org.alfresco.repo.audit
Class PropertyAuditFilter

java.lang.Object
  extended by org.alfresco.repo.audit.PropertyAuditFilter
All Implemented Interfaces:
AuditFilter

public class PropertyAuditFilter
extends java.lang.Object
implements AuditFilter

Filter using property file values to accept or reject audit map values.

The last component in the rootPath is considered to be the event action. The keys in an audit map identify each audit value. Properties may be defined to accept or reject each value. If any value in an audit map is rejected, the whole map is rejected. So that one does not have to define too many properties, a 'default' event action property may be defined. This will be inherited by all actions unless a property is defined for a particular event action. For example:

   audit.filter.alfresco-access.default.enabled=true
   audit.filter.alfresco-access.default.user=~System;.*
   audit.filter.alfresco-access.default.type=cm:folder;cm:content;st:site
   audit.filter.alfresco-access.default.path=/app:company_home/.*
   audit.filter.alfresco-access.transaction.user=
   audit.filter.alfresco-access.login.user=jblogs
   ...
 
Each property value defines a list of regular expressions that will be used to match the actual audit map values. In the above example, events created by any user except for the internal user 'System' will be recorded by default for all event actions. However the property for the 'transaction' event action overrides this to record even 'System' events.

For any filters to be applied to an event action, that action's filters must be enabled with an 'enabled' property set to "true". However this may also be done by using the 'default' event action, as shown above.

Note: Property names have a "audit.filter." prefix and use '.' as a separator where as components of rootPath and keys in the audit map use '/'. The following is an example rootPath and audit map which could be used with the corresponding property names shown above:

     rootPath                       auditMap
     "/alfresco-access/transaction" "user" => "System"
                                    "path" => "/app:company_home/st:sites/cm:mysite/cm:documentLibrary/cm:folder1"
                                    "type" => "cm:folder"
                                    "node" => ...
 
Lists are evaluated from left to right allowing one flexibility to accept or reject different combinations of values. If no match is made by the end of the list the value is rejected. If there is not a property for a given value or an empty list is defined (as above for the user value on a transaction action) any value is accepted.

Each regular expression in the list is separated by a ';'. Expressions that include a ';' may be escaped using a '\'. An expression that starts with a '~' indicates that any matching value should be rejected. If the first character of an expression needs to be a '~' it too may be escaped with a '\'.

A property value may be a reference to another property, which saves having multiple copies. This is indicated by a '$' as the first character of the property value. If the first character of an expression needs to be a {@code '$'} it too may be escaped with a {@code '\'}. For example:

   audit.filter.alfresco-access.default.type=cm:folder;cm:content
   audit.filter.alfresco-access.moveNode.from.type=$audit.filter.alfresco-access.default.type
 


Constructor Summary
PropertyAuditFilter()
           
 
Method Summary
 boolean accept(java.lang.String rootPath, java.util.Map auditMap)
          Returns true if the audit map values have not been discarded by audit filters.
 void setProperties(java.util.Properties properties)
          Set the properties object holding filter configuration
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

PropertyAuditFilter

public PropertyAuditFilter()
Method Detail

setProperties

public void setProperties(java.util.Properties properties)
Set the properties object holding filter configuration

Since:
3.2

accept

public boolean accept(java.lang.String rootPath,
                      java.util.Map auditMap)
Description copied from interface: AuditFilter
Returns true if the audit map values have not been discarded by audit filters.

Specified by:
accept in interface AuditFilter
Parameters:
@inheritDoc -
@inheritDoc -
Returns:
@inheritDoc


Copyright © 2005 - 2010 Alfresco Software, Inc. All Rights Reserved.