mirror of
https://github.com/Alfresco/alfresco-community-repo.git
synced 2025-07-07 18:25:23 +00:00
575c970565
17717: This check-in contains changes in Java and .NET TCK tests related to CMIS-43 and CMIS-44 JIRA tasks. Also some bugs were faced out and fixed in 17727: CMIS-69: Alfresco to CMIS ACL mapping: Part 1: API 17732: Merge HEAD to DEV/CMIS10 17756: MOB-563: SQL Tests - Lexer 17764: CMIS-69: Alfresco to CMIS ACL mapping: get ACL support 17802: More for CMIS-69: Alfresco to CMIS ACL mapping. Implementation for applyAcl. 17830: Fixes for CMIS lexer and parser tests 17838: Access fix ups for access by the WS/Rest layers 17869: 1) remote-api: 17874: SAIL-146: Alfresco to CMIS ACL mapping: Support to group ACEs by principal id 17883: Adjust version properties for dev/cmis10 branch. 17885: Update OASIS CMIS TC status. 17889: Fix issue where objectid is not rendered correctly for CMIS private working copies. 17890: SAIL-146: Alfresco to CMIS ACL mapping: Fixes for ACL merging when reporting and ordering of ACEs. Report full permissions and not unique short names. 17902: Fix issue where CMIS queries via GET used incorrect defaults for paging. 17909: Fix CMIS link relations for folder tree. 17912: Fix CMIS type descendants atompub link 17922: Update AtomPub binding to CMIS 1.0 CD05 XSDs. 17924: SAIL-146: Alfresco to CMIS ACL mapping: Test set using full permissions (as opposed to short unique names) 17927: Fix content stream create/update status to comply with CMIS 1.0 CD05. 17934: Resolve encoding issues in CMIS AtomPub binding. 17973: SAIL-171: CMIS Renditions REST binding 17975: SAIL-146: Alfresco to CMIS ACL mapping: Completed AllowedAction and Permissions mapping. Added missing canDeleteTree. 17990: Update CMIS AtomPub to CD06 17996: Updates for cmis.alfresco.com for CD06 in prep for public review 2. 18007: WS-Bindings were updated with CMIS 1.0 cd06 changes. 18016: CMIS web services: Add missing generated files from WSDL 18018: CMIS index page updates for cmis.alfresco.com 18041: Merged HEAD to DEV/CMIS_10 18059: SAIL-227: 18067: SAIL-157: Strict vs Non-Strict Query Language: Enforce restrictions on the use of SCORE() and CONTAINS() 18080: Fix for SAIL-213:Bug: Query engine does not check that select list properties are valid for selectors 18131: SAIL-156: Query Language Compliance: Fix support for LIKE, including escaping of '%' and '_' with '\'. 18132: SAIL-156: Query Language Compliance: Fix support for LIKE, including escaping of '%' and '_' with '\': Fix underlying lucene impl for prefix and fuzzy queries to match wildcard/like 18143: SAIL-156: Query Language Compliance: Fix and check qualifiers in IN_TREE and IN_FOLDER. Improved scoring for CONTAINS() 18173: SAIL-245: Exclude thumbnails from normal query results 18179: SAIL 214: Query Language Compliance: Check for valid object ids in IN_FOLDER and IN_TREE 18210: SAIL-156: Query Language Compliance: Support for simple column aliases in predicates/function arguments/embedded FTS. Check property/selector binding in embedded FTS. 18211: SAIL-156: Query Language Compliance: Support for simple column aliases in predicates/function arguments/embedded FTS. Check property/selector binding in embedded FTS. 18215: SAIL 156: Query Language Compliance: Fix CMIS type info to reflect the underlying settings of the Alfresco type for includeInSuperTypeQuery 18244: SAIL 156: Query Language Compliance: includeInSuperTypeQuery -> includedInSuperTypeQuery: First cut of cmis query test model. Fixed modelSchema.xml to validate 18255: SAIL 156: Query Language Compliance: First set of tests for predicates using properties mapped to CMIS Strings. 18261: CMIS-49 SAIL-163: Alfresco to CMIS Change Log mapping - New CMIS Audit mapping is implemented. ChangeLogDataExtractor was added. 