From 9875b41e5a1163b5abc3690c9086723a3eb6e33d Mon Sep 17 00:00:00 2001
From: "Maria Odea B. Ching" <oching@apache.org>
Date: Wed, 9 Dec 2009 11:03:55 +0000
Subject: [PATCH] [MRM-1296] audit logging report o added action class & jsp
 file for audit log report o implement security restriction

git-svn-id: https://svn.apache.org/repos/asf/archiva/branches/MRM-1296@888768 13f79535-47bb-0310-9956-ffa450edef68
---
 .../security/ArchivaRoleConstants.java        |   2 +
 .../resources/META-INF/redback/redback.xml    |  11 ++
 .../reports/ViewAuditLogReportAction.java     | 159 ++++++++++++++++++
 .../src/main/resources/struts.xml             |  10 ++
 .../webapp/WEB-INF/jsp/decorators/default.jsp |   9 +-
 .../WEB-INF/jsp/reports/auditLogReport.jsp    |  88 ++++++++++
 6 files changed, 277 insertions(+), 2 deletions(-)
 create mode 100644 archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/reports/ViewAuditLogReportAction.java
 create mode 100644 archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/reports/auditLogReport.jsp

diff --git a/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaRoleConstants.java b/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaRoleConstants.java
index 7c6f7b76d..396f9250a 100644
--- a/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaRoleConstants.java
+++ b/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaRoleConstants.java
@@ -65,6 +65,8 @@ public class ArchivaRoleConstants
     public static final String OPERATION_REPOSITORY_UPLOAD = "archiva-upload-repository";
 
     public static final String OPERATION_REPOSITORY_DELETE = "archiva-delete-artifact";
+    
+    public static final String OPERATION_VIEW_AUDIT_LOG = "archiva-view-audit-logs";
 
