/**
* Helper method to set audited information after method invocation and to determine if auditing
* should take place based on the method return value.
*
* @param auditMode
* @param auditInfo
* @param mi
* @param returnObject
* @return - the audit mode.
*/
private AuditMode postInvocation(
AuditMode auditMode, AuditState auditInfo, MethodInvocation mi, Object returnObject) {
if (returnObject == null) {
auditInfo.setReturnObject(null);
} else if (returnObject instanceof Serializable) {
auditInfo.setReturnObject((Serializable) returnObject);
} else {
auditInfo.setReturnObject(returnObject.toString());
}
Auditable auditable = mi.getMethod().getAnnotation(Auditable.class);
if (auditable.key() == Auditable.Key.RETURN) {
if (returnObject != null) {
if (returnObject instanceof NodeRef) {
NodeRef key = (NodeRef) returnObject;
auditInfo.setKeyStore(key.getStoreRef());
auditInfo.setKeyGUID(key.getId());
RecordOptions recordOptions = auditModel.getAuditRecordOptions(mi);
if (recordOptions != null && recordOptions.getRecordPath() == TrueFalseUnset.TRUE) {
auditInfo.setPath(getNodePath(key));
}
} else if (returnObject instanceof StoreRef) {
auditInfo.setKeyStore((StoreRef) returnObject);
} else if (returnObject instanceof ChildAssociationRef) {
ChildAssociationRef car = (ChildAssociationRef) returnObject;
auditInfo.setKeyStore(car.getChildRef().getStoreRef());
auditInfo.setKeyGUID(car.getChildRef().getId());
RecordOptions recordOptions = auditModel.getAuditRecordOptions(mi);
if (recordOptions != null && recordOptions.getRecordPath() == TrueFalseUnset.TRUE) {
auditInfo.setPath(nodeService.getPath(car.getChildRef()).toString());
}
} else {
logger.warn(
"Key argument is not a node, store or child assoc ref for return object on "
+ publicServiceIdentifier.getPublicServiceName(mi)
+ "."
+ mi.getMethod().getName()
+ " it is "
+ returnObject.getClass().getName());
}
}
}
// If the user name is not set, try and set it after the method call.
// This covers authentication when the user is only known after the call.
if (auditInfo.getUserIdentifier() == null) {
auditInfo.setUserIdentifier(AuthenticationUtil.getFullyAuthenticatedUser());
}
return auditMode;
}
private AuditMode onApplicationAudit(
AuditMode auditMode,
AuditState auditInfo,
String source,
String description,
NodeRef key,
Object... args) {
AuditMode effectiveAuditMode =
auditModel.beforeExecution(auditMode, source, description, key, args);
auditModel.getAuditRecordOptions(source);
if (auditMode != AuditMode.NONE) {
if (source.equals(SYSTEM_APPLICATION)) {
throw new AuditException(
"Application audit can not use the reserved identifier " + SYSTEM_APPLICATION);
}
auditInfo.setAuditApplication(source);
auditInfo.setAuditConfiguration(auditConfiguration);
auditInfo.setAuditMethod(null);
auditInfo.setAuditService(null);
auditInfo.setClientAddress(null);
auditInfo.setDate(new Date());
auditInfo.setFail(false);
auditInfo.setFiltered(false);
auditInfo.setHostAddress(auditHost);
auditInfo.setPath(null);
if (key != null) {
auditInfo.setKeyStore(key.getStoreRef());
auditInfo.setKeyGUID(key.getId());
RecordOptions recordOptions = auditModel.getAuditRecordOptions(source);
if (recordOptions != null && recordOptions.getRecordPath() == TrueFalseUnset.TRUE) {
auditInfo.setPath(getNodePath(key));
}
}
auditInfo.setKeyPropertiesAfter(null);
auditInfo.setKeyPropertiesBefore(null);
auditInfo.setMessage(description);
if (args != null) {
Serializable[] serArgs = new Serializable[args.length];
for (int i = 0; i < args.length; i++) {
if (args[i] == null) {
serArgs[i] = null;
} else if (args[i] instanceof Serializable) {
serArgs[i] = (Serializable) args[i];
} else {
serArgs[i] = args[i].toString();
}
}
auditInfo.setMethodArguments(serArgs);
}
auditInfo.setReturnObject(null);
auditInfo.setSessionId(null);
auditInfo.setThrowable(null);
auditInfo.setTxId(AlfrescoTransactionSupport.getTransactionId());
auditInfo.setUserIdentifier(AuthenticationUtil.getFullyAuthenticatedUser());
}
return effectiveAuditMode;
}
/**
* Set auditable information and determine if auditing is required before method invocation. This
* would normally be based on the method arguments.
*
* @param auditMode
* @param auditInfo
* @param mi
* @return - the audit mode.