18263: Build Fix 18285: SAIL 156: Query Language Compliance: Restrictions on predicates that may be used by single-valued and multi-valued properties 18287: SAIL-186: Changes to make CMIS Rendition REST bindings pass new TCK tests 18291: Fix Eclipse classpath problems 18323: CMIS-44 SAIL-187: Change Log tests (WS) – Java and .NET tests for change log were implemented. 18325: SAIL 156: Query Language Compliance: Fixes and tests for d:mltext mappings 18329: Updated Chemistry TCK jar including Dave W's rendition tests. 18333: Fix compile error - spurious imports. 18334: Fix issue where absurl web script method failed when deployed to root context. 18339: Update CMIS index page for start of public review 2. 18387: SAIL-147: CMIS ACL REST bindings + framework fixes 18392: Fix typo 18394: SAIL 156: Query Language Compliance: Fixes and tests for d:<numeric> 18406: SAIL 156: Query Language Compliance: Remaining type/predicate combinations. Restriction of In/Comparisons for ID/Boolean 18408: CMIS Query language - remove (pointless) multi-valued column from language definition 18409: Formatting change for CMIS.g 18410: Formatting change for FTS.g 18411: CMIS TCK tests were updated to CMIS 1.0 cd06 schemas. 18412: SAIL 156: Query Language Compliance: Tests and fixes for aliases for all data types in simple predicates (they behave as the direct column reference) 18417: Update Chemistry TCK which now incorporates Dave W's ACL tests. 18419: Update CMIS index page to include public review end date. 18427: SAIL 156: Query Language Compliance: Expose multi-valued properties in queries. Tests for all accessors. Fix content length to be long. 18435: SAIL 156: Query Language Compliance: Use queryable correctly and fix up model mappings. Add tests for baseTypeId, contentStreamId and path. 18472: SAIL 156: Query Language Compliance: Tests and fixes for FTS/Contains expressions. Adhere strictly to the spec - no extensions available by default. Improved FTS error reporting (and stop any recovery). 18477: SAIL-164: CMIS change log REST bindings 18495: SAIL 156: Query Language Compliance: Tests and fixes for escaping in string literals, LIKE and FTS expressions. 18537: SAIL 156: Query Language Compliance: Sorting support. Basic sort test for all orderable/indexed CMIS properties. 18538: SAIL-164: CMIS change log fixes for TCK compliance 18547: SAIL 156: Query Language Compliance: Ordering tests for all datatypes, including null values. 18582: Incorporate latest Chemistry TCK 18583: Update list of supported CMIS capabilities in index page. 18606: SAIL-156, SAIL-157, SAIL-158: Query Language Compliance: Respect all query options including locale. Fixes and tests for MLText cross language support. 18608: SAIL-159: Java / Javascript API access to CMIS Query Language 18617: SAIL-158: Query Tests: Check policy and relationship types are not queryable. 18636: SAIL-184: ACL tests (WS) 18663: ACL tests were updated in accordance with last requirements by David Caruana. 18680: Update to CMIS CD07 18681: Fix CMIS ContentStreamId property when document has no content. 18700: CMIS: Head merge problem resolution. Phase 1: Merge up to and including revision 18700, as this the point where both AtomPub and Web Services TCK tests succeed completely on dev branch. Note: includes CMIS rendition support ready for integration and testing with DM renditions. git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@18790 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
624 lines
25 KiB
Java
624 lines
25 KiB
Java
/*
|
|
* Copyright (C) 2005-2009 Alfresco Software Limited.
|
|
*
|
|
* This program is free software; you can redistribute it and/or
|
|
* modify it under the terms of the GNU General Public License
|
|
* as published by the Free Software Foundation; either version 2
|
|
* of the License, or (at your option) any later version.
