Search in sources :

Example 6 with AuditLog

use of org.craftercms.studio.api.v2.dal.AuditLog in project studio by craftercms.

the class GroupServiceImpl method updateGroup.

@Override
@HasPermission(type = DefaultPermission.class, action = "update_groups")
public Group updateGroup(long orgId, Group group) throws ServiceLayerException, GroupNotFoundException, AuthenticationException {
    Group toRet = groupServiceInternal.updateGroup(orgId, group);
    SiteFeed siteFeed = siteService.getSite(studioConfiguration.getProperty(CONFIGURATION_GLOBAL_SYSTEM_SITE));
    AuditLog auditLog = auditServiceInternal.createAuditLogEntry();
    auditLog.setOperation(OPERATION_UPDATE);
    auditLog.setSiteId(siteFeed.getId());
    auditLog.setActorId(userService.getCurrentUser().getUsername());
    auditLog.setPrimaryTargetId(group.getGroupName());
    auditLog.setPrimaryTargetType(TARGET_TYPE_GROUP);
    auditLog.setPrimaryTargetValue(group.getGroupName());
    auditServiceInternal.insertAuditLog(auditLog);
    return toRet;
}
Also used : Group(org.craftercms.studio.api.v2.dal.Group) SiteFeed(org.craftercms.studio.api.v1.dal.SiteFeed) AuditLog(org.craftercms.studio.api.v2.dal.AuditLog) HasPermission(org.craftercms.commons.security.permissions.annotations.HasPermission)

Example 7 with AuditLog

use of org.craftercms.studio.api.v2.dal.AuditLog in project studio by craftercms.

the class GroupServiceImpl method removeGroupMembers.

@Override
@HasPermission(type = DefaultPermission.class, action = "update_groups")
public void removeGroupMembers(long groupId, List<Long> userIds, List<String> usernames) throws ServiceLayerException, UserNotFoundException, GroupNotFoundException, AuthenticationException {
    Group group = getGroup(groupId);
    generalLockService.lock(REMOVE_SYSTEM_ADMIN_MEMBER_LOCK);
    try {
        if (group.getGroupName().equals(SYSTEM_ADMIN_GROUP)) {
            List<User> members = getGroupMembers(groupId, 0, Integer.MAX_VALUE, StringUtils.EMPTY);
            if (CollectionUtils.isNotEmpty(members)) {
                List<User> membersAfterRemove = new ArrayList<User>();
                membersAfterRemove.addAll(members);
                members.forEach(m -> {
                    if (CollectionUtils.isNotEmpty(userIds)) {
                        if (userIds.contains(m.getId())) {
                            membersAfterRemove.remove(m);
                        }
                    }
                    if (CollectionUtils.isNotEmpty(usernames)) {
                        if (usernames.contains(m.getUsername())) {
                            membersAfterRemove.remove(m);
                        }
                    }
                });
                if (CollectionUtils.isEmpty(membersAfterRemove)) {
                    throw new ServiceLayerException("Removing all members of the System Admin group is not allowed." + " We must have at least one system administrator.");
                }
            }
        }
        List<User> users = userServiceInternal.getUsersByIdOrUsername(userIds, usernames);
        groupServiceInternal.removeGroupMembers(groupId, userIds, usernames);
        SiteFeed siteFeed = siteService.getSite(studioConfiguration.getProperty(CONFIGURATION_GLOBAL_SYSTEM_SITE));
        AuditLog auditLog = auditServiceInternal.createAuditLogEntry();
        auditLog.setOperation(OPERATION_REMOVE_MEMBERS);
        auditLog.setActorId(userService.getCurrentUser().getUsername());
        auditLog.setSiteId(siteFeed.getId());
        auditLog.setPrimaryTargetId(Long.toString(group.getId()));
        auditLog.setPrimaryTargetType(TARGET_TYPE_USER);
        auditLog.setPrimaryTargetValue(group.getGroupName());
        List<AuditLogParameter> paramters = new ArrayList<AuditLogParameter>();
        for (User user : users) {
            AuditLogParameter paramter = new AuditLogParameter();
            paramter.setTargetId(Long.toString(user.getId()));
            paramter.setTargetType(TARGET_TYPE_USER);
            paramter.setTargetValue(user.getUsername());
            paramters.add(paramter);
        }
        auditLog.setParameters(paramters);
        auditServiceInternal.insertAuditLog(auditLog);
    } finally {
        generalLockService.unlock(REMOVE_SYSTEM_ADMIN_MEMBER_LOCK);
    }
}
Also used : Group(org.craftercms.studio.api.v2.dal.Group) User(org.craftercms.studio.api.v2.dal.User) SiteFeed(org.craftercms.studio.api.v1.dal.SiteFeed) ArrayList(java.util.ArrayList) ServiceLayerException(org.craftercms.studio.api.v1.exception.ServiceLayerException) AuditLogParameter(org.craftercms.studio.api.v2.dal.AuditLogParameter) AuditLog(org.craftercms.studio.api.v2.dal.AuditLog) HasPermission(org.craftercms.commons.security.permissions.annotations.HasPermission)

