search

Ricksoft-OSS / audit-log-browser

Browsing audit log add-on for Alfresco Content Services.
Apache License 2.0
6 stars 2 forks source link

audit-log-browser 2.0.0 実行エラー #11

Closed suzhen-github closed 1 year ago

suzhen-github commented 1 year ago

障害再現手順 Alfresco V7.3.0

1.audit-log-browser-share-2.0.0.jar、audit-log-browser-platform-2.0.0.jarをダウンロードして、   ロカールTomcat「apache-tomcat-9.0.70\modules」へDeployして、Tomcatサービスを再起動する。

  1. 下記のリクエストを実行したら、下記のエラーログが出てきました。  http://localhost:8080/alfresco/api/-default-/public/alfresco/versions/1/audit-applications/share-site-access/audit-entries?include=values

■Responseエラーログ: {"error":{"errorKey":"framework.exception.ApiDefault","statusCode":500,"briefSummary":"Cannot invoke \"org.alfresco.repo.audit.model.AuditApplication.getApplicationId()\" because \"app\" is null","stackTrace":"For security reasons the stack trace is no longer displayed, but the property is kept for previous versions","descriptionURL":"https://api-explorer.alfresco.com","logId":"4441681f-0077-4774-80d6-a21a17b7c2f3"}}

■Tomcat Consoleエラーログ: 2023-06-16 09:02:01,299 ERROR [org.alfresco.rest.framework.webscripts.ResourceWebScriptGet] [http-nio-8080-exec-6] 4441681f-0077-4774-80d6-a21a17b7c2f3 : [org.alfresco.repo.audit.AuditComponentImpl.getAuditEntriesCountByApp(AuditComponentImpl.java:950), org.alfresco.repo.audit.AuditServiceImpl.getAuditEntriesCountByApp(AuditServiceImpl.java:187), java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method), java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77), java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43), java.base/java.lang.reflect.Method.invoke(Method.java:568), org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:344), org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:198), org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163), net.sf.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:80), org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186), org.alfresco.repo.security.permissions.impl.ExceptionTranslatorMethodInterceptor.invoke(ExceptionTranslatorMethodInterceptor.java:53), org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186), org.alfresco.repo.audit.AuditMethodInterceptor.proceed(AuditMethodInterceptor.java:201), org.alfresco.repo.audit.AuditMethodInterceptor.invoke(AuditMethodInterceptor.java:171), org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186), org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:123), org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:388), org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:119), org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186), org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:215), jdk.proxy3/jdk.proxy3.$Proxy137.getAuditEntriesCountByApp(Unknown Source), org.alfresco.rest.api.impl.AuditImpl.getAuditEntriesCountByApp(AuditImpl.java:896), org.alfresco.rest.api.impl.AuditImpl.listAuditEntries(AuditImpl.java:298), java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method), java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77), java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43), java.base/java.lang.reflect.Method.invoke(Method.java:568), org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:344), org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:198), org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163), org.alfresco.rest.api.impl.ExceptionInterceptor.invoke(ExceptionInterceptor.java:57), org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186), org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:215), jdk.proxy3/jdk.proxy3.$Proxy188.listAuditEntries(Unknown Source), org.alfresco.rest.api.audit.AuditApplicationsAuditEntriesRelation.readAll(AuditApplicationsAuditEntriesRelation.java:65), org.alfresco.rest.framework.webscripts.ResourceWebScriptGet.executeAction(ResourceWebScriptGet.java:238), org.alfresco.rest.framework.webscripts.AbstractResourceWebScript$3.execute(AbstractResourceWebScript.java:215), org.alfresco.repo.transaction.RetryingTransactionHelper.doInTransaction(RetryingTransactionHelper.java:452), org.alfresco.rest.framework.webscripts.AbstractResourceWebScript.execute(AbstractResourceWebScript.java:208), org.alfresco.rest.framework.webscripts.AbstractResourceWebScript$1.execute(AbstractResourceWebScript.java:116), org.alfresco.repo.transaction.RetryingTransactionHelper.doInTransaction(RetryingTransactionHelper.java:452), org.alfresco.rest.framework.webscripts.AbstractResourceWebScript.execute(AbstractResourceWebScript.java:133), org.alfresco.rest.framework.webscripts.ApiWebScript.execute(ApiWebScript.java:112), org.alfresco.repo.web.scripts.RepositoryContainer.transactionedExecute(RepositoryContainer.java:506), org.alfresco.repo.web.scripts.RepositoryContainer.transactionedExecuteAs(RepositoryContainer.java:685), org.alfresco.repo.web.scripts.RepositoryContainer.transactionedExecuteAs(RepositoryContainer.java:721), org.alfresco.repo.web.scripts.RepositoryContainer.executeScriptInternal(RepositoryContainer.java:413), org.alfresco.repo.web.scripts.RepositoryContainer.executeScript(RepositoryContainer.java:309), org.alfresco.rest.api.PublicApiRepositoryContainer.access$001(PublicApiRepositoryContainer.java:47), org.alfresco.rest.api.PublicApiRepositoryContainer$1.doWork(PublicApiRepositoryContainer.java:84), org.alfresco.repo.tenant.TenantUtil.runAsWork(TenantUtil.java:126), org.alfresco.repo.tenant.TenantUtil.runAsTenant(TenantUtil.java:95), org.alfresco.rest.api.PublicApiRepositoryContainer.executeScript(PublicApiRepositoryContainer.java:80), org.springframework.extensions.webscripts.AbstractRuntime.executeScript(AbstractRuntime.java:423), org.springframework.extensions.webscripts.AbstractRuntime.executeScript(AbstractRuntime.java:210), org.alfresco.repo.web.scripts.TenantWebScriptServlet.service(TenantWebScriptServlet.java:82), javax.servlet.http.HttpServlet.service(HttpServlet.java:779), org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:227), org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162), org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53), org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189), org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162), org.alfresco.module.aosmodule.service.ContextRootFilter.doFilter(ContextRootFilter.java:93), org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189), org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162), org.springframework.extensions.webscripts.servlet.SecurityHeadersFilter.doFilter(SecurityHeadersFilter.java:177), org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189), org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162), org.alfresco.repo.web.filter.beans.NullFilter.doFilter(NullFilter.java:75), java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method), java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77), java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43), java.base/java.lang.reflect.Method.invoke(Method.java:568), org.alfresco.repo.management.subsystems.ChainingSubsystemProxyFactory$1.invoke(ChainingSubsystemProxyFactory.java:132), org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186), org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:215), jdk.proxy3/jdk.proxy3.$Proxy164.doFilter(Unknown Source), org.alfresco.repo.web.filter.beans.BeanProxyFilter.doFilter(BeanProxyFilter.java:89), org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189), org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162), org.alfresco.web.app.servlet.GlobalLocalizationFilter.doFilter(GlobalLocalizationFilter.java:68), org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189), org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162), org.alfresco.web.app.servlet.ClearSecurityContextFilter.doFilter(ClearSecurityContextFilter.java:53), org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189), org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162), org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:177), org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97), org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:541), org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:135), org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92), org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:687), org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78), org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:360), org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:399), org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65), org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:891), org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1784), org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49), org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191), org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659), org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61), java.base/java.lang.Thread.run(Thread.java:833)]

  1. 下記のURLにアクセスして最新のソースコードをダウンロードする https://github.com/Ricksoft-OSS/audit-log-browser/archive/refs/tags/2.0.0.zip  ・Source code(zip)

  2. 下記の修正点を実施しました。(※Application IDと名称を別に変更してみました。) share-site-audit-app.xml:   ・Application name="ShareSiteAccess" → "TaiShareSiteAccess"   ・share-site-access → tai-share-site-access alfresco-global.properties:   ・AuditLogBrowser.app.name="ShareSiteAccess" → "TaiShareSiteAccess", audit-log-browser.js   ・share-site-access → tai-share-site-access

  3. 新しいaudit-log-browser-share-2.0.0.jar、audit-log-browser-platform-2.0.0.jarを生成して、   ロカールTomcat「apache-tomcat-9.0.70\modules」へDeployして、Tomcatサービスを再起動する。