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with this program; if not, write to the Free Software
|
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
|
|
|
* As a special exception to the terms and conditions of version 2.0 of
|
|
* the GPL, you may redistribute this Program in connection with Free/Libre
|
|
* and Open Source Software ("FLOSS") applications as described in Alfresco's
|
|
* FLOSS exception. You should have recieved a copy of the text describing
|
|
* the FLOSS exception, and it is also available here:
|
|
* http://www.alfresco.com/legal/licensing
|
|
*/
|
|
package org.alfresco.repo.audit;
|
|
|
|
import java.io.Serializable;
|
|
import java.net.URL;
|
|
import java.util.ArrayList;
|
|
import java.util.Collections;
|
|
import java.util.Date;
|
|
import java.util.HashMap;
|
|
import java.util.List;
|
|
import java.util.Map;
|
|
|
|
import junit.framework.TestCase;
|
|
|
|
import org.alfresco.error.AlfrescoRuntimeException;
|
|
import org.alfresco.repo.audit.model.AuditApplication;
|
|
import org.alfresco.repo.audit.model.AuditModelException;
|
|
import org.alfresco.repo.audit.model.AuditModelRegistryImpl;
|
|
import org.alfresco.repo.management.subsystems.ApplicationContextFactory;
|
|
import org.alfresco.repo.security.authentication.AuthenticationException;
|
|
import org.alfresco.repo.security.authentication.AuthenticationUtil;
|
|
import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork;
|
|
import org.alfresco.repo.transaction.RetryingTransactionHelper.RetryingTransactionCallback;
|
|
import org.alfresco.service.ServiceRegistry;
|
|
import org.alfresco.service.cmr.audit.AuditQueryParameters;
|
|
import org.alfresco.service.cmr.audit.AuditService;
|
|
import org.alfresco.service.cmr.audit.AuditService.AuditQueryCallback;
|
|
import org.alfresco.service.cmr.repository.NodeRef;
|
|
import org.alfresco.service.cmr.repository.NodeService;
|
|
import org.alfresco.service.cmr.repository.StoreRef;
|
|
import org.alfresco.service.cmr.security.MutableAuthenticationService;
|
|
import org.alfresco.service.transaction.TransactionService;
|
|
import org.alfresco.util.ApplicationContextHelper;
|
|
import org.alfresco.util.EqualsHelper;
|
|
import org.apache.commons.lang.mutable.MutableInt;
|
|
import org.apache.commons.logging.Log;
|
|
import org.apache.commons.logging.LogFactory;
|
|
import org.springframework.context.ApplicationContext;
|
|
import org.springframework.util.ResourceUtils;
|
|
|
|
/**
|
|
* Tests component-level auditing i.e. audit sessions and audit logging.
|
|
*
|
|
* @see AuditComponent
|
|
* @see AuditComponentImpl
|
|
*
|
|
* @author Derek Hulley
|
|
* @since 3.2
|
|
*/
|
|
public class AuditComponentTest extends TestCase
|
|
{
|
|
private static final String APPLICATION_TEST = "Alfresco Test";
|
|
private static final String APPLICATION_ACTIONS_TEST = "Actions Test";
|
|
private static final String APPLICATION_API_TEST = "Test AuthenticationService";
|
|
|
|
private static final Log logger = LogFactory.getLog(AuditComponentTest.class);
|
|
|
|
private static ApplicationContext ctx = ApplicationContextHelper.getApplicationContext();
|
|
|
|
private ApplicationContextFactory subsystem;
|
|
private AuditModelRegistryImpl auditModelRegistry;
|
|
private AuditComponent auditComponent;
|
|
private AuditService auditService;
|
|
private ServiceRegistry serviceRegistry;
|
|
private TransactionService transactionService;
|
|
private NodeService nodeService;
|
|
|
|
private NodeRef nodeRef;
|
|
private String user;
|
|
|
|
@Override
|
|
public void setUp() throws Exception
|
|
{
|
|
