Example 1 with OPERATION_DELETE
use of org.craftercms.studio.api.v2.dal.AuditLogConstants.OPERATION_DELETE in project studio by craftercms.
the class UserServiceImpl method deleteUsers.
@Override
@HasPermission(type = DefaultPermission.class, action = "delete_users")
public void deleteUsers(List<Long> userIds, List<String> usernames) throws ServiceLayerException, AuthenticationException, UserNotFoundException {
User currentUser = getCurrentUser();
if (CollectionUtils.containsAny(userIds, Arrays.asList(currentUser.getId())) || CollectionUtils.containsAny(usernames, Arrays.asList(currentUser.getUsername()))) {
throw new ServiceLayerException("Cannot delete self.");
}
generalLockService.lock(REMOVE_SYSTEM_ADMIN_MEMBER_LOCK);
try {
try {
Group g = groupServiceInternal.getGroupByName(SYSTEM_ADMIN_GROUP);
List<User> members = groupServiceInternal.getGroupMembers(g.getId(), 0, Integer.MAX_VALUE, StringUtils.EMPTY);
if (CollectionUtils.isNotEmpty(members)) {
List<User> membersAfterRemove = new ArrayList<User>();
membersAfterRemove.addAll(members);
members.forEach(m -> {
if (CollectionUtils.isNotEmpty(userIds)) {
if (userIds.contains(m.getId())) {
membersAfterRemove.remove(m);
}
}
if (CollectionUtils.isNotEmpty(usernames)) {
if (usernames.contains(m.getUsername())) {
membersAfterRemove.remove(m);
}
}
});
if (CollectionUtils.isEmpty(membersAfterRemove)) {
throw new ServiceLayerException("Removing all members of the System Admin group is not allowed." + " We must have at least one system administrator.");
}
}
} catch (GroupNotFoundException e) {
throw new ServiceLayerException("The System Admin group is not found.", e);
}
List<User> toDelete = userServiceInternal.getUsersByIdOrUsername(userIds, usernames);
userServiceInternal.deleteUsers(userIds, usernames);
SiteFeed siteFeed = siteService.getSite(studioConfiguration.getProperty(CONFIGURATION_GLOBAL_SYSTEM_SITE));
AuditLog auditLog = auditServiceInternal.createAuditLogEntry();
auditLog.setOperation(OPERATION_DELETE);
auditLog.setActorId(getCurrentUser().getUsername());
auditLog.setPrimaryTargetId(siteFeed.getSiteId());
auditLog.setPrimaryTargetType(TARGET_TYPE_USER);
auditLog.setPrimaryTargetValue(siteFeed.getName());
List<AuditLogParameter> paramters = new ArrayList<AuditLogParameter>();
for (User deletedUser : toDelete) {
AuditLogParameter paramter = new AuditLogParameter();
paramter.setTargetId(Long.toString(deletedUser.getId()));
paramter.setTargetType(TARGET_TYPE_USER);
paramter.setTargetValue(deletedUser.getUsername());
paramters.add(paramter);
}
auditLog.setParameters(paramters);
auditServiceInternal.insertAuditLog(auditLog);
} finally {
generalLockService.unlock(REMOVE_SYSTEM_ADMIN_MEMBER_LOCK);
}
}
Also used :
Group(org.craftercms.studio.api.v2.dal.Group)
User(org.craftercms.studio.api.v2.dal.User)
AuthenticatedUser(org.craftercms.studio.model.AuthenticatedUser)
SiteFeed(org.craftercms.studio.api.v1.dal.SiteFeed)
ArrayList(java.util.ArrayList)
ServiceLayerException(org.craftercms.studio.api.v1.exception.ServiceLayerException)
GroupNotFoundException(org.craftercms.studio.api.v1.exception.security.GroupNotFoundException)
AuditLogParameter(org.craftercms.studio.api.v2.dal.AuditLogParameter)
AuditLog(org.craftercms.studio.api.v2.dal.AuditLog)
HasPermission(org.craftercms.commons.security.permissions.annotations.HasPermission)
Example 2 with OPERATION_DELETE
use of org.craftercms.studio.api.v2.dal.AuditLogConstants.OPERATION_DELETE in project studio by craftercms.
the class StudioAuditLogProcessingTask method processAuditLogFromRepo.
