portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From tay...@apache.org
Subject svn commit: r555400 - in /portals/jetspeed-2/trunk: applications/j2-admin/src/java/org/apache/jetspeed/portlets/security/users/ components/statistics/src/java/org/apache/jetspeed/audit/impl/ components/statistics/src/test/org/apache/jetspeed/audit/ etc...
Date Wed, 11 Jul 2007 21:17:51 GMT
Author: taylor
Date: Wed Jul 11 14:17:49 2007
New Revision: 555400

URL: http://svn.apache.org/viewvc?view=rev&rev=555400
Log:
https://issues.apache.org/jira/browse/JS2-724
Auditing Activity logging implemented, some last minute requests 

Modified:
    portals/jetspeed-2/trunk/applications/j2-admin/src/java/org/apache/jetspeed/portlets/security/users/UserDetailsPortlet.java
    portals/jetspeed-2/trunk/components/statistics/src/java/org/apache/jetspeed/audit/impl/ActivityBean.java
    portals/jetspeed-2/trunk/components/statistics/src/java/org/apache/jetspeed/audit/impl/AuditActivityImpl.java
    portals/jetspeed-2/trunk/components/statistics/src/test/org/apache/jetspeed/audit/TestAuditActivity.java
    portals/jetspeed-2/trunk/etc/schema/phase1-schema.xml
    portals/jetspeed-2/trunk/etc/sql/derby/schema/phase1-schema.sql
    portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/audit/AuditActivity.java

Modified: portals/jetspeed-2/trunk/applications/j2-admin/src/java/org/apache/jetspeed/portlets/security/users/UserDetailsPortlet.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/applications/j2-admin/src/java/org/apache/jetspeed/portlets/security/users/UserDetailsPortlet.java?view=diff&rev=555400&r1=555399&r2=555400
==============================================================================
--- portals/jetspeed-2/trunk/applications/j2-admin/src/java/org/apache/jetspeed/portlets/security/users/UserDetailsPortlet.java
(original)
+++ portals/jetspeed-2/trunk/applications/j2-admin/src/java/org/apache/jetspeed/portlets/security/users/UserDetailsPortlet.java
Wed Jul 11 14:17:49 2007
@@ -665,7 +665,7 @@
                     Folder folder = pageManager.getFolder(subsite);                    
                     pageManager.removeFolder(folder);
                 }                
-                audit.logAdminUserActivity(actionRequest.getRemoteUser(), getIPAddress(actionRequest),
userName, AuditActivity.USER_DELETE, USER_ADMINISTRATION);            
+                audit.logAdminUserActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest),
userName, AuditActivity.USER_DELETE, USER_ADMINISTRATION);            
                 // remove selected user from USERS_TOPIC
                 PortletMessaging.cancel(actionRequest,SecurityResources.TOPIC_USERS, SecurityResources.MESSAGE_SELECTED);
                 // TODO: send message to site manager portlet
@@ -710,7 +710,7 @@
                 if ( password != null && password.trim().length() > 0 )
                 {
                     userManager.setPassword(userName, null, password);
-                    audit.logAdminCredentialActivity(actionRequest.getRemoteUser(), getIPAddress(actionRequest),
userName, AuditActivity.PASSWORD_RESET, USER_ADMINISTRATION);                            
                                                               
+                    audit.logAdminCredentialActivity(actionRequest.getUserPrincipal().getName(),
getIPAddress(actionRequest), userName, AuditActivity.PASSWORD_RESET, USER_ADMINISTRATION);
                                                                                         
 
                     passwordSet = true;
                 }
                 PasswordCredential credential = getCredential(actionRequest, userName);
@@ -723,7 +723,7 @@
                         if (updateRequired != credential.isUpdateRequired())
                         {
                             userManager.setPasswordUpdateRequired(userName,updateRequired);
-                            audit.logAdminCredentialActivity(actionRequest.getRemoteUser(),
getIPAddress(actionRequest), userName, AuditActivity.PASSWORD_UPDATE_REQUIRED, USER_ADMINISTRATION);
                                                                                         
                             
+                            audit.logAdminCredentialActivity(actionRequest.getUserPrincipal().getName(),
getIPAddress(actionRequest), userName, AuditActivity.PASSWORD_UPDATE_REQUIRED, USER_ADMINISTRATION);
                                                                                         
                             
                         }
                     }
                     String enabledStr = actionRequest.getParameter("user_cred_enabled");
@@ -734,7 +734,7 @@
                         {
                             userManager.setPasswordEnabled(userName,enabled);
                             String activity = (enabled) ? AuditActivity.PASSWORD_ENABLED
: AuditActivity.PASSWORD_DISABLED;
-                            audit.logAdminCredentialActivity(actionRequest.getRemoteUser(),
getIPAddress(actionRequest), userName, activity, USER_ADMINISTRATION);                   
                                                                                         