// We have to look inside the subsystem for this test
|
|
subsystem = (ApplicationContextFactory) ctx.getBean("Audit");
|
|
ApplicationContext subCtx = subsystem.getApplicationContext();
|
|
auditModelRegistry = (AuditModelRegistryImpl) subCtx.getBean("auditModel.modelRegistry");
|
|
auditComponent = (AuditComponent) ctx.getBean("auditComponent");
|
|
serviceRegistry = (ServiceRegistry) ctx.getBean(ServiceRegistry.SERVICE_REGISTRY);
|
|
auditService = serviceRegistry.getAuditService();
|
|
transactionService = serviceRegistry.getTransactionService();
|
|
nodeService = serviceRegistry.getNodeService();
|
|
|
|
// Register the test model
|
|
URL testModelUrl = ResourceUtils.getURL("classpath:alfresco/audit/alfresco-audit-test.xml");
|
|
auditModelRegistry.registerModel(testModelUrl);
|
|
auditModelRegistry.loadAuditModels();
|
|
|
|
RunAsWork<NodeRef> testRunAs = new RunAsWork<NodeRef>()
|
|
{
|
|
public NodeRef doWork() throws Exception
|
|
{
|
|
return nodeService.getRootNode(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE);
|
|
}
|
|
};
|
|
nodeRef = AuthenticationUtil.runAs(testRunAs, AuthenticationUtil.getSystemUserName());
|
|
|
|
// Authenticate
|
|
user = "User-" + getName();
|
|
AuthenticationUtil.setFullyAuthenticatedUser(user);
|
|
|
|
final RetryingTransactionCallback<Void> resetDisabledPathsCallback = new RetryingTransactionCallback<Void>()
|
|
{
|
|
public Void execute() throws Throwable
|
|
{
|
|
auditComponent.resetDisabledPaths(APPLICATION_TEST);
|
|
auditComponent.resetDisabledPaths(APPLICATION_ACTIONS_TEST);
|
|
return null;
|
|
}
|
|
};
|
|
transactionService.getRetryingTransactionHelper().doInTransaction(resetDisabledPathsCallback);
|
|
}
|
|
|
|
@Override
|
|
public void tearDown() throws Exception
|
|
{
|
|
AuthenticationUtil.clearCurrentSecurityContext();
|
|
// Throw away the reconfigured registry in the subsystem
|
|
subsystem.stop();
|
|
}
|
|
|
|
public void testSetUp()
|
|
{
|
|
// Just here to fail if the basic startup fails
|
|
}
|
|
|
|
public void testAuditWithBadPath() throws Exception
|
|
{
|
|
// Should start an appropriate txn
|
|
auditComponent.recordAuditValues("/test", Collections.<String, Serializable>emptyMap());
|
|
|
|
RetryingTransactionCallback<Void> testCallback = new RetryingTransactionCallback<Void>()
|
|
{
|
|
public Void execute() throws Throwable
|
|
{
|
|
try
|
|
{
|
|
auditComponent.recordAuditValues("test", null);
|
|
fail("Failed to detect illegal path");
|
|
}
|
|
catch (AuditModelException e)
|
|
{
|
|
// Expected
|
|
}
|
|
try
|
|
{
|
|
auditComponent.recordAuditValues("/test/", null);
|
|
fail("Failed to detect illegal path");
|
|
}
|
|
catch (AuditModelException e)
|
|
{
|
|
// Expected
|
|
}
|
|
Map<String, Serializable> auditedValues = auditComponent.recordAuditValues("/bogus", null);
|
|
assertNotNull(auditedValues);
|
|
assertTrue("Invalid application should not audit anything", auditedValues.isEmpty());
|
|
|
|
return null;
|
|
}
|
|
};
|
|
transactionService.getRetryingTransactionHelper().doInTransaction(testCallback);
|
|
}
|
|
|
|
/**
|
|
* Start a session and use it within a single txn
|
|
*/
|
|
public void testAudit_Basic() throws Exception
|
|
{
|
|
final RetryingTransactionCallback<Void> testCallback = new RetryingTransactionCallback<Void>()
|
|
{
|
|
public Void execute() throws Throwable
|
|
{
|
|
Map<String, Serializable> values = new HashMap<String, Serializable>(13);
|
|
values.put("/3.1/4.1", new Long(41));
|
|
values.put("/3.1/4.2", "42");
|
|
values.put("/3.1/4.3", new Date());
|
|
values.put("/3.1/4.4", "");
|
|
values.put("/3.1/4.5", null);
|
|
|
|
auditComponent.recordAuditValues("/test/one.one/two.one", values);