private void processAuditLogFromRepo(String siteId, int batchSize) throws SiteNotFoundException {
List<GitLog> unauditedGitlogs = contentRepository.getUnauditedCommits(siteId, batchSize);
if (unauditedGitlogs != null) {
SiteFeed siteFeed = siteService.getSite(siteId);
for (GitLog gl : unauditedGitlogs) {
if (contentRepository.commitIdExists(siteId, gl.getCommitId())) {
String prevCommitId = gl.getCommitId() + PREVIOUS_COMMIT_SUFFIX;
List<RepoOperation> operations = contentRepository.getOperationsFromDelta(siteId, prevCommitId, gl.getCommitId());
for (RepoOperation repoOperation : operations) {
Map<String, String> activityInfo = new HashMap<String, String>();
String contentClass;
AuditLog auditLog;
switch(repoOperation.getAction()) {
case CREATE:
case COPY:
contentClass = contentService.getContentTypeClass(siteId, repoOperation.getPath());
if (repoOperation.getPath().endsWith(DmConstants.XML_PATTERN)) {
activityInfo.put(DmConstants.KEY_CONTENT_TYPE, contentClass);
}
logger.debug("Insert audit log for site: " + siteId + " path: " + repoOperation.getPath());
auditLog = auditServiceInternal.createAuditLogEntry();
auditLog.setOperation(OPERATION_CREATE);
auditLog.setOperationTimestamp(repoOperation.getDateTime());
auditLog.setSiteId(siteFeed.getId());
auditLog.setActorId(repoOperation.getAuthor());
auditLog.setActorDetails(repoOperation.getAuthor());
auditLog.setPrimaryTargetId(siteId + ":" + repoOperation.getPath());
auditLog.setPrimaryTargetType(TARGET_TYPE_CONTENT_ITEM);
auditLog.setPrimaryTargetValue(repoOperation.getPath());
auditLog.setPrimaryTargetSubtype(contentService.getContentTypeClass(siteId, repoOperation.getPath()));
auditLog.setOrigin(ORIGIN_GIT);
auditServiceInternal.insertAuditLog(auditLog);
break;
case UPDATE:
contentClass = contentService.getContentTypeClass(siteId, repoOperation.getPath());
if (repoOperation.getPath().endsWith(DmConstants.XML_PATTERN)) {
activityInfo.put(DmConstants.KEY_CONTENT_TYPE, contentClass);
}
logger.debug("Insert audit log for site: " + siteId + " path: " + repoOperation.getPath());
auditLog = auditServiceInternal.createAuditLogEntry();
auditLog.setOperation(OPERATION_UPDATE);
auditLog.setOperationTimestamp(repoOperation.getDateTime());
auditLog.setSiteId(siteFeed.getId());
auditLog.setActorId(repoOperation.getAuthor());
auditLog.setActorDetails(repoOperation.getAuthor());
auditLog.setOrigin(ORIGIN_GIT);
auditLog.setPrimaryTargetId(siteId + ":" + repoOperation.getPath());
auditLog.setPrimaryTargetType(TARGET_TYPE_CONTENT_ITEM);
auditLog.setPrimaryTargetValue(repoOperation.getPath());
auditLog.setPrimaryTargetSubtype(contentService.getContentTypeClass(siteId, repoOperation.getPath()));
auditServiceInternal.insertAuditLog(auditLog);
break;
case DELETE:
contentClass = contentService.getContentTypeClass(siteId, repoOperation.getPath());
if (repoOperation.getPath().endsWith(DmConstants.XML_PATTERN)) {
activityInfo.put(DmConstants.KEY_CONTENT_TYPE, contentClass);
}
logger.debug("Insert audit log for site: " + siteId + " path: " + repoOperation.getPath());
auditLog = auditServiceInternal.createAuditLogEntry();
auditLog.setOperation(OPERATION_DELETE);
auditLog.setOperationTimestamp(repoOperation.getDateTime());
auditLog.setSiteId(siteFeed.getId());
auditLog.setOrigin(ORIGIN_GIT);
auditLog.setActorId(repoOperation.getAuthor());
auditLog.setActorDetails(repoOperation.getAuthor());
auditLog.setPrimaryTargetId(siteId + ":" + repoOperation.getPath());
auditLog.setPrimaryTargetType(TARGET_TYPE_CONTENT_ITEM);
auditLog.setPrimaryTargetValue(repoOperation.getPath());
auditLog.setPrimaryTargetSubtype(contentService.getContentTypeClass(siteId, repoOperation.getPath()));
auditServiceInternal.insertAuditLog(auditLog);
break;
case MOVE:
contentClass = contentService.getContentTypeClass(siteId, repoOperation.getMoveToPath());
if (repoOperation.getMoveToPath().endsWith(DmConstants.XML_PATTERN)) {
activityInfo.put(DmConstants.KEY_CONTENT_TYPE, contentClass);
}
logger.debug("Insert audit log for site: " + siteId + " path: " + repoOperation.getMoveToPath());
auditLog = auditServiceInternal.createAuditLogEntry();
auditLog.setOperation(OPERATION_MOVE);