                                                                  
+                            audit.logAdminCredentialActivity(actionRequest.getUserPrincipal().getName(),
getIPAddress(actionRequest), userName, activity, USER_ADMINISTRATION);                   
                                                                                         
                                                                  
                         }
                     }
                     String expiredFlagStr = actionRequest.getParameter("user_expired_flag");
@@ -744,17 +744,17 @@
                         {
                             java.sql.Date today = new java.sql.Date(new Date().getTime());
                             userManager.setPasswordExpiration(userName,today);          
                 
-                            audit.logAdminCredentialActivity(actionRequest.getRemoteUser(),
getIPAddress(actionRequest), userName, AuditActivity.PASSWORD_EXPIRE, USER_ADMINISTRATION);
                                                                                         
                                                                                         
                       
+                            audit.logAdminCredentialActivity(actionRequest.getUserPrincipal().getName(),
getIPAddress(actionRequest), userName, AuditActivity.PASSWORD_EXPIRE, USER_ADMINISTRATION);
                                                                                         
                                                                                         
                       
                         }
                         else if (expiredFlagStr.equals("extend"))
                         {
                             userManager.setPasswordExpiration(userName,null);
-                            audit.logAdminCredentialActivity(actionRequest.getRemoteUser(),
getIPAddress(actionRequest), userName, AuditActivity.PASSWORD_EXTEND, USER_ADMINISTRATION);
                                                                                         
                                                                                         
                                                   
+                            audit.logAdminCredentialActivity(actionRequest.getUserPrincipal().getName(),
getIPAddress(actionRequest), userName, AuditActivity.PASSWORD_EXTEND, USER_ADMINISTRATION);
                                                                                         
                                                                                         
                                                   
                         }
                         else if (expiredFlagStr.equals("unlimited"))
                         {
                             userManager.setPasswordExpiration(userName,InternalCredential.MAX_DATE);
-                            audit.logAdminCredentialActivity(actionRequest.getRemoteUser(),
getIPAddress(actionRequest), userName, AuditActivity.PASSWORD_UNLIMITED, USER_ADMINISTRATION);
                                                                                         
                                                                                         
                                                                               
+                            audit.logAdminCredentialActivity(actionRequest.getUserPrincipal().getName(),
getIPAddress(actionRequest), userName, AuditActivity.PASSWORD_UNLIMITED, USER_ADMINISTRATION);
                                                                                         
                                                                                         
                                                                               
                         }
                     }
                 }
@@ -795,7 +795,7 @@
                 if (value != null)
                 {
                     user.getUserAttributes().put(attr.getName(), value);
-                    audit.logAdminAttributeActivity(actionRequest.getRemoteUser(), getIPAddress(actionRequest),
userName, AuditActivity.USER_ADD_ATTRIBUTE, attr.getName(), value, USER_ADMINISTRATION); 
                              
+                    audit.logAdminAttributeActivity(actionRequest.getUserPrincipal().getName(),
getIPAddress(actionRequest), userName, AuditActivity.USER_ADD_ATTRIBUTE, attr.getName(), value,
value, USER_ADMINISTRATION);                                
                 }
             }
         }
@@ -819,8 +819,9 @@
                 {
                     String userAttrName = userAttrNames[i];
                     String value = actionRequest.getParameter(userAttrName + ":value");
+                    String before = user.getUserAttributes().get(userAttrName, "");
                     user.getUserAttributes().put(userAttrName, value);
-                    audit.logAdminAttributeActivity(actionRequest.getRemoteUser(), getIPAddress(actionRequest),
userName, AuditActivity.USER_UPDATE_ATTRIBUTE, userAttrName, value, USER_ADMINISTRATION);
                                                   
+                    audit.logAdminAttributeActivity(actionRequest.getUserPrincipal().getName(),
getIPAddress(actionRequest), userName, AuditActivity.USER_UPDATE_ATTRIBUTE, userAttrName,
before, value, USER_ADMINISTRATION);                                                    
                 }                
             }        
         }
@@ -839,7 +840,7 @@
             {
                 Preferences attributes = user.getUserAttributes();
                 attributes.put(userAttrName, userAttrValue);
-                audit.logAdminAttributeActivity(actionRequest.getRemoteUser(), getIPAddress(actionRequest),
userName, AuditActivity.USER_ADD_ATTRIBUTE, userAttrName, userAttrValue, USER_ADMINISTRATION);
                                               