|
|
|
|
return null;
|
|
}
|
|
};
|
|
RunAsWork<Void> testRunAs = new RunAsWork<Void>()
|
|
{
|
|
public Void doWork() throws Exception
|
|
{
|
|
return transactionService.getRetryingTransactionHelper().doInTransaction(testCallback);
|
|
}
|
|
};
|
|
AuthenticationUtil.runAs(testRunAs, "SomeOtherUser");
|
|
}
|
|
|
|
private Map<String, Serializable> auditTestAction(
|
|
final String action,
|
|
NodeRef nodeRef,
|
|
Map<String, Serializable> parameters)
|
|
{
|
|
final Map<String, Serializable> adjustedValues = new HashMap<String, Serializable>(parameters.size() * 2);
|
|
// Add the noderef
|
|
adjustedValues.put(AuditApplication.buildPath("context-node"), nodeRef);
|
|
// Compile path-name snippets for the parameters
|
|
for (Map.Entry<String, Serializable> entry : parameters.entrySet())
|
|
{
|
|
String paramName = entry.getKey();
|
|
String path = AuditApplication.buildPath(action, "params", paramName);
|
|
adjustedValues.put(path, entry.getValue());
|
|
}
|
|
|
|
RetryingTransactionCallback<Map<String, Serializable>> auditCallback =
|
|
new RetryingTransactionCallback<Map<String, Serializable>>()
|
|
{
|
|
public Map<String, Serializable> execute() throws Throwable
|
|
{
|
|
String actionPath = AuditApplication.buildPath("actions-test/actions");
|
|
|
|
return auditComponent.recordAuditValues(actionPath, adjustedValues);
|
|
}
|
|
};
|
|
return transactionService.getRetryingTransactionHelper().doInTransaction(auditCallback);
|
|
}
|
|
|
|
/**
|
|
* Utility method to compare a 'results' map with a map of expected values
|
|
*/
|
|
private void checkAuditMaps(Map<String, Serializable> result, Map<String, Serializable> expected)
|
|
{
|
|
String failure = EqualsHelper.getMapDifferenceReport(result, expected);
|
|
if (failure != null)
|
|
{
|
|
fail(failure);
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Test auditing of something resembling real-world data
|
|
*/
|
|
private void auditAction01(String actionName) throws Exception
|
|
{
|
|
Serializable valueA = new Date();
|
|
Serializable valueB = "BBB-value-here";
|
|
Serializable valueC = new Float(16.0F);
|
|
// Get a noderef
|
|
final Map<String, Serializable> parameters = new HashMap<String, Serializable>(13);
|
|
parameters.put("A", valueA);
|
|
parameters.put("B", valueB);
|
|
parameters.put("C", valueC);
|
|
// lowercase versions are not in the config
|
|
parameters.put("a", valueA);
|
|
parameters.put("b", valueB);
|
|
parameters.put("c", valueC);
|
|
|
|
Map<String, Serializable> result = auditTestAction(actionName, nodeRef, parameters);
|
|
|
|
Map<String, Serializable> expected = new HashMap<String, Serializable>();
|
|
expected.put("/actions-test/actions/user", AuthenticationUtil.getFullyAuthenticatedUser());
|
|
expected.put("/actions-test/actions/context-node/noderef", nodeRef);
|
|
expected.put("/actions-test/actions/action-01/params/A/value", valueA);
|
|
expected.put("/actions-test/actions/action-01/params/B/value", valueB);
|
|
expected.put("/actions-test/actions/action-01/params/C/value", valueC);
|
|
|
|
// Check
|
|
checkAuditMaps(result, expected);
|
|
}
|
|
|
|
/**
|
|
* Test auditing of something resembling real-world data
|
|
*/
|
|
public void testAudit_Action01() throws Exception
|
|
{
|
|
auditAction01("action-01");
|
|
}
|
|
|
|
/**
|
|
* Test auditing of something resembling real-world data
|
|
*/
|
|
public void testAudit_Action01Mapped() throws Exception
|
|
{
|
|
auditAction01("action-01-mapped");
|
|
}
|
|
|
|
public void testQuery_Action01() throws Exception
|
|
{
|
|
final Long beforeTime = new Long(System.currentTimeMillis());
