- This will pull back the correct number if you request less than the total number of audit entries
- TODO: You can still get N-1 entries if you request more than the total number of entries
- TODO: Reverse order of limited queries (last N)
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@16518 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
- Two new repo properties to control auditing:
audit.enabled=false
audit.useNewConfig=false
- Auditing was enabled by default, but it is not enabled any more!
The property has to be set in alfresco-global.properties
- Unit tests for auditing successful and failed authentication attempts
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@16496 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
- Ensure uniqueness across any three (incl. null) Serializable values
- Required to support RM rma:identifier contextual uniqueness
DB Update for MySQL:
drop table if exists alf_prop_unique_ctx;
CREATE TABLE alf_prop_unique_ctx
(
id BIGINT NOT NULL AUTO_INCREMENT,
version SMALLINT NOT NULL,
value1_prop_id BIGINT NOT NULL,
value2_prop_id BIGINT NOT NULL,
value3_prop_id BIGINT NOT NULL,
UNIQUE INDEX idx_alf_prop_unique_ctx (value1_prop_id, value2_prop_id, value3_prop_id),
CONSTRAINT fk_alf_prop_unique_ctx_1 FOREIGN KEY (value1_prop_id) REFERENCES alf_prop_value (id) ON DELETE CASCADE,
CONSTRAINT fk_alf_prop_unique_ctx_2 FOREIGN KEY (value2_prop_id) REFERENCES alf_prop_value (id) ON DELETE CASCADE,
CONSTRAINT fk_alf_prop_unique_ctx_3 FOREIGN KEY (value3_prop_id) REFERENCES alf_prop_value (id) ON DELETE CASCADE,
PRIMARY KEY (id)
);
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@16417 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
- Tables are 'alf_prop_root' and 'alf_audit_app'
- Added property test to update past the SMALLINT rollover to test reversion to 0
- To modify your tables (not absolutely necessary)
alter table alf_audit_app modify version SMALLINT NOT NULL;
alter table alf_prop_root modify version SMALLINT NOT NULL;
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@16320 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
- alf_prop_xxx tables
- Added alf_prop_root table
- alf_prop_value_xxx tables enforce uniqueness
- Better splitting up of Collections and Maps (attempt to use exact storage type)
- Moved some indexes around to reduce size but maintain index data lookups
- Allow updates and deletes of properties via alf_prop_root (entry-point table)
- Audit Application
- Unique by name
- Add 'disabled paths' to control audit behaviour (not wired into services)
- Added concurrency checks for updates to the Audit Application (model change, etc)
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@16217 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
- Turned namespacing on
- Collapsed SqlMapConfig.xml files with the exception of that for activities, which uses a different datasource bean
- Tried to use it and discovered a "feature": If any ID has a '.' in it, then it is assumed to be namespaced already ...
- Fixed up all IDs for iBatis objects; replaced '.' with '_' except in our namespaces
- Don't panic! It's a find/replace job of ID strings. Errors will be hard and fast, if there are any. All DAO and activities tests run.
- The AVM refactor will get some conflicts in the ibatis-context.xml
- Either follow the same pattern and fix up the IDs, or
- Keep a separate bean until some later time.
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@16106 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
- Any combination of application (e.g. RM, repo, etc), user and time
- TODO: Extend queries to support finding audit entries by arbitrary audited values
- TODO: Full map retrieval in single query
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@16086 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
- Removed notion of audit session
- Removed 'scope' attribute for DataGenerator elements
- Removed alf_audit_session table and replaced with alf_audit_app (see script)
- DataGenerators are working properly
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@16053 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
- Audit paths can now use mixed case (after alf_prop_string_value enhancements)
- Pluggable data conversion when pushing values into persistence
- Relaxed XSD to allow mixed-case key values
- Regex checking of paths and names when building strings
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@15976 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
- alf_prop_string_value now includes a CRC column and handles Oracle empty string issues
- All property values are/must now be Serializable for auditing
- Pushing data into audit is working
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@15915 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
- Pulled old AuditDAO methods into new AuditDAO interface
- Combined AuditDAO implementations
- First cut of high-level AuditSession creation
- TODO: AuditSession data generation according to path
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@15864 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
- Sessions are created using an application name (shared prop) and a persisted model ID
- Added a bootstrap bean for audit that unmarshalls the models
- Added hook points for repo-loading models, but won't implement yet
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@15863 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
- Normal prefix-index has been shortened to 32 chars (from 64)
- Added a fully indexed 'string_end' column of 16 characters
- iBatis queries are optimized to pull short strings from the index
- Long paths and NodeRefs are well-indexed using this approach
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@15833 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
- TODO: ID-based caching for entities that can't be found by value (e.g. maps, serializable)
- TODO: Serializable table
- TODO: Dedicated tests for node properties (QName-Serializable maps with nested MLText)
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@15753 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
15388: ETHREEOH-1872: Better debug logging in authentication components
- Now each authentication component logs every step of the authentication process (including reason for failure) if you switch on debug logging for that component or the entire org.alfresco.repo.security.authentication package. E.g.
log4j.logger.org.alfresco.repo.security.authentication.ldap.LDAPAuthenticationComponentImpl=debug
log4j.logger.org.alfresco.repo.security.authentication.AuthenticationComponentImpl=debug
log4j.logger.org.alfresco.repo.security.authentication=debug
15196: Further LDAP sync performance improvements
- Bunch user and group creations into small transactions (except for differential sync on login)
- Run a differential sync on startup (so that bulk of users are not brought over on first login)
- Can be disabled by synchronization.syncOnStartup property
15135: Node creation / ACL performance improvements
- When an ACL was set on a leaf node such as a person, redundant 'shared' ACLs were created for child nodes with getInheritedAccessControlList(), even though no child nodes existed.
- Now setInheritanceForChildren() makes a 'lazy' call to getInheritedAccessControlList(), only when it realises there are child nodes
15133: Changes to datasource definition for improved performance
- Enable caching and reuse of prepared statements (by default 40 for each connection)
- Removed custom-connection-pool-context.xml.sample and instead introduced complete property set into repository.properties
- Updated v3.2 Wiki docs http://wiki.alfresco.com/wiki/Database_Configuration#Overriding_the_Database_Connection_Properties
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@15439 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
14955: Merged V2.2 to V3.1
14352: Fixed ETWOTWO-1113: Creation date / modification date reset to current date during import
14956: Fix for ETHREEOH-2198 and ALFCOM-2972
- Thumbnail Service now allows creation of system managed thumbnails nodes by Consumer users or on Locked items
- Explicit permission check to ensure user must at least be able to Read the original doc
- Now correctly ensures that the 'modifier' properties are not updated on the original doc due to thumbnail generation
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@14957 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