+                audit.logAdminAttributeActivity(actionRequest.getUserPrincipal().getName(),
getIPAddress(actionRequest), userName, AuditActivity.USER_ADD_ATTRIBUTE, userAttrName, "",
userAttrValue, USER_ADMINISTRATION);                                                
             }
         }
     }
@@ -861,8 +862,9 @@
                 {
                     try
                     {
+                        String before = attributes.get(userAttrNames[ix], "");          
             
                         attributes.remove(userAttrNames[ix]);
-                        audit.logAdminAttributeActivity(actionRequest.getRemoteUser(), getIPAddress(actionRequest),
userName, AuditActivity.USER_DELETE_ATTRIBUTE, userAttrNames[ix], "", USER_ADMINISTRATION);
                                                                       
+                        audit.logAdminAttributeActivity(actionRequest.getUserPrincipal().getName(),
getIPAddress(actionRequest), userName, AuditActivity.USER_DELETE_ATTRIBUTE, userAttrNames[ix],
before, "", USER_ADMINISTRATION);                                                        
               
                     }
                     catch (Exception e) 
                     {
@@ -891,7 +893,7 @@
                         if (roleManager.roleExists(roleNames[ix]))
                         {
                             roleManager.removeRoleFromUser(userName, roleNames[ix]);
-                            audit.logAdminAttributeActivity(actionRequest.getRemoteUser(),
getIPAddress(actionRequest), userName, AuditActivity.USER_DELETE_ROLE, roleNames[ix], "",
USER_ADMINISTRATION);                                                                    
                               
+                            audit.logAdminAuthorizationActivity(actionRequest.getUserPrincipal().getName(),
getIPAddress(actionRequest), userName, AuditActivity.USER_DELETE_ROLE, roleNames[ix], USER_ADMINISTRATION);
                                                                                         
         
                         }
                     }
                     catch (SecurityException e)
@@ -916,7 +918,7 @@
                 try
                 {
                     roleManager.addRoleToUser(userName, roleName);
-                    audit.logAdminAttributeActivity(actionRequest.getRemoteUser(), getIPAddress(actionRequest),
userName, AuditActivity.USER_ADD_ROLE, roleName, "", USER_ADMINISTRATION);               
                                                                                         
              
+                    audit.logAdminAuthorizationActivity(actionRequest.getUserPrincipal().getName(),
getIPAddress(actionRequest), userName, AuditActivity.USER_ADD_ROLE, roleName, USER_ADMINISTRATION);
                                                                                         
                             
                 }
                 catch (SecurityException e)
                 {
@@ -944,7 +946,7 @@
                         if (groupManager.groupExists(groupNames[ix]))
                         {
                             groupManager.removeUserFromGroup(userName, groupNames[ix]);
-                            audit.logAdminAttributeActivity(actionRequest.getRemoteUser(),
getIPAddress(actionRequest), userName, AuditActivity.USER_DELETE_GROUP, groupNames[ix], "",
USER_ADMINISTRATION);                                                                    
                                                           
+                            audit.logAdminAuthorizationActivity(actionRequest.getUserPrincipal().getName(),
getIPAddress(actionRequest), userName, AuditActivity.USER_DELETE_GROUP, groupNames[ix], USER_ADMINISTRATION);
                                                                                         
                                     
                         }
                     }
                     catch (SecurityException e)
@@ -969,7 +971,7 @@
                 try
                 {
                     groupManager.addUserToGroup(userName, groupName);
-                    audit.logAdminAttributeActivity(actionRequest.getRemoteUser(), getIPAddress(actionRequest),
userName, AuditActivity.USER_ADD_GROUP, groupName, "", USER_ADMINISTRATION);             
                                                                                         
                                    
+                    audit.logAdminAuthorizationActivity(actionRequest.getUserPrincipal().getName(),
getIPAddress(actionRequest), userName, AuditActivity.USER_ADD_GROUP, groupName, USER_ADMINISTRATION);
                                                                                         
                                                 
                 }
                 catch (SecurityException e)
                 {
@@ -1079,7 +1081,7 @@
                     profiler.setRuleForPrincipal(userPrincipal, 
                             profiler.getRule(ruleName),
                             locatorName);              
-                    audit.logAdminAttributeActivity(actionRequest.getRemoteUser(), getIPAddress(actionRequest),
userName, AuditActivity.USER_ADD_PROFILE, ruleName, locatorName, USER_ADMINISTRATION);   
                                                                                         