|
|
|
|
// Make sure that we have something to search for
|
|
testAudit_Action01();
|
|
|
|
final StringBuilder sb = new StringBuilder();
|
|
final MutableInt rowCount = new MutableInt();
|
|
|
|
AuditQueryCallback callback = new AuditQueryCallback()
|
|
{
|
|
public boolean valuesRequired()
|
|
{
|
|
return true;
|
|
}
|
|
|
|
public boolean handleAuditEntry(
|
|
Long entryId, String applicationName, String user, long time, Map<String, Serializable> values)
|
|
{
|
|
assertNotNull(applicationName);
|
|
assertNotNull(user);
|
|
|
|
sb.append("Row: ")
|
|
.append(entryId).append(" | ")
|
|
.append(applicationName).append(" | ")
|
|
.append(user).append(" | ")
|
|
.append(new Date(time)).append(" | ")
|
|
.append(values).append(" | ")
|
|
.append("\n");
|
|
;
|
|
rowCount.setValue(rowCount.intValue() + 1);
|
|
return true;
|
|
}
|
|
|
|
public boolean handleAuditEntryError(Long entryId, String errorMsg, Throwable error)
|
|
{
|
|
throw new AlfrescoRuntimeException(errorMsg, error);
|
|
}
|
|
};
|
|
|
|
AuditQueryParameters params = new AuditQueryParameters();
|
|
params.setForward(true);
|
|
params.setApplicationName(APPLICATION_ACTIONS_TEST);
|
|
|
|
sb.delete(0, sb.length());
|
|
rowCount.setValue(0);
|
|
auditComponent.auditQuery(callback, params, -1);
|
|
assertTrue("Expected some data", rowCount.intValue() > 0);
|
|
logger.debug(sb.toString());
|
|
int allResults = rowCount.intValue();
|
|
|
|
// Limit by count
|
|
sb.delete(0, sb.length());
|
|
rowCount.setValue(0);
|
|
auditComponent.auditQuery(callback, params, 1);
|
|
assertEquals("Expected to limit data", 1, rowCount.intValue());
|
|
logger.debug(sb.toString());
|
|
|
|
// Limit by time and query up to and excluding the 'before' time
|
|
sb.delete(0, sb.length());
|
|
rowCount.setValue(0);
|
|
params.setToTime(beforeTime);
|
|
auditComponent.auditQuery(callback, params, -1);
|
|
params.setToTime(null);
|
|
logger.debug(sb.toString());
|
|
int resultsBefore = rowCount.intValue();
|
|
|
|
// Limit by time and query from and including the 'before' time
|
|
sb.delete(0, sb.length());
|
|
rowCount.setValue(0);
|
|
params.setFromTime(beforeTime);
|
|
auditComponent.auditQuery(callback, params, -1);
|
|
params.setFromTime(null);
|
|
logger.debug(sb.toString());
|
|
int resultsAfter = rowCount.intValue();
|
|
|
|
assertEquals(
|
|
"Time-limited queries did not get all results before and after a time",
|
|
allResults, (resultsBefore + resultsAfter));
|
|
|
|
sb.delete(0, sb.length());
|
|
rowCount.setValue(0);
|
|
params.setUser(user);
|
|
auditComponent.auditQuery(callback, params, -1);
|
|
params.setUser(null);
|
|
assertTrue("Expected some data for specific user", rowCount.intValue() > 0);
|
|
logger.debug(sb.toString());
|
|
|
|
sb.delete(0, sb.length());
|
|
rowCount.setValue(0);
|
|
params.setUser("Numpty");
|
|
auditComponent.auditQuery(callback, params, -1);
|
|
params.setUser(null);
|
|
assertTrue("Expected no data for bogus user", rowCount.intValue() == 0);
|
|
logger.debug(sb.toString());
|
|
|
|
}
|
|
|
|
/**
|
|
* Test disabling of audit using audit paths
|
|
*/
|
|
public void testAudit_EnableDisableAuditPaths() throws Exception
|
|
{
|
|
Serializable valueA = new Date();
|
|
Serializable valueB = "BBB-value-here";
|
|
Serializable valueC = new Float(16.0F);
|
|
// Get a noderef
|
|
final Map<String, Serializable> parameters = new HashMap<String, Serializable>(13);
|
|
parameters.put("A", valueA);
|
|
parameters.put("B", valueB);
|
|
parameters.put("C", valueC);
|
|
// lowercase versions are not in the config
|
|
parameters.put("a", valueA);
|
|
parameters.put("b", valueB);