     // Role templates
     public static final String TEMPLATE_REPOSITORY_MANAGER = "archiva-repository-manager";
diff --git a/archiva-modules/archiva-web/archiva-security/src/main/resources/META-INF/redback/redback.xml b/archiva-modules/archiva-web/archiva-security/src/main/resources/META-INF/redback/redback.xml
index 235537e05..55b30e09e 100644
--- a/archiva-modules/archiva-web/archiva-security/src/main/resources/META-INF/redback/redback.xml
+++ b/archiva-modules/archiva-web/archiva-security/src/main/resources/META-INF/redback/redback.xml
@@ -65,6 +65,11 @@
           <name>archiva-access-repository</name>
           <description>Access Archiva Repository</description>
         </operation>
+        <operation>
+          <id>archiva-view-audit-logs</id>
+          <name>archiva-view-audit-logs</name>
+          <description>View Archiva Audit Logs</description>
+        </operation>
         <operation>
           <id>archiva-guest</id>
           <name>archiva-guest</name>
@@ -219,6 +224,12 @@
               <operation>archiva-upload-repository</operation>
               <resource>${resource}</resource>
             </permission>
+            <permission>
+              <id>archiva-view-audit-logs</id>
+              <name>Archiva View Audit Logs</name>
+              <operation>archiva-view-audit-logs</operation>
+              <resource>${resource}</resource>
+            </permission>
           </permissions>
           <childTemplates>
             <childTemplate>archiva-repository-observer</childTemplate>
diff --git a/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/reports/ViewAuditLogReportAction.java b/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/reports/ViewAuditLogReportAction.java
new file mode 100644
index 000000000..8aae78e7b
--- /dev/null
+++ b/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/reports/ViewAuditLogReportAction.java
@@ -0,0 +1,159 @@
+package org.apache.maven.archiva.web.action.reports;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.apache.maven.archiva.security.AccessDeniedException;
+import org.apache.maven.archiva.security.ArchivaSecurityException;
+import org.apache.maven.archiva.security.PrincipalNotFoundException;
+import org.apache.maven.archiva.security.UserRepositories;
+import org.apache.maven.archiva.web.action.PlexusActionSupport;
+import org.apache.struts2.interceptor.ServletRequestAware;
+import org.codehaus.redback.integration.interceptor.SecureAction;
+import org.codehaus.redback.integration.interceptor.SecureActionBundle;
+import org.codehaus.redback.integration.interceptor.SecureActionException;
+
+import com.opensymphony.xwork2.Preparable;
+
+/**
+ * @plexus.component role="com.opensymphony.xwork2.Action" role-hint="viewAuditLogReport" instantiation-strategy="per-lookup"
+ */
+public class ViewAuditLogReportAction
+    extends PlexusActionSupport
+    implements SecureAction, ServletRequestAware, Preparable
+{    
+    protected HttpServletRequest request;
+    
+    /**
+     * @plexus.requirement
+     */
+    private UserRepositories userRepositories;
+    
+    private String repository;
+
+    private List<String> repositories;
+    
+    private String groupId;
+    
+    private String artifactId;
+        
+    private int rowCount = 30;
+    
+    public int getRowCount()
+    {
+        return rowCount;
+    }
+
+    public void setRowCount( int rowCount )
+    {
+        this.rowCount = rowCount;
+    }
+
+    public SecureActionBundle getSecureActionBundle()
+        throws SecureActionException
+    {        
+        return null;
+    }
+
+    public void setServletRequest( HttpServletRequest request )
+    {   
+        this.request = request;
+    }
+
+    public void prepare()
+        throws Exception
+    {     
+        repositories = getObservableRepositories();
+        
+        
+    }
+    
+    public String execute()
+        throws Exception
+    {
+        return SUCCESS;
+    }
+    
+    private List<String> getObservableRepositories()
+    {
+        try
+        {
+            return userRepositories.getObservableRepositoryIds( getPrincipal() );
+        }
+        catch ( PrincipalNotFoundException e )
+        {
+            log.warn( e.getMessage(), e );
+        }
+        catch ( AccessDeniedException e )
+        {
+            log.warn( e.getMessage(), e );
+        }
+        catch ( ArchivaSecurityException e )
+        {
+            log.warn( e.getMessage(), e );
+        }
+        return Collections.emptyList();
+    }
+    
+    public String getRepository()
+    {
+        return repository;
+    }
+
+    public void setRepository( String repository )
+    {
+        this.repository = repository;
+    }
+
+    public List<String> getRepositories()
+    {
+        return repositories;
+    }
+
+    public void setRepositories( List<String> repositories )
+    {
+        this.repositories = repositories;
+    }
+
+    public String getGroupId()
+    {
+        return groupId;
+    }
+
+    public void setGroupId( String groupId )
+    {
+        this.groupId = groupId;
+    }
+
+    public String getArtifactId()
+    {
+        return artifactId;
+    }
+
+    public void setArtifactId( String artifactId )
+    {
+        this.artifactId = artifactId;
+    }
+}
diff --git a/archiva-modules/archiva-web/archiva-webapp/src/main/resources/struts.xml b/archiva-modules/archiva-web/archiva-webapp/src/main/resources/struts.xml
index 8df1acfdd..138843335 100644
--- a/archiva-modules/archiva-web/archiva-webapp/src/main/resources/struts.xml
+++ b/archiva-modules/archiva-web/archiva-webapp/src/main/resources/struts.xml
@@ -523,6 +523,16 @@
       </result>
     </action>
     
+    <!--  audit logs -->
+    <action name="queryAuditLogReport" class="viewAuditLogReport" method="input">
+      <result name="input">/WEB-INF/jsp/reports/auditLogReport.jsp</result>
+    </action>
+    
+    <action name="viewAuditLogReport" class="viewAuditLogReport">
+      <result name="input">/WEB-INF/jsp/reports/auditLogReport.jsp</result>
+      <result>/WEB-INF/jsp/reports/auditLogReport.jsp</result>
+    </action>
+    
   </package>
 </struts>
 
diff --git a/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/decorators/default.jsp b/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/decorators/default.jsp
index 52ec32bbe..5e5dffa13 100644
--- a/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/decorators/default.jsp
+++ b/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/decorators/default.jsp
@@ -80,7 +80,7 @@
       </li>
     </ul>
 
