org.alfresco.repo.audit.access
Class AccessAuditor

java.lang.Object
  extended by org.alfresco.repo.audit.access.AccessAuditor
All Implemented Interfaces:
CheckOutCheckInServicePolicies.OnCancelCheckOut, CheckOutCheckInServicePolicies.OnCheckIn, CheckOutCheckInServicePolicies.OnCheckOut, ContentServicePolicies.OnContentReadPolicy, ContentServicePolicies.OnContentUpdatePolicy, CopyServicePolicies.OnCopyCompletePolicy, NodeServicePolicies.BeforeDeleteNodePolicy, NodeServicePolicies.OnAddAspectPolicy, NodeServicePolicies.OnCreateNodePolicy, NodeServicePolicies.OnMoveNodePolicy, NodeServicePolicies.OnRemoveAspectPolicy, NodeServicePolicies.OnUpdatePropertiesPolicy, ClassPolicy, Policy, VersionServicePolicies.OnCreateVersionPolicy, org.springframework.beans.factory.InitializingBean

public class AccessAuditor
extends java.lang.Object
implements org.springframework.beans.factory.InitializingBean, NodeServicePolicies.BeforeDeleteNodePolicy, NodeServicePolicies.OnAddAspectPolicy, NodeServicePolicies.OnCreateNodePolicy, NodeServicePolicies.OnMoveNodePolicy, NodeServicePolicies.OnRemoveAspectPolicy, NodeServicePolicies.OnUpdatePropertiesPolicy, ContentServicePolicies.OnContentReadPolicy, ContentServicePolicies.OnContentUpdatePolicy, VersionServicePolicies.OnCreateVersionPolicy, CopyServicePolicies.OnCopyCompletePolicy, CheckOutCheckInServicePolicies.OnCheckOut, CheckOutCheckInServicePolicies.OnCheckIn, CheckOutCheckInServicePolicies.OnCancelCheckOut

Creates high level audit records on the creation, deletion, modification and access of content and folders. Lower level events are grouped together by transaction and node.

To turn on auditing of these events and sub events add the following property to alfresco-global.properties:

    # Enable audit in general
    audit.enabled=true

    # Enable the alfresco-access audit application
    audit.alfresco-access.enabled=true

    # Enable the auditing of sub-actions. Normally disabled as these values are
    # not normally needed by audit configurations, but may be useful to developers
    audit.alfresco-access.sub-actions.enabled=true
 
The following properties are set by default to discard events where the user is 'null' or 'System', the node path is '/sys:archivedItem' or under '/ver:' or the node type is not 'cm:folder', 'cm:content' or 'st:site'. These values result in events only being recorded for common actions initiated by users of the system. These vales may be overridden if required.
    audit.filter.alfresco-access.default.enabled=true
    audit.filter.alfresco-access.transaction.user=~System;~null;.*
    audit.filter.alfresco-access.transaction.type=cm:folder;cm:content;st:site
    audit.filter.alfresco-access.transaction.path=~/sys:archivedItem;~/ver:;.*
 
Node and Content changes generate the following audit structure. Elements are omitted if not changed by the transaction. The /sub-action/<sequence> structure holds cut down details of each sub-action, but are only included if the global property audit.alfresco-access.sub-actions.enabled=true.
    /alfresco-access
     /transaction
       /action=<actionName>
       /sub-actions=<sub action list>
       /path=<prefixPath>
       /type=<prefixType>
       /node=<nodeRef>
       /user=<user>
       /copy
         /from
           /node=<nodeRef>
           /path=<prefixPath>
           /type=<prefixType>
       /move
         /from
           /node=<nodeRef>
           /path=<prefixPath>
           /type=<prefixType>
       /properties
          /from=<mapOfValues>
            /<propertyName>=<propertyValue>
          /to=<mapOfValues>
            /<propertyName>=<propertyValue>
          /add=<mapOfValues>
            /<propertyName>=<propertyValue>
          /delete=<mapOfValues>
            /<propertyName>=<propertyValue>
        /aspects
          /add=<mapOfNames>
            /<aspectName>=null
          /delete=<mapOfNames>
            /<aspectName>=null
        /version-properties=<mapOfValues>
        /sub-action/<sequence>
          /action=<actionName>
          /move
            ...
          /properties
            ...
          /aspects
            ...
            