*/
private AuditMode beforeInvocation(
AuditMode auditMode, AuditState auditInfo, MethodInvocation mi) {
AuditMode effectiveAuditMode = auditModel.beforeExecution(auditMode, mi);
if (auditMode != AuditMode.NONE) {
String methodName = mi.getMethod().getName();
String serviceName = publicServiceIdentifier.getPublicServiceName(mi);
auditInfo.setAuditApplication(SYSTEM_APPLICATION);
auditInfo.setAuditConfiguration(auditConfiguration);
auditInfo.setAuditMethod(methodName);
auditInfo.setAuditService(serviceName);
auditInfo.setClientAddress(null);
auditInfo.setDate(new Date());
auditInfo.setFail(false);
auditInfo.setFiltered(false);
auditInfo.setHostAddress(auditHost);
auditInfo.setPath(null);
Auditable auditable = mi.getMethod().getAnnotation(Auditable.class);
Object key = null;
switch (auditable.key()) {
case ARG_0:
checkArgLength(mi, methodName, serviceName, 0);
key = mi.getArguments()[0];
break;
case ARG_1:
checkArgLength(mi, methodName, serviceName, 1);
key = mi.getArguments()[1];
break;
case ARG_2:
checkArgLength(mi, methodName, serviceName, 2);
key = mi.getArguments()[2];
break;
case ARG_3:
checkArgLength(mi, methodName, serviceName, 3);
key = mi.getArguments()[3];
break;
case ARG_4:
checkArgLength(mi, methodName, serviceName, 4);
key = mi.getArguments()[4];
break;
case ARG_5:
checkArgLength(mi, methodName, serviceName, 5);
key = mi.getArguments()[5];
break;
case ARG_6:
checkArgLength(mi, methodName, serviceName, 6);
key = mi.getArguments()[6];
break;
case ARG_7:
checkArgLength(mi, methodName, serviceName, 7);
key = mi.getArguments()[7];
break;
case ARG_8:
checkArgLength(mi, methodName, serviceName, 8);
key = mi.getArguments()[8];
break;
case ARG_9:
checkArgLength(mi, methodName, serviceName, 9);
key = mi.getArguments()[9];
break;
case NO_KEY:
default:
break;
}
if (key != null) {
RecordOptions recordOptions = auditModel.getAuditRecordOptions(mi);
if (key instanceof NodeRef) {
auditInfo.setKeyStore(((NodeRef) key).getStoreRef());
auditInfo.setKeyGUID(((NodeRef) key).getId());
if (recordOptions != null && recordOptions.getRecordPath() == TrueFalseUnset.TRUE) {
auditInfo.setPath(getNodePath((NodeRef) key));
}
} else if (key instanceof StoreRef) {
auditInfo.setKeyStore((StoreRef) key);
} else if (key instanceof ChildAssociationRef) {
ChildAssociationRef car = (ChildAssociationRef) key;
auditInfo.setKeyStore(car.getParentRef().getStoreRef());
auditInfo.setKeyGUID(car.getParentRef().getId());
if (recordOptions != null && recordOptions.getRecordPath() == TrueFalseUnset.TRUE) {
auditInfo.setPath(getNodePath(car.getParentRef()));
}
} else if (key instanceof SearchParameters) {
SearchParameters sp = (SearchParameters) key;
if (sp.getStores().size() > 0) {
auditInfo.setKeyStore(sp.getStores().get(0));
}
} else {
logger.warn(
"Key argument is not a node, store or child assoc reference or search parameters on "
+ serviceName
+ "."
+ methodName
+ " it is "
+ key.getClass().getName());
}
}
auditInfo.setKeyPropertiesAfter(null);
auditInfo.setKeyPropertiesBefore(null);
auditInfo.setMessage(null);
if (mi.getArguments() != null) {
Serializable[] serArgs = new Serializable[mi.getArguments().length];
for (int i = 0; i < mi.getArguments().length; i++) {
if ((auditable.recordable() == null)
|| (auditable.recordable().length <= i)
|| auditable.recordable()[i]) {
if (mi.getArguments()[i] == null) {
serArgs[i] = null;
} else if (mi.getArguments()[i] instanceof Serializable) {
serArgs[i] = (Serializable) mi.getArguments()[i];
} else {
serArgs[i] = mi.getArguments()[i].toString();
}
} else {
serArgs[i] = "********";
}
}
auditInfo.setMethodArguments(serArgs);
}
auditInfo.setReturnObject(null);
auditInfo.setSessionId(null);
auditInfo.setThrowable(null);
auditInfo.setTxId(AlfrescoTransactionSupport.getTransactionId());
auditInfo.setUserIdentifier(AuthenticationUtil.getFullyAuthenticatedUser());
}
return effectiveAuditMode;
}