ALF-4106 (ALF-4103): AuditService enhancements

- Additional methods to get all available applications
 - Web Script retrieval of applications and enabled/disabled states
 - Tests


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@21485 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261

config/alfresco/templates/webscripts/org/alfresco/repository/audit/control.get.desc.xml

@@ -1,13 +1,13 @@
-<webscript>
+<webscript>
-  <shortname>Alfresco Audit Service Control</shortname>
+  <shortname>Alfresco Audit Service Control</shortname>
-  <description>Get audit status for a given application and path</description>
+  <description>Get audit status for a given application and path</description>
-  <url>/api/audit/control?app={application?}&amp;path={path?}</url>
+  <url>/api/audit/control?application={application?}&amp;path={path?}</url>
-  <format default="json" />
+  <format default="json" />
-  <authentication>admin</authentication>
+  <authentication>admin</authentication>
-  <transaction allow="readonly">required</transaction>
+  <transaction allow="readonly">required</transaction>
-  <lifecycle>internal</lifecycle>
+  <lifecycle>internal</lifecycle>
-  
+  
-  <!--  turn off the multipart formdata processing -->
+  <!--  turn off the multipart formdata processing -->
-  <formdata multipart-processing="false" />
+  <formdata multipart-processing="false" />
-
+
-</webscript>
+</webscript>

source/java/org/alfresco/repo/web/scripts/audit/AbstractAuditWebScript.java

@@ -1,4 +1,4 @@
-/*
+/*
  * Copyright (C) 2009-2010 Alfresco Software Limited.
  *
  * This file is part of Alfresco
@@ -14,88 +14,93 @@
  * GNU Lesser General Public License for more details.
  *
  * You should have received a copy of the GNU Lesser General Public License
- * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
+ * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
- */
+ */
-package org.alfresco.repo.web.scripts.audit;
+package org.alfresco.repo.web.scripts.audit;
-
+
-import org.alfresco.service.cmr.audit.AuditService;
+import org.alfresco.service.cmr.audit.AuditService;
-import org.apache.commons.logging.Log;
+import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
+import org.apache.commons.logging.LogFactory;
-import org.springframework.extensions.surf.util.I18NUtil;
+import org.springframework.extensions.surf.util.I18NUtil;
-import org.springframework.extensions.webscripts.AbstractWebScript;
+import org.springframework.extensions.webscripts.AbstractWebScript;
-import org.springframework.extensions.webscripts.Status;
+import org.springframework.extensions.webscripts.Status;
-import org.springframework.extensions.webscripts.WebScriptException;
+import org.springframework.extensions.webscripts.WebScriptException;
-import org.springframework.extensions.webscripts.WebScriptRequest;
+import org.springframework.extensions.webscripts.WebScriptRequest;
-
+
-/**
+/**
- * Abstract implementation for scripts that access the {@link AuditService}.
+ * Abstract implementation for scripts that access the {@link AuditService}.
- * 
+ * 
- * @author Derek Hulley
+ * @author Derek Hulley
- * @since 3.4
+ * @since 3.4
- */
+ */
-public abstract class AbstractAuditWebScript extends AbstractWebScript
+public abstract class AbstractAuditWebScript extends AbstractWebScript
-{
+{
-    public static final String PARAM_APP = "app";
+    public static final String PARAM_APP = "app";
-    public static final String PARAM_PATH="path";
+    public static final String PARAM_PATH="path";
-    
+    
-    /**
+    public static final String JSON_KEY_APPLICATIONS = "applications";
-     * Logger that can be used by subclasses.
+    public static final String JSON_KEY_NAME = "name";
-     */
+    public static final String JSON_KEY_PATH = "path";
-    protected final Log logger = LogFactory.getLog(this.getClass());
+    public static final String JSON_KEY_ENABLED = "enabled";
-    
+    
-    protected AuditService auditService;
+    /**
-    
+     * Logger that can be used by subclasses.
-    /**
+     */
-     * @param auditService      the service that provides the actual data
+    protected final Log logger = LogFactory.getLog(this.getClass());
-     */
+    
-    public void setAuditService(AuditService auditService)
+    protected AuditService auditService;
-    {
+    
-        this.auditService = auditService;
+    /**
-    }
+     * @param auditService      the service that provides the actual data
-
+     */
-    /**
+    public void setAuditService(AuditService auditService)
-     * Return an I18N'd message for the given key or the key itself if not present
+    {
-     * 
+        this.auditService = auditService;
-     * @param args              arguments to replace the variables in the message
+    }
-     */
+
-    protected String getI18NMessage(String key, Object ... args)
+    /**
-    {
+     * Return an I18N'd message for the given key or the key itself if not present
-        return I18NUtil.getMessage(key, args);
+     * 
-    }
+     * @param args              arguments to replace the variables in the message
-    
+     */
-    /**
+    protected String getI18NMessage(String key, Object ... args)
-     * Get the application name from the request.
+    {
-     * 
+        return I18NUtil.getMessage(key, args);
-     * @param mandatory         <tt>true</tt> if the application name is expected
+    }
-     * @return                  Returns the application name or <tt>null</tt> if not present
+    
-     */
+    /**
-    protected final String getApp(WebScriptRequest req, boolean mandatory)
+     * Get the application name from the request.
-    {
+     * 
-        // All URLs must contain the application
+     * @param mandatory         <tt>true</tt> if the application name is expected
-        String paramApp = req.getParameter(PARAM_APP);
+     * @return                  Returns the application name or <tt>null</tt> if not present
-        if (paramApp == null && mandatory)
+     */
-        {
+    protected final String getApp(WebScriptRequest req, boolean mandatory)
-            throw new WebScriptException(Status.STATUS_BAD_REQUEST, "audit.err.app.mandatory");
+    {
-        }
+        // All URLs must contain the application
-        return paramApp;
+        String paramApp = req.getParameter(PARAM_APP);
-    }
+        if (paramApp == null && mandatory)
-    /**
+        {
-     * Get the path from the request.  If it is mandatory, then a value must have been supplied
+            throw new WebScriptException(Status.STATUS_BAD_REQUEST, "audit.err.app.mandatory");
-     * otherwise, at the very least, '/' is returned.
+        }
-     * @param mandatory         <tt>true</tt> if the parameter is expected
+        return paramApp;
-     * @return                  Returns the path or at least '/' (never <tt>null</tt>)
+    }
-     */
+    /**
-    protected String getPath(WebScriptRequest req)
+     * Get the path from the request.  If it is mandatory, then a value must have been supplied
-    {
+     * otherwise, at the very least, '/' is returned.
-        String paramPath = req.getParameter(PARAM_PATH);
+     * @param mandatory         <tt>true</tt> if the parameter is expected
-        if (paramPath == null || paramPath.length() == 0)
+     * @return                  Returns the path or at least '/' (never <tt>null</tt>)
-        {
+     */
-            paramPath = "/";
+    protected String getPath(WebScriptRequest req)
-        }
+    {
-        else if (!paramPath.startsWith("/"))
+        String paramPath = req.getParameter(PARAM_PATH);
-        {
+        if (paramPath == null || paramPath.length() == 0)
-            throw new WebScriptException(Status.STATUS_BAD_REQUEST, "audit.err.path.startsWith");
+        {
-        }
+            paramPath = "/";
-        return paramPath;
+        }
-    }
+        else if (!paramPath.startsWith("/"))
-}
+        {
+            throw new WebScriptException(Status.STATUS_BAD_REQUEST, "audit.err.path.startsWith");
+        }
+        return paramPath;
+    }
+}