auditLog.setOperationTimestamp(repoOperation.getDateTime());
auditLog.setSiteId(siteFeed.getId());
auditLog.setActorId(repoOperation.getAuthor());
auditLog.setActorDetails(repoOperation.getAuthor());
auditLog.setOrigin(ORIGIN_GIT);
auditLog.setPrimaryTargetId(siteId + ":" + repoOperation.getMoveToPath());
auditLog.setPrimaryTargetType(TARGET_TYPE_CONTENT_ITEM);
auditLog.setPrimaryTargetValue(repoOperation.getMoveToPath());
auditLog.setPrimaryTargetSubtype(contentService.getContentTypeClass(siteId, repoOperation.getMoveToPath()));
auditServiceInternal.insertAuditLog(auditLog);
break;
default:
logger.error("Error: Unknown repo operation for site " + siteId + " operation: " + repoOperation.getAction());
break;
}
}
}
contentRepository.markGitLogAudited(siteId, gl.getCommitId());
}
}
}
Also used :
RepoOperation(org.craftercms.studio.api.v2.dal.RepoOperation)
HashMap(java.util.HashMap)
GitLog(org.craftercms.studio.api.v2.dal.GitLog)
SiteFeed(org.craftercms.studio.api.v1.dal.SiteFeed)
AuditLog(org.craftercms.studio.api.v2.dal.AuditLog)
Example 3 with OPERATION_DELETE
use of org.craftercms.studio.api.v2.dal.AuditLogConstants.OPERATION_DELETE in project studio by craftercms.
the class SiteServiceImpl method insertDeleteSiteAuditLog.
private void insertDeleteSiteAuditLog(String siteId, String siteName) throws SiteNotFoundException {
SiteFeed siteFeed = getSite(studioConfiguration.getProperty(CONFIGURATION_GLOBAL_SYSTEM_SITE));
String user = securityService.getCurrentUser();
AuditLog auditLog = auditServiceInternal.createAuditLogEntry();
auditLog.setOperation(OPERATION_DELETE);
auditLog.setSiteId(siteFeed.getId());
auditLog.setActorId(user);
auditLog.setPrimaryTargetId(siteId);
auditLog.setPrimaryTargetType(TARGET_TYPE_SITE);
auditLog.setPrimaryTargetValue(siteName);
auditServiceInternal.insertAuditLog(auditLog);
}Example 4 with OPERATION_DELETE
use of org.craftercms.studio.api.v2.dal.AuditLogConstants.OPERATION_DELETE in project studio by craftercms.
the class ContentServiceImpl method generateDeleteActivity.
protected void generateDeleteActivity(String site, String path, String approver) throws SiteNotFoundException {
// TODO: SJ: activities. Fix in 3.1+ by introducing the audit service and refactoring accordingly
if (StringUtils.isEmpty(approver)) {
approver = securityService.getCurrentUser();
}
boolean exists = contentExists(site, path);
if (exists) {
ContentItemTO item = getContentItem(site, path, 0);
ItemMetadata properties = objectMetadataManager.getProperties(site, path);
String user = (properties != null && !StringUtils.isEmpty(properties.getSubmittedBy()) ? properties.getSubmittedBy() : approver);
Map<String, String> extraInfo = new HashMap<String, String>();
if (item.isFolder()) {
extraInfo.put(DmConstants.KEY_CONTENT_TYPE, CONTENT_TYPE_FOLDER);
} else {
extraInfo.put(DmConstants.KEY_CONTENT_TYPE, getContentTypeClass(site, path));
}
logger.debug("[DELETE] posting delete activity on " + path + " by " + user + " in " + site);
SiteFeed siteFeed = siteService.getSite(site);
AuditLog auditLog = auditServiceInternal.createAuditLogEntry();
auditLog.setOperation(OPERATION_DELETE);
auditLog.setSiteId(siteFeed.getId());
auditLog.setActorId(user);
auditLog.setPrimaryTargetId(site + ":" + path);
auditLog.setPrimaryTargetType(TARGET_TYPE_CONTENT_ITEM);
auditLog.setPrimaryTargetValue(path);
auditLog.setPrimaryTargetSubtype(getContentTypeClass(site, path));
auditServiceInternal.insertAuditLog(auditLog);
// process content life cycle
if (path.endsWith(DmConstants.XML_PATTERN)) {
String contentType = item.getContentType();
dmContentLifeCycleService.process(site, user, path, contentType, DmContentLifeCycleService.ContentLifeCycleOperation.DELETE, null);
}
}
}
Also used :
ContentItemTO(org.craftercms.studio.api.v1.to.ContentItemTO)
HashMap(java.util.HashMap)
SiteFeed(org.craftercms.studio.api.v1.dal.SiteFeed)
AuditLog(org.craftercms.studio.api.v2.dal.AuditLog)
ItemMetadata(org.craftercms.studio.api.v1.dal.ItemMetadata)
Example 5 with OPERATION_DELETE
use of org.craftercms.studio.api.v2.dal.AuditLogConstants.OPERATION_DELETE in project studio by craftercms.