  Example data:
    /alfresco-access/transaction/action=MOVE
    /alfresco-access/transaction/node=workspace://SpacesStore/74a5985a-45dd-4698-82db-8eaeff9df8d7
    /alfresco-access/transaction/move/from/node=workspace://SpacesStore/d8a0dfd8-fe45-47da-acc2-fd8df9ea2b2e
    /alfresco-access/transaction/move/from/path=/app:company_home/st:sites/cm:abc/cm:documentLibrary/cm:folder1/cm:Word 123.docx
    /alfresco-access/transaction/move/from/type=cm:folder
    /alfresco-access/transaction/path=/app:company_home/st:sites/cm:abc/cm:documentLibrary/cm:folder2/cm:Word 123.docx
    /alfresco-access/transaction/sub-actions=moveNode readContent
    /alfresco-access/transaction/type=cm:content
    /alfresco-access/transaction/user=admin
    /alfresco-access/transaction/sub-action/00/action=moveNode
    /alfresco-access/transaction/sub-action/00/move/from/node=workspace://SpacesStore/d8a0dfd8-fe45-47da-acc2-fd8df9ea2b2e
    /alfresco-access/transaction/sub-action/00/move/from/path=/app:company_home/st:sites/cm:abc/cm:documentLibrary/cm:folder1/cm:Word 123.docx
    /alfresco-access/transaction/sub-action/00/move/from/type=cm:folder
    /alfresco-access/transaction/sub-action/01/action=readContent
 
The trace output from this class may be useful to developers as it logs method calls grouped by transaction. The debug output is of the audit records written and full inbound audit data. However for developers trace will provide a more readable form. Setting the following dev-log4j.properties:
    log4j.appender.File.Threshold=trace
    log4j.logger.org.alfresco.repo.audit.access.AccessAuditor=trace
 


Nested Class Summary
 
Nested classes/interfaces inherited from interface org.alfresco.repo.policy.Policy
Policy.Arg
 
Field Summary
 
Fields inherited from interface org.alfresco.repo.node.NodeServicePolicies.BeforeDeleteNodePolicy
QNAME
 
Fields inherited from interface org.alfresco.repo.node.NodeServicePolicies.OnAddAspectPolicy
QNAME
 
Fields inherited from interface org.alfresco.repo.node.NodeServicePolicies.OnCreateNodePolicy
QNAME
 
Fields inherited from interface org.alfresco.repo.node.NodeServicePolicies.OnMoveNodePolicy
QNAME
 
Fields inherited from interface org.alfresco.repo.node.NodeServicePolicies.OnRemoveAspectPolicy
QNAME
 
Fields inherited from interface org.alfresco.repo.node.NodeServicePolicies.OnUpdatePropertiesPolicy
ARG_0, ARG_1, ARG_2, QNAME
 
Fields inherited from interface org.alfresco.repo.content.ContentServicePolicies.OnContentReadPolicy
QNAME
 
Fields inherited from interface org.alfresco.repo.content.ContentServicePolicies.OnContentUpdatePolicy
QNAME
 
Fields inherited from interface org.alfresco.repo.version.VersionServicePolicies.OnCreateVersionPolicy
QNAME
 
Fields inherited from interface org.alfresco.repo.copy.CopyServicePolicies.OnCopyCompletePolicy
QNAME
 
Fields inherited from interface org.alfresco.repo.coci.CheckOutCheckInServicePolicies.OnCheckOut
QNAME
 
Fields inherited from interface org.alfresco.repo.coci.CheckOutCheckInServicePolicies.OnCheckIn
QNAME
 
Fields inherited from interface org.alfresco.repo.coci.CheckOutCheckInServicePolicies.OnCancelCheckOut
QNAME
 
Fields inherited from interface org.alfresco.repo.policy.Policy
NAMESPACE
 
Constructor Summary
AccessAuditor()
           
