Package org.alfresco.repo.audit.access

Class AccessAuditor

java.lang.Object

org.alfresco.repo.audit.access.AccessAuditor

All Implemented Interfaces:

CheckOutCheckInServicePolicies.OnCancelCheckOut, CheckOutCheckInServicePolicies.OnCheckIn, CheckOutCheckInServicePolicies.OnCheckOut, ContentServicePolicies.OnContentReadPolicy, ContentServicePolicies.OnContentUpdatePolicy, CopyServicePolicies.OnCopyCompletePolicy, NodeServicePolicies.BeforeDeleteNodePolicy, NodeServicePolicies.OnAddAspectPolicy, NodeServicePolicies.OnCreateNodePolicy, NodeServicePolicies.OnMoveNodePolicy, NodeServicePolicies.OnRemoveAspectPolicy, NodeServicePolicies.OnUpdatePropertiesPolicy, ClassPolicy, Policy, VersionServicePolicies.OnCreateVersionPolicy, org.springframework.beans.factory.InitializingBean

public class AccessAuditor
extends Object
implements org.springframework.beans.factory.InitializingBean, NodeServicePolicies.BeforeDeleteNodePolicy, NodeServicePolicies.OnAddAspectPolicy, NodeServicePolicies.OnCreateNodePolicy, NodeServicePolicies.OnMoveNodePolicy, NodeServicePolicies.OnRemoveAspectPolicy, NodeServicePolicies.OnUpdatePropertiesPolicy, ContentServicePolicies.OnContentReadPolicy, ContentServicePolicies.OnContentUpdatePolicy, VersionServicePolicies.OnCreateVersionPolicy, CopyServicePolicies.OnCopyCompletePolicy, CheckOutCheckInServicePolicies.OnCheckOut, CheckOutCheckInServicePolicies.OnCheckIn, CheckOutCheckInServicePolicies.OnCancelCheckOut

Creates high level audit records on the creation, deletion, modification and access of content and folders. Lower level events are grouped together by transaction and node.

To turn on auditing of these events and sub events add the following property to alfresco-global.properties:

    # Enable audit in general
    audit.enabled=true

    # Enable the alfresco-access audit application
    audit.alfresco-access.enabled=true

    # Enable the auditing of sub-actions. Normally disabled as these values are
    # not normally needed by audit configurations, but may be useful to developers
    audit.alfresco-access.sub-actions.enabled=true
 

The following properties are set by default to discard events where the user is 'null' or 'System', the node path is '/sys:archivedItem' or under '/ver:' or the node type is not 'cm:folder', 'cm:content' or 'st:site'. These values result in events only being recorded for common actions initiated by users of the system. These vales may be overridden if required.

    audit.filter.alfresco-access.default.enabled=true
    audit.filter.alfresco-access.transaction.user=~System;~null;.*
    audit.filter.alfresco-access.transaction.type=cm:folder;cm:content;st:site
    audit.filter.alfresco-access.transaction.path=~/sys:archivedItem;~/ver:;.*
 

Node and Content changes generate the following audit structure. Elements are omitted if not changed by the transaction. The /sub-action/<sequence> structure holds cut down details of each sub-action, but are only included if the global property audit.alfresco-access.sub-actions.enabled=true.

    /alfresco-access
     /transaction
       /action=<actionName>
       /sub-actions=<sub action list>
       /path=<prefixPath>
       /type=<prefixType>
       /node=<nodeRef>
       /user=<user>
       /copy
         /from
           /node=<nodeRef>
           /path=<prefixPath>
           /type=<prefixType>
       /move
         /from
           /node=<nodeRef>
           /path=<prefixPath>
           /type=<prefixType>
       /properties
          /from=<mapOfValues>
            /<propertyName>=<propertyValue>
          /to=<mapOfValues>
            /<propertyName>=<propertyValue>
          /add=<mapOfValues>
            /<propertyName>=<propertyValue>
          /delete=<mapOfValues>
            /<propertyName>=<propertyValue>
        /aspects
          /add=<mapOfNames>
            /<aspectName>=null
          /delete=<mapOfNames>
            /<aspectName>=null
        /version-properties=<mapOfValues>
        /sub-action/<sequence>
          /action=<actionName>
          /move
            ...
          /properties
            ...
          /aspects
            ...
            
