In Liferay 7 Enterprise Edition,
I want to log user info like user_name in external log files automatically in each request to track user activities, how to do that?
without using auditing plugin
when I tried to log post request for example (login), it doesn't contain any info about user ?!
This kind of thing is much harder than you might think...
Getting access to the current user is really easy. As Victor pointed out, you can use the ThemeDisplay object to get current user. If you don't have the request around, you can use the PrincipalThreadLocal to find the current user id.
That gives you the who, but certainly not the "what is user doing" aspects. Since the portal aggregates the HTML fragments of many portlets, from a servlet filter perspective it would be hard to gleam which one of the available portlets on an incoming URL is actually being interacted with. You could try a portlet filter to narrow the field, but this will just tell you what portlet is being accessed but not what they are doing with it.
Although you rejected the built in audit functionality available in DXP, it really is the answer for tracking who did what in the portal because it has the necessary touch points to get those two pieces and put them together.
Now if you rejected the built in audit functionality because you want a file and not a database entry, that is easy to solve. Go to the System Settings control panel and find the Logging Audit Message Processor and enable it. It will write the audit events out to a file in CSV format, but you should have the source for modules/apps/foundation/portal-security-audit/portal-security-audit-router/src/main/java/com/liferay/portal/security/audit/router/internal/LoggingAuditMessageProcessor.java so you can use this as a basis to write your own format.
Look at this code:
https://github.com/amusarra/liferay-portal-security-audit
in particular the portal-security-audit-capture-events module that catch the login events.
This seems a job for a filter, the user information is normally extracted from the themeDysplay, like in:
ThemeDisplay themeDisplay = ( ThemeDisplay ) request.getAttribute( THEME_DISPLAY );
long userId = themeDisplay.getRealUserId();
If you want to track specific portlets, an OSGi portlet filter would do the job.
Related
I've made an application that creates pull requests to update the dependencies in all of my org's repos when the repo "Alpha" gets a new tag. The process is triggered by our CI flow on Alpha. Other engineers here would like to upgrade this application so that whoever made the tag is also automatically added as a requested reviewer to all of the associated pull requests. I do not see any way to do this with the github REST api. So far I have:
GET tag by name -> tag object sha
GET tag (with obj sha) -> tagger name & tagger email
*************GAP**************
POST requested reviewer (with username) -> completed!
I can't see any good way to get a username from the REST api with the name and/or email. I could query commits from Alpha and filter them, BUT "person who tagged" != "person who made last commit AND I know that at least one of our more prolific taggers is sometimes logged in from different emails (web vs cli vs home machine, etc), so the app might miss them from time to time.
I think it may be possible to get what I want via the GraphQL api, but I'd really like to exhaust REST possibilities before I go down that road. Please shoot any ideas my way!
After gathering more information, it looks like it's possible, and even slightly more elegant than I anticipated. If I have the name of the tag (the 'ref'), I can get a specific commit with that rather than the SHA. the response for this commit includes author information that gives the login. I can then use this along with the pull number to request a reviewer.
If I execute a BigQuery job using the REST API (i.e. bigquery.googleapis.com) in the response I get back a selfLink that looks something like this:
https://bigquery.googleapis.com/bigquery/v2/projects/my-project/jobs/job_0123456789ABCDEF?location=EU
In the UI (ie.. console.cloud.google.com) I can see the very same job in the project's query history:
Is it possible to use the information within that API response and construct a URL that will allow a person to visit that URL in the browser and be taken directly to the information about that query in the UI? This would be really useful because we could log a message containing that URL so that anyone viewing the logs can see a user-friendly UI regarding that job.
I suspect the answer is "no" but just thought I'd ask.
I believe you can share this link:
https://console.cloud.google.com/bigquery?project=<my-project>j=<bq:<location>:<job_id>>&page=queryresults
For example: https://console.cloud.google.com/bigquery?project=my-project&j=bq:US:2846160a-9a13-4192-9bff-e691ff2adab6&page=queryresults
If a user has BQ Job List permission in that project, then when they open up the link they will be be able to see the query that was run in the UI, along with the job information.
But they can't see the query results, which is intended behavior. Instead they will get a warning:
Access Denied: User does not have permission to access results of another user's job.
I've been using Netlify for storing 100% of my app (both frontend and backend) for the last three months. So far, so good.