|
|
parameters.put("c", valueC);
|
|
|
|
Map<String, Serializable> result = auditTestAction("action-01", nodeRef, parameters);
|
|
|
|
final Map<String, Serializable> expected = new HashMap<String, Serializable>();
|
|
expected.put("/actions-test/actions/user", AuthenticationUtil.getFullyAuthenticatedUser());
|
|
expected.put("/actions-test/actions/context-node/noderef", nodeRef);
|
|
expected.put("/actions-test/actions/action-01/params/A/value", valueA);
|
|
expected.put("/actions-test/actions/action-01/params/B/value", valueB);
|
|
expected.put("/actions-test/actions/action-01/params/C/value", valueC);
|
|
|
|
// Check
|
|
checkAuditMaps(result, expected);
|
|
|
|
// Good. Now disable a path and recheck
|
|
RetryingTransactionCallback<Void> disableAuditCallback = new RetryingTransactionCallback<Void>()
|
|
{
|
|
public Void execute() throws Throwable
|
|
{
|
|
Map<String, Serializable> expectedInner = new HashMap<String, Serializable>(expected);
|
|
|
|
auditComponent.disableAudit(APPLICATION_ACTIONS_TEST, "/actions-test/actions/action-01/params/A");
|
|
expectedInner.remove("/actions-test/actions/action-01/params/A/value");
|
|
Map<String, Serializable> result = auditTestAction("action-01", nodeRef, parameters);
|
|
checkAuditMaps(result, expectedInner);
|
|
|
|
auditComponent.disableAudit(APPLICATION_ACTIONS_TEST, "/actions-test/actions/action-01/params/B");
|
|
expectedInner.remove("/actions-test/actions/action-01/params/B/value");
|
|
result = auditTestAction("action-01", nodeRef, parameters);
|
|
checkAuditMaps(result, expectedInner);
|
|
|
|
auditComponent.disableAudit(APPLICATION_ACTIONS_TEST, "/actions-test");
|
|
expectedInner.clear();
|
|
result = auditTestAction("action-01", nodeRef, parameters);
|
|
checkAuditMaps(result, expectedInner);
|
|
|
|
// Enabling something lower down should make no difference
|
|
auditComponent.enableAudit(APPLICATION_ACTIONS_TEST, "/actions-test/actions/action-01/params/B");
|
|
expectedInner.clear();
|
|
result = auditTestAction("action-01", nodeRef, parameters);
|
|
checkAuditMaps(result, expectedInner);
|
|
|
|
// Enabling the root should give back everything
|
|
auditComponent.enableAudit(APPLICATION_ACTIONS_TEST, "/actions-test");
|
|
expectedInner = new HashMap<String, Serializable>(expected);
|
|
result = auditTestAction("action-01", nodeRef, parameters);
|
|
checkAuditMaps(result, expectedInner);
|
|
|
|
return null;
|
|
}
|
|
};
|
|
transactionService.getRetryingTransactionHelper().doInTransaction(disableAuditCallback, false);
|
|
}
|
|
|
|
public void testAuditAuthenticationService() throws Exception
|
|
{
|
|
AuditQueryParameters params = new AuditQueryParameters();
|
|
params.setForward(true);
|
|
params.setApplicationName(APPLICATION_API_TEST);
|
|
|
|
// Load in the config for this specific test: alfresco-audit-test-authenticationservice.xml
|
|
URL testModelUrl = ResourceUtils.getURL("classpath:alfresco/audit/alfresco-audit-test-authenticationservice.xml");
|
|
auditModelRegistry.registerModel(testModelUrl);
|
|
auditModelRegistry.loadAuditModels();
|
|
|
|
final List<Map<String, Serializable>> results = new ArrayList<Map<String,Serializable>>();
|
|
final StringBuilder sb = new StringBuilder();
|
|
AuditQueryCallback auditQueryCallback = new AuditQueryCallback()
|
|
{
|
|
public boolean valuesRequired()
|
|
{
|
|
return true;
|
|
}
|
|
|
|
public boolean handleAuditEntry(
|
|
Long entryId,
|
|
String applicationName,
|
|
String user,
|
|
long time,
|
|
Map<String, Serializable> values)
|
|
{
|
|
results.add(values);
|
|
if (logger.isDebugEnabled())
|
|
{
|
|
logger.debug(
|
|
