![]() |
|
|
|
|
Change By:
|
keithwoodlock
(07/Jan/13 5:07 AM)
|
|
Description:
|
Mifos X needs to Audit changes.
Below are just some casual notes.
There are a number
The platform architecture
of
approaches to Auditing. One possible approach is transactional which could be at an API level
Mifos x employs a Command
-
logging just
Query Seperation (CQRS) approach. Querys reprsents all 'read' requests on
the
api command and data associated
platform, Commands represent all state modifying requests on the platform
(
as well as user
In REST terms these are POST, PUT
and
timestamp data
DELETE
).
e
It the these Commands that we 'audit'
.
g. "PUT clients
The source of all api requests that are commands are logged
/
1
audited in a table
(
with json values
m_portfolio_command_source
)
"
.
This means its pretty lightweight and you can always roll forward to a particular state for forensic needs and you don
Application user details are tracked on:
- who created/sent the request
- who
'
t have to store huge before and after data changes as happens when you restructure a loan schedule for example
checked or verified' the request if using maker
-
this might even be available thru tomcat
checker process
.
This could be augmented by having addition informational audit log entries e
The 'action_name' & 'entity_name' pair track what the command is and for what entity
.
g. if you PUT offices/1 this could be just changing
We capture
the
office name or it could be a change to
JOSN request body of
the
office hierarchy which
request and the resource/entity the request
is
notable or both
for
.
If notable changes are in
For updates, we provided for
the
audit it doesn't mean they should be removed from
possibility for
the
domain though. e.g. if you
underlying service to detect only the actual changes and
have
a table for client group transfers you should keep it regardless of auditing
these stored as the JSON request body
.
The Audit may be configurable by MFI e.g. Turn auditing in general on or off. Or Turn parts
We also have common columns such as office_id, client_id and loan_id which allow us to search for changes related to any
of
this important concepts in
the
audit on or off
system
.
A user interface which shows changes (by user, date period etc) may
The net result is that you should
be
made available. Could be
able to see any/all changes related to
a
stand-alone app
praticular type of entity
or
something which slots into any other app
'action' that have occured in the system
.
|
|
|
|
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
|
------------------------------------------------------------------------------
Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS,
MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current
with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft
MVPs and experts. SALE $99.99 this month only -- learn more at:
http://p.sf.net/sfu/learnmore_122412
_______________________________________________
Mifos-issues mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/mifos-issues
