293 lines
12 KiB
Plaintext
293 lines
12 KiB
Plaintext
(:~
|
|
: Library to control audit.
|
|
:
|
|
: @author Rave Technologies, https://www.rave-tech.com/, 2017
|
|
:)
|
|
|
|
module namespace audit = 'http://www.rave-tech.com/bloomsbury/audit';
|
|
import module namespace config = 'http://www.rave-tech.com/bloomsbury/config' at 'config.xqm';
|
|
import module namespace blcommon = 'http://www.rave-tech.com/bloomsbury/common' at '../common.xqm';
|
|
|
|
(:~
|
|
: Add or append audit information whenever new user introduced into the system.
|
|
: @param $userID User ID of the new user
|
|
: @param $actionType The action of the user
|
|
: @param $sessionValue Session Value
|
|
: @return empty sequence
|
|
:)
|
|
declare %updating function audit:add-update-user(
|
|
$userID as xs:string,
|
|
$actionType as xs:string,
|
|
$sessionValue as xs:string
|
|
)
|
|
{
|
|
let $auditChunk := <audit>
|
|
<id>{random:uuid()}</id>
|
|
<requester-id>{fn:substring-before($sessionValue,'$$$$')}</requester-id>
|
|
<requester-email>{fn:substring-after($sessionValue,'$$$$')}</requester-email>
|
|
<type>{$actionType}</type>
|
|
<date-time>{fn:adjust-dateTime-to-timezone(convert:integer-to-dateTime(prof:current-ms()))}</date-time>
|
|
</audit>
|
|
let $auditUri := fn:concat($config:UserDir,$config:AuditDir,$userID,'_',$config:AuditFileName)
|
|
return
|
|
if(db:open($config:CoreDatabase,$auditUri))
|
|
then insert node $auditChunk as last into db:open($config:CoreDatabase,$auditUri)/audits
|
|
else db:add($config:CoreDatabase,<audits failed-logins='0'>{$auditChunk}</audits>,$auditUri)
|
|
|
|
};
|
|
|
|
(:~
|
|
: Append audit information whenever user information will change, specifc actions only
|
|
: @param $userID User ID of the new user
|
|
: @param $actionType The action of the user
|
|
: @return empty sequence
|
|
:)
|
|
declare %updating function audit:user(
|
|
$userID as xs:string,
|
|
$actionType as xs:string
|
|
)
|
|
{
|
|
let $auditChunk := <audit>
|
|
<id>{random:uuid()}</id>
|
|
<type>{$actionType}</type>
|
|
<date-time>{fn:adjust-dateTime-to-timezone(convert:integer-to-dateTime(prof:current-ms()))}</date-time>
|
|
</audit>
|
|
let $auditUri := fn:concat($config:UserDir,$config:AuditDir,$userID,'_',$config:AuditFileName)
|
|
let $failedAttempts := fn:number(db:open($config:CoreDatabase,$auditUri)/audits/@failed-logins/string())
|
|
return
|
|
(
|
|
insert node $auditChunk as last into db:open($config:CoreDatabase,$auditUri)/audits
|
|
,
|
|
if($actionType='Login Success')
|
|
then replace value of node db:open($config:CoreDatabase,$auditUri)/audits/@failed-logins with '0'
|
|
else
|
|
if($actionType='Login Failure')
|
|
then
|
|
(
|
|
replace value of node db:open($config:CoreDatabase,$auditUri)/audits/@failed-logins with fn:sum($failedAttempts + 1)
|
|
,
|
|
if(($failedAttempts + 1) ge $config:LoginAttempt)
|
|
then
|
|
(
|
|
replace node db:open($config:CoreDatabase,fn:concat($config:UserDir,$userID,'.xml'))/user/locked with <locked>Yes</locked>,
|
|
insert node <audit><id>{random:uuid()}</id><type>Account Locked</type><date-time>{fn:adjust-dateTime-to-timezone(convert:integer-to-dateTime(prof:current-ms()))}</date-time></audit> as last into db:open($config:CoreDatabase,$auditUri)/audits
|
|
)
|
|
else ()
|
|
)
|
|
else ()
|
|
)
|
|
};
|
|
|
|
(:~
|
|
: Add or append audit information whenever new taxonomy introduced into the system or edit.
