Feature Request - Expose Content Audit Trail via OData REST and .NET library

[roblthegreat]

In a document management centric environment, it is often necessary for an end-user to view an audit trail of actions that occur with a specific document (created; modified; renamed; moved; deleted). This information is already stored in the JournalItems database table, but there appears to be no way to access it via the client APIs.

I'd like to request a feature to allow us to query a specific item and return an array of all rows from the JournalItems related.

Additionally, it would be useful for allow custom actions to be added to the JournalItems. For example, a desktop client app may want to add an entry for each time a document is printed or a document is emailed to an external user.

[tusmester]

A sidenote: there is another table (similar to JournalItems) that contains the audit log of content items: LogEntries. When approaching this, we should consider that too, that table contains actual metadata changes too and it cannot be switched off - while the journal can be (it was actually created to aid the wall portlet on workspaces).

And there are some security considerations here: who can access this history and which parts of those records can be delivered to the client.

[roblthegreat]

Wouldn't the security be evaluated based on the user's permissions for the Node? If user 'test' is the owner or is permitted to modify the item, then he/she should see the audit trail. If the user is denied access to the document/node, then they are unable to see the audit trail associated with the node.

Otherwise, maybe additional set of permissions would be required.

[tusmester]

Actually there is a separate permission type called RecallOldVersion that may be fit here I think (Save would not be appropriate, I can imagine a scenario when you can work on a file, but not allowed to see old versions - or you are not allowed to modify a file, but want to see old versions).