Example 8 with AuditLog

use of org.craftercms.studio.api.v2.dal.AuditLog in project studio by craftercms.

the class ClusterManagementServiceImpl method removeMembers.

@Override
@HasPermission(type = DefaultPermission.class, action = "delete_cluster")
public boolean removeMembers(List<Long> memberIds) throws SiteNotFoundException {
    List<ClusterMember> members = getAllMemebers();
    boolean toRet = clusterManagementServiceInternal.removeMembers(memberIds);
    if (toRet) {
        SiteFeed siteFeed = siteService.getSite(studioConfiguration.getProperty(CONFIGURATION_GLOBAL_SYSTEM_SITE));
        AuditLog auditLog = auditServiceInternal.createAuditLogEntry();
        auditLog.setSiteId(siteFeed.getId());
        auditLog.setOperation(OPERATION_REMOVE_CLUSTER_NODE);
        auditLog.setActorId(securityService.getCurrentUser());
        auditLog.setPrimaryTargetId(siteFeed.getSiteId());
        auditLog.setPrimaryTargetType(TARGET_TYPE_CLUSTER_NODE);
        auditLog.setPrimaryTargetValue(siteFeed.getName());
        List<AuditLogParameter> paramters = new ArrayList<AuditLogParameter>();
        for (ClusterMember m : members) {
            AuditLogParameter paramter = new AuditLogParameter();
            paramter.setTargetId(Long.toString(m.getId()));
            paramter.setTargetType(TARGET_TYPE_CLUSTER_NODE);
            paramter.setTargetValue(m.getLocalAddress());
            paramters.add(paramter);
        }
        auditLog.setParameters(paramters);
        auditServiceInternal.insertAuditLog(auditLog);
    }
    return toRet;
}
Also used : ClusterMember(org.craftercms.studio.api.v2.dal.ClusterMember) SiteFeed(org.craftercms.studio.api.v1.dal.SiteFeed) ArrayList(java.util.ArrayList) AuditLogParameter(org.craftercms.studio.api.v2.dal.AuditLogParameter) AuditLog(org.craftercms.studio.api.v2.dal.AuditLog) HasPermission(org.craftercms.commons.security.permissions.annotations.HasPermission)

Example 9 with AuditLog

use of org.craftercms.studio.api.v2.dal.AuditLog in project studio by craftercms.

the class StudioAuditLogProcessingTask method processAuditLogFromRepo.

