/// <summary>
/// Called to write save audit log entries.
/// </summary>
/// <param name="success">if set to <c>true</c> [success].</param>
/// <param name="accessRuleDetails">The user account details.</param>
protected override void OnWriteSaveAuditLogEntries(bool success, AuditLogUserAccountDetails accessRuleDetails)
{
if (accessRuleDetails.IsTemporaryId)
{
// Entity is being created
AuditLog.OnCreateUserAccount(success, accessRuleDetails.UserName);
}
if (!accessRuleDetails.IsTemporaryId &&
accessRuleDetails.OldUserName != accessRuleDetails.UserName)
{
// Name has changed
AuditLog.OnRenameUserAccount(success, accessRuleDetails.OldUserName, accessRuleDetails.UserName);
}
if (!accessRuleDetails.IsTemporaryId &&
accessRuleDetails.HasPasswordChanged)
{
// Password has changed
AuditLog.OnChangeUserAccountPassword(success, accessRuleDetails.UserName);
}
if (!accessRuleDetails.IsTemporaryId &&
accessRuleDetails.ExpirationDate != accessRuleDetails.OldExpirationDate)
{
// Expiration date has changed
AuditLog.OnChangeUserAccountExpiry(success, accessRuleDetails.UserName, accessRuleDetails.OldExpirationDate, accessRuleDetails.ExpirationDate);
}
if (!accessRuleDetails.IsTemporaryId &&
accessRuleDetails.Status != accessRuleDetails.OldStatus)
{
// Status has changed
switch (accessRuleDetails.Status)
{
case UserAccountStatusEnum_Enumeration.Expired:
AuditLog.OnExpiredUserAccount(success, accessRuleDetails.UserName);
break;
case UserAccountStatusEnum_Enumeration.Locked:
AuditLog.OnLockUserAccount(success, accessRuleDetails.UserName);
break;
default:
AuditLog.OnChangeUserAccountStatus(success, accessRuleDetails.UserName, accessRuleDetails.OldStatus.ToString(), accessRuleDetails.Status.ToString());
break;
}
}
ISet <string> currentAccount = new HashSet <string> {
accessRuleDetails.UserName
};
if (accessRuleDetails.AddedUserHasRoles.Count > 0)
{
foreach (string addedUserHasRole in accessRuleDetails.AddedUserHasRoles)
{
// Role membership has changed
AuditLog.OnChangeUserRoleMembers(success, addedUserHasRole, currentAccount, new SortedSet <string>());
}
}
if (accessRuleDetails.RemovedUserHasRoles.Count > 0)
{
foreach (string removedUserHasRole in accessRuleDetails.RemovedUserHasRoles)
{
// Role membership has changed
AuditLog.OnChangeUserRoleMembers(success, removedUserHasRole, new SortedSet <string>(), currentAccount);
}
}
}
/// <summary>
/// Called to gather audit log entity details for save.
/// </summary>
/// <param name="userAccount">The user account.</param>
/// <returns></returns>
protected override AuditLogUserAccountDetails OnGatherAuditLogEntityDetailsForSave(UserAccount userAccount)
{
var userAccountInternal = userAccount as IEntityInternal;
IEntityFieldValues fields;
IDictionary <long, IChangeTracker <IMutableIdKey> > forwardRelationships;
IDictionary <long, IChangeTracker <IMutableIdKey> > reverseRelationships;
userAccount.GetChanges(out fields, out forwardRelationships, out reverseRelationships);
var oldUserAccount = new Lazy <UserAccount>(() => Entity.Get <UserAccount>(userAccount.Id));
var userAccountDetails = new AuditLogUserAccountDetails {
UserName = userAccount.Name, OldUserName = userAccount.Name, IsTemporaryId = userAccountInternal.IsTemporaryId
};
IEnumerable <EntityRef> idsToLoad = new List <EntityRef> {
"core:name", "core:password", "core:accountExpiration", "core:accountStatus", "core:userHasRole"
};
Dictionary <string, IEntity> fieldEntities = Entity.Get(idsToLoad).ToDictionary(e => e.Alias);
if (fields != null && fields.Any())
{
object fieldObj;
if (fields.TryGetValue(fieldEntities["name"].Id, out fieldObj))
{
// Name was changed
userAccountDetails.OldUserName = oldUserAccount.Value.Name;
}
if (fields.TryGetValue(fieldEntities["password"].Id, out fieldObj))
{
var newPassword = fieldObj as string;
// Password was changed
if (newPassword != oldUserAccount.Value.Password)
{
userAccountDetails.HasPasswordChanged = true;
}
}
if (fields.TryGetValue(fieldEntities["accountExpiration"].Id, out fieldObj))
{
// Account expiration was changed
userAccountDetails.ExpirationDate = fieldObj as DateTime?;
userAccountDetails.OldExpirationDate = oldUserAccount.Value.AccountExpiration;
}
}
if (forwardRelationships != null && forwardRelationships.Count > 0)
{
IChangeTracker <IMutableIdKey> accountStatusTracker;
if (forwardRelationships.TryGetValue(fieldEntities["accountStatus"].Id, out accountStatusTracker))
{
userAccountDetails.Status = userAccount.AccountStatus_Enum;
userAccountDetails.OldStatus = oldUserAccount.Value.AccountStatus_Enum;
}
IChangeTracker <IMutableIdKey> userRoleTracker;
if (forwardRelationships.TryGetValue(fieldEntities["userHasRole"].Id, out userRoleTracker))
{
IEnumerable <long> addedIds = userRoleTracker.Added.Select(a => a.Key);
userAccountDetails.AddedUserHasRoles.UnionWith(Entity.Get <Resource>(addedIds).Select(e => e.Name));
IEnumerable <long> removedIds = userRoleTracker.Removed.Select(a => a.Key);
userAccountDetails.RemovedUserHasRoles.UnionWith(Entity.Get <Resource>(removedIds).Select(e => e.Name));
}
}
return(userAccountDetails);
}
/// <summary>
/// Called to write delete audit log entries.
/// </summary>
/// <param name="success">if set to <c>true</c> [success].</param>
/// <param name="accessRuleDetails">The user account details.</param>
protected override void OnWriteDeleteAuditLogEntries(bool success, AuditLogUserAccountDetails accessRuleDetails)
{
AuditLog.OnDeleteUserAccount(success, accessRuleDetails.UserName);
}