                                              
+                    audit.logAdminAuthorizationActivity(actionRequest.getUserPrincipal().getName(),
getIPAddress(actionRequest), userName, AuditActivity.USER_ADD_PROFILE, ruleName + "-" + locatorName,
USER_ADMINISTRATION);                                                                    
                                                                       
                 }
                 catch (Exception e)
                 {
@@ -1114,7 +1116,7 @@
                             if (rule.getLocatorName().equals(locatorNames[ix]))
                             {
                                 profiler.deletePrincipalRule(rule);
-                                audit.logAdminAttributeActivity(actionRequest.getRemoteUser(),
getIPAddress(actionRequest), userName, AuditActivity.USER_DELETE_PROFILE, rule.getProfilingRule().getId(),
rule.getLocatorName(), USER_ADMINISTRATION);                                             
                                                                                         
                
+                                audit.logAdminAuthorizationActivity(actionRequest.getUserPrincipal().getName(),
getIPAddress(actionRequest), userName, AuditActivity.USER_DELETE_PROFILE, rule.getProfilingRule().getId()
+ "-" + rule.getLocatorName(), USER_ADMINISTRATION);                                     
                                                                                         
                        
                             }
                         }
                     }
@@ -1140,7 +1142,7 @@
                     throw new SecurityException(SecurityException.PASSWORD_REQUIRED);
                 }
                 userManager.addUser(userName, password);
-                audit.logAdminUserActivity(actionRequest.getRemoteUser(), getIPAddress(actionRequest),
userName, AuditActivity.USER_CREATE, USER_ADMINISTRATION);            
+                audit.logAdminUserActivity(actionRequest.getUserPrincipal().getName(), getIPAddress(actionRequest),
userName, AuditActivity.USER_CREATE, USER_ADMINISTRATION);            
                 
                 PortletMessaging.publish(actionRequest, SecurityResources.TOPIC_USERS, SecurityResources.MESSAGE_REFRESH,
"true");
                 PortletMessaging.publish(actionRequest, SecurityResources.TOPIC_USERS, SecurityResources.MESSAGE_SELECTED,
userName);

Modified: portals/jetspeed-2/trunk/components/statistics/src/java/org/apache/jetspeed/audit/impl/ActivityBean.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/statistics/src/java/org/apache/jetspeed/audit/impl/ActivityBean.java?view=diff&rev=555400&r1=555399&r2=555400
==============================================================================
--- portals/jetspeed-2/trunk/components/statistics/src/java/org/apache/jetspeed/audit/impl/ActivityBean.java
(original)
+++ portals/jetspeed-2/trunk/components/statistics/src/java/org/apache/jetspeed/audit/impl/ActivityBean.java
Wed Jul 11 14:17:49 2007
@@ -27,7 +27,8 @@
     private Timestamp timestamp;
     private String ipAddress;
     private String name;
-    private String value;
+    private String beforeValue;
+    private String afterValue;
     private String description;
     
     public String getActivity()
@@ -109,14 +110,29 @@
     {
         this.userName = userName;
     }
+
     
-    public String getValue()
+    public String getAfterValue()
     {
-        return value;
+        return afterValue;
     }
+
     
-    public void setValue(String value)
+    public void setAfterValue(String afterValue)
     {
-        this.value = value;
-    }    
+        this.afterValue = afterValue;
+    }
+
+    
+    public String getBeforeValue()
+    {
+        return beforeValue;
+    }
+
+    
+    public void setBeforeValue(String beforeValue)
+    {
+        this.beforeValue = beforeValue;
+    }
+    
 }

Modified: portals/jetspeed-2/trunk/components/statistics/src/java/org/apache/jetspeed/audit/impl/AuditActivityImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/statistics/src/java/org/apache/jetspeed/audit/impl/AuditActivityImpl.java?view=diff&rev=555400&r1=555399&r2=555400
==============================================================================
--- portals/jetspeed-2/trunk/components/statistics/src/java/org/apache/jetspeed/audit/impl/AuditActivityImpl.java
(original)
+++ portals/jetspeed-2/trunk/components/statistics/src/java/org/apache/jetspeed/audit/impl/AuditActivityImpl.java
Wed Jul 11 14:17:49 2007
@@ -64,11 +64,11 @@
         return ds;
     }
     
-    public void logAdminAttributeActivity(String adminName, String ipAddress, String targetUser,
String activity, String name, String value, String description)
+    public void logAdminAttributeActivity(String adminName, String ipAddress, String targetUser,
String activity, String name, String beforeValue, String afterValue, String description)
     {
         if (enabled)
         {
-            logAdminActivity(adminName, ipAddress, targetUser, activity, description, AuditActivity.CAT_ADMIN_ATTRIBUTE_MAINTENANCE,
name, value);
+            logAdminActivity(adminName, ipAddress, targetUser, activity, description, AuditActivity.CAT_ADMIN_ATTRIBUTE_MAINTENANCE,
name, beforeValue, afterValue);
         }
     }
 