 
Method Summary
 void afterPropertiesSet()
          Checks that all necessary properties have been set and binds with the policy component.
 void beforeDeleteNode(org.alfresco.service.cmr.repository.NodeRef nodeRef)
          Called before a node is deleted.
 void onAddAspect(org.alfresco.service.cmr.repository.NodeRef nodeRef, org.alfresco.service.namespace.QName aspect)
          Called after an aspect has been added to a node
 void onCancelCheckOut(org.alfresco.service.cmr.repository.NodeRef nodeRef)
           
 void onCheckIn(org.alfresco.service.cmr.repository.NodeRef nodeRef)
           
 void onCheckOut(org.alfresco.service.cmr.repository.NodeRef workingCopy)
           
 void onContentRead(org.alfresco.service.cmr.repository.NodeRef nodeRef)
           
 void onContentUpdate(org.alfresco.service.cmr.repository.NodeRef nodeRef, boolean newContent)
           
 void onCopyComplete(org.alfresco.service.namespace.QName classRef, org.alfresco.service.cmr.repository.NodeRef sourceNodeRef, org.alfresco.service.cmr.repository.NodeRef targetNodeRef, boolean copyToNewNode, java.util.Map copyMap)
           
 void onCreateNode(org.alfresco.service.cmr.repository.ChildAssociationRef childAssocRef)
          Called when a new node has been created.
 void onCreateVersion(org.alfresco.service.namespace.QName classRef, org.alfresco.service.cmr.repository.NodeRef nodeRef, java.util.Map versionProperties, PolicyScope nodeDetails)
          Called during the creation of the version to determine what the versioning policy for a perticular type may be.
 void onMoveNode(org.alfresco.service.cmr.repository.ChildAssociationRef fromChildAssocRef, org.alfresco.service.cmr.repository.ChildAssociationRef toChildAssocRef)
          Called when a node has been moved.
 void onRemoveAspect(org.alfresco.service.cmr.repository.NodeRef nodeRef, org.alfresco.service.namespace.QName aspect)
          Called after an aspect has been removed from a node
 void onUpdateProperties(org.alfresco.service.cmr.repository.NodeRef nodeRef, java.util.Map fromProperties, java.util.Map toProperties)
          Called after a node's properties have been changed.
 void setAuditComponent(AuditComponent auditComponent)
          The component to create audit events
 void setNamespaceService(org.alfresco.service.namespace.NamespaceService namespaceService)
          Set the component used to resolve namespaces.
 void setNodeInfoFactory(NodeInfoFactory nodeInfoFactory)
          Set the component used to create NodeInfo objects.
 void setPolicyComponent(PolicyComponent policyComponent)
          Set the component used to bind to behaviour callbacks
 void setProperties(java.util.Properties properties)
          Set the properties object holding filter configuration
 void setTransactionService(TransactionService transactionService)
          Set the component used to start new transactions
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

AccessAuditor

public AccessAuditor()
Method Detail

setProperties

public void setProperties(java.util.Properties properties)
Set the properties object holding filter configuration

Since:
3.2

setPolicyComponent

public void setPolicyComponent(PolicyComponent policyComponent)
Set the component used to bind to behaviour callbacks


setAuditComponent

public void setAuditComponent(AuditComponent auditComponent)
The component to create audit events


setTransactionService

public void setTransactionService(TransactionService transactionService)
Set the component used to start new transactions


setNamespaceService

public void setNamespaceService(org.alfresco.service.namespace.NamespaceService namespaceService)
Set the component used to resolve namespaces.


setNodeInfoFactory

public void setNodeInfoFactory(NodeInfoFactory nodeInfoFactory)
Set the component used to create NodeInfo objects.


afterPropertiesSet

public void afterPropertiesSet()
Checks that all necessary properties have been set and binds with the policy component.

Specified by:
afterPropertiesSet in interface org.springframework.beans.factory.InitializingBean

beforeDeleteNode

public void beforeDeleteNode(org.alfresco.service.cmr.repository.NodeRef nodeRef)
Description copied from interface: NodeServicePolicies.BeforeDeleteNodePolicy
Called before a node is deleted.

Specified by:
beforeDeleteNode in interface NodeServicePolicies.BeforeDeleteNodePolicy
Parameters:
nodeRef - the node reference

onCreateNode

public void onCreateNode(org.alfresco.service.cmr.repository.ChildAssociationRef childAssocRef)
Description copied from interface: NodeServicePolicies.OnCreateNodePolicy
Called when a new node has been created.

Specified by:
onCreateNode in interface NodeServicePolicies.OnCreateNodePolicy
Parameters:
childAssocRef - the created child association reference

onMoveNode

public void onMoveNode(org.alfresco.service.cmr.repository.ChildAssociationRef fromChildAssocRef,
                       org.alfresco.service.cmr.repository.ChildAssociationRef toChildAssocRef)
Description copied from interface: NodeServicePolicies.OnMoveNodePolicy
Called when a node has been moved.