|
|
: @param $taxonomyID ID of the taxonomy to add/edit
|
|
: @param $actionType The action of the user
|
|
: @param $sessionValue Session Value
|
|
: @return empty sequence
|
|
:)
|
|
declare %updating function audit:taxonomy(
|
|
$taxonomyID as xs:string,
|
|
$actionType as xs:string,
|
|
$sessionValue as xs:string
|
|
)
|
|
{
|
|
let $auditChunk := <audit>
|
|
<id>{random:uuid()}</id>
|
|
<requester-id>{fn:substring-before($sessionValue,'$$$$')}</requester-id>
|
|
<requester-email>{fn:substring-after($sessionValue,'$$$$')}</requester-email>
|
|
<type>{$actionType}</type>
|
|
<date-time>{fn:adjust-dateTime-to-timezone(convert:integer-to-dateTime(prof:current-ms()))}</date-time>
|
|
</audit>
|
|
let $auditUri := fn:concat($config:TaxonomyDir,$config:AuditDir,$taxonomyID,'_',$config:AuditFileName)
|
|
return
|
|
if(db:open($config:CoreDatabase,$auditUri))
|
|
then insert node $auditChunk as last into db:open($config:CoreDatabase,$auditUri)/audits
|
|
else db:add($config:CoreDatabase,<audits>{$auditChunk}</audits>,$auditUri)
|
|
};
|
|
|
|
|
|
(:~
|
|
: Add or append audit information whenever new pipeline introduced into the system or edit.
|
|
: @param $pipelineID ID of the pipeline to add/edit
|
|
: @param $actionType The action of the user
|
|
: @param $sessionValue Session Value
|
|
: @return empty sequence
|
|
:)
|
|
declare %updating function audit:pipeline(
|
|
$pipelineID as xs:string,
|
|
$actionType as xs:string,
|
|
$sessionValue as xs:string
|
|
)
|
|
{
|
|
let $auditChunk := <audit>
|
|
<id>{random:uuid()}</id>
|
|
<requester-id>{fn:substring-before($sessionValue,'$$$$')}</requester-id>
|
|
<requester-email>{fn:substring-after($sessionValue,'$$$$')}</requester-email>
|
|
<type>{$actionType}</type>
|
|
<date-time>{fn:adjust-dateTime-to-timezone(convert:integer-to-dateTime(prof:current-ms()))}</date-time>
|
|
</audit>
|
|
let $auditUri := fn:concat($config:PipelineDir,$config:AuditDir,$pipelineID,'_',$config:AuditFileName)
|
|
return
|
|
if(db:open($config:CoreDatabase,$auditUri))
|
|
then insert node $auditChunk as last into db:open($config:CoreDatabase,$auditUri)/audits
|
|
else db:add($config:CoreDatabase,<audits>{$auditChunk}</audits>,$auditUri)
|
|
};
|
|
|
|
(:~
|
|
: Add/append audit information whenever new/edit the product.