@@ -76,19 +76,27 @@
     {
         if (enabled)
         {
-            logAdminActivity(adminName, ipAddress, targetUser, activity, description, AuditActivity.CAT_ADMIN_CREDENTIAL_MAINTENANCE,
"", "");
+            logAdminActivity(adminName, ipAddress, targetUser, activity, description, AuditActivity.CAT_ADMIN_CREDENTIAL_MAINTENANCE,
"", "", "");
         }
     }
 
+    public void logAdminAuthorizationActivity(String adminName, String ipAddress, String
targetUser, String activity, String value, String description)
+    {
+        if (enabled)
+        {
+            logAdminActivity(adminName, ipAddress, targetUser, activity, description, AuditActivity.CAT_ADMIN_AUTHORIZATION_MAINTENANCE,
"", value, "");
+        }
+    }
+    
     public void logAdminUserActivity(String adminName, String ipAddress, String targetUser,
String activity, String description)
     {
         if (enabled)
         {
-            logAdminActivity(adminName, ipAddress, targetUser, activity, description, AuditActivity.CAT_ADMIN_USER_MAINTENANCE,
"", "");
+            logAdminActivity(adminName, ipAddress, targetUser, activity, description, AuditActivity.CAT_ADMIN_USER_MAINTENANCE,
"", "", "");
         }
     }
     
-    protected void logAdminActivity(String adminName, String ipAddress, String targetUser,
String activity, String description, String category, String name, String value)
+    protected void logAdminActivity(String adminName, String ipAddress, String targetUser,
String activity, String description, String category, String name, String beforeValue, String
afterValue)
     {
         Connection con = null;
         PreparedStatement stm = null;        
@@ -96,7 +104,7 @@
         {
             Timestamp timestamp = new Timestamp(System.currentTimeMillis());
             con = ds.getConnection();
-            stm  = con.prepareStatement("INSERT INTO ADMIN_ACTIVITY (ACTIVITY, CATEGORY,
ADMIN, USER_NAME, TIME_STAMP, IPADDRESS, ATTR_NAME, ATTR_VALUE, DESCRIPTION) VALUES(?,?,?,?,?,?,?,?,?)");
+            stm  = con.prepareStatement("INSERT INTO ADMIN_ACTIVITY (ACTIVITY, CATEGORY,
ADMIN, USER_NAME, TIME_STAMP, IPADDRESS, ATTR_NAME, ATTR_VALUE_BEFORE, ATTR_VALUE_AFTER, DESCRIPTION)
VALUES(?,?,?,?,?,?,?,?,?,?)");
             stm.setString(1, activity);
             stm.setString(2, category);
             stm.setString(3, adminName);
@@ -104,8 +112,9 @@
             stm.setTimestamp(5, timestamp);
             stm.setString(6, ipAddress);
             stm.setString(7, name);
-            stm.setString(8, value);
-            stm.setString(9, description);            
+            stm.setString(8, beforeValue);
+            stm.setString(9, afterValue);
+            stm.setString(10, description);            
             stm.execute();            
         } 
         catch (SQLException e)
@@ -123,9 +132,19 @@
             releaseConnection(con);
         }
     }
-
+    
     public void logUserActivity(String userName, String ipAddress, String activity, String
description)
     {
+        logUserActivities(userName, ipAddress, activity, "", "", "", description, AuditActivity.CAT_USER_AUTHENTICATION);
+    }
+ 
+    public void logUserAttributeActivity(String userName, String ipAddress, String activity,
String name, String beforeValue, String afterValue, String description)
+    {
+        logUserActivities(userName, ipAddress, activity, name, beforeValue, afterValue, description,
AuditActivity.CAT_USER_ATTRIBUTE);               
+    }
+    
+    protected void logUserActivities(String userName, String ipAddress, String activity,
String name, String beforeValue, String afterValue, String description, String category)
+    {
         if (enabled)
         {
             Connection con = null;
@@ -134,13 +153,16 @@
             {
                 Timestamp timestamp = new Timestamp(System.currentTimeMillis());
                 con = ds.getConnection();
-                stm  = con.prepareStatement("INSERT INTO USER_ACTIVITY (ACTIVITY, CATEGORY,
USER_NAME, TIME_STAMP, IPADDRESS, DESCRIPTION) VALUES(?,?,?,?,?,?)");
+                stm  = con.prepareStatement("INSERT INTO USER_ACTIVITY (ACTIVITY, CATEGORY,
USER_NAME, TIME_STAMP, IPADDRESS, ATTR_NAME, ATTR_VALUE_BEFORE, ATTR_VALUE_AFTER, DESCRIPTION)
VALUES(?,?,?,?,?,?,?,?,?)");
                 stm.setString(1, activity);
-                stm.setString(2, AuditActivity.CAT_USER_AUTHENTICATION);
+                stm.setString(2, category);
                 stm.setString(3, userName);
                 stm.setTimestamp(4, timestamp);
                 stm.setString(5, ipAddress);
-                stm.setString(6, description);
+                stm.setString(6, name);
+                stm.setString(7, beforeValue);
+                stm.setString(8, afterValue);                
+                stm.setString(9, description);
                 stm.executeUpdate();
             } 
             catch (SQLException e)

