RM-5987 View Audit Log can crash Alfresco

2025-07-31 17:39:05 +00:00 · 2018-01-23 17:59:41 +00:00
parent 0393f338ec
commit c748b65cd9
3 changed files with 25 additions and 2 deletions
--- a/rm-community/rm-community-repo/config/alfresco/module/org_alfresco_module_rm/alfresco-global.properties
+++ b/rm-community/rm-community-repo/config/alfresco/module/org_alfresco_module_rm/alfresco-global.properties
@@ -17,6 +17,7 @@ imap.server.attachments.extraction.enabled=false
 #
 audit.enabled=true
 audit.rm.enabled=true
+audit.rm.viewLog.maxSize=100
 #audit.rm.runas=admin

 #audit.filter.alfresco-access.transaction.user=~null;.*
--- a/rm-community/rm-community-repo/config/alfresco/module/org_alfresco_module_rm/rm-webscript-context.xml
+++ b/rm-community/rm-community-repo/config/alfresco/module/org_alfresco_module_rm/rm-webscript-context.xml
@@ -537,6 +537,9 @@
        <property name="namespaceService" ref="namespaceService" />
        <property name="capabilityService" ref="CapabilityService" />
        <property name="filePlanService" ref="FilePlanService" />
+        <property name="viewLogMaxSize">
+            <value>${audit.rm.viewLog.maxSize}</value>
+        </property>
    </bean>

   <!-- REST impl for GET Class Definitions for RM/DM -->
--- a/rm-community/rm-community-repo/source/java/org/alfresco/module/org_alfresco_module_rm/script/AuditLogGet.java
+++ b/rm-community/rm-community-repo/source/java/org/alfresco/module/org_alfresco_module_rm/script/AuditLogGet.java
@@ -57,6 +57,7 @@ public class AuditLogGet extends BaseAuditRetrievalWebScript

    private static final String PARAM_EXPORT = "export";
    private static final String ACCESS_AUDIT_CAPABILITY = "AccessAudit";
+    private static final int DEFAULT_VIEW_LOG_MAX_SIZE = 100;

    /** Content Streamer */
    protected ContentStreamer contentStreamer;
@@ -66,6 +67,9 @@ public class AuditLogGet extends BaseAuditRetrievalWebScript

    /** File plan service */
    protected FilePlanService filePlanService;
+    
+    /** Maximum number of entries to be displayed in View Audit Log */
+    private int viewLogMaxSize;

    /**
     * @param contentStreamer
@@ -86,13 +90,22 @@ public class AuditLogGet extends BaseAuditRetrievalWebScript
    
    /**
     * 
-     * @param capabilityService Capability Service
+     * @param filePlanService File Plan Service
     */
    public void setFilePlanService(FilePlanService filePlanService)
    {
        this.filePlanService = filePlanService;
    }

+    /**
+     * 
+     * @param viewLogMaxSize Maximum number of entries to be displayed in View Audit Log 
+     */
+    public void setViewLogMaxSize(int viewLogMaxSize)
+    {
+        this.viewLogMaxSize = (viewLogMaxSize <= 0 ? DEFAULT_VIEW_LOG_MAX_SIZE: viewLogMaxSize);
+    }
+
    @Override
    public void execute(WebScriptRequest req, WebScriptResponse res) throws IOException
    {
@@ -100,7 +113,6 @@ public class AuditLogGet extends BaseAuditRetrievalWebScript

        try
        {
-            
            RecordsManagementAuditQueryParameters queryParams = parseQueryParameters(req);
            ReportFormat reportFormat = parseReportFormat(req);

@@ -108,6 +120,13 @@ public class AuditLogGet extends BaseAuditRetrievalWebScript
            {
                throw new WebScriptException(Status.STATUS_FORBIDDEN, "Access denied because the user does not have the Access Audit capability");
            }
+            
+            // limit the number of audit log entries to be returned
+            if (queryParams.getMaxEntries() == 0 || queryParams.getMaxEntries() > viewLogMaxSize)
+            {
+                queryParams.setMaxEntries(viewLogMaxSize);
+            }
+            
            // parse the parameters and get a file containing the audit trail
            auditTrail = this.rmAuditService.getAuditTrailFile(queryParams, reportFormat);