Index: lams_admin/src/java/org/lamsfoundation/lams/admin/service/ImportService.java =================================================================== diff -u -r4926c338950b14089e996697df38ff481048da79 -r351f9417a32d396911387eeef3117fd40be35b7c --- lams_admin/src/java/org/lamsfoundation/lams/admin/service/ImportService.java (.../ImportService.java) (revision 4926c338950b14089e996697df38ff481048da79) +++ lams_admin/src/java/org/lamsfoundation/lams/admin/service/ImportService.java (.../ImportService.java) (revision 351f9417a32d396911387eeef3117fd40be35b7c) @@ -64,6 +64,7 @@ import org.lamsfoundation.lams.util.MessageService; import org.lamsfoundation.lams.util.ValidationUtil; import org.lamsfoundation.lams.util.WebUtil; +import org.lamsfoundation.lams.web.filter.AuditLogFilter; import org.lamsfoundation.lams.web.session.SessionManager; import org.lamsfoundation.lams.web.util.AttributeNames; @@ -926,6 +927,8 @@ String message = messageService.getMessage(key, args); logEventService.logEvent(LogEvent.TYPE_USER_ORG_ADMIN, userDTO != null ? userDTO.getUserID() : null, null, null, null, message); + + AuditLogFilter.log(userDTO, AuditLogFilter.USER_BULK_ADD_ACTION, message); } // --------------------------------------------------------------------- Index: lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/CloneLessonsController.java =================================================================== diff -u -rf2ad75cef0c507a64877942631fee13efbc6ed50 -r351f9417a32d396911387eeef3117fd40be35b7c --- lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/CloneLessonsController.java (.../CloneLessonsController.java) (revision f2ad75cef0c507a64877942631fee13efbc6ed50) +++ lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/CloneLessonsController.java (.../CloneLessonsController.java) (revision 351f9417a32d396911387eeef3117fd40be35b7c) @@ -31,7 +31,6 @@ import javax.servlet.http.HttpServletResponse; import org.apache.commons.lang.StringUtils; -import org.apache.log4j.Logger; import org.lamsfoundation.lams.lesson.Lesson; import org.lamsfoundation.lams.lesson.service.ILessonService; import org.lamsfoundation.lams.monitoring.service.IMonitoringService; @@ -55,8 +54,6 @@ @Controller @RequestMapping("/clone") public class CloneLessonsController { - private static final Logger log = Logger.getLogger(CloneLessonsController.class); - @Autowired private IUserManagementService userManagementService; @Autowired Index: lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/ConfigController.java =================================================================== diff -u -rc4e36699eb3bd56b59e196872bf4fb46b9f3730c -r351f9417a32d396911387eeef3117fd40be35b7c --- lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/ConfigController.java (.../ConfigController.java) (revision c4e36699eb3bd56b59e196872bf4fb46b9f3730c) +++ lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/ConfigController.java (.../ConfigController.java) (revision 351f9417a32d396911387eeef3117fd40be35b7c) @@ -37,6 +37,7 @@ import org.lamsfoundation.lams.util.Configuration; import org.lamsfoundation.lams.util.LanguageUtil; import org.lamsfoundation.lams.util.MessageService; +import org.lamsfoundation.lams.web.filter.AuditLogFilter; import org.lamsfoundation.lams.web.session.SessionManager; import org.lamsfoundation.lams.web.util.AttributeNames; import org.springframework.beans.factory.annotation.Autowired; @@ -134,6 +135,8 @@ String changeLogString = changeLog.insert(0, "Configuration changed: ").substring(0, changeLog.length() - 2); logEventService.logEvent(LogEvent.TYPE_CONFIG_CHANGE, getUserId(), null, null, null, changeLogString); + + AuditLogFilter.log(AuditLogFilter.CONFIG_CHANGE_ACTION, changeLogString); } Configuration.refreshCache(); Index: lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/ExtServerManagementController.java =================================================================== diff -u -rc4e36699eb3bd56b59e196872bf4fb46b9f3730c -r351f9417a32d396911387eeef3117fd40be35b7c --- lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/ExtServerManagementController.java (.../ExtServerManagementController.java) (revision c4e36699eb3bd56b59e196872bf4fb46b9f3730c) +++ lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/ExtServerManagementController.java (.../ExtServerManagementController.java) (revision 351f9417a32d396911387eeef3117fd40be35b7c) @@ -36,6 +36,7 @@ import org.lamsfoundation.lams.usermanagement.service.IUserManagementService; import org.lamsfoundation.lams.util.MessageService; import org.lamsfoundation.lams.util.WebUtil; +import org.lamsfoundation.lams.web.filter.AuditLogFilter; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.stereotype.Controller; @@ -60,7 +61,7 @@ @Autowired @Qualifier("adminMessageService") private MessageService messageService; - + @RequestMapping(path = "/serverlist") public String serverlist(HttpServletRequest request) throws Exception { List extServers = integrationService.getAllExtServers(); @@ -71,7 +72,7 @@ @RequestMapping(path = "/edit") public String edit(@ModelAttribute ExtServerForm extServerForm, HttpServletRequest request) throws Exception { - + Integer sid = WebUtil.readIntParam(request, "sid", true); if (sid != null) { ExtServer map = integrationService.getExtServer(sid); @@ -106,7 +107,7 @@ errorMap.add("userinfoUrl", messageService.getMessage("error.required", new Object[] { messageService.getMessage("sysadmin.userinfoUrl") })); } - + Integer sid = extServerForm.getSid(); if (errorMap.isEmpty()) {//check duplication List listServer = userManagementService.findByProperty(ExtServer.class, "serverid", @@ -131,7 +132,7 @@ errorMap.add("prefix", messageService.getMessage("error.not.unique", new Object[] { messageService.getMessage("sysadmin.prefix") })); } else { - ExtServer map = (ExtServer) listPrefix.get(0); + ExtServer map = listPrefix.get(0); if (!map.getSid().equals(sid)) { errorMap.add("prefix", messageService.getMessage("error.not.unique", new Object[] { messageService.getMessage("sysadmin.prefix") })); @@ -147,9 +148,15 @@ BeanUtils.copyProperties(map, extServerForm); map.setSid(null); map.setServerTypeId(ExtServer.INTEGRATION_SERVER_TYPE); + + AuditLogFilter.log(AuditLogFilter.INTEGRATED_SERVER_ADD_ACTION, + "integrated server name: " + map.getServerid()); } else { map = integrationService.getExtServer(sid); BeanUtils.copyProperties(map, extServerForm); + + AuditLogFilter.log(AuditLogFilter.INTEGRATED_SERVER_EDIT_ACTION, + "integrated server name: " + map.getServerid()); } integrationService.saveExtServer(map); return "forward:/extserver/serverlist.do"; @@ -165,6 +172,10 @@ ExtServer map = integrationService.getExtServer(sid); map.setDisabled(true); integrationService.saveExtServer(map); + + AuditLogFilter.log(AuditLogFilter.INTEGRATED_SERVER_DISABLE_ACTION, + "integrated server name: " + map.getServerid()); + return "redirect:/extserver/serverlist.do"; } @@ -174,13 +185,22 @@ ExtServer map = integrationService.getExtServer(sid); map.setDisabled(false); integrationService.saveExtServer(map); + + AuditLogFilter.log(AuditLogFilter.INTEGRATED_SERVER_ENABLE_ACTION, + "integrated server name: " + map.getServerid()); + return "redirect:/extserver/serverlist.do"; } @RequestMapping(path = "/delete", method = RequestMethod.POST) public String delete(HttpServletRequest request) throws Exception { Integer sid = WebUtil.readIntParam(request, "sid", false); - userManagementService.deleteById(ExtServer.class, sid); + ExtServer extServer = integrationService.getExtServer(sid); + + AuditLogFilter.log(AuditLogFilter.INTEGRATED_SERVER_DELETE_ACTION, + "integrated server name: " + extServer.getServerid()); + + userManagementService.delete(extServer); return "redirect:/extserver/serverlist.do"; } Index: lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/LtiConsumerManagementController.java =================================================================== diff -u -rc4e36699eb3bd56b59e196872bf4fb46b9f3730c -r351f9417a32d396911387eeef3117fd40be35b7c --- lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/LtiConsumerManagementController.java (.../LtiConsumerManagementController.java) (revision c4e36699eb3bd56b59e196872bf4fb46b9f3730c) +++ lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/LtiConsumerManagementController.java (.../LtiConsumerManagementController.java) (revision 351f9417a32d396911387eeef3117fd40be35b7c) @@ -23,6 +23,7 @@ import org.lamsfoundation.lams.util.LanguageUtil; import org.lamsfoundation.lams.util.MessageService; import org.lamsfoundation.lams.util.WebUtil; +import org.lamsfoundation.lams.web.filter.AuditLogFilter; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.stereotype.Controller; @@ -125,17 +126,38 @@ ltiConsumer.setDisabled(disable); integrationService.saveExtServer(ltiConsumer); + AuditLogFilter.log(AuditLogFilter.LTI_INTEGRATED_SERVER_DISABLE_ACTION, + "integrated server name: " + ltiConsumer.getServerid()); + return start(request); } + @RequestMapping(path = "/enable", method = RequestMethod.POST) + public String enable(HttpServletRequest request) throws Exception { + Integer sid = WebUtil.readIntParam(request, "sid", false); + ExtServer ltiConsumer = integrationService.getExtServer(sid); + ltiConsumer.setDisabled(false); + integrationService.saveExtServer(ltiConsumer); + + AuditLogFilter.log(AuditLogFilter.LTI_INTEGRATED_SERVER_ENABLE_ACTION, + "LTI integrated server name: " + ltiConsumer.getServerid()); + + return "redirect:/extserver/serverlist.do"; + } + /** * Removes specified LTI tool consumer */ @RequestMapping(path = "/delete", method = RequestMethod.POST) public String delete(HttpServletRequest request) throws Exception { Integer sid = WebUtil.readIntParam(request, "sid", true); - userManagementService.deleteById(ExtServer.class, sid); + ExtServer extServer = integrationService.getExtServer(sid); + AuditLogFilter.log(AuditLogFilter.LTI_INTEGRATED_SERVER_DELETE_ACTION, + "LTI integrated server name: " + extServer.getServerid()); + + userManagementService.delete(extServer); + return start(request); } @@ -207,9 +229,14 @@ ltiConsumer.setServerTypeId(ExtServer.LTI_CONSUMER_SERVER_TYPE); ltiConsumer.setUserinfoUrl("blank"); + AuditLogFilter.log(AuditLogFilter.LTI_INTEGRATED_SERVER_ADD_ACTION, + "LTI integrated server name: " + ltiConsumer.getServerid()); } else { ltiConsumer = integrationService.getExtServer(sid); BeanUtils.copyProperties(ltiConsumer, ltiConsumerForm); + + AuditLogFilter.log(AuditLogFilter.LTI_INTEGRATED_SERVER_EDIT_ACTION, + "LTI integrated server name: " + ltiConsumer.getServerid()); } ltiConsumer.setTimeToLiveLoginRequestEnabled(false); Index: lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/OrgSaveController.java =================================================================== diff -u -r1ef1213820fe7ff7c6f4a9238b3f489a25012c63 -r351f9417a32d396911387eeef3117fd40be35b7c --- lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/OrgSaveController.java (.../OrgSaveController.java) (revision 1ef1213820fe7ff7c6f4a9238b3f489a25012c63) +++ lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/OrgSaveController.java (.../OrgSaveController.java) (revision 351f9417a32d396911387eeef3117fd40be35b7c) @@ -41,6 +41,7 @@ import org.lamsfoundation.lams.usermanagement.service.IUserManagementService; import org.lamsfoundation.lams.util.MessageService; import org.lamsfoundation.lams.util.ValidationUtil; +import org.lamsfoundation.lams.web.filter.AuditLogFilter; import org.lamsfoundation.lams.web.session.SessionManager; import org.lamsfoundation.lams.web.util.AttributeNames; import org.springframework.beans.factory.annotation.Autowired; @@ -60,12 +61,12 @@ public class OrgSaveController { private static Logger log = Logger.getLogger(OrgSaveController.class); - + @Autowired private ILogEventService logEventService; @Autowired private IUserManagementService userManagementService; - + @Autowired @Qualifier("adminMessageService") private MessageService messageService; @@ -110,10 +111,10 @@ } else { org = new Organisation(); BeanUtils.copyProperties(org, organisationForm); - org.setParentOrganisation( - (Organisation) userManagementService.findById(Organisation.class, organisationForm.getParentId())); - org.setOrganisationType( - (OrganisationType) userManagementService.findById(OrganisationType.class, organisationForm.getTypeId())); + org.setParentOrganisation((Organisation) userManagementService.findById(Organisation.class, + organisationForm.getParentId())); + org.setOrganisationType((OrganisationType) userManagementService.findById(OrganisationType.class, + organisationForm.getTypeId())); writeAuditLog(user, org, organisationForm, org.getOrganisationState()); } org.setOrganisationState(state); @@ -146,6 +147,9 @@ message = messageService.getMessage(key, args); logEventService.logEvent(LogEvent.TYPE_USER_ORG_ADMIN, user != null ? user.getUserID() : null, null, null, null, message); + + AuditLogFilter.log(user, AuditLogFilter.ORGANISATION_STATE_CHANGE_ACTION, message); + } if (!StringUtils.equals(org.getName(), orgForm.getName())) { args[0] = "name"; @@ -154,6 +158,8 @@ message = messageService.getMessage(key, args); logEventService.logEvent(LogEvent.TYPE_USER_ORG_ADMIN, user != null ? user.getUserID() : null, null, null, null, message); + + AuditLogFilter.log(user, AuditLogFilter.ORGANISATION_EDIT_ACTION, message); } if (!StringUtils.equals(org.getCode(), orgForm.getCode())) { args[0] = "code"; @@ -162,6 +168,8 @@ message = messageService.getMessage(key, args); logEventService.logEvent(LogEvent.TYPE_USER_ORG_ADMIN, user != null ? user.getUserID() : null, null, null, null, message); + + AuditLogFilter.log(user, AuditLogFilter.ORGANISATION_EDIT_ACTION, message); } if (!StringUtils.equals(org.getDescription(), orgForm.getDescription())) { args[0] = "description"; @@ -170,6 +178,8 @@ message = messageService.getMessage(key, args); logEventService.logEvent(LogEvent.TYPE_USER_ORG_ADMIN, user != null ? user.getUserID() : null, null, null, null, message); + + AuditLogFilter.log(user, AuditLogFilter.ORGANISATION_EDIT_ACTION, message); } if (!org.getCourseAdminCanAddNewUsers().equals(orgForm.isCourseAdminCanAddNewUsers())) { args[0] = "courseAdminCanAddNewUsers"; @@ -178,6 +188,8 @@ message = messageService.getMessage(key, args); logEventService.logEvent(LogEvent.TYPE_USER_ORG_ADMIN, user != null ? user.getUserID() : null, null, null, null, message); + + AuditLogFilter.log(user, AuditLogFilter.ORGANISATION_EDIT_ACTION, message); } if (!org.getCourseAdminCanBrowseAllUsers().equals(orgForm.isCourseAdminCanAddNewUsers())) { args[0] = "courseAdminCanBrowseAllUsers"; @@ -186,6 +198,8 @@ message = messageService.getMessage(key, args); logEventService.logEvent(LogEvent.TYPE_USER_ORG_ADMIN, user != null ? user.getUserID() : null, null, null, null, message); + + AuditLogFilter.log(user, AuditLogFilter.ORGANISATION_EDIT_ACTION, message); } if (!org.getCourseAdminCanChangeStatusOfCourse().equals(orgForm.isCourseAdminCanChangeStatusOfCourse())) { args[0] = "courseAdminCanChangeStatusOfCourse"; @@ -194,6 +208,8 @@ message = messageService.getMessage(key, args); logEventService.logEvent(LogEvent.TYPE_USER_ORG_ADMIN, user != null ? user.getUserID() : null, null, null, null, message); + + AuditLogFilter.log(user, AuditLogFilter.ORGANISATION_EDIT_ACTION, message); } } else { String[] args = new String[2]; @@ -202,7 +218,8 @@ message = messageService.getMessage("audit.organisation.create", args); logEventService.logEvent(LogEvent.TYPE_USER_ORG_ADMIN, user != null ? user.getUserID() : null, null, null, null, message); + + AuditLogFilter.log(user, AuditLogFilter.ORGANISATION_ADD_ACTION, message); } } - -} +} \ No newline at end of file Index: lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/OrganisationController.java =================================================================== diff -u -r1ef1213820fe7ff7c6f4a9238b3f489a25012c63 -r351f9417a32d396911387eeef3117fd40be35b7c --- lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/OrganisationController.java (.../OrganisationController.java) (revision 1ef1213820fe7ff7c6f4a9238b3f489a25012c63) +++ lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/OrganisationController.java (.../OrganisationController.java) (revision 351f9417a32d396911387eeef3117fd40be35b7c) @@ -25,7 +25,6 @@ import java.io.IOException; import java.util.List; -import java.util.Set; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -34,6 +33,7 @@ import org.apache.commons.beanutils.BeanUtils; import org.apache.log4j.Logger; import org.lamsfoundation.lams.admin.web.form.OrganisationForm; +import org.lamsfoundation.lams.lesson.Lesson; import org.lamsfoundation.lams.lesson.service.ILessonService; import org.lamsfoundation.lams.monitoring.service.IMonitoringService; import org.lamsfoundation.lams.security.ISecurityService; @@ -45,6 +45,7 @@ import org.lamsfoundation.lams.usermanagement.service.IUserManagementService; import org.lamsfoundation.lams.util.MessageService; import org.lamsfoundation.lams.util.WebUtil; +import org.lamsfoundation.lams.web.filter.AuditLogFilter; import org.lamsfoundation.lams.web.session.SessionManager; import org.lamsfoundation.lams.web.util.AttributeNames; import org.springframework.beans.factory.annotation.Autowired; @@ -75,7 +76,7 @@ @Autowired @Qualifier("lessonService") private ILessonService lessonService; - + private static List status; @RequestMapping(path = "/edit") @@ -92,8 +93,7 @@ if (userManagementService.canEditGroup(userId, orgId)) { // edit existing organisation if (orgId != null) { - Organisation org = (Organisation) userManagementService.findById(Organisation.class, - orgId); + Organisation org = (Organisation) userManagementService.findById(Organisation.class, orgId); BeanUtils.copyProperties(organisationForm, org); organisationForm.setParentId(org.getParentOrganisation().getOrganisationId()); organisationForm.setParentName(org.getParentOrganisation().getName()); @@ -103,7 +103,7 @@ // find a course or subcourse with any lessons, so we warn user when he tries to delete the course Integer courseToDeleteLessons = org.getLessons().size() > 0 ? orgId : null; if (courseToDeleteLessons == null) { - for (Organisation subcourse : (Set) org.getChildOrganisations()) { + for (Organisation subcourse : org.getChildOrganisations()) { if (subcourse.getLessons().size() > 0) { courseToDeleteLessons = subcourse.getOrganisationId(); break; @@ -113,8 +113,7 @@ request.setAttribute("courseToDeleteLessons", courseToDeleteLessons); } request.getSession().setAttribute("status", status); - if (userManagementService.isUserSysAdmin() - || userManagementService.isUserGlobalGroupManager()) { + if (userManagementService.isUserSysAdmin() || userManagementService.isUserGlobalGroupManager()) { return "organisation/createOrEdit"; } else { return "organisation/courseAdminEdit"; @@ -144,8 +143,7 @@ organisationForm.setOrgId(null); Integer parentId = WebUtil.readIntParam(request, "parentId", true); if (parentId != null) { - Organisation parentOrg = (Organisation) userManagementService.findById(Organisation.class, - parentId); + Organisation parentOrg = (Organisation) userManagementService.findById(Organisation.class, parentId); organisationForm.setParentName(parentOrg.getName()); } request.getSession().setAttribute("status", status); @@ -159,7 +157,8 @@ @ResponseBody public String getOrganisationIdByName(HttpServletRequest request, HttpServletResponse response) throws IOException { String organisationName = WebUtil.readStrParam(request, "name"); - List organisations = userManagementService.findByProperty(Organisation.class, "name", organisationName); + List organisations = userManagementService.findByProperty(Organisation.class, "name", + organisationName); if (!organisations.isEmpty()) { response.setContentType("text/plain;charset=utf-8"); response.getWriter().print(organisations.get(0).getOrganisationId()); @@ -196,17 +195,27 @@ Integer organisationId = WebUtil.readIntParam(request, "orgId"); Organisation organisation = (Organisation) userManagementService.findById(Organisation.class, organisationId); List lessonIDs = lessonService.getOrganisationLessons(organisationId); - for ( Long lessonId : lessonIDs) { + StringBuilder logMessageBuilder = new StringBuilder("removed permanently lessons in organisation \"") + .append(organisation.getName()).append("\": "); + for (Long lessonId : lessonIDs) { + Lesson lesson = lessonService.getLesson(lessonId); + logMessageBuilder.append("\"").append(lesson.getLessonName()).append("\" (").append(lessonId) + .append("), )"); log.info("Deleting lesson: " + lessonId); // role is checked in this method. This method requires that the lesson object has not be loaded into the Hibernate cache monitoringService.removeLessonPermanently(lessonId, userID); + if (limit != null) { limit--; if (limit == 