Modified: portals/jetspeed-2/trunk/components/statistics/src/test/org/apache/jetspeed/audit/TestAuditActivity.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/statistics/src/test/org/apache/jetspeed/audit/TestAuditActivity.java?view=diff&rev=555400&r1=555399&r2=555400
==============================================================================
--- portals/jetspeed-2/trunk/components/statistics/src/test/org/apache/jetspeed/audit/TestAuditActivity.java
(original)
+++ portals/jetspeed-2/trunk/components/statistics/src/test/org/apache/jetspeed/audit/TestAuditActivity.java
Wed Jul 11 14:17:49 2007
@@ -159,11 +159,25 @@
         assertNotNull(userBean.getTimestamp());
         assertEquals(userBean.getIpAddress(), IP1);
         assertEquals(userBean.getDescription(), MSG_AUTHENTICATION_FAILURE);        
+
+        // Test logging User Attribute activity
+        audit.logUserAttributeActivity(USER, IP1, AuditActivity.USER_ADD_ATTRIBUTE, ATTRIBUTE_NAME_1,
ATTRIBUTE_VALUE_BEFORE_1, ATTRIBUTE_VALUE_AFTER_1, MSG_ATTRIBUTE);
+        
+        userBean = lookupUserActivity(USER_QUERY, AuditActivity.USER_ADD_ATTRIBUTE);
+        assertEquals(userBean.getActivity(), AuditActivity.USER_ADD_ATTRIBUTE);
+        assertEquals(userBean.getCategory(), AuditActivity.CAT_USER_ATTRIBUTE);
+        assertEquals(userBean.getUserName(), USER);
+        assertNotNull(userBean.getTimestamp());
+        assertEquals(userBean.getIpAddress(), IP1);
+        assertEquals(userBean.getDescription(), MSG_ATTRIBUTE);        
+        assertEquals(userBean.getBeforeValue(), ATTRIBUTE_VALUE_BEFORE_1);
+        assertEquals(userBean.getAfterValue(), ATTRIBUTE_VALUE_AFTER_1);
+        
         
         // Log Admin Activity
         audit.logAdminUserActivity(ADMIN_USER, IP1, USER, AuditActivity.USER_CREATE, MSG_ADDING_USER);
         audit.logAdminCredentialActivity(ADMIN_USER, IP1, USER, AuditActivity.PASSWORD_CHANGE_SUCCESS,
MSG_CHANGING_PW);
-        audit.logAdminAttributeActivity(ADMIN_USER, IP1, USER, AuditActivity.USER_ADD_ATTRIBUTE,
ATTRIBUTE_NAME_1, ATTRIBUTE_VALUE_1, MSG_ATTRIBUTE);
+        audit.logAdminAttributeActivity(ADMIN_USER, IP1, USER, AuditActivity.USER_ADD_ATTRIBUTE,
ATTRIBUTE_NAME_1, ATTRIBUTE_VALUE_BEFORE_1, ATTRIBUTE_VALUE_AFTER_1, MSG_ATTRIBUTE);
         
         int adminCount = this.countAdminActivity();
         assertEquals(adminCount, 3);
@@ -177,7 +191,8 @@
         assertEquals(adminBean.getIpAddress(), IP1);
         assertEquals(adminBean.getDescription(), MSG_ADDING_USER);
         assertTrue(adminBean.getName() == null || adminBean.getName().equals(""));
-        assertTrue(adminBean.getValue() == null || adminBean.getValue().equals(""));
+        assertTrue(adminBean.getBeforeValue() == null || adminBean.getBeforeValue().equals(""));
+        assertTrue(adminBean.getAfterValue() == null || adminBean.getAfterValue().equals(""));
 