Specified by:
onMoveNode in interface NodeServicePolicies.OnMoveNodePolicy
Parameters:
fromChildAssocRef - the child association reference prior to the move
toChildAssocRef - the child association reference after the move

onUpdateProperties

public void onUpdateProperties(org.alfresco.service.cmr.repository.NodeRef nodeRef,
                               java.util.Map fromProperties,
                               java.util.Map toProperties)
Description copied from interface: NodeServicePolicies.OnUpdatePropertiesPolicy
Called after a node's properties have been changed.

Specified by:
onUpdateProperties in interface NodeServicePolicies.OnUpdatePropertiesPolicy
Parameters:
nodeRef - reference to the updated node
fromProperties - the node's properties before the change
toProperties - the node's properties after the change

onRemoveAspect

public void onRemoveAspect(org.alfresco.service.cmr.repository.NodeRef nodeRef,
                           org.alfresco.service.namespace.QName aspect)
Description copied from interface: NodeServicePolicies.OnRemoveAspectPolicy
Called after an aspect has been removed from a node

Specified by:
onRemoveAspect in interface NodeServicePolicies.OnRemoveAspectPolicy
Parameters:
nodeRef - the node from which the aspect will be removed
aspect - the type of the aspect

onAddAspect

public void onAddAspect(org.alfresco.service.cmr.repository.NodeRef nodeRef,
                        org.alfresco.service.namespace.QName aspect)
Description copied from interface: NodeServicePolicies.OnAddAspectPolicy
Called after an aspect has been added to a node

Specified by:
onAddAspect in interface NodeServicePolicies.OnAddAspectPolicy
Parameters:
nodeRef - the node to which the aspect was added
aspect - the type of the aspect

onContentUpdate

public void onContentUpdate(org.alfresco.service.cmr.repository.NodeRef nodeRef,
                            boolean newContent)
Specified by:
onContentUpdate in interface ContentServicePolicies.OnContentUpdatePolicy
Parameters:
nodeRef - the node reference

onContentRead

public void onContentRead(org.alfresco.service.cmr.repository.NodeRef nodeRef)
Specified by:
onContentRead in interface ContentServicePolicies.OnContentReadPolicy
Parameters:
nodeRef - the node reference

onCreateVersion

public void onCreateVersion(org.alfresco.service.namespace.QName classRef,
                            org.alfresco.service.cmr.repository.NodeRef nodeRef,
                            java.util.Map versionProperties,
                            PolicyScope nodeDetails)
Description copied from interface: VersionServicePolicies.OnCreateVersionPolicy
Called during the creation of the version to determine what the versioning policy for a perticular type may be. WARNING: implementing behaviour for this policy effects the versioning behaviour of the type the behaviour is registered against.

Specified by:
onCreateVersion in interface VersionServicePolicies.OnCreateVersionPolicy
Parameters:
classRef - the class reference
nodeRef - the versionable node reference
versionProperties - the version properties
nodeDetails - the details of the node to be versioned

onCopyComplete

public void onCopyComplete(org.alfresco.service.namespace.QName classRef,
                           org.alfresco.service.cmr.repository.NodeRef sourceNodeRef,
                           org.alfresco.service.cmr.repository.NodeRef targetNodeRef,
                           boolean copyToNewNode,
                           java.util.Map copyMap)
Specified by:
onCopyComplete in interface CopyServicePolicies.OnCopyCompletePolicy
Parameters:
classRef - the type of the node that was copied
sourceNodeRef - the original node
targetNodeRef - the destination node
copyMap - a map containing all the nodes that have been created during the copy

onCheckOut

public void onCheckOut(org.alfresco.service.cmr.repository.NodeRef workingCopy)
Specified by:
onCheckOut in interface CheckOutCheckInServicePolicies.OnCheckOut

onCheckIn

public void onCheckIn(org.alfresco.service.cmr.repository.NodeRef nodeRef)
Specified by:
onCheckIn in interface CheckOutCheckInServicePolicies.OnCheckIn

onCancelCheckOut

public void onCancelCheckOut(org.alfresco.service.cmr.repository.NodeRef nodeRef)
Specified by:
onCancelCheckOut in interface CheckOutCheckInServicePolicies.OnCancelCheckOut


Copyright © 2005 - 2010 Alfresco Software, Inc. All Rights Reserved.