Open roblthegreat opened 7 years ago
A sidenote: there is another table (similar to JournalItems) that contains the audit log of content items: LogEntries. When approaching this, we should consider that too, that table contains actual metadata changes too and it cannot be switched off - while the journal can be (it was actually created to aid the wall portlet on workspaces).
And there are some security considerations here: who can access this history and which parts of those records can be delivered to the client.
Wouldn't the security be evaluated based on the user's permissions for the Node? If user 'test' is the owner or is permitted to modify the item, then he/she should see the audit trail. If the user is denied access to the document/node, then they are unable to see the audit trail associated with the node.
Otherwise, maybe additional set of permissions would be required.
Actually there is a separate permission type called RecallOldVersion that may be fit here I think (Save would not be appropriate, I can imagine a scenario when you can work on a file, but not allowed to see old versions - or you are not allowed to modify a file, but want to see old versions).
In a document management centric environment, it is often necessary for an end-user to view an audit trail of actions that occur with a specific document (created; modified; renamed; moved; deleted). This information is already stored in the JournalItems database table, but there appears to be no way to access it via the client APIs.
I'd like to request a feature to allow us to query a specific item and return an array of all rows from the JournalItems related.
Additionally, it would be useful for allow custom actions to be added to the JournalItems. For example, a desktop client app may want to add an entry for each time a document is printed or a document is emailed to an external user.