-    <redback:ifAnyAuthorized permissions="archiva-upload-repository,archiva-delete-artifact,archiva-manage-users,archiva-access-reports,archiva-manage-configuration">
+    <redback:ifAnyAuthorized permissions="archiva-upload-repository,archiva-delete-artifact,archiva-manage-users,archiva-access-reports,archiva-manage-configuration,archiva-view-audit-logs">
       <h5>Manage</h5>
       <ul>
         <redback:ifAuthorized permission="archiva-access-reports">
@@ -88,6 +88,11 @@
             <my:currentWWUrl action="pickReport" namespace="/report">Reports</my:currentWWUrl>
           </li>
         </redback:ifAuthorized>
+        <redback:ifAuthorized permission="archiva-view-audit-logs">
+          <li class="none">
+            <my:currentWWUrl action="queryAuditLogReport" namespace="/report">Audit Log Reports</my:currentWWUrl>
+          </li>
+        </redback:ifAuthorized>
         <redback:ifAuthorized permission="archiva-manage-users">
           <li class="none">
             <my:currentWWUrl action="userlist" namespace="/security">User Management</my:currentWWUrl>
@@ -112,7 +117,7 @@
           <li class="none">
             <my:currentWWUrl action="deleteArtifact" namespace="/">Delete Artifact</my:currentWWUrl>
           </li>
-        </redback:ifAuthorized>
+        </redback:ifAuthorized>        
           <%-- TODO: future options here.
              * Repository Statistics.
              * Web Services Statistics.
diff --git a/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/reports/auditLogReport.jsp b/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/reports/auditLogReport.jsp
new file mode 100644
index 000000000..bf4629712
--- /dev/null
+++ b/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/reports/auditLogReport.jsp
@@ -0,0 +1,88 @@
+<%--
+  ~ Licensed to the Apache Software Foundation (ASF) under one
+  ~ or more contributor license agreements.  See the NOTICE file
+  ~ distributed with this work for additional information
+  ~ regarding copyright ownership.  The ASF licenses this file
+  ~ to you under the Apache License, Version 2.0 (the
+  ~ "License"); you may not use this file except in compliance
+  ~ with the License.  You may obtain a copy of the License at
+  ~
+  ~   http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~ Unless required by applicable law or agreed to in writing,
+  ~ software distributed under the License is distributed on an
+  ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  ~ KIND, either express or implied.  See the License for the
+  ~ specific language governing permissions and limitations
+  ~ under the License.
+  --%>
+
+<%@ taglib prefix="s" uri="/struts-tags" %>
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
+
+<html>
+<head>
+
+  <title>Audit Log Report</title>
+  <s:head theme="ajax" />
+  
+  <link rel="stylesheet" href="<c:url value='/css/ui.datepicker.css'/>" type="text/css" media="all"/>
+  <script type="text/javascript" src="<c:url value='/js/jquery/jquery-1.2.6.pack.js'/>"></script>
+  <script type="text/javascript" src="<c:url value='/js/jquery/ui.datepicker.packed.js'/>"></script>
+  <script type="text/javascript" charset="utf-8">
+    $(document).ready(function()
+    {
+		$('#startDate').datepicker()
+		$('#endDate').datepicker()
+    });
+  </script>
+</head>
+
+<body>
+<h1>Audit Log Report</h1>
+  
+<div id="contentArea">
+  
+  <s:form action="viewAuditLogReport" namespace="/report" validate="false">
+  
+    <div id="auditLogReport"> 	
+	   	<s:select label="Repository" name="repository" list="repositories"/>
+	   	
+	   	<s:textfield label="Group ID" id="groupId" name="groupId"/>
+	   	
+	   	<s:textfield label="Artifact ID" id="artifactId" name="artifactId"/>
+	   	
+		<s:textfield label="Start Date" id="startDate" name="startDate"/>	      
+	    <%--
+	    <script type="text/javascript">
+	      Calendar.setup({
+	        inputField     :    "startDate",     
+	        ifFormat       :    "%Y-%m-%d",             
+	        align          :    "Tl",           
+	        singleClick    :    true
+	      });
+	    </script>
+	    --%>
+		
+		<s:textfield label="End Date" id="endDate" name="endDate"/>
+		<%--
+		<script type="text/javascript">
+	      Calendar.setup({
+	        inputField     :    "endDate",     
+	        ifFormat       :    "%Y-%m-%d",             
+	        align          :    "Tl",           
+	        singleClick    :    true
+	      });
+	    </script>
+		--%>    
+		
+		<s:textfield label="Row Count" name="rowCount" />
+		
+	    <s:submit value="View Audit Log"/>
+    </div>
+  </s:form>    
+
+</div>
+
+</body>
+</html>
-- 
2.39.5