|
|
: @param $productID ID of the product to add/edit
|
|
: @param $actionType The action of the user
|
|
: @param $sessionValue Session Value
|
|
: @return empty sequence
|
|
:)
|
|
declare %updating function audit:product(
|
|
$productID as xs:string,
|
|
$actionType as xs:string,
|
|
$sessionValue as xs:string
|
|
)
|
|
{
|
|
let $auditUri := fn:concat($config:ProductDir,$productID,'/',$config:AuditFileName)
|
|
|
|
let $version := let $versionControlUri := fn:concat($config:CoreDatabase,fn:replace($auditUri,$config:AuditFileName,$config:VersionControlFileName))
|
|
return
|
|
if(fn:doc-available($versionControlUri))
|
|
then fn:sum(fn:max(fn:doc($versionControlUri)/versions/version/@number) + 1)
|
|
else 1
|
|
let $auditChunk := <audit>
|
|
<id>{random:uuid()}</id>
|
|
<requester-id>{fn:substring-before($sessionValue,'$$$$')}</requester-id>
|
|
<requester-email>{fn:substring-after($sessionValue,'$$$$')}</requester-email>
|
|
<version>{$version}</version>
|
|
<type>{$actionType}</type>
|
|
<date-time>{fn:adjust-dateTime-to-timezone(convert:integer-to-dateTime(prof:current-ms()))}</date-time>
|
|
</audit>
|
|
return
|
|
if(db:open($config:CoreDatabase,$auditUri))
|
|
then insert node $auditChunk as last into db:open($config:CoreDatabase,$auditUri)/audits
|
|
else db:add($config:CoreDatabase,<audits>{$auditChunk}</audits>,$auditUri)
|
|
};
|
|
|
|
(:~
|
|
: Add/append audit information whenever content ingest into the system`.
|
|
: @param $auditUri Location of the audit file to update
|
|
: @param $sessionValue Session Value
|
|
: @return empty sequence
|
|
:)
|
|
declare %updating function audit:content-ingest($ctype as xs:string ,$auditUri as xs:string, $sessionValue as xs:string)
|
|
{
|
|
let $AuditChunk := <audit>
|
|
<id>{random:uuid()}</id>
|
|
<requester-id>{fn:substring-before($sessionValue,'$$$$')}</requester-id>
|
|
<requester-email>{fn:substring-after($sessionValue,'$$$$')}</requester-email>
|
|
<type>Ingestion</type>
|
|
<version>1</version>
|
|
<date-time>{fn:adjust-dateTime-to-timezone(convert:integer-to-dateTime(prof:current-ms()))}</date-time>
|
|
</audit>
|
|
let $IsAudit := if(db:open($config:AuditDatabase,fn:concat($ctype,'/',$auditUri))) then fn:true() else fn:false()
|
|
return
|
|
if($IsAudit)
|
|
then
|
|
(
|
|
insert node $AuditChunk into db:open($config:AuditDatabase,fn:concat($ctype,'/'/$auditUri))/audits,
|
|
config:update-message("[Content Ingest][Audit record has been updated " || $auditUri || "]")
|
|
)
|
|
else
|
|
(
|
|
db:add($config:AuditDatabase,<audits>{$AuditChunk}</audits>,fn:concat($ctype,'/',$auditUri)),
|
|
config:update-message("[Content Ingest][Audit record has been created " || $auditUri || "]")
|
|
)
|
|
};
|
|
|
|
|
|
|
|
(:~
|
|
: Add/append audit information whenever user will perfom some action on content
|
|
: @param $contentUri URI of the content to download
|
|
: @param $sessionValue Session Value
|
|
: @param $action Audit action (download,checkout,undo checkout,delete)
|
|
: @return empty sequence
|
|
:)
|
|
declare %updating function audit:update(
|
|
$contentUri as xs:string,
|
|
$ctype as xs:string,
|
|
$sessionValue as xs:string,
|
|
$action as xs:string
|
|
)
|
|
{
|
|
let $cid := fn:substring-before(fn:substring-before(fn:substring-after($contentUri,$config:ContentDir),$config:ContentDir),'/')