         adminBean = lookupAdminActivity(ADMIN_QUERY, AuditActivity.PASSWORD_CHANGE_SUCCESS);
         assertEquals(adminBean.getActivity(), AuditActivity.PASSWORD_CHANGE_SUCCESS);
@@ -188,7 +203,8 @@
         assertEquals(adminBean.getIpAddress(), IP1);
         assertEquals(adminBean.getDescription(), MSG_CHANGING_PW);
         assertTrue(adminBean.getName() == null || adminBean.getName().equals(""));
-        assertTrue(adminBean.getValue() == null || adminBean.getValue().equals(""));
+        assertTrue(adminBean.getBeforeValue() == null || adminBean.getBeforeValue().equals(""));
+        assertTrue(adminBean.getAfterValue() == null || adminBean.getAfterValue().equals(""));
 
         adminBean = lookupAdminActivity(ADMIN_QUERY, AuditActivity.USER_ADD_ATTRIBUTE);
         assertEquals(adminBean.getActivity(), AuditActivity.USER_ADD_ATTRIBUTE);
@@ -199,11 +215,12 @@
         assertEquals(adminBean.getIpAddress(), IP1);
         assertEquals(adminBean.getDescription(), MSG_ATTRIBUTE);
         assertEquals(adminBean.getName(), ATTRIBUTE_NAME_1);
-        assertEquals(adminBean.getValue(), ATTRIBUTE_VALUE_1);
+        assertEquals(adminBean.getBeforeValue(), ATTRIBUTE_VALUE_BEFORE_1);
+        assertEquals(adminBean.getAfterValue(), ATTRIBUTE_VALUE_AFTER_1);
         
         audit.setEnabled(false);
         assertFalse(audit.getEnabled());
-        audit.logAdminAttributeActivity(ADMIN_USER, IP1, USER, AuditActivity.USER_ADD_ATTRIBUTE,
ATTRIBUTE_NAME_1, ATTRIBUTE_VALUE_1, MSG_ATTRIBUTE);        
+        audit.logAdminAttributeActivity(ADMIN_USER, IP1, USER, AuditActivity.USER_ADD_ATTRIBUTE,
ATTRIBUTE_NAME_1, ATTRIBUTE_VALUE_BEFORE_1, ATTRIBUTE_VALUE_AFTER_1, MSG_ATTRIBUTE);     
  
         adminCount = this.countAdminActivity();
         assertEquals(adminCount, 3);        
     }
@@ -221,7 +238,8 @@
     private static String USER = "nelson";
     private static String IP1 = "123.234.145.156";
     private static String ATTRIBUTE_NAME_1 = "attribute1";
-    private static String ATTRIBUTE_VALUE_1 = "value1";
+    private static String ATTRIBUTE_VALUE_BEFORE_1 = "value1BEFORE";
+    private static String ATTRIBUTE_VALUE_AFTER_1 = "value1AFTER";
     
 
     private ActivityBean lookupUserActivity(String query, String keyActivity) throws SQLException
@@ -242,7 +260,10 @@
             bean.setUserName(rs.getString(3));
             bean.setTimestamp(rs.getTimestamp(4));
             bean.setIpAddress(rs.getString(5));
-            bean.setDescription(rs.getString(6));
+            bean.setName(rs.getString(6));
+            bean.setBeforeValue(rs.getString(7));
+            bean.setAfterValue(rs.getString(8));            
+            bean.setDescription(rs.getString(9));
             return bean;
         }
         catch (SQLException e)
@@ -291,8 +312,9 @@
             bean.setTimestamp(rs.getTimestamp(5));
             bean.setIpAddress(rs.getString(6));
             bean.setName(rs.getString(7));
-            bean.setValue(rs.getString(8));
-            bean.setDescription(rs.getString(9));
+            bean.setBeforeValue(rs.getString(8));
+            bean.setAfterValue(rs.getString(9));
+            bean.setDescription(rs.getString(10));
             return bean;
         }
         catch (SQLException e)

Modified: portals/jetspeed-2/trunk/etc/schema/phase1-schema.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/etc/schema/phase1-schema.xml?view=diff&rev=555400&r1=555399&r2=555400
==============================================================================
--- portals/jetspeed-2/trunk/etc/schema/phase1-schema.xml (original)
+++ portals/jetspeed-2/trunk/etc/schema/phase1-schema.xml Wed Jul 11 14:17:49 2007
@@ -130,7 +130,8 @@
 		<column name='TIME_STAMP' type='TIMESTAMP'/>
 		<column name='IPADDRESS' type='VARCHAR' size="80"/>
 		<column name='ATTR_NAME' type='VARCHAR' size='40'/>
-		<column name='ATTR_VALUE' type='VARCHAR' size='80'/>
+		<column name='ATTR_VALUE_BEFORE' type='VARCHAR' size='80'/>
+		<column name='ATTR_VALUE_AFTER' type='VARCHAR' size='80'/>
 		<column name='DESCRIPTION' type='VARCHAR' size="128"/>			    
 	</table>
 
