cancel
Showing results for 
Search instead for 
Did you mean: 

Backoffice Read Actions Audit Trail

There's a requirement on my project to be able to save logs for any read access done in backoffice of an employee. Anytime they access a record, it needs to be audited.

For example, employee "bob" enters backoffice and reads from the Product table, product with code "ABCD". Is there a way to be able to log that event? "bobs reads product ABCD"

I tried using a LoadInterceptor on Item type, but that causes a bunch of issues and infinite loops when trying to log the current user who's accessing the item.

Did you find a solution?, I have same problem, I tried to use "LoadInterceptor" too, but there are a lot of calls when the server turn on and for example when a user log in into backoffice. Also I tried to inject "javascript" through a new empty widget but I can't. If you found a solution, please tell me, I continue it trying.

0 Kudos

No solution as of yet... Hence why I came here for help.

0 Kudos

yasbet.alvarez.neoris any luck on your end?

0 Kudos

No, unfortunately we are no longer taking this requirement

Accepted Solutions (0)

Answers (1)

Answers (1)

safin
Advisor
Advisor

Hi Fox,

load interceptor is not the feasible way to meet your scenario, because load interceptor can be triggered whenever data is loaded from DB, it means audit will happen not just from Backoffice

A feasible way is to use audit logging api in the editor area widget, it means introducing a subclass for DefaultEditorAreaControllerModelOperationsDelegate, overwrite the retrieveAndSetCurrentContext(final Object inputData) method which will be invoked whenever data is loaded in editor area widget:

...
public class CustomizedEditorAreaControllerModelOperationsDelegate  extends DefaultEditorAreaControllerModelOperationsDelegate 
{

...
    public String retrieveAndSetCurrentContext(final Object inputData) 
	{
		AuditableActions.audit(AuditableActions.withName("Access Data")
						.withAttribute("data type", inputData.getClass()).withAttribute("by user", getCockpitUserService().getCurrentUser());
	    super.retrieveAndSetCurrentContext(inputData);
	}
...

}
<alias name="customizedEditorAreaModelOperationsDelegate" alias="editorAreaModelOperationsDelegate"/>
<bean id="customizedEditorAreaModelOperationsDelegate"
		  class="...CustomizedEditorAreaControllerModelOperationsDelegate"
		  scope="prototype">
	<constructor-arg>
	    <null/>
	</constructor-arg>
</bean>

As of audit logging API, you can refer to https://help.sap.com/docs/SAP_COMMERCE_CLOUD_PUBLIC_CLOUD/aa417173fe4a4ba5a473c93eb730a417/65ce70aea...

Hopefully it can help you a little.