source/java/org/alfresco/repo/web/scripts/audit/AuditWebScriptTest.java

@@ -18,9 +18,12 @@
  */
 package org.alfresco.repo.web.scripts.audit;
 
+import java.util.Set;
+
 import org.alfresco.repo.security.authentication.AuthenticationUtil;
 import org.alfresco.repo.web.scripts.BaseWebScriptTest;
 import org.alfresco.service.cmr.audit.AuditService;
+import org.json.JSONArray;
 import org.json.JSONObject;
 import org.springframework.context.ApplicationContext;
 import org.springframework.extensions.webscripts.TestWebScriptServer;
@@ -57,7 +60,9 @@ public class AuditWebScriptTest extends BaseWebScriptTest
     
     public void testGetWithoutPermissions() throws Exception
     {
-        
+        String url = "/api/audit/control";
+        TestWebScriptServer.GetRequest req = new TestWebScriptServer.GetRequest(url);
+        sendRequest(req, 401, AuthenticationUtil.getGuestRoleName());
     }
     
     public void testGetIsAuditEnabledGlobally() throws Exception
@@ -67,10 +72,27 @@ public class AuditWebScriptTest extends BaseWebScriptTest
         String url = "/api/audit/control";
         TestWebScriptServer.GetRequest req = new TestWebScriptServer.GetRequest(url);
         
