1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34 package info.magnolia.audit;
35
36 import info.magnolia.cms.security.UserManager;
37 import info.magnolia.cms.security.auth.login.FormLogin;
38 import info.magnolia.cms.security.auth.login.LoginResult;
39 import info.magnolia.context.Context;
40 import info.magnolia.context.MgnlContext;
41 import info.magnolia.context.SystemContext;
42 import info.magnolia.context.UserContext;
43
44 import javax.jcr.nodetype.NodeType;
45 import javax.servlet.http.HttpServletRequest;
46
47
48
49
50 public class AuditLoggingUtil {
51
52 public static final String ACTION_CREATE = "create";
53 public static final String ACTION_MODIFY = "modify";
54 public static final String ACTION_DELETE = "delete";
55 public static final String ACTION_COPY = "copy";
56 public static final String ACTION_MOVE = "move";
57 public static final String ACTION_ACTIVATE = "activate";
58 public static final String ACTION_DEACTIVATE = "deactivate";
59 public static final String ACTION_LOGIN = "login";
60 public static final String ACTION_LOGOUT = "logout";
61 public static final String ACTION_SECURITY = "security";
62
63
64
65
66 public static void log(String action, String workspaceName, NodeType nodeType, String nodePath) {
67 AuditLoggingUtil.log(action, new String[]{AuditLoggingUtil.getUser(), workspaceName, nodeType == null ? "" : nodeType.getName(), nodePath});
68 }
69
70
71
72
73 public static void log(String action, String workspaceName, String nodePathFrom, String nodePathTo) {
74 AuditLoggingUtil.log(action, new String[]{AuditLoggingUtil.getUser(), workspaceName, nodePathFrom, nodePathTo});
75 }
76
77
78
79
80 public static void log(String action, long timeStamp, String workspaceName, NodeType nodeType, String path, String pathTo) {
81 AuditLoggingUtil.log(action, new String[]{String.valueOf(timeStamp), AuditLoggingUtil.getUser(), workspaceName, nodeType == null ? "" : nodeType.getName(), path, pathTo == null ? "" : pathTo});
82 }
83
84
85
86
87 public static void log(String action, String workspaceFrom, String workspaceTo, String nodePathFrom, String nodePathTo) {
88 AuditLoggingUtil.log(action, new String[]{AuditLoggingUtil.getUser(), workspaceFrom, workspaceTo, nodePathFrom, nodePathTo});
89 }
90
91
92
93
94 public static void log(final UserContext userContext) {
95 AuditLoggingUtil.log(AuditLoggingUtil.ACTION_LOGOUT, null, (String) null, null);
96 }
97
98
99
100
101 public static void log(final LoginResult loginResult, final HttpServletRequest request) {
102 int loginStatus = loginResult.getStatus();
103
104 if (loginStatus == LoginResult.STATUS_SUCCEEDED_REDIRECT_REQUIRED || loginStatus == LoginResult.STATUS_SUCCEEDED || loginStatus == LoginResult.STATUS_FAILED) {
105
106 String userId = request.getParameter(FormLogin.PARAMETER_USER_ID);
107 if (UserManager.ANONYMOUS_USER.equals(userId)) {
108
109 return;
110 }
111
112 String result;
113 if (loginStatus == LoginResult.STATUS_SUCCEEDED || loginStatus == LoginResult.STATUS_SUCCEEDED_REDIRECT_REQUIRED) {
114 result = "Success";
115 } else {
116 result = "Failure " + loginResult.getLoginException().getLocalizedMessage();
117 }
118
119 AuditLoggingUtil.log(AuditLoggingUtil.ACTION_LOGIN, new String[]{userId, request.getRemoteAddr(), result});
120 }
121 }
122
123
124
125
126 public static void logSecurity(String ipAddress, String securityEventType, String securityEventdetails) {
127 AuditLoggingUtil.log(AuditLoggingUtil.ACTION_SECURITY, new String[]{getUser(), ipAddress, securityEventType, securityEventdetails});
128 }
129
130 private static void log(String action, String[] data) {
131 AuditLoggingManager manager = AuditLoggingManager.getInstance();
132 if (manager != null) {
133 manager.log(action, data);
134 }
135 }
136
137 private static String getUser() {
138 try {
139 Context ctx = null;
140 if (MgnlContext.isSystemInstance()) {
141
142 ctx = ((SystemContext) MgnlContext.getInstance()).getOriginalContext();
143 if (ctx == null) {
144
145 return "SystemUser";
146 }
147 if (ctx.getUser() != null) {
148
149 return "System [" + ctx.getUser().getName() + "]";
150 }
151 } else if (MgnlContext.hasInstance()) {
152
153 ctx = MgnlContext.getInstance();
154 if (ctx.getUser() != null) {
155 return ctx.getUser().getName();
156 }
157 }
158 } catch (Exception e) {
159
160 return "system user";
161 }
162
163 return "user not set";
164 }
165
166 }