The logs that our application is currently writing are banking transactions. Another level of logging may be needed to analyze operations the controller is performing. This can service either performance analysis, post-mortem analysis, and for generating audit reports.
To do this, let's code an aspect that logs all of controllers (except for the log operation itself).
- Code a simple aspect that logs anything except the
logmethod using a copy of the controller.class AuditInterceptor(MethodInterceptor): def __init__(self, controller): self.controller = controller def invoke(self, invocation): results = invocation.proceed() if invocation.method_name != "log": self.controller.log("AUDIT", -1, "Method: %s Args: %s" % ( invocation.method_name, invocation.args)) return resultsFor this code to work, add the following import statement:
from springpython.aop import *
- Update the definition of the controller in the application context in order to embed this interceptor.
@Object def controller(self): target = SpringBankController(self.factory()) return ProxyFactoryObject( target=target, interceptors=AuditInterceptor(target))
This update to the application context smoothly replaces the
SpringBankControllerwith aProxyFactoryObject. This proxy points at the realcontrollerobject, while also plugging in an instance of theAuditInterceptorwe just coded.Also notice that the
AuditInterceptorneeds a copy of the controller. However, usingself.controller()like all the other methods would generate a recursive stack error. - Let's use MySQL's command-line interface to look at the log table after several operations.
This provides a nice view of what happened on a transaction level, and also on a lower level from an auditing perspective.
It is left as an exercise for the reader to change the advice, so that only when a manager is viewing an account history does it write an audit log entry. It is also an exercise to build a view for the supervisor to view these audit trails.
This provides a nice view of what happened on a transaction level, and also on a lower level from an auditing perspective.
It is left as an exercise for the reader to change the advice, so that only when a manager is viewing an account history does it write an audit log entry. It is also an exercise to build a view for the supervisor to view these audit trails.