Merge pull request #12732 from PasanT9/doc-audit

Add audit logs for API documents

components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/APIConstants.java

@@ -2191,6 +2191,8 @@ public static class AuditLogConstants {
         public static final String APPLICATION = "Application";
         public static final String SUBSCRIPTION = "Subscription";
         public static final String KEY_MANAGER = "KeyManager/IdP";
+        public static final String DOCUMENT = "Document";
+        public static final String DOCUMENT_CONTENT = "DocumentContent";
 
         public static final String NAME = "name";
         public static final String SCOPE = "scope";
@@ -2200,6 +2202,9 @@ public static class AuditLogConstants {
         public static final String PROVIDER = "provider";
         public static final String OWNER = "owner";
         public static final String TIER = "tier";
+        public static final String API_ID = "apiId";
+        public static final String DOCUMENT_ID = "documentId";
+        public static final String TYPE = "type";
         public static final String REQUESTED_TIER = "requested_tier";
         public static final String CALLBACK = "callbackURL";
         public static final String GROUPS = "groups";

components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/APIProviderImpl.java

@@ -2327,6 +2327,11 @@ public String retrieveServiceKeyByApiId(int apiId, int tenantId) throws APIManag
     public void removeDocumentation(String apiId, String docId, String organization) throws APIManagementException {
         try {
             apiPersistenceInstance.deleteDocumentation(new Organization(organization), apiId, docId);
+            JSONObject apiLogObject = new JSONObject();
+            apiLogObject.put(APIConstants.AuditLogConstants.DOCUMENT_ID, docId);
+            apiLogObject.put(APIConstants.AuditLogConstants.API_ID, apiId);
+            APIUtil.logAuditMessage(APIConstants.AuditLogConstants.DOCUMENT, apiLogObject.toString(),
+                    APIConstants.AuditLogConstants.DELETED, this.username);
         } catch (DocumentationPersistenceException e) {
             throw new APIManagementException("Error while deleting the document " + docId);
         }
@@ -2351,6 +2356,13 @@ public Documentation updateDocumentation(String apiId, Documentation documentati
                 org.wso2.carbon.apimgt.persistence.dto.Documentation updatedDoc = apiPersistenceInstance
                         .updateDocumentation(new Organization(organization), apiId, mappedDoc);
                 if (updatedDoc != null) {
+                    JSONObject apiLogObject = new JSONObject();
+                    apiLogObject.put(APIConstants.AuditLogConstants.NAME, documentation.getName());
+                    apiLogObject.put(APIConstants.AuditLogConstants.TYPE, documentation.getType());
+                    apiLogObject.put(APIConstants.AuditLogConstants.DOCUMENT_ID, documentation.getId());
+                    apiLogObject.put(APIConstants.AuditLogConstants.API_ID, apiId);
+                    APIUtil.logAuditMessage(APIConstants.AuditLogConstants.DOCUMENT, apiLogObject.toString(),
+                            APIConstants.AuditLogConstants.UPDATED, this.username);
                     return DocumentMapper.INSTANCE.toDocumentation(updatedDoc);
                 }
             } catch (DocumentationPersistenceException e) {
@@ -2370,6 +2382,13 @@ public Documentation addDocumentation(String uuid, Documentation documentation,
                 org.wso2.carbon.apimgt.persistence.dto.Documentation addedDoc = apiPersistenceInstance.addDocumentation(
                         new Organization(organization), uuid, mappedDoc);
                 if (addedDoc != null) {
+                    JSONObject apiLogObject = new JSONObject();
+                    apiLogObject.put(APIConstants.AuditLogConstants.NAME, addedDoc.getName());
+                    apiLogObject.put(APIConstants.AuditLogConstants.TYPE, addedDoc.getType());
+                    apiLogObject.put(APIConstants.AuditLogConstants.DOCUMENT_ID, addedDoc.getId());
+                    apiLogObject.put(APIConstants.AuditLogConstants.API_ID, uuid);
+                    APIUtil.logAuditMessage(APIConstants.AuditLogConstants.DOCUMENT, apiLogObject.toString(),
+                            APIConstants.AuditLogConstants.CREATED, this.username);
                     return DocumentMapper.INSTANCE.toDocumentation(addedDoc);
                 }
             } catch (DocumentationPersistenceException e) {
@@ -5662,6 +5681,11 @@ public void addDocumentationContent(String uuid, String docId, String organizati
             mappedContent = DocumentMapper.INSTANCE.toDocumentContent(content);
             DocumentContent doc = apiPersistenceInstance.addDocumentationContent(new Organization(organization), uuid, docId,
                     mappedContent);
+            JSONObject apiLogObject = new JSONObject();
+            apiLogObject.put(APIConstants.AuditLogConstants.DOCUMENT_ID, docId);
+            apiLogObject.put(APIConstants.AuditLogConstants.API_ID, uuid);
+            APIUtil.logAuditMessage(APIConstants.AuditLogConstants.DOCUMENT_CONTENT, apiLogObject.toString(),
+                    APIConstants.AuditLogConstants.UPDATED, this.username);
         } catch (DocumentationPersistenceException e) {
             throw new APIManagementException("Error while adding content to doc " + docId);
         }

components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/utils/APIUtil.java

@@ -7045,7 +7045,7 @@ public static DocumentBuilderFactory getSecuredDocumentBuilder() {
     public static void logAuditMessage(String entityType, String entityInfo, String action, String performedBy) {
 
         JSONObject jsonObject = new JSONObject();
-        jsonObject.put("typ", entityType);
+        jsonObject.put("type", entityType);
         jsonObject.put("action", action);
         jsonObject.put("performedBy", performedBy);
         if (entityInfo != null && !StringUtils.isBlank(entityInfo)) {