private void processAuditLogFromRepo(String siteId, int batchSize) throws SiteNotFoundException {
    List<GitLog> unauditedGitlogs = contentRepository.getUnauditedCommits(siteId, batchSize);
    if (unauditedGitlogs != null) {
        SiteFeed siteFeed = siteService.getSite(siteId);
        for (GitLog gl : unauditedGitlogs) {
            if (contentRepository.commitIdExists(siteId, gl.getCommitId())) {
                String prevCommitId = gl.getCommitId() + PREVIOUS_COMMIT_SUFFIX;
                List<RepoOperation> operations = contentRepository.getOperationsFromDelta(siteId, prevCommitId, gl.getCommitId());
                for (RepoOperation repoOperation : operations) {
                    Map<String, String> activityInfo = new HashMap<String, String>();
                    String contentClass;
                    AuditLog auditLog;
                    switch(repoOperation.getAction()) {
                        case CREATE:
                        case COPY:
                            contentClass = contentService.getContentTypeClass(siteId, repoOperation.getPath());
                            if (repoOperation.getPath().endsWith(DmConstants.XML_PATTERN)) {
                                activityInfo.put(DmConstants.KEY_CONTENT_TYPE, contentClass);
                            }
                            logger.debug("Insert audit log for site: " + siteId + " path: " + repoOperation.getPath());
                            auditLog = auditServiceInternal.createAuditLogEntry();
                            auditLog.setOperation(OPERATION_CREATE);
                            auditLog.setOperationTimestamp(repoOperation.getDateTime());
                            auditLog.setSiteId(siteFeed.getId());
                            auditLog.setActorId(repoOperation.getAuthor());
                            auditLog.setActorDetails(repoOperation.getAuthor());
                            auditLog.setPrimaryTargetId(siteId + ":" + repoOperation.getPath());
                            auditLog.setPrimaryTargetType(TARGET_TYPE_CONTENT_ITEM);
                            auditLog.setPrimaryTargetValue(repoOperation.getPath());
                            auditLog.setPrimaryTargetSubtype(contentService.getContentTypeClass(siteId, repoOperation.getPath()));
                            auditLog.setOrigin(ORIGIN_GIT);
                            auditServiceInternal.insertAuditLog(auditLog);
                            break;
                        case UPDATE:
                            contentClass = contentService.getContentTypeClass(siteId, repoOperation.getPath());
                            if (repoOperation.getPath().endsWith(DmConstants.XML_PATTERN)) {
                                activityInfo.put(DmConstants.KEY_CONTENT_TYPE, contentClass);
                            }
                            logger.debug("Insert audit log for site: " + siteId + " path: " + repoOperation.getPath());
                            auditLog = auditServiceInternal.createAuditLogEntry();
                            auditLog.setOperation(OPERATION_UPDATE);
                            auditLog.setOperationTimestamp(repoOperation.getDateTime());
                            auditLog.setSiteId(siteFeed.getId());
                            auditLog.setActorId(repoOperation.getAuthor());
                            auditLog.setActorDetails(repoOperation.getAuthor());
                            auditLog.setOrigin(ORIGIN_GIT);
                            auditLog.setPrimaryTargetId(siteId + ":" + repoOperation.getPath());
                            auditLog.setPrimaryTargetType(TARGET_TYPE_CONTENT_ITEM);
                            auditLog.setPrimaryTargetValue(repoOperation.getPath());
                            auditLog.setPrimaryTargetSubtype(contentService.getContentTypeClass(siteId, repoOperation.getPath()));
                            auditServiceInternal.insertAuditLog(auditLog);
                            break;
                        case DELETE:
                            contentClass = contentService.getContentTypeClass(siteId, repoOperation.getPath());
                            if (repoOperation.getPath().endsWith(DmConstants.XML_PATTERN)) {
                                activityInfo.put(DmConstants.KEY_CONTENT_TYPE, contentClass);
                            }
                            logger.debug("Insert audit log for site: " + siteId + " path: " + repoOperation.getPath());
                            auditLog = auditServiceInternal.createAuditLogEntry();
                            auditLog.setOperation(OPERATION_DELETE);
                            auditLog.setOperationTimestamp(repoOperation.getDateTime());
                            auditLog.setSiteId(siteFeed.getId());
                            auditLog.setOrigin(ORIGIN_GIT);
                            auditLog.setActorId(repoOperation.getAuthor());
                            auditLog.setActorDetails(repoOperation.getAuthor());
                            auditLog.setPrimaryTargetId(siteId + ":" + repoOperation.getPath());
                            auditLog.setPrimaryTargetType(TARGET_TYPE_CONTENT_ITEM);
                            auditLog.setPrimaryTargetValue(repoOperation.getPath());
                            auditLog.setPrimaryTargetSubtype(contentService.getContentTypeClass(siteId, repoOperation.getPath()));
                            auditServiceInternal.insertAuditLog(auditLog);
                            break;
                        case MOVE:
                            contentClass = contentService.getContentTypeClass(siteId, repoOperation.getMoveToPath());
                            if (repoOperation.getMoveToPath().endsWith(DmConstants.XML_PATTERN)) {
                                activityInfo.put(DmConstants.KEY_CONTENT_TYPE, contentClass);
                            }
                            logger.debug("Insert audit log for site: " + siteId + " path: " + repoOperation.getMoveToPath());
                            auditLog = auditServiceInternal.createAuditLogEntry();
                            auditLog.setOperation(OPERATION_MOVE);
                            auditLog.setOperationTimestamp(repoOperation.getDateTime());
                            auditLog.setSiteId(siteFeed.getId());
                            auditLog.setActorId(repoOperation.getAuthor());
                            auditLog.setActorDetails(repoOperation.getAuthor());
                            auditLog.setOrigin(ORIGIN_GIT);
                            auditLog.setPrimaryTargetId(siteId + ":" + repoOperation.getMoveToPath());
                            auditLog.setPrimaryTargetType(TARGET_TYPE_CONTENT_ITEM);
                            auditLog.setPrimaryTargetValue(repoOperation.getMoveToPath());
                            auditLog.setPrimaryTargetSubtype(contentService.getContentTypeClass(siteId, repoOperation.getMoveToPath()));
                            auditServiceInternal.insertAuditLog(auditLog);
                            break;
                        default:
                            logger.error("Error: Unknown repo operation for site " + siteId + " operation: " + repoOperation.getAction());
                            break;
                    }
                }
            }
            contentRepository.markGitLogAudited(siteId, gl.getCommitId());
        }
    }
}
Also used : RepoOperation(org.craftercms.studio.api.v2.dal.RepoOperation) HashMap(java.util.HashMap) GitLog(org.craftercms.studio.api.v2.dal.GitLog) SiteFeed(org.craftercms.studio.api.v1.dal.SiteFeed) AuditLog(org.craftercms.studio.api.v2.dal.AuditLog)

