1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34 package info.magnolia.audit;
35
36 import info.magnolia.cms.core.ItemType;
37 import info.magnolia.cms.security.UserManager;
38 import info.magnolia.cms.security.auth.login.FormLogin;
39 import info.magnolia.cms.security.auth.login.LoginResult;
40 import info.magnolia.context.MgnlContext;
41 import info.magnolia.context.UserContext;
42
43 import javax.jcr.nodetype.NodeType;
44 import javax.servlet.http.HttpServletRequest;
45
46
47
48
49
50
51 public class AuditLoggingUtil {
52
53 public static final String ACTION_CREATE = "create";
54 public static final String ACTION_MODIFY = "modify";
55 public static final String ACTION_DELETE = "delete";
56 public static final String ACTION_COPY = "copy";
57 public static final String ACTION_MOVE = "move";
58 public static final String ACTION_ACTIVATE = "activate";
59 public static final String ACTION_DEACTIVATE = "deactivate";
60 public static final String ACTION_LOGIN = "login";
61 public static final String ACTION_LOGOUT = "logout";
62 public static final String ACTION_SECURITY = "security";
63
64
65
66
67
68
69 @Deprecated
70 public static void log(String action, String workspaceName, ItemType nodeType, String nodePath) {
71 AuditLoggingUtil.log(action, new String[]{AuditLoggingUtil.getUser(), workspaceName, nodeType == null ? "" : nodeType.getSystemName(), nodePath});
72 }
73
74
75
76
77 public static void log(String action, String workspaceName, NodeType nodeType, String nodePath) {
78 AuditLoggingUtil.log(action, new String[] { AuditLoggingUtil.getUser(), workspaceName, nodeType == null ? "" : nodeType.getName(), nodePath });
79 }
80
81
82
83
84 public static void log(String action, String workspaceName, String nodePathFrom, String nodePathTo ) {
85 AuditLoggingUtil.log(action, new String[]{AuditLoggingUtil.getUser(), workspaceName, nodePathFrom, nodePathTo});
86 }
87
88
89
90
91 public static void log(String action, long timeStamp, String workspaceName, NodeType nodeType, String path, String pathTo) {
92 AuditLoggingUtil.log(action, new String[] { String.valueOf(timeStamp), AuditLoggingUtil.getUser(), workspaceName, nodeType == null ? "" : nodeType.getName(), path, pathTo == null ? "" : pathTo });
93 }
94
95
96
97
98 public static void log(String action, String workspaceFrom, String workspaceTo, String nodePathFrom, String nodePathTo) {
99 AuditLoggingUtil.log(action, new String[] { AuditLoggingUtil.getUser(), workspaceFrom, workspaceTo, nodePathFrom, nodePathTo });
100 }
101
102
103
104
105 public static void log(final UserContext userContext ) {
106 AuditLoggingUtil.log(AuditLoggingUtil.ACTION_LOGOUT, null, (String) null, null);
107 }
108
109
110
111
112 public static void log(final LoginResult loginResult, final HttpServletRequest request ) {
113 if(loginResult.getStatus() == LoginResult.STATUS_SUCCEEDED || loginResult.getStatus() == LoginResult.STATUS_FAILED) {
114
115 String userid = request.getParameter(FormLogin.PARAMETER_USER_ID);
116 if (UserManager.ANONYMOUS_USER.equals(userid)) {
117
118 return;
119 }
120
121 String result;
122 if(loginResult.getStatus() == LoginResult.STATUS_SUCCEEDED) {
123 result = "Success";
124 } else {
125 result = "Failure " + loginResult.getLoginException().getLocalizedMessage();
126 }
127 AuditLoggingUtil.log(AuditLoggingUtil.ACTION_LOGIN, new String[]{userid, request.getRemoteAddr(), result});
128 }
129
130 }
131
132
133
134
135 public static void logSecurity(String ipAddress, String securityEventType, String securityEventdetails) {
136 AuditLoggingUtil.log(AuditLoggingUtil.ACTION_SECURITY, new String[]{getUser(), ipAddress, securityEventType, securityEventdetails});
137 }
138
139 private static void log(String action, String[] data) {
140 AuditLoggingManager manager = AuditLoggingManager.getInstance();
141 if(manager != null) {
142 manager.log(action, data);
143 }
144 }
145
146 private static String getUser() {
147 if (MgnlContext.isSystemInstance()) {
148 return "SystemUser";
149 }
150 try {
151 if(MgnlContext.hasInstance() && MgnlContext.getUser() != null) {
152 return MgnlContext.getUser().getName();
153 }
154 }catch (Exception e) {
155 return "system user";
156 }
157 return "user not set";
158 }
159
160 }