  Example data:
    /alfresco-access/transaction/action=MOVE
    /alfresco-access/transaction/node=workspace://SpacesStore/74a5985a-45dd-4698-82db-8eaeff9df8d7
    /alfresco-access/transaction/move/from/node=workspace://SpacesStore/d8a0dfd8-fe45-47da-acc2-fd8df9ea2b2e
    /alfresco-access/transaction/move/from/path=/app:company_home/st:sites/cm:abc/cm:documentLibrary/cm:folder1/cm:Word 123.docx
    /alfresco-access/transaction/move/from/type=cm:folder
    /alfresco-access/transaction/path=/app:company_home/st:sites/cm:abc/cm:documentLibrary/cm:folder2/cm:Word 123.docx
    /alfresco-access/transaction/sub-actions=moveNode readContent
    /alfresco-access/transaction/type=cm:content
    /alfresco-access/transaction/user=admin
    /alfresco-access/transaction/sub-action/00/action=moveNode
    /alfresco-access/transaction/sub-action/00/move/from/node=workspace://SpacesStore/d8a0dfd8-fe45-47da-acc2-fd8df9ea2b2e
    /alfresco-access/transaction/sub-action/00/move/from/path=/app:company_home/st:sites/cm:abc/cm:documentLibrary/cm:folder1/cm:Word 123.docx
    /alfresco-access/transaction/sub-action/00/move/from/type=cm:folder
    /alfresco-access/transaction/sub-action/01/action=readContent
 

The trace output from this class may be useful to developers as it logs method calls grouped by transaction. The debug output is of the audit records written and full inbound audit data. However for developers trace will provide a more readable form. Setting the following dev-log4j.properties:

    log4j.appender.File.Threshold=trace
    log4j.logger.org.alfresco.repo.audit.access.AccessAuditor=trace
 

Author:

Alan Davis

Nested Class Summary

Nested classes/interfaces inherited from interface org.alfresco.repo.policy.Policy

Policy.Arg

Field Summary

Fields inherited from interface org.alfresco.repo.coci.CheckOutCheckInServicePolicies.OnCancelCheckOut

QNAME

Fields inherited from interface org.alfresco.repo.coci.CheckOutCheckInServicePolicies.OnCheckIn

QNAME

Fields inherited from interface org.alfresco.repo.coci.CheckOutCheckInServicePolicies.OnCheckOut

QNAME

Fields inherited from interface org.alfresco.repo.content.ContentServicePolicies.OnContentReadPolicy

QNAME

Fields inherited from interface org.alfresco.repo.content.ContentServicePolicies.OnContentUpdatePolicy

QNAME

Fields inherited from interface org.alfresco.repo.copy.CopyServicePolicies.OnCopyCompletePolicy

QNAME

Fields inherited from interface org.alfresco.repo.node.NodeServicePolicies.BeforeDeleteNodePolicy

QNAME

Fields inherited from interface org.alfresco.repo.node.NodeServicePolicies.OnAddAspectPolicy

QNAME

Fields inherited from interface org.alfresco.repo.node.NodeServicePolicies.OnCreateNodePolicy

QNAME

Fields inherited from interface org.alfresco.repo.node.NodeServicePolicies.OnMoveNodePolicy

QNAME

Fields inherited from interface org.alfresco.repo.node.NodeServicePolicies.OnRemoveAspectPolicy

QNAME

Fields inherited from interface org.alfresco.repo.node.NodeServicePolicies.OnUpdatePropertiesPolicy

ARG_0, ARG_1, ARG_2, QNAME

Fields inherited from interface org.alfresco.repo.policy.Policy

NAMESPACE

Fields inherited from interface org.alfresco.repo.version.VersionServicePolicies.OnCreateVersionPolicy