  4. 下記のリクエストを実行したら、最初に正常にレストランが返されましたが、2-3日間経って、Share画面であるファイルをアップロードしたり、ファイルをDeleteしたり等の更新操作したら、また、上記2と同様なエラーが発生してしまいました。  http://localhost:8080/alfresco/api/-default-/public/alfresco/versions/1/audit-applications/tai-share-site-access/audit-entries?include=values

Tomcatサービスを再起動しても、駄目です。

shishi999 commented 1 year ago

Hello @suzhen-github ,

Can you tell us what Action you performed from the time you changed the Application name until the error occurred? We are currently investigating this issue and believe that the problem may be caused by recording some Action.

suzhen-github commented 1 year ago

I have just debugged the alfresco-remote-api-15.9.jar and alfresco-repository-15.9.jar, I found that when the audit records amount is more than 100, 'hasMoreItems' will become true, and the method of getAuditEntriesCountByApp in AuditImpl.class will be executed as below, and the following source code will be executed, maybe [auditApplication.getKey()] is wrongly used, I think that [auditApplication.getName()] should be correct. ・ final String applicationName = auditApplication.getKey().substring(1);  ----->getName()???

so when you set 「share-site-audit-app.xml」 as below ・Application name="ShareSiteAccess" key="share-site-access"

and applicationName is wrongly got by key="share-site-access". and the app will return null in the following source code because of the wrong applicationName. AuditApplication app = auditModelRegistry.getAuditApplicationByName(applicationName); (----->app is null)

■/audit-log-browser-share/src/main/resources/META-INF/resources/audit-log-browser-share/js/audit-log-browser/display/audit-log-browser.js ・AuditLogBrowser.MAX_ITEMS = 100;

■alfresco-remote-api-15.9.jar ★org.alfresco.rest.api.impl.AuditImpl.class ・public CollectionWithPagingInfo listAuditEntries(String auditAppId, Parameters parameters) int totalRetrievedItems = entriesAudit.size(); int end = Math.min(limit - 1, totalRetrievedItems); boolean hasMoreItems = totalRetrievedItems > end; totalItems = hasMoreItems ? getAuditEntriesCountByApp(auditApplication) : totalRetrievedItems; public int getAuditEntriesCountByApp(AuditService.AuditApplication auditApplication) { final String applicationName = auditApplication.getKey().substring(1);  (----->getName()???) return auditService.getAuditEntriesCountByApp(applicationName); }

■alfresco-repository-15.9.jar ★org.alfresco.repo.audit.AuditServiceImpl.class org.alfresco.repo.audit.AuditComponentImpl.class

    public int getAuditEntriesCountByApp(String applicationName)
    {
        // Get the id for the application
        AuditApplication app = auditModelRegistry.getAuditApplicationByName(applicationName); (----->app is null)

        Long applicationId = app.getApplicationId();
        if (applicationId == null)
        {
            throw new AuditException("No persisted instance exists for audit application: " + app);
        }

        return auditDAO.getAuditEntriesCountByApp(applicationId);
    }

*** If you set 「share-site-audit-app.xml」as below, the error will not happen. ・Application name="share-site-access" key="share-site-access"

shishi999 commented 1 year ago

Thank you very much @suzhen-github for your precious investigation!

"getAuditEntriesCountByApp" had been not added on this app's release and our extensions may have been broken by official changing the code. And code of "share-site-audit-app.xml" is probably from the official doc. This doc shows name≠key code example.

From the above, it may be unexpected behavior of official code a.k.a. "THE BUG" :(

So I think changing app name to "share-site-access"( or any original names ) you said is efficient. But changing name is results in abandoning all audit entries recorded before. I think any script for changing audit entries to other audit apps from an audit app is needed so I'm planning to change app names, create that script and serve.

p.s. : Do you have a plan to create a pull request to fix it for ACS community repository?

suzhen-github commented 1 year ago

Thank you very much@shishi999 from you response. I am glad to get confirmation on the analysis of this issue.

p.s. : Do you have a plan to create a pull request to fix it for ACS community repository? --> sorry, I don't know how to create a pull request to fix this issue for ACS community repository. Please help to submit this pull request if possible.