@@ -140,6 +141,9 @@
 		<column name='USER_NAME' type='VARCHAR' size="80"/>		
 		<column name='TIME_STAMP' type='TIMESTAMP'/>
 		<column name='IPADDRESS' type='VARCHAR' size="80"/>
+		<column name='ATTR_NAME' type='VARCHAR' size='40'/>
+		<column name='ATTR_VALUE_BEFORE' type='VARCHAR' size='80'/>
+		<column name='ATTR_VALUE_AFTER' type='VARCHAR' size='80'/>
 		<column name='DESCRIPTION' type='VARCHAR' size="128"/>			    
 	</table>
 	

Modified: portals/jetspeed-2/trunk/etc/sql/derby/schema/phase1-schema.sql
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/etc/sql/derby/schema/phase1-schema.sql?view=diff&rev=555400&r1=555399&r2=555400
==============================================================================
--- portals/jetspeed-2/trunk/etc/sql/derby/schema/phase1-schema.sql (original)
+++ portals/jetspeed-2/trunk/etc/sql/derby/schema/phase1-schema.sql Wed Jul 11 14:17:49 2007
@@ -150,7 +150,8 @@
   TIME_STAMP TIMESTAMP,
   IPADDRESS VARCHAR(80),
   ATTR_NAME VARCHAR(40),
-  ATTR_VALUE VARCHAR(80),
+  ATTR_VALUE_BEFORE VARCHAR(80),
+  ATTR_VALUE_AFTER VARCHAR(80),
   DESCRIPTION VARCHAR(128));
 
 -----------------------------------------------------------------------------
@@ -164,4 +165,7 @@
   USER_NAME VARCHAR(80),
   TIME_STAMP TIMESTAMP,
   IPADDRESS VARCHAR(80),
+  ATTR_NAME VARCHAR(40),
+  ATTR_VALUE_BEFORE VARCHAR(80),
+  ATTR_VALUE_AFTER VARCHAR(80),
   DESCRIPTION VARCHAR(128));

Modified: portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/audit/AuditActivity.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/audit/AuditActivity.java?view=diff&rev=555400&r1=555399&r2=555400
==============================================================================
--- portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/audit/AuditActivity.java
(original)
+++ portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/audit/AuditActivity.java
Wed Jul 11 14:17:49 2007
@@ -62,9 +62,11 @@
     
     // General Categories
     public static final String CAT_USER_AUTHENTICATION = "authentication";
+    public static final String CAT_USER_ATTRIBUTE = "user-attribute";
     public static final String CAT_ADMIN_USER_MAINTENANCE = "user";
     public static final String CAT_ADMIN_CREDENTIAL_MAINTENANCE = "credential";
     public static final String CAT_ADMIN_ATTRIBUTE_MAINTENANCE = "attribute";
+    public static final String CAT_ADMIN_AUTHORIZATION_MAINTENANCE = "authorization";   

     
     /**
      * Enable or disable the service at runtime
@@ -111,6 +113,8 @@
      */
     public void logAdminCredentialActivity(String username, String ipaddress, String targetUser,
String activity, String description);
     
+    public void logAdminAuthorizationActivity(String username, String ipaddress, String targetUser,
String activity, String name, String description);
+    
     /**
      * Log auditable activity by an administrator on attirbutes on behalf of a user
      * 
@@ -119,11 +123,25 @@
      * @param targetUser
      * @param activity
      * @param name
-     * @param value
+     * @param beforeValue
+     * @param afterValue
      * @param description
      */
-    public void logAdminAttributeActivity(String username, String ipaddress, String targetUser,
String activity, String name, String value, String description);
-    
+    public void logAdminAttributeActivity(String username, String ipaddress, String targetUser,
String activity, String name, String beforeValue, String afterValue, String description);
+
+    /**
+     * Log auditable activity by an administrator on attirbutes on behalf of a user
+     * 
+     * @param username
+     * @param ipaddress
+     * @param activity
+     * @param name
+     * @param beforeValue
+     * @param afterValue
+     * @param description
+     */
+    public void logUserAttributeActivity(String username, String ipaddress, String activity,
String name, String beforeValue, String afterValue, String description);
+
     /**
      * @return DataSource in use by the logger useful for writing decent tests
      */



---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org


Mime
View raw message