Example 10 with AuditLog

use of org.craftercms.studio.api.v2.dal.AuditLog in project studio by craftercms.

the class ContentServiceImpl method createFolder.

@Override
@ValidateParams
public boolean createFolder(@ValidateStringParam(name = "site") String site, @ValidateSecurePathParam(name = "path") String path, @ValidateStringParam(name = "name") String name) throws SiteNotFoundException {
    boolean toRet = false;
    String commitId = _contentRepository.createFolder(site, path, name);
    if (commitId != null) {
        SiteFeed siteFeed = siteService.getSite(site);
        AuditLog auditLog = auditServiceInternal.createAuditLogEntry();
        auditLog.setOperation(OPERATION_CREATE);
        auditLog.setSiteId(siteFeed.getId());
        auditLog.setActorId(securityService.getCurrentUser());
        auditLog.setPrimaryTargetId(site + ":" + path + FILE_SEPARATOR + name);
        auditLog.setPrimaryTargetType(TARGET_TYPE_FOLDER);
        auditLog.setPrimaryTargetValue(path + FILE_SEPARATOR + name);
        auditServiceInternal.insertAuditLog(auditLog);
        contentRepository.insertGitLog(site, commitId, 1, 1);
        siteService.updateLastCommitId(site, commitId);
        toRet = true;
    }
    return toRet;
}
Also used : SiteFeed(org.craftercms.studio.api.v1.dal.SiteFeed) AuditLog(org.craftercms.studio.api.v2.dal.AuditLog) ValidateParams(org.craftercms.commons.validation.annotations.param.ValidateParams)

Aggregations

AuditLog (org.craftercms.studio.api.v2.dal.AuditLog)44 SiteFeed (org.craftercms.studio.api.v1.dal.SiteFeed)38 ArrayList (java.util.ArrayList)16 ServiceLayerException (org.craftercms.studio.api.v1.exception.ServiceLayerException)11 AuditLogParameter (org.craftercms.studio.api.v2.dal.AuditLogParameter)11 HasPermission (org.craftercms.commons.security.permissions.annotations.HasPermission)10 Group (org.craftercms.studio.api.v2.dal.Group)10 User (org.craftercms.studio.api.v2.dal.User)9 HashMap (java.util.HashMap)7 SiteNotFoundException (org.craftercms.studio.api.v1.exception.SiteNotFoundException)6 ValidateParams (org.craftercms.commons.validation.annotations.param.ValidateParams)5 AuthenticationSystemException (org.craftercms.studio.api.v1.exception.security.AuthenticationSystemException)5 UserAlreadyExistsException (org.craftercms.studio.api.v1.exception.security.UserAlreadyExistsException)4 UserNotFoundException (org.craftercms.studio.api.v1.exception.security.UserNotFoundException)4 SiteService (org.craftercms.studio.api.v1.service.site.SiteService)4 UserGroup (org.craftercms.studio.api.v2.dal.UserGroup)4 AuditServiceInternal (org.craftercms.studio.api.v2.service.audit.internal.AuditServiceInternal)4 StudioConfiguration (org.craftercms.studio.api.v2.utils.StudioConfiguration)4 SimpleDateFormat (java.text.SimpleDateFormat)3 GroupDAO (org.craftercms.studio.api.v2.dal.GroupDAO)3