the class GroupServiceImpl method deleteGroup.
@Override
@HasPermission(type = DefaultPermission.class, action = "delete_groups")
public void deleteGroup(List<Long> groupIds) throws ServiceLayerException, GroupNotFoundException, AuthenticationException {
Group sysAdminGroup;
try {
sysAdminGroup = groupServiceInternal.getGroupByName(SYSTEM_ADMIN_GROUP);
} catch (GroupNotFoundException e) {
throw new ServiceLayerException("The System Admin group is not found", e);
}
if (CollectionUtils.isNotEmpty(groupIds)) {
if (groupIds.contains(sysAdminGroup.getId())) {
throw new ServiceLayerException("Deleting the System Admin group is not allowed.");
}
}
List<Group> groups = groupServiceInternal.getGroups(groupIds);
groupServiceInternal.deleteGroup(groupIds);
SiteFeed siteFeed = siteService.getSite(studioConfiguration.getProperty(CONFIGURATION_GLOBAL_SYSTEM_SITE));
AuditLog auditLog = auditServiceInternal.createAuditLogEntry();
auditLog.setOperation(OPERATION_DELETE);
auditLog.setActorId(userService.getCurrentUser().getUsername());
auditLog.setSiteId(siteFeed.getId());
auditLog.setPrimaryTargetId(studioConfiguration.getProperty(CONFIGURATION_GLOBAL_SYSTEM_SITE));
auditLog.setPrimaryTargetType(TARGET_TYPE_GROUP);
auditLog.setPrimaryTargetValue(studioConfiguration.getProperty(CONFIGURATION_GLOBAL_SYSTEM_SITE));
List<AuditLogParameter> paramters = new ArrayList<AuditLogParameter>();
for (Group g : groups) {
AuditLogParameter paramter = new AuditLogParameter();
paramter.setTargetId(Long.toString(g.getId()));
paramter.setTargetType(TARGET_TYPE_GROUP);
paramter.setTargetValue(g.getGroupName());
paramters.add(paramter);
}
auditLog.setParameters(paramters);
auditServiceInternal.insertAuditLog(auditLog);
}
Also used :
Group(org.craftercms.studio.api.v2.dal.Group)
SiteFeed(org.craftercms.studio.api.v1.dal.SiteFeed)
ArrayList(java.util.ArrayList)
ServiceLayerException(org.craftercms.studio.api.v1.exception.ServiceLayerException)
GroupNotFoundException(org.craftercms.studio.api.v1.exception.security.GroupNotFoundException)
AuditLogParameter(org.craftercms.studio.api.v2.dal.AuditLogParameter)
AuditLog(org.craftercms.studio.api.v2.dal.AuditLog)
HasPermission(org.craftercms.commons.security.permissions.annotations.HasPermission)
Aggregations
SiteFeed (org.craftercms.studio.api.v1.dal.SiteFeed)5
AuditLog (org.craftercms.studio.api.v2.dal.AuditLog)5
ArrayList (java.util.ArrayList)2
HashMap (java.util.HashMap)2
HasPermission (org.craftercms.commons.security.permissions.annotations.HasPermission)2
ServiceLayerException (org.craftercms.studio.api.v1.exception.ServiceLayerException)2
GroupNotFoundException (org.craftercms.studio.api.v1.exception.security.GroupNotFoundException)2
AuditLogParameter (org.craftercms.studio.api.v2.dal.AuditLogParameter)2
Group (org.craftercms.studio.api.v2.dal.Group)2
ItemMetadata (org.craftercms.studio.api.v1.dal.ItemMetadata)1
ContentItemTO (org.craftercms.studio.api.v1.to.ContentItemTO)1
GitLog (org.craftercms.studio.api.v2.dal.GitLog)1
RepoOperation (org.craftercms.studio.api.v2.dal.RepoOperation)1
User (org.craftercms.studio.api.v2.dal.User)1
AuthenticatedUser (org.craftercms.studio.model.AuthenticatedUser)1