"Audit Entry " + entryId + ": " + applicationName + ", " + user + ", " + new Date(time) + "\n" +
|
|
" Data: " + values);
|
|
}
|
|
sb.append("Row: ")
|
|
.append(entryId).append(" | ")
|
|
.append(applicationName).append(" | ")
|
|
.append(user).append(" | ")
|
|
.append(new Date(time)).append(" | ")
|
|
.append(values).append(" | ")
|
|
.append("\n");
|
|
;
|
|
return true;
|
|
}
|
|
|
|
public boolean handleAuditEntryError(Long entryId, String errorMsg, Throwable error)
|
|
{
|
|
throw new AlfrescoRuntimeException(errorMsg, error);
|
|
}
|
|
};
|
|
|
|
auditService.clearAudit(APPLICATION_API_TEST);
|
|
results.clear();
|
|
sb.delete(0, sb.length());
|
|
auditService.auditQuery(auditQueryCallback, params, -1);
|
|
logger.debug(sb.toString());
|
|
assertTrue("There should be no audit entries for the API test after a clear", results.isEmpty());
|
|
|
|
final MutableAuthenticationService authenticationService = serviceRegistry.getAuthenticationService();
|
|
// Create a good authentication
|
|
RunAsWork<Void> createAuthenticationWork = new RunAsWork<Void>()
|
|
{
|
|
public Void doWork() throws Exception
|
|
{
|
|
if (!authenticationService.authenticationExists(getName()))
|
|
{
|
|
authenticationService.createAuthentication(getName(), getName().toCharArray());
|
|
}
|
|
return null;
|
|
}
|
|
};
|
|
AuthenticationUtil.runAs(createAuthenticationWork, AuthenticationUtil.getSystemUserName());
|
|
|
|
// Clear everything out and do a successful authentication
|
|
auditService.clearAudit(APPLICATION_API_TEST);
|
|
try
|
|
{
|
|
AuthenticationUtil.pushAuthentication();
|
|
authenticationService.authenticate(getName(), getName().toCharArray());
|
|
}
|
|
finally
|
|
{
|
|
AuthenticationUtil.popAuthentication();
|
|
}
|
|
|
|
// Check that the call was audited
|
|
results.clear();
|
|
sb.delete(0, sb.length());
|
|
auditService.auditQuery(auditQueryCallback, params, -1);
|
|
logger.debug(sb.toString());
|
|
assertFalse("Did not get any audit results after successful login", results.isEmpty());
|
|
|
|
// Clear everything and check that unsuccessful authentication was audited
|
|
auditService.clearAudit(APPLICATION_API_TEST);
|
|
try
|
|
{
|
|
authenticationService.authenticate("banana", "****".toCharArray());
|
|
fail("Invalid authentication attempt should fail");
|
|
}
|
|
catch (AuthenticationException e)
|
|
{
|
|
// Expected
|
|
}
|
|
results.clear();
|
|
sb.delete(0, sb.length());
|
|
auditService.auditQuery(auditQueryCallback, params, -1);
|
|
logger.debug(sb.toString());
|
|
assertFalse("Did not get any audit results after failed login", results.isEmpty());
|
|
}
|
|
|
|
public void testAuditQuery_MaxId() throws Exception
|
|
{
|
|
AuditQueryCallback auditQueryCallback = new AuditQueryCallback()
|
|
{
|
|
public boolean valuesRequired()
|
|
{
|
|
return true;
|
|
}
|
|
|
|
public boolean handleAuditEntry(
|
|
Long entryId,
|
|
String applicationName,
|
|
String user,
|
|
long time,
|
|
Map<String, Serializable> values)
|
|
{
|
|
if (logger.isDebugEnabled())
|
|
{
|
|
logger.debug(
|
|
"Audit Entry " + entryId + ": " + applicationName + ", " + user + ", " + new Date(time) + "\n" +
|
|
" Data: " + values);
|
|
}
|
|
return true;
|
|
}
|
|
|
|
public boolean handleAuditEntryError(Long entryId, String errorMsg, Throwable error)
|
|
{
|
|
throw new AlfrescoRuntimeException(errorMsg, error);
|
|
}
|
|
};
|
|
|
|
AuditQueryParameters params = new AuditQueryParameters();
|
|
params.setApplicationName(APPLICATION_API_TEST);
|
|
params.setForward(false);
|
|
params.setToId(Long.MAX_VALUE);
|
|
auditService.auditQuery(auditQueryCallback, params, 1);
|
|
}
|
|
|
|
}
|