|
|
let $coid := fn:substring-after(fn:substring-before(fn:substring-after($contentUri,$config:ContentDir),$config:ContentDir),'/')
|
|
(:let $auditUri := fn:concat(blcommon:get-db-name($ctype),$config:ContentDir,$cid,'/',$coid,'/',$config:AuditFileName):)
|
|
let $auditUri := fn:concat($config:AuditDatabase,'/',$ctype,$config:ContentDir,$cid,'/',$coid,'/',$config:AuditFileName)
|
|
let $version := let $versionUri := fn:concat($ctype,$config:ContentDir,$cid,'/',$coid,'/',$config:VersionControlFileName)
|
|
|
|
return
|
|
if(fn:doc-available($versionUri))
|
|
then
|
|
let $versionXml := fn:doc($versionUri)
|
|
let $version := $versionXml/versions/version[@uri=$contentUri]/@number/string()
|
|
return
|
|
if($version)
|
|
then $version
|
|
else fn:sum(fn:max($versionXml/versions/version/@number) + 1)
|
|
else 1
|
|
let $AuditChunk := <audit>
|
|
<id>{random:uuid()}</id>
|
|
<requester-id>{fn:substring-before($sessionValue,'$$$$')}</requester-id>
|
|
<requester-email>{fn:substring-after($sessionValue,'$$$$')}</requester-email>
|
|
<type>{$action}</type>
|
|
<version>{$version}</version>
|
|
<date-time>{fn:adjust-dateTime-to-timezone(convert:integer-to-dateTime(prof:current-ms()))}</date-time>
|
|
</audit>
|
|
let $IsAudit := if(fn:doc-available($auditUri)) then fn:true() else fn:false()
|
|
return
|
|
if($IsAudit)
|
|
then
|
|
(
|
|
insert node $AuditChunk into fn:doc($auditUri)/audits,
|
|
config:update-message("[Audit Record][Audit record has been updated " || $auditUri || "]")
|
|
)
|
|
else
|
|
(
|
|
db:add(blcommon:get-db-name($ctype),<audits>{$AuditChunk}</audits>,fn:substring-after($auditUri,fn:concat($config:CoreDatabase,'/'))),
|
|
config:update-message("[Audit Record][Audit record has been created " || $auditUri || "]")
|
|
)
|
|
};
|
|
|
|
|
|
(:~
|
|
: Add or append audit information whenever new metadata introduced into the system or edit.
|
|
: @param $cid ID of the content to add/edit
|
|
: @param $coid ID of the component to add/edit
|
|
: @param $actionType The action of the user
|
|
: @param $sessionValue Session Value
|
|
: @return empty sequence
|
|
:)
|
|
declare %updating function audit:add-update-metadata(
|
|
$ctype as xs:string,
|
|
$cid as xs:string,
|
|
$coid as xs:string,
|
|
$actionType as xs:string,
|
|
$sessionValue as xs:string
|
|
)
|
|
{
|
|
let $auditChunk := <audit>
|
|
<id>{random:uuid()}</id>
|
|
<requester-id>{fn:substring-before($sessionValue,'$$$$')}</requester-id>
|
|
<requester-email>{fn:substring-after($sessionValue,'$$$$')}</requester-email>
|
|
<type>{$actionType}</type>
|
|
<date-time>{fn:adjust-dateTime-to-timezone(convert:integer-to-dateTime(prof:current-ms()))}</date-time>
|
|
</audit>
|
|
let $auditUri := fn:concat('/',$ctype,$config:ContentDir,$cid,'/',$coid,'/metadata/',$config:AuditFileName)
|
|
return
|
|
if(fn:doc-available(fn:concat($config:ContentMetadataDatabse,$auditUri)))
|
|
then
|
|
(
|
|
insert node $auditChunk into fn:doc(fn:concat($config:ContentMetadataDatabse,$auditUri))/audits,
|
|
config:update-message("[Update metadata][Audit record has been updated " || $auditUri || "]")
|
|
)
|
|
else
|
|
(
|
|
db:add($config:ContentMetadataDatabse,<audits>{$auditChunk}</audits>,$auditUri),
|
|
config:update-message("[Metadata Add][Audit record has been created " || $auditUri || "]")
|
|
)
|
|
}; |