QNAME

Constructor Summary

Constructors

Constructor	Description
AccessAuditor()

Method Summary

Modifier and Type	Method	Description
void	afterPropertiesSet()	Checks that all necessary properties have been set and binds with the policy component.
void	beforeDeleteNode(NodeRef nodeRef)	Called before a node is deleted.
void	onAddAspect(NodeRef nodeRef, QName aspect)	Called after an aspect has been added to a node
void	onCancelCheckOut(NodeRef nodeRef)
void	onCheckIn(NodeRef nodeRef)
void	onCheckOut(NodeRef workingCopy)
void	onContentRead(NodeRef nodeRef)
void	onContentUpdate(NodeRef nodeRef, boolean newContent)
void	onCopyComplete(QName classRef, NodeRef sourceNodeRef, NodeRef targetNodeRef, boolean copyToNewNode, Map<NodeRef,NodeRef> copyMap)
void	onCreateNode(ChildAssociationRef childAssocRef)	Called when a new node has been created.
void	onCreateVersion(QName classRef, NodeRef nodeRef, Map<String,Serializable> versionProperties, PolicyScope nodeDetails)	Called during the creation of the version to determine what the versioning policy for a perticular type may be.
void	onMoveNode(ChildAssociationRef fromChildAssocRef, ChildAssociationRef toChildAssocRef)	Called when a node has been moved.
void	onRemoveAspect(NodeRef nodeRef, QName aspect)	Called after an aspect has been removed from a node
void	onUpdateProperties(NodeRef nodeRef, Map<QName,Serializable> fromProperties, Map<QName,Serializable> toProperties)	Called after a node's properties have been changed.
void	setAuditComponent(AuditComponent auditComponent)	The component to create audit events
void	setNamespaceService(NamespaceService namespaceService)	Set the component used to resolve namespaces.
void	setNodeInfoFactory(NodeInfoFactory nodeInfoFactory)	Set the component used to create NodeInfo objects.
void	setPolicyComponent(PolicyComponent policyComponent)	Set the component used to bind to behaviour callbacks
void	setProperties(Properties properties)	Set the properties object holding filter configuration
void	setTransactionService(TransactionService transactionService)	Set the component used to start new transactions

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

AccessAuditor

public AccessAuditor()

Method Details

setProperties

public void setProperties(Properties properties)

Set the properties object holding filter configuration

Since:

3.2

setPolicyComponent

public void setPolicyComponent(PolicyComponent policyComponent)

Set the component used to bind to behaviour callbacks

setAuditComponent

public void setAuditComponent(AuditComponent auditComponent)

The component to create audit events

setTransactionService

public void setTransactionService(TransactionService transactionService)

Set the component used to start new transactions

setNamespaceService

public void setNamespaceService(NamespaceService namespaceService)

Set the component used to resolve namespaces.

setNodeInfoFactory

public void setNodeInfoFactory(NodeInfoFactory nodeInfoFactory)

Set the component used to create NodeInfo objects.

afterPropertiesSet

public void afterPropertiesSet()

Checks that all necessary properties have been set and binds with the policy component.

Specified by:

afterPropertiesSet in interface org.springframework.beans.factory.InitializingBean

beforeDeleteNode

public void beforeDeleteNode(NodeRef nodeRef)

Description copied from interface: NodeServicePolicies.BeforeDeleteNodePolicy

Called before a node is deleted.

Specified by:

beforeDeleteNode in interface NodeServicePolicies.BeforeDeleteNodePolicy

Parameters:

nodeRef - the node reference

onCreateNode

public void onCreateNode(ChildAssociationRef childAssocRef)

Description copied from interface: NodeServicePolicies.OnCreateNodePolicy

Called when a new node has been created.

Specified by:

onCreateNode in interface NodeServicePolicies.OnCreateNodePolicy

Parameters:

childAssocRef - the created child association reference

onMoveNode

public void onMoveNode(ChildAssociationRef fromChildAssocRef,
 ChildAssociationRef toChildAssocRef)

Description copied from interface: NodeServicePolicies.OnMoveNodePolicy

Called when a node has been moved.