The only problem now is that I need to store a custom property for each user (say, the phone number), and apparently Netlify Identity doesn't support this (only email, name and roles https://www.netlify.com/docs/identity/).
I don't want to change the whole app to migrate to another hosting provider just for this detail (actually, I can't, it's for a client and I just don't have time), because it works great, but at the same time I need it.
Can you think of any workaround to this? The less "hackish", the better, but I understand that I'm going beyond the intended use of Netlify Identity.
So it actually does look like Netlify's GoTrue API has a specific endpoint for updating custom user data. After a user is created, you can update metadata by including it as "data" within an authenticated PUT request to /user.
PUT /user
{
"data" {
"custom_key": "value",
}
}
See https://github.com/netlify/gotrue for more info.
There are dozens of ways to do this, so I'll talk about two generally applicable ways now:
the most "generally capable" one is probably using lambda functions: https://www.netlify.com/docs/functions . This lets you run dynamic code, such as "store to database hosted elsewhere" or "email to our office manager to update a spreadsheet" or even "commit to our closed git repo so it's available in-code" (last one is probably a worst practice, but is possible). You can similarly use a function to read that data back out without exposing API tokens (code example: https://github.com/netlify/code-examples/tree/master/function_examples/token-hider)
you could have the data gathered via a form submission (https://www.netlify.com/docs/form-handling). I'd probably use zapier.com to receive a notification of the form submission (https://www.netlify.com/docs/form-handling/#notifications). Zapier can of course connect to just about anything on the planet :) . Getting the data back out if you want to show it in your UI is a bit more of a challenge, but you could use the above mentioned functions if you need to connect to some private data store to pull it out. Or for an MVP, just not show it, only let people enter/update it ;)
I'm working with Sitecore 8 Update 2.
I'm looking for a way to get some statistics on how many sitecore users are logged in ( over time, not just right now).
Mainly i would like to see if the actual amount of people working on the system is close to the maximum amount of users allowed by the license. Otherwise a company might be seriously overpaying.
Is there already an out of the box solution or a module available for this ?
If you visit this page:
<your-domain>/sitecore/client/Applications/LicenseOptions/KickUser
It will give you a list of all the currently logged in CMS users. That page is a SPEAK application and has a datasource called ActiveUsersDataSource. In the code, this datasource uses the DomainAccessGuard.Sessions property to get a list of all the sessions.
So if you just want a list, the KickUser page should be enough. If you want to run a report you can use the DomainAccessGuard.Sessions property as a start. You could use that to write a report with Sitecore Powershell Extensions pretty simply.
Log files usually contain audit information about login / logout. E.g.:
6140 13:57:33 INFO AUDIT (sitecore\djanjicek): Login
...
7512 14:02:57 INFO AUDIT (sitecore\djanjicek): Logout
With Sitecore Log Analyzer you should be able to filter your log files on the audit trails.
https://marketplace.sitecore.net/Modules/S/Sitecore_Log_Analyzer.aspx
If you need a web based solution then you could write an admin page that reads all log files and outputs the required lines in a timely fashion.
Also, you can try this:
var x = Membership.Providers["sql"].GetNumberOfUsersOnline();
where "sql" is you membership provider name defined in configuration.
I was expecting this to be a simple thing, but I am not quite sure how to go about doing it.
Basically on the current project we are trialling YouTrack and the agile board is great, but they could do with knowing who raised certain issues in case they need to go question them further on the issue. However I cannot seem to find a simple way to display this information.
I presumed it would be a custom field of type user, but it appears that this would manually need filling in and would not just be able to be pre-populated by the user who is making the task.
So is this possible?
Currently you can view only the assigned user's name on a ticket in Agile board.
I've created a task based on your request http://youtrack.jetbrains.com/issue/JT-19118, you are welcome to vote and leave comments.
As a rough workaround, you can configure notifications on created issues in your projects.
In this way, developers will be notified about all created issues and their reporters.
For that, create a saved search (i.e created by: {Testers}), make this search visible to needed group (by clicking "Edit" on the saved search) and enable notification "on issue created" in user's "Profile". Also, user with admin permissions is able to allow this notifications for all needed users by himself(navigate to "Administration" area -> "Users" -> {user} ->"Profile").
Note, that you can receive notifications both via email and jabber.
Thank you.