(), null, HttpServletResponse.SC_UNAUTHORIZED);
+        // 403
+        setRequestContext(networkOne.getId(), user1, null);
+        auditAppsProxy.getAuditAppEntries(nodeRef.getId(), null, HttpServletResponse.SC_FORBIDDEN);
+        // 404
+        setRequestContext(networkOne.getId(), networkAdmin, DEFAULT_ADMIN_PWD);
+        auditAppsProxy.getAuditAppEntries("randomId", null, HttpServletResponse.SC_NOT_FOUND);
+        // 501
+        setRequestContext(networkOne.getId(), networkAdmin, DEFAULT_ADMIN_PWD);
+        AuthenticationUtil.setFullyAuthenticatedUser(networkAdmin);
+        disableSystemAudit();
+        auditAppsProxy.getAuditAppEntries("randomId", null, HttpServletResponse.SC_NOT_IMPLEMENTED);
+        enableSystemAudit();
+    }
+
+    private void testAuditEntriesSortingByNodeRefId(AuditApps auditAppsProxy, NodeRef nodeRef) throws Exception
+    {
+        // paging
+        Paging paging = getPaging(0, 10);
+        Map<String, String> otherParams = new HashMap<>();
+        // Default order.
+        addOrderBy(otherParams, org.alfresco.rest.api.Audit.CREATED_AT, null);
+        Map<String, String> params = createParams(paging, otherParams);
+
+        ListResponse<AuditEntry> auditEntries = getNodeRefAuditEntries(auditAppsProxy, user1, networkOne.getId(), nodeRef.getId(), params,
+                HttpServletResponse.SC_OK);
+
+        assertNotNull(auditEntries);
+        assertTrue("audit entry size more that 2", auditEntries.getList().size() > 1);
+        assertTrue("auditEntries order not valid", auditEntries.getList().get(0).getCreatedAt().before(auditEntries.getList().get(1).getCreatedAt()));
+
+    }
+
+    private ListResponse<AuditEntry> getNodeRefAuditEntries(AuditApps auditAppsProxy, final String uid, final String tenantDomain, String nodeId,
+            Map<String, String> params, int expectedStatus)
+    {
+        return TenantUtil.runAsUserTenant(new TenantRunAsWork<ListResponse<AuditEntry>>()
+        {
+            @Override
+            public ListResponse<AuditEntry> doWork() throws Exception
+            {
+                ListResponse<AuditEntry> auditEntry = auditAppsProxy.getAuditAppEntriesByNodeRefId(nodeId, params, expectedStatus);
+                return auditEntry;
+            }
+        }, uid, tenantDomain);
+    }
+
 }