fix #2433 add UPDATE_PERMISSION

2020-03-19 09:26:34 +09:00 · 2020-03-19 09:26:34 +09:00 · 26e4ca8bac
commit 26e4ca8bac
parent 5607f558f0
2 changed files with 21 additions and 4 deletions
--- a/src/main/java/org/codelibs/fess/helper/ActivityHelper.java
+++ b/src/main/java/org/codelibs/fess/helper/ActivityHelper.java
@ -112,6 +112,20 @@ public class ActivityHelper {
        log(buf);
    }

+    public void permissionChanged(final OptionalThing<FessUserBean> user) {
+        final StringBuilder buf = new StringBuilder(100);
+        buf.append("action:");
+        buf.append(Action.UPDATE_PERMISSION);
+        buf.append('\t');
+        buf.append("user:");
+        buf.append(user.map(u -> u.getUserId()).orElse("-"));
+        buf.append('\t');
+        buf.append("permissions:");
+        buf.append(user.map(u -> stream(u.getPermissions()).get(stream -> stream.collect(Collectors.joining(permissionSeparator))))
+                .filter(StringUtil::isNotBlank).orElse("-"));
+        log(buf);
+    }
+
    private void log(final StringBuilder buf) {
        buf.append('\t');
        buf.append("ip:");
@ -127,7 +141,7 @@ public class ActivityHelper {
    }

    protected enum Action {
-        LOGIN, LOGOUT, ACCESS, LOGIN_FAILURE;
+        LOGIN, LOGOUT, ACCESS, LOGIN_FAILURE, UPDATE_PERMISSION;
    }

    public void setLoggerName(final String loggerName) {
--- a/src/main/java/org/codelibs/fess/ldap/LdapUser.java
+++ b/src/main/java/org/codelibs/fess/ldap/LdapUser.java
@ -22,8 +22,10 @@ import java.util.Hashtable;
 import org.apache.commons.lang3.ArrayUtils;
 import org.codelibs.core.lang.StringUtil;
 import org.codelibs.fess.entity.FessUser;
+import org.codelibs.fess.mylasta.action.FessUserBean;
 import org.codelibs.fess.mylasta.direction.FessConfig;
 import org.codelibs.fess.util.ComponentUtil;
+import org.dbflute.optional.OptionalThing;

 public class LdapUser implements FessUser {

@ -54,9 +56,10 @@ public class LdapUser implements FessUser {
            final String groupFilter = fessConfig.getLdapGroupFilter();
            if (StringUtil.isNotBlank(baseDn) && StringUtil.isNotBlank(accountFilter)) {
                permissions =
-                        ArrayUtils.addAll(
-                                ComponentUtil.getLdapManager().getRoles(this, baseDn, accountFilter, groupFilter,
-                                        roles -> permissions = roles), fessConfig.getRoleSearchUserPrefix() + getName());
+                        ArrayUtils.addAll(ComponentUtil.getLdapManager().getRoles(this, baseDn, accountFilter, groupFilter, roles -> {
+                            permissions = roles;
+                            ComponentUtil.getActivityHelper().permissionChanged(OptionalThing.of(new FessUserBean(this)));
+                        }), fessConfig.getRoleSearchUserPrefix() + getName());
            } else {
                permissions = StringUtil.EMPTY_STRINGS;
            }