-        //First, we'll try the request as a simple, non-admin user (expect a 401)
         Response response = sendRequest(req, 200, admin);
         JSONObject json = new JSONObject(response.getContentAsString());
         boolean enabled = json.getBoolean("enabled");
         assertEquals("Mismatched global audit enabled", checkEnabled, enabled);
     }
+    
+    public void testGetIsAuditEnabledMissingApp() throws Exception
+    {
+        boolean checkEnabled = auditService.isAuditEnabled();
+        Set<String> checkApps = auditService.getAuditApplications();
+
+        String url = "/api/audit/control?app=xxx";
+        TestWebScriptServer.GetRequest req = new TestWebScriptServer.GetRequest(url);
+        
+        //First, we'll try the request as a simple, non-admin user (expect a 401)
+        Response response = sendRequest(req, 200, admin);
+        JSONObject json = new JSONObject(response.getContentAsString());
+        boolean enabled = json.getBoolean("enabled");
+        assertEquals("Mismatched global audit enabled", checkEnabled, enabled);
+        JSONArray apps = json.getJSONArray(AbstractAuditWebScript.JSON_KEY_APPLICATIONS);
+        // We expect that the unknown application is returned with the others
+        assertEquals("Incorrect number of applications reported", checkApps.size()+1, apps.length());
+    }
 }

source/java/org/alfresco/repo/web/scripts/audit/ControlGet.java

@@ -20,11 +20,13 @@ package org.alfresco.repo.web.scripts.audit;
 
 import java.io.IOException;
 import java.io.StringWriter;
+import java.nio.charset.Charset;
+import java.util.Collections;
+import java.util.Set;
 
 import org.springframework.extensions.webscripts.Status;
 import org.springframework.extensions.webscripts.WebScriptRequest;
 import org.springframework.extensions.webscripts.WebScriptResponse;
-import org.springframework.extensions.webscripts.json.JSONUtils;
 import org.springframework.extensions.webscripts.json.JSONWriter;
 
 /**
@@ -36,34 +38,53 @@ public class ControlGet extends AbstractAuditWebScript
     @Override
     public void execute(WebScriptRequest req, WebScriptResponse res) throws IOException
     {
+        // return the unique transfer id (the lock id)
+        JSONWriter json = new JSONWriter(res.getWriter());
+
         String app = getApp(req, false);
         String path = getPath(req);
+        Set<String> apps = (app == null ? auditService.getAuditApplications() : Collections.singleton(app));
         
-        boolean enabled = false;
+        boolean enabledGlobal = auditService.isAuditEnabled();
-        if (app == null)
+        json.startObject();
         {
-            enabled = auditService.isAuditEnabled();
+            json.writeValue(JSON_KEY_ENABLED, enabledGlobal);
-        }
+            if (apps.size() > 0)
-        else
+            {
-        {
+                json.startValue(JSON_KEY_APPLICATIONS);
-            enabled = auditService.isAuditEnabled(app, path);
+                {
+                    json.startArray();
+                    {
+                        for (String appName : apps)
+                        {
+                            boolean enabled = auditService.isAuditEnabled(appName, path);
+                            json.startObject();
+                            {
+                                json.writeValue(JSON_KEY_NAME, appName);
+                                json.writeValue(JSON_KEY_PATH, path);
+                                json.writeValue(JSON_KEY_ENABLED, enabled);
+                            }
+                            json.endObject();
+                        }
+                    }
+                    json.endArray();
+                }
+                json.endValue();
+            }
         }
+        json.endObject();
         
-        // return the unique transfer id (the lock id)
+        // Close off
-        StringWriter stringWriter = new StringWriter(300);
+        res.getWriter().close();
-        JSONWriter jsonWriter = new JSONWriter(stringWriter);
+
-        jsonWriter.startObject();
-        jsonWriter.writeValue("app", app);
-        jsonWriter.writeValue("path", path);
-        jsonWriter.writeValue("enabled", enabled);
-        jsonWriter.endObject();
-        String response = stringWriter.toString();
-        
         res.setContentType("application/json");
-        res.setContentEncoding("UTF-8");
+        res.setContentEncoding(Charset.defaultCharset().displayName());     // TODO: Should be settable on JSONWriter
-        int length = response.getBytes("UTF-8").length;
+        //        res.addHeader("Content-Length", "" + length);             // TODO: Do we need this?
-        res.addHeader("Content-Length", "" + length);
         res.setStatus(Status.STATUS_OK);
-        res.getWriter().write(response);
+    }
+    
+    protected void writeResponse(JSONWriter json)
+    {
+        
     }
 }