0) { break; } } } + + logMessageBuilder.delete(logMessageBuilder.length() - 2, logMessageBuilder.length()); + AuditLogFilter.log(AuditLogFilter.LESSON_REMOVE_PERMAMENTLY_ACTION, logMessageBuilder); + response.setContentType("application/json;charset=utf-8"); response.getWriter().print(organisation.getLessons().size()); return null; Index: lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/PolicyManagementController.java =================================================================== diff -u -r3a9b27c6f8b3eb0462a2a9d91a6aa0b43645442f -r351f9417a32d396911387eeef3117fd40be35b7c --- lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/PolicyManagementController.java (.../PolicyManagementController.java) (revision 3a9b27c6f8b3eb0462a2a9d91a6aa0b43645442f) +++ lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/PolicyManagementController.java (.../PolicyManagementController.java) (revision 351f9417a32d396911387eeef3117fd40be35b7c) @@ -22,6 +22,7 @@ import org.lamsfoundation.lams.usermanagement.service.IUserManagementService; import org.lamsfoundation.lams.util.DateUtil; import org.lamsfoundation.lams.util.WebUtil; +import org.lamsfoundation.lams.web.filter.AuditLogFilter; import org.lamsfoundation.lams.web.session.SessionManager; import org.lamsfoundation.lams.web.util.AttributeNames; import org.springframework.beans.factory.annotation.Autowired; @@ -157,6 +158,10 @@ policy.setLastModified(new Date()); userManagementService.save(policy); + if (oldPolicy == null) { + AuditLogFilter.log(AuditLogFilter.POLICY_ADD_ACTION, "policy name: " + policy.getPolicyName()); + } + return "redirect:list.do"; } Index: lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/SignupManagementController.java =================================================================== diff -u -rc4e36699eb3bd56b59e196872bf4fb46b9f3730c -r351f9417a32d396911387eeef3117fd40be35b7c --- lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/SignupManagementController.java (.../SignupManagementController.java) (revision c4e36699eb3bd56b59e196872bf4fb46b9f3730c) +++ lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/SignupManagementController.java (.../SignupManagementController.java) (revision 351f9417a32d396911387eeef3117fd40be35b7c) @@ -4,7 +4,6 @@ import java.util.List; import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; import org.apache.commons.lang.StringUtils; import org.apache.log4j.Logger; @@ -15,6 +14,7 @@ import org.lamsfoundation.lams.usermanagement.service.IUserManagementService; import org.lamsfoundation.lams.util.MessageService; import org.lamsfoundation.lams.util.WebUtil; +import org.lamsfoundation.lams.web.filter.AuditLogFilter; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.stereotype.Controller; @@ -100,13 +100,18 @@ } else { // proceed SignupOrganisation signup; + Organisation organisation = (Organisation) userManagementService.findById(Organisation.class, + signupForm.getOrganisationId()); if (signupForm.getSignupOrganisationId() != null && signupForm.getSignupOrganisationId() > 0) { // form was editing existing signup = (SignupOrganisation) userManagementService.findById(SignupOrganisation.class, signupForm.getSignupOrganisationId()); } else { signup = new SignupOrganisation(); signup.setCreateDate(new Date()); + + AuditLogFilter.log(AuditLogFilter.SIGNUP_PAGE_ADD_ACTION, + "signup for organisation: " + organisation.getName()); } signup.setAddToLessons(signupForm.isAddToLessons()); signup.setAddAsStaff(signupForm.isAddAsStaff()); @@ -115,8 +120,7 @@ signup.setEmailVerify(signupForm.getEmailVerify()); signup.setDisabled(signupForm.isDisabled()); signup.setLoginTabActive(signupForm.isLoginTabActive()); - signup.setOrganisation((Organisation) userManagementService.findById(Organisation.class, - signupForm.getOrganisationId())); + signup.setOrganisation(organisation); signup.setCourseKey(signupForm.getCourseKey()); signup.setBlurb(signupForm.getBlurb()); signup.setContext(signupForm.getContext()); @@ -140,7 +144,13 @@ Integer soid = WebUtil.readIntParam(request, "soid"); if (soid != null && soid > 0) { - userManagementService.deleteById(SignupOrganisation.class, soid); + SignupOrganisation signupOrganisation = (SignupOrganisation) userManagementService + .findById(SignupOrganisation.class, soid); + + AuditLogFilter.log(AuditLogFilter.SIGNUP_PAGE_ADD_ACTION, + "signup for organisation: " + signupOrganisation.getOrganisation().getName()); + + userManagementService.delete(signupOrganisation); } return "redirect:/signupManagement/start.do"; Index: lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/TimezoneManagementController.java =================================================================== diff -u -rc4e36699eb3bd56b59e196872bf4fb46b9f3730c -r351f9417a32d396911387eeef3117fd40be35b7c --- lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/TimezoneManagementController.java (.../TimezoneManagementController.java) (revision c4e36699eb3bd56b59e196872bf4fb46b9f3730c) +++ lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/TimezoneManagementController.java (.../TimezoneManagementController.java) (revision 351f9417a32d396911387eeef3117fd40be35b7c) @@ -27,6 +27,7 @@ import org.lamsfoundation.lams.timezone.Timezone; import org.lamsfoundation.lams.timezone.dto.TimezoneDTO; import org.lamsfoundation.lams.timezone.service.ITimezoneService; +import org.lamsfoundation.lams.web.filter.AuditLogFilter; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Controller; import org.springframework.ui.Model; @@ -70,6 +71,8 @@ public String changeServerTimezone(@RequestParam String serverTimezone) throws Exception { timezoneService.setServerTimezone(serverTimezone); + AuditLogFilter.log(AuditLogFilter.TIMEZONE_CHANGE_ACTION, "server time zone: " + serverTimezone); + return "forward:start.do?saved=true"; } } \ No newline at end of file Index: lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/UserController.java =================================================================== diff -u -r346836ed4a3680af233482b184e7371ec5b620bc -r351f9417a32d396911387eeef3117fd40be35b7c --- lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/UserController.java (.../UserController.java) (revision 346836ed4a3680af233482b184e7371ec5b620bc) +++ lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/UserController.java (.../UserController.java) (revision 351f9417a32d396911387eeef3117fd40be35b7c) @@ -57,6 +57,7 @@ import org.lamsfoundation.lams.util.LanguageUtil; import org.lamsfoundation.lams.util.MessageService; import org.lamsfoundation.lams.util.WebUtil; +import org.lamsfoundation.lams.web.filter.AuditLogFilter; import org.lamsfoundation.lams.web.session.SessionManager; import org.lamsfoundation.lams.web.util.AttributeNames; import org.springframework.beans.factory.annotation.Autowired; @@ -323,6 +324,7 @@ String message = messageService.getMessage("audit.user.disable", args); logEventService.logEvent(LogEvent.TYPE_USER_ORG_ADMIN, sysadmin != null ? sysadmin.getUserID() : null, userId, null, null, message); + if ((orgId == null) || (orgId == 0)) { return "forward:../usersearch.do"; } else { @@ -378,6 +380,8 @@ user.setDisabledFlag(false); userManagementService.saveUser(user); + AuditLogFilter.log(AuditLogFilter.USER_ENABLE_ACTION, "user login: " + user.getLogin()); + return "forward:/disabledmanage.do"; } Index: lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/UserOrgRoleSaveController.java =================================================================== diff -u -r94a1023cbda3eab32ccba7c3f94c729bb0a32b28 -r351f9417a32d396911387eeef3117fd40be35b7c --- lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/UserOrgRoleSaveController.java (.../UserOrgRoleSaveController.java) (revision 94a1023cbda3eab32ccba7c3f94c729bb0a32b28) +++ lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/UserOrgRoleSaveController.java (.../UserOrgRoleSaveController.java) (revision 351f9417a32d396911387eeef3117fd40be35b7c) @@ -34,6 +34,7 @@ import org.apache.log4j.Logger; import org.lamsfoundation.lams.admin.web.dto.UserBean; import org.lamsfoundation.lams.admin.web.form.UserOrgRoleForm; +import org.lamsfoundation.lams.usermanagement.Organisation; import org.lamsfoundation.lams.usermanagement.Role; import org.lamsfoundation.lams.usermanagement.User; import org.lamsfoundation.lams.usermanagement.service.IUserManagementService; @@ -78,6 +79,7 @@ request.setAttribute("org", orgId); request.getSession().removeAttribute("userOrgRoleForm"); + Organisation organisation = (Organisation) userManagementService.findById(Organisation.class, orgId); // save UserOrganisation memberships, and the associated roles; // for subgroups, if user is not a member of the parent group then add to that as well. for (int i = 0; i < userBeans.size(); i++) { @@ -95,7 +97,7 @@ } userManagementService.setRolesForUserOrganisation(user, orgId, Arrays.asList(roleIds)); - auditLog(orgId, user.getUserId(), roleIds); + auditLog(organisation, user.getUserId(), roleIds); // FMALIKOFF 5/7/7 Commented out the following code that set the roles in the course if the current org is a class, as the logic // is done in service.setRolesForUserOrganisation() @@ -108,11 +110,14 @@ return "redirect:/usermanage.do?org=" + orgId; } - private void auditLog(Integer organisationId, Integer userId, String[] roleIds) { + private void auditLog(Organisation organisation, Integer userId, String[] roleIds) { List roles = Stream.of(roleIds).collect(Collectors .mapping(roleId -> Role.ROLE_MAP.get(Integer.valueOf(roleId)), Collectors.toUnmodifiableList())); - StringBuilder auditLogMessage = new StringBuilder("assigned to user ").append(userId).append(" roles ") - .append(roles).append(" in organisation ").append(organisationId); - AuditLogFilter.log(auditLogMessage); + User targetUser = userManagementService.getUserById(userId); + StringBuilder auditLogMessage = new StringBuilder("assigned to user ").append(targetUser.getFirstName()) + .append(" ").append(targetUser.getLastName()).append(" (").append(targetUser.getLogin()) + .append(") roles ").append(roles).append(" in organisation \"").append(organisation.getName()) + .append("\""); + AuditLogFilter.log(AuditLogFilter.ROLE_ADD_ACTION, auditLogMessage); } } \ No newline at end of file Index: lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/UserOrgSaveController.java =================================================================== diff -u -r94a1023cbda3eab32ccba7c3f94c729bb0a32b28 -r351f9417a32d396911387eeef3117fd40be35b7c --- lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/UserOrgSaveController.java (.../UserOrgSaveController.java) (revision 94a1023cbda3eab32ccba7c3f94c729bb0a32b28) +++ lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/UserOrgSaveController.java (.../UserOrgSaveController.java) (revision 351f9417a32d396911387eeef3117fd40be35b7c) @@ -25,6 +25,7 @@ import java.util.ArrayList; import java.util.Arrays; +import java.util.Collection; import java.util.Collections; import java.util.Iterator; import java.util.List; @@ -158,7 +159,7 @@ organisation.setUserOrganisations(uos); userManagementService.save(organisation); - auditLog(orgId, + auditLog(organisation, newUserOrganisations.stream().collect( Collectors.mapping(uo -> uo.getUser().getUserId(), Collectors.toCollection(TreeSet::new))), removedUserIds, canEditRole); @@ -184,27 +185,29 @@ } } - private void auditLog(Integer organisationId, Set addedUserIds, Set removedUserIds, + private void auditLog(Organisation organisation, Set addedUserIds, Set removedUserIds, boolean canEditRole) { - if (addedUserIds.isEmpty() && removedUserIds.isEmpty()) { - return; - } - - StringBuilder auditLogMessage = new StringBuilder(); if (!addedUserIds.isEmpty()) { - auditLogMessage.append("added users ").append(addedUserIds).append(" "); - if (!canEditRole) { - auditLogMessage.append("and assigned them LEARNER role "); - } - if (!removedUserIds.isEmpty()) { - auditLogMessage.append("and "); - } + StringBuilder auditLogMessage = new StringBuilder(); + auditLogMessage.append("Added users ").append(getUserNamesForLog(addedUserIds)) + .append(" to organisation \"").append(organisation.getName()).append("\""); + AuditLogFilter.log(AuditLogFilter.USER_ENROLL_ACTION, auditLogMessage); } if (!removedUserIds.isEmpty()) { - auditLogMessage.append("removed users ").append(removedUserIds); + StringBuilder auditLogMessage = new StringBuilder(); + auditLogMessage.append("Removed users ").append(getUserNamesForLog(addedUserIds)) + .append(" from organisation \"").append(organisation.getName()).append("\""); + AuditLogFilter.log(AuditLogFilter.USER_UNENROLL_ACTION, auditLogMessage); } - auditLogMessage.append(" to/from organisation ").append(organisationId); + } - AuditLogFilter.log(auditLogMessage); + private String getUserNamesForLog(Collection userIds) { + StringBuilder userNames = new StringBuilder(); + for (Integer userId : userIds) { + User user = userManagementService.getUserById(userId); + userNames.append(user.getFirstName()).append(user.getFirstName()).append(" ").append(user.getLastName()) + .append(" (").append(user.getLogin()).append("), "); + } + return userNames.delete(userNames.length() - 2, userNames.length()).toString(); } } \ No newline at end of file Index: lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/UserRolesSaveController.java =================================================================== diff -u -r94a1023cbda3eab32ccba7c3f94c729bb0a32b28 -r351f9417a32d396911387eeef3117fd40be35b7c --- lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/UserRolesSaveController.java (.../UserRolesSaveController.java) (revision 94a1023cbda3eab32ccba7c3f94c729bb0a32b28) +++ lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/UserRolesSaveController.java (.../UserRolesSaveController.java) (revision 351f9417a32d396911387eeef3117fd40be35b7c) @@ -101,16 +101,19 @@ userManagementService.setRolesForUserOrganisation(user, orgId, Arrays.asList(roles)); - auditLog(orgId, userId, roles); + auditLog(org, userId, roles); return "redirect:/usermanage.do?org=" + orgId; } - private void auditLog(Integer organisationId, Integer userId, String[] roleIds) { + private void auditLog(Organisation organisation, Integer userId, String[] roleIds) { List roles = Stream.of(roleIds).collect(Collectors .mapping(roleId -> Role.ROLE_MAP.get(Integer.valueOf(roleId)), Collectors.toUnmodifiableList())); - StringBuilder auditLogMessage = new StringBuilder("assigned to user ").append(userId).append(" roles ") - .append(roles).append(" in organisation ").append(organisationId); - AuditLogFilter.log(auditLogMessage); + User targetUser = userManagementService.getUserById(userId); + StringBuilder auditLogMessage = new StringBuilder("assigned to user ").append(targetUser.getFirstName()) + .append(" ").append(targetUser.getLastName()).append(" (").append(targetUser.getLogin()) + .append(") roles ").append(roles).append(" in organisation \"").append(organisation.getName()) + .append("\""); + AuditLogFilter.log(AuditLogFilter.ROLE_ADD_ACTION, auditLogMessage); } -} +} \ No newline at end of file Index: lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/UserSaveController.java =================================================================== diff -u -r65ed3834599c7868a2f7948a02500b28b071b579 -r351f9417a32d396911387eeef3117fd40be35b7c --- lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/UserSaveController.java (.../UserSaveController.java) (revision 65ed3834599c7868a2f7948a02500b28b071b579) +++ lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/UserSaveController.java (.../UserSaveController.java) (revision 351f9417a32d396911387eeef3117fd40be35b7c) @@ -46,6 +46,7 @@ import org.lamsfoundation.lams.util.MessageService; import org.lamsfoundation.lams.util.ValidationUtil; import org.lamsfoundation.lams.util.WebUtil; +import org.lamsfoundation.lams.web.filter.AuditLogFilter; import org.lamsfoundation.lams.web.session.SessionManager; import org.lamsfoundation.lams.web.util.AttributeNames; import org.springframework.beans.factory.annotation.Autowired; @@ -118,7 +119,7 @@ UserDTO sysadmin = (UserDTO) SessionManager.getSession().getAttribute(AttributeNames.USER); log.debug("orgId: " + orgId); - Boolean edit = false; + boolean edit = false; SupportedLocale locale = (SupportedLocale) userManagementService.findById(SupportedLocale.class, userForm.getLocaleId()); AuthenticationMethod authenticationMethod = (AuthenticationMethod) userManagementService @@ -198,6 +199,8 @@ user.setTheme(cssTheme); userManagementService.saveUser(user); + + AuditLogFilter.log(AuditLogFilter.USER_EDIT_ACTION, "user login: " + user.getLogin()); } else { // create user //password validation @@ -240,12 +243,15 @@ user.setTheme(theme); userManagementService.saveUser(user); + userManagementService.updatePassword(user, password); // make 'create user' audit log entry userManagementService.logUserCreated(user, sysadmin); log.debug("user: " + user.toString()); + + AuditLogFilter.log(AuditLogFilter.USER_ADD_ACTION, "user login: " + user.getLogin()); } } } Index: lams_admin/web/integration/ltiConsumerList.jsp =================================================================== diff -u -r06ae1e4daee7838ea5ceba04ab67633ebfc78997 -r351f9417a32d396911387eeef3117fd40be35b7c --- lams_admin/web/integration/ltiConsumerList.jsp (.../ltiConsumerList.jsp) (revision 06ae1e4daee7838ea5ceba04ab67633ebfc78997) +++ lams_admin/web/integration/ltiConsumerList.jsp (.../ltiConsumerList.jsp) (revision 351f9417a32d396911387eeef3117fd40be35b7c) @@ -62,7 +62,7 @@   - "/> + "/> "/> Index: lams_common/src/java/org/lamsfoundation/lams/integration/security/SsoHandler.java =================================================================== diff -u -r7fe28edd2994800c1cbd0a81b19f398191e00f2e -r351f9417a32d396911387eeef3117fd40be35b7c --- lams_common/src/java/org/lamsfoundation/lams/integration/security/SsoHandler.java (.../SsoHandler.java) (revision 7fe28edd2994800c1cbd0a81b19f398191e00f2e) +++ lams_common/src/java/org/lamsfoundation/lams/integration/security/SsoHandler.java (.../SsoHandler.java) (revision 351f9417a32d396911387eeef3117fd40be35b7c) @@ -266,16 +266,16 @@ Date date = new Date(currentTimeMillis + lockOutTimeMillis); user.setLockOutTime(date); - String messagePayload = new StringBuilder().append("is locked out for ") + StringBuilder messagePayload = new StringBuilder().append("locked out for ") .append(Configuration.getAsInt(ConfigurationKeys.LOCK_OUT_TIME)).append(" mins after ") - .append(failedAttempts).append(" failed attempts.").toString(); + .append(failedAttempts).append(" failed attempts."); String eventMessage = new StringBuilder("User ").append(user.getLogin()).append(" (") - .append(user.getUserId()).append(") ").append(messagePayload).toString(); + .append(user.getUserId()).append(") is ").append(messagePayload).toString(); SsoHandler.getLogEventService(session.getServletContext()).logEvent( LogEvent.TYPE_ACCOUNT_LOCKED, user.getUserId(), user.getUserId(), null, null, eventMessage); - AuditLogFilter.log(user.getUserId(), user.getLogin(), messagePayload); + AuditLogFilter.log(userDTO, AuditLogFilter.ACCOUNT_LOCKED_ACTION, messagePayload); if (log.isDebugEnabled()) { log.debug(eventMessage); Index: lams_common/src/java/org/lamsfoundation/lams/learningdesign/service/LearningDesignService.java =================================================================== diff -u -r05e293bbb56146ae49ecdf2cd1300b8483160d27 -r351f9417a32d396911387eeef3117fd40be35b7c --- lams_common/src/java/org/lamsfoundation/lams/learningdesign/service/LearningDesignService.java (.../LearningDesignService.java) (revision 05e293bbb56146ae49ecdf2cd1300b8483160d27) +++ lams_common/src/java/org/lamsfoundation/lams/learningdesign/service/LearningDesignService.java (.../LearningDesignService.java) (revision 351f9417a32d396911387eeef3117fd40be35b7c) @@ -62,6 +62,7 @@ import org.lamsfoundation.lams.util.FileUtil; import org.lamsfoundation.lams.util.ILoadedMessageSourceService; import org.lamsfoundation.lams.util.MessageService; +import org.lamsfoundation.lams.web.filter.AuditLogFilter; import org.springframework.context.MessageSource; import org.springframework.context.i18n.LocaleContextHolder; @@ -172,6 +173,9 @@ LearningLibrary library = learningLibraryDAO.getLearningLibraryById(learningLibraryId); library.setValidLibrary(valid); learningLibraryDAO.update(library); + + AuditLogFilter.log(valid ? AuditLogFilter.TOOL_ENABLED_ACTION : AuditLogFilter.TOOL_DISABLE_ACTION, + "tool name: " + library.getTitle()); } @Override Index: lams_common/src/java/org/lamsfoundation/lams/policies/service/PolicyService.java =================================================================== diff -u -r86521284ae546f32e01ae0a6bc1dfb99232d19cd -r351f9417a32d396911387eeef3117fd40be35b7c --- lams_common/src/java/org/lamsfoundation/lams/policies/service/PolicyService.java (.../PolicyService.java) (revision 86521284ae546f32e01ae0a6bc1dfb99232d19cd) +++ lams_common/src/java/org/lamsfoundation/lams/policies/service/PolicyService.java (.../PolicyService.java) (revision 351f9417a32d396911387eeef3117fd40be35b7c) @@ -13,6 +13,7 @@ import org.lamsfoundation.lams.policies.dto.UserPolicyConsentDTO; import org.lamsfoundation.lams.usermanagement.User; import org.lamsfoundation.lams.usermanagement.service.IUserManagementService; +import org.lamsfoundation.lams.web.filter.AuditLogFilter; public class PolicyService implements IPolicyService { @@ -24,25 +25,33 @@ public void storeUserConsent(String login, Long policyUid) { User user = userManagementService.getUserByLogin(login); Policy policy = policyDAO.getPolicyByUid(policyUid); - + PolicyConsent consent = new PolicyConsent(); consent.setUser(user); consent.setPolicy(policy); userManagementService.save(consent); } - + @Override public Policy getPolicyByUid(Long uid) { return policyDAO.getPolicyByUid(uid); } - + @Override public void togglePolicyStatus(Long policyUid) { Policy policy = policyDAO.getPolicyByUid(policyUid); - Integer newPolicyStatus = Policy.STATUS_ACTIVE.equals(policy.getPolicyStateId()) ? Policy.STATUS_INACTIVE : Policy.STATUS_ACTIVE; + Integer newPolicyStatus = null; + if (Policy.STATUS_ACTIVE.equals(policy.getPolicyStateId())) { + newPolicyStatus = Policy.STATUS_INACTIVE; + AuditLogFilter.log(AuditLogFilter.POLICY_DISABLE_ACTION, "policy name: " + policy.getPolicyName()); + } else { + newPolicyStatus = Policy.STATUS_ACTIVE; + AuditLogFilter.log(AuditLogFilter.POLICY_ENABLE_ACTION, "policy name: " + policy.getPolicyName()); + } policy.setPolicyStateId(newPolicyStatus); + userManagementService.save(policy); - + //in case policy gets activated, deactivate all its other versions if (Policy.STATUS_ACTIVE.equals(newPolicyStatus)) { Long policyId = policy.getPolicyId(); @@ -60,22 +69,22 @@ @Override public Collection getPoliciesOfDistinctVersions() { List policies = policyDAO.getAllPoliciesWithUserConsentsCount(); - + //calculate which policies have previous version instances - HashMap policyCount = new LinkedHashMap(); + HashMap policyCount = new LinkedHashMap<>(); for (Policy policy : policies) { Long policyId = policy.getPolicyId(); int previousVersionsCount = policyCount.get(policyId) == null ? 0 : policyCount.get(policyId); policyCount.put(policy.getPolicyId(), previousVersionsCount + 1); } - + //filter out older versioned policies - HashMap filteredPolicies = new LinkedHashMap(); + HashMap filteredPolicies = new LinkedHashMap<>(); for (Policy policy : policies) { Long policyId = policy.getPolicyId(); - boolean hasPreviousVersions = policyCount.get(policyId) != null && policyCount.get(policyId) > 1; + boolean hasPreviousVersions = policyCount.get(policyId) != null && policyCount.get(policyId) > 1; policy.setPreviousVersions(hasPreviousVersions); - + if (filteredPolicies.containsKey(policyId)) { Policy alreadyAddedPolicy = filteredPolicies.get(policyId); Integer policyStateId = policy.getPolicyStateId(); @@ -93,31 +102,31 @@ } else { filteredPolicies.put(policyId, policy); } - + } return filteredPolicies.values(); } - + @Override public List getPreviousVersionsPolicies(Long policyId) { return policyDAO.getPreviousVersionsPolicies(policyId); } - + @Override public boolean isPolicyConsentRequiredForUser(Integer userId) { return policyDAO.isPolicyConsentRequiredForUser(userId); } - + @Override public List getPolicyDtosByUser(Integer userId) { return policyDAO.getPolicyDtosByUser(userId); } - + @Override public List getConsentsByUserId(Integer userId) { return policyDAO.getConsentsByUserId(userId); } - + @Override public List getConsentDtosByPolicy(Long policyUid, int page, int size, String sortBy, String sortOrder, String searchString) { Index: lams_common/src/java/org/lamsfoundation/lams/security/SecurityService.java =================================================================== diff -u -r95f155cfbcac4d650cc30c18ef0d611cdd311db4 -r351f9417a32d396911387eeef3117fd40be35b7c --- lams_common/src/java/org/lamsfoundation/lams/security/SecurityService.java (.../SecurityService.java) (revision 95f155cfbcac4d650cc30c18ef0d611cdd311db4) +++ lams_common/src/java/org/lamsfoundation/lams/security/SecurityService.java (.../SecurityService.java) (revision 351f9417a32d396911387eeef3117fd40be35b7c) @@ -394,7 +394,8 @@ private void logAuditRoleFailure(Integer userId, String message) { User user = (User) securityDAO.find(User.class, userId); - AuditLogFilter.log(userId, user.getLogin(), "failed role check with message: " + message); + AuditLogFilter.log(user.getUserDTO(), AuditLogFilter.ROLE_CHECK_ACTION, + "failed role check with message: " + message); } public void setSecurityDAO(ISecurityDAO securityDAO) { Index: lams_common/src/java/org/lamsfoundation/lams/usermanagement/service/UserManagementService.java =================================================================== diff -u -r346836ed4a3680af233482b184e7371ec5b620bc -r351f9417a32d396911387eeef3117fd40be35b7c --- lams_common/src/java/org/lamsfoundation/lams/usermanagement/service/UserManagementService.java (.../UserManagementService.java) (revision 346836ed4a3680af233482b184e7371ec5b620bc) +++ lams_common/src/java/org/lamsfoundation/lams/usermanagement/service/UserManagementService.java (.../UserManagementService.java) (revision 351f9417a32d396911387eeef3117fd40be35b7c) @@ -81,6 +81,7 @@ import org.lamsfoundation.lams.util.LanguageUtil; import org.lamsfoundation.lams.util.MessageService; import org.lamsfoundation.lams.util.imgscalr.ResizePictureUtil; +import org.lamsfoundation.lams.web.filter.AuditLogFilter; import org.lamsfoundation.lams.web.session.SessionManager; import org.lamsfoundation.lams.web.util.AttributeNames; import org.springframework.beans.factory.InitializingBean; @@ -644,6 +645,7 @@ log.debug("deleting user " + user.getLogin()); delete(user); + AuditLogFilter.log(AuditLogFilter.USER_DELETE_ACTION, "user login: " + user.getLogin()); } else { log.error("Requested delete of a user who does not exist. User ID " + userId); } @@ -692,6 +694,8 @@ delete(uo); iter.remove(); } + + AuditLogFilter.log(AuditLogFilter.USER_DISABLE_ACTION, "user login: " + user.getLogin()); } @Override Index: lams_common/src/java/org/lamsfoundation/lams/web/filter/AuditLogFilter.java =================================================================== diff -u -r4b0d9e21b50492834354e6ef9671411d8dab9817 -r351f9417a32d396911387eeef3117fd40be35b7c --- lams_common/src/java/org/lamsfoundation/lams/web/filter/AuditLogFilter.java (.../AuditLogFilter.java) (revision 4b0d9e21b50492834354e6ef9671411d8dab9817) +++ lams_common/src/java/org/lamsfoundation/lams/web/filter/AuditLogFilter.java (.../AuditLogFilter.java) (revision 351f9417a32d396911387eeef3117fd40be35b7c) @@ -10,6 +10,7 @@ import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; +import