Specified by:

onMoveNode in interface NodeServicePolicies.OnMoveNodePolicy

Parameters:

fromChildAssocRef - the child association reference prior to the move

toChildAssocRef - the child association reference after the move

onUpdateProperties

public void onUpdateProperties(NodeRef nodeRef,
 Map<QName,Serializable> fromProperties,
 Map<QName,Serializable> toProperties)

Description copied from interface: NodeServicePolicies.OnUpdatePropertiesPolicy

Called after a node's properties have been changed.

Specified by:

onUpdateProperties in interface NodeServicePolicies.OnUpdatePropertiesPolicy

Parameters:

nodeRef - reference to the updated node

fromProperties - the node's properties before the change

toProperties - the node's properties after the change

onRemoveAspect

public void onRemoveAspect(NodeRef nodeRef,
 QName aspect)

Description copied from interface: NodeServicePolicies.OnRemoveAspectPolicy

Called after an aspect has been removed from a node

Specified by:

onRemoveAspect in interface NodeServicePolicies.OnRemoveAspectPolicy

Parameters:

nodeRef - the node from which the aspect will be removed

aspect - the type of the aspect

onAddAspect

public void onAddAspect(NodeRef nodeRef,
 QName aspect)

Description copied from interface: NodeServicePolicies.OnAddAspectPolicy

Called after an aspect has been added to a node

Specified by:

onAddAspect in interface NodeServicePolicies.OnAddAspectPolicy

Parameters:

nodeRef - the node to which the aspect was added

aspect - the type of the aspect

onContentUpdate

public void onContentUpdate(NodeRef nodeRef,
 boolean newContent)

Specified by:

onContentUpdate in interface ContentServicePolicies.OnContentUpdatePolicy

Parameters:

nodeRef - the node reference

onContentRead

public void onContentRead(NodeRef nodeRef)

Specified by:

onContentRead in interface ContentServicePolicies.OnContentReadPolicy

Parameters:

nodeRef - the node reference

onCreateVersion

public void onCreateVersion(QName classRef,
 NodeRef nodeRef,
 Map<String,Serializable> versionProperties,
 PolicyScope nodeDetails)

Description copied from interface: VersionServicePolicies.OnCreateVersionPolicy

Called during the creation of the version to determine what the versioning policy for a perticular type may be. WARNING: implementing behaviour for this policy effects the versioning behaviour of the type the behaviour is registered against.

Specified by:

onCreateVersion in interface VersionServicePolicies.OnCreateVersionPolicy

Parameters:

classRef - the class reference

nodeRef - the versionable node reference

versionProperties - the version properties

nodeDetails - the details of the node to be versioned

onCopyComplete

public void onCopyComplete(QName classRef,
 NodeRef sourceNodeRef,
 NodeRef targetNodeRef,
 boolean copyToNewNode,
 Map<NodeRef,NodeRef> copyMap)

Specified by:

onCopyComplete in interface CopyServicePolicies.OnCopyCompletePolicy

Parameters:

classRef - the type of the node that was copied

sourceNodeRef - the original node

targetNodeRef - the destination node

copyMap - a map containing all the nodes that have been created during the copy

onCheckOut

public void onCheckOut(NodeRef workingCopy)

Specified by:

onCheckOut in interface CheckOutCheckInServicePolicies.OnCheckOut

Parameters:

workingCopy - - working copy

onCheckIn

public void onCheckIn(NodeRef nodeRef)

Specified by:

onCheckIn in interface CheckOutCheckInServicePolicies.OnCheckIn

Parameters:

nodeRef - NodeRef

onCancelCheckOut

public void onCancelCheckOut(NodeRef nodeRef)

Specified by:

onCancelCheckOut in interface CheckOutCheckInServicePolicies.OnCancelCheckOut

Parameters:

nodeRef - NodeRef