1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34 package info.magnolia.audit;
35
36 import info.magnolia.cms.core.ItemType;
37 import info.magnolia.cms.security.UserManager;
38 import info.magnolia.cms.security.auth.login.FormLogin;
39 import info.magnolia.cms.security.auth.login.LoginResult;
40 import info.magnolia.context.MgnlContext;
41 import info.magnolia.context.UserContext;
42
43 import javax.jcr.nodetype.NodeType;
44 import javax.servlet.http.HttpServletRequest;
45
46
47
48
49 public class AuditLoggingUtil {
50
51 public static final String ACTION_CREATE = "create";
52 public static final String ACTION_MODIFY = "modify";
53 public static final String ACTION_DELETE = "delete";
54 public static final String ACTION_COPY = "copy";
55 public static final String ACTION_MOVE = "move";
56 public static final String ACTION_ACTIVATE = "activate";
57 public static final String ACTION_DEACTIVATE = "deactivate";
58 public static final String ACTION_LOGIN = "login";
59 public static final String ACTION_LOGOUT = "logout";
60 public static final String ACTION_SECURITY = "security";
61
62
63
64
65
66
67 @Deprecated
68 public static void log(String action, String workspaceName, ItemType nodeType, String nodePath) {
69 AuditLoggingUtil.log(action, new String[]{AuditLoggingUtil.getUser(), workspaceName, nodeType == null ? "" : nodeType.getSystemName(), nodePath});
70 }
71
72
73
74
75 public static void log(String action, String workspaceName, NodeType nodeType, String nodePath) {
76 AuditLoggingUtil.log(action, new String[] { AuditLoggingUtil.getUser(), workspaceName, nodeType == null ? "" : nodeType.getName(), nodePath });
77 }
78
79
80
81
82 public static void log(String action, String workspaceName, String nodePathFrom, String nodePathTo ) {
83 AuditLoggingUtil.log(action, new String[]{AuditLoggingUtil.getUser(), workspaceName, nodePathFrom, nodePathTo});
84 }
85
86
87
88
89 public static void log(String action, long timeStamp, String workspaceName, NodeType nodeType, String path, String pathTo) {
90 AuditLoggingUtil.log(action, new String[] { String.valueOf(timeStamp), AuditLoggingUtil.getUser(), workspaceName, nodeType == null ? "" : nodeType.getName(), path, pathTo == null ? "" : pathTo });
91 }
92
93
94
95
96 public static void log(String action, String workspaceFrom, String workspaceTo, String nodePathFrom, String nodePathTo) {
97 AuditLoggingUtil.log(action, new String[] { AuditLoggingUtil.getUser(), workspaceFrom, workspaceTo, nodePathFrom, nodePathTo });
98 }
99
100
101
102
103 public static void log(final UserContext userContext ) {
104 AuditLoggingUtil.log(AuditLoggingUtil.ACTION_LOGOUT, null, (String) null, null);
105 }
106
107
108
109
110 public static void log(final LoginResult loginResult, final HttpServletRequest request ) {
111 if(loginResult.getStatus() == LoginResult.STATUS_SUCCEEDED || loginResult.getStatus() == LoginResult.STATUS_FAILED) {
112
113 String userid = request.getParameter(FormLogin.PARAMETER_USER_ID);
114 if (UserManager.ANONYMOUS_USER.equals(userid)) {
115
116 return;
117 }
118
119 String result;
120 if(loginResult.getStatus() == LoginResult.STATUS_SUCCEEDED) {
121 result = "Success";
122 } else {
123 result = "Failure " + loginResult.getLoginException().getLocalizedMessage();
124 }
125 AuditLoggingUtil.log(AuditLoggingUtil.ACTION_LOGIN, new String[]{userid, request.getRemoteAddr(), result});
126 }
127
128 }
129
130
131
132
133 public static void logSecurity(String ipAddress, String securityEventType, String securityEventdetails) {
134 AuditLoggingUtil.log(AuditLoggingUtil.ACTION_SECURITY, new String[]{getUser(), ipAddress, securityEventType, securityEventdetails});
135 }
136
137 private static void log(String action, String[] data) {
138 AuditLoggingManager manager = AuditLoggingManager.getInstance();
139 if(manager != null) {
140 manager.log(action, data);
141 }
142 }
143
144 private static String getUser() {
145 if (MgnlContext.isSystemInstance()) {
146 return "SystemUser";
147 }
148 try {
149 if(MgnlContext.hasInstance() && MgnlContext.getUser() != null) {
150 return MgnlContext.getUser().getName();
151 }
152 }catch (Exception e) {
153 return "system user";
154 }
155 return "user not set";
156 }
157
158 }