org.apache.commons.lang.StringUtils; import org.apache.log4j.Logger; import org.lamsfoundation.lams.usermanagement.dto.UserDTO; import org.lamsfoundation.lams.web.session.SessionManager; @@ -30,6 +31,52 @@ private static final Set IGNORED_PATHS = Set.of("/lams/admin/userorgsave.do", "/lams/admin/userorgrolesave.do", "/lams/admin/userrolessave.do"); + public static final String CALL_ACTION = "endpoint_call"; + public static final String CONFIG_CHANGE_ACTION = "configuration_change"; + public static final String TIMEZONE_CHANGE_ACTION = "timezone_change"; + public static final String ACCOUNT_LOCKED_ACTION = "account_lock"; + + public static final String TOOL_ENABLED_ACTION = "tool_enable_action"; + public static final String TOOL_DISABLE_ACTION = "tool_disable_action"; + + public static final String USER_ADD_ACTION = "user_add"; + public static final String USER_DELETE_ACTION = "user_delete"; + public static final String USER_EDIT_ACTION = "user_edit"; + public static final String USER_ENABLE_ACTION = "user_enable"; + public static final String USER_DISABLE_ACTION = "user_disable"; + public static final String USER_BULK_ADD_ACTION = "user_bulk_add"; + + public static final String ROLE_CHECK_ACTION = "role_check"; + public static final String ROLE_ADD_ACTION = "org_role_add"; + public static final String USER_ENROLL_ACTION = "user_enroll"; + public static final String USER_UNENROLL_ACTION = "user_unenroll"; + + public static final String ORGANISATION_ADD_ACTION = "org_add"; + public static final String ORGANISATION_STATE_CHANGE_ACTION = "org_state_change"; + public static final String ORGANISATION_EDIT_ACTION = "org_edit"; + + public static final String LESSON_CLONE_ACTION = "lesson_clone"; + public static final String LESSON_REMOVE_PERMAMENTLY_ACTION = "lesson_remove_perm"; + + public static final String INTEGRATED_SERVER_ADD_ACTION = "integrated_server_add"; + public static final String INTEGRATED_SERVER_DELETE_ACTION = "integrated_server_delete"; + public static final String INTEGRATED_SERVER_DISABLE_ACTION = "integrated_server_disable"; + public static final String INTEGRATED_SERVER_ENABLE_ACTION = "integrated_server_enable"; + public static final String INTEGRATED_SERVER_EDIT_ACTION = "integrated_server_edit"; + + public static final String LTI_INTEGRATED_SERVER_ADD_ACTION = "lti_integrated_server_add"; + public static final String LTI_INTEGRATED_SERVER_DELETE_ACTION = "lti_integrated_server_delete"; + public static final String LTI_INTEGRATED_SERVER_DISABLE_ACTION = "lti_integrated_server_disable"; + public static final String LTI_INTEGRATED_SERVER_ENABLE_ACTION = "lti_integrated_server_enable"; + public static final String LTI_INTEGRATED_SERVER_EDIT_ACTION = "lti_integrated_server_edit"; + + public static final String POLICY_ADD_ACTION = "policy_add"; + public static final String POLICY_ENABLE_ACTION = "policy_enable"; + public static final String POLICY_DISABLE_ACTION = "policy_disable"; + + public static final String SIGNUP_PAGE_ADD_ACTION = "signup_page_add"; + public static final String SIGNUP_PAGE_DELETE_ACTION = "signup_page_delete"; + @Override public final void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException { @@ -66,7 +113,7 @@ logMessageBuilder.delete(logMessageBuilder.length() - 2, logMessageBuilder.length()); } - AuditLogFilter.log(logMessageBuilder); + AuditLogFilter.log(CALL_ACTION, logMessageBuilder); } } catch (Exception e) { logger.error("Exception while logging to audit log", e); @@ -77,27 +124,41 @@ // utility methods to call from controllers - public static final void log(CharSequence message) { + public static final void log(String action, CharSequence message) { // look for user information UserDTO user = AuditLogFilter.getUserDto(); - AuditLogFilter.log(user.getUserID(), user.getLogin(), message); + AuditLogFilter.log(user, action, message); } - public static final void log(Integer userId, String userName, CharSequence message) { - StringBuilder logMessageBuilder = new StringBuilder(); + public static final void log(UserDTO user, String action, CharSequence message) { + if (user == null) { + AuditLogFilter.log(null, null, null, action, message); + } else { + AuditLogFilter.log(user.getLogin(), user.getFirstName(), user.getLastName(), action, message); + } + } - if (userId == null) { - logMessageBuilder.append("Unauthenticated user "); + public static final void log(String login, String firstName, String lastName, String action, CharSequence message) { + StringBuilder logMessageBuilder = new StringBuilder("| "); + + if (StringUtils.isBlank(login)) { + logMessageBuilder.append("Unauthenticated user | "); } else { - logMessageBuilder.append("\"").append(userName).append("\" (").append(userId).append(") "); + if (StringUtils.isNotBlank(firstName)) { + logMessageBuilder.append(firstName).append(" "); + } + if (StringUtils.isNotBlank(lastName)) { + logMessageBuilder.append(lastName).append(" "); + } + logMessageBuilder.append("(").append(login).append(") | "); } - logMessageBuilder.append(message); + logMessageBuilder.append(action).append(" | ").append(message); logger.info(logMessageBuilder); } private static final UserDTO getUserDto() { HttpSession ss = SessionManager.getSession(); return (UserDTO) ss.getAttribute(AttributeNames.USER); } -} +} \ No newline at end of file Index: lams_monitoring/src/java/org/lamsfoundation/lams/monitoring/service/MonitoringService.java =================================================================== diff -u -re9e7042e16de3421b8c0cd6b1cf6c59dede544b4 -r351f9417a32d396911387eeef3117fd40be35b7c --- lams_monitoring/src/java/org/lamsfoundation/lams/monitoring/service/MonitoringService.java (.../MonitoringService.java) (revision e9e7042e16de3421b8c0cd6b1cf6c59dede544b4) +++ lams_monitoring/src/java/org/lamsfoundation/lams/monitoring/service/MonitoringService.java (.../MonitoringService.java) (revision 351f9417a32d396911387eeef3117fd40be35b7c) @@ -117,6 +117,7 @@ import org.lamsfoundation.lams.util.NumberUtil; import org.lamsfoundation.lams.util.excel.ExcelRow; import org.lamsfoundation.lams.util.excel.ExcelSheet; +import org.lamsfoundation.lams.web.filter.AuditLogFilter; import org.lamsfoundation.lams.web.session.SessionManager; import org.lamsfoundation.lams.web.util.AttributeNames; import org.quartz.JobBuilder; @@ -2837,6 +2838,11 @@ // start lesson; passing creatorId as this parameter is only used for security check whether user is allowed to start a lesson this.startLesson(newLesson.getLessonId(), creatorId); + StringBuilder logMessageBuilder = new StringBuilder("cloned lesson \"") + .append(lesson.getLessonName()).append("\" from organisation \"") + .append(lesson.getOrganisation().getName()).append("\" to \"").append(group.getName()) + .append("\""); + AuditLogFilter.log(AuditLogFilter.LESSON_CLONE_ACTION, logMessageBuilder); } else { throw new MonitoringServiceException("No learners specified, can't create any Lessons."); }