Objective: The purpose of audit logging within OpenLMIS is to create a complete picture of all relative state changes as they occur within the system in order to encourage confidence on behalf of the user community.
Description: A record of all state changes for all objects within the systemOpenLMIS. For all records within OpenLMIS, one should be able to trace backwards from a records present state, all the way back to its initialized state. Records of state changes should be immutable. For example, if There is no expectation that all possible state changes should be shown in a report or available via the UI. It is sufficient for these state change records to be persisted and available via API call, (i.e. /program/{programId}/show-audit-history). The preference is to use an existing tool such as Envers if possible. Additionally, writing an audit logging strategy that is easily leveraged by future independent OpenLMIS services is highly desirable.
Example:
If a facility has the following attributes when instantiated:
...
Additionally, the previous state of the record should be recorded as a historical entity. Any time an update is made to a record, a log of the previous state should be persisted. One approach is as follows (though no approach is proscribed):
Facility_StateChangeRecord
| FacilityName | FacilityName_ChangedTo | FacilityId | FacilityId_ChangedTo | Type | Type_ChangedTo | LatCoord | LatCoord_ChangedTo | LonCoord | LonCoord_ChangedTo | CreatedBy | CreatedBy_ChangedTo | CreatedDate | CreatedDate_ChangedTo | UpdatedBy | UpdatedBy_ChangedTo | LastModDate | LastModDate_ChangedTo |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Steinbach Hospital | null | F123 | null | Hospital | Clinic | 30.113 | 30.111 | 19.210 | null | KevinCussen | null | 2016-01-01 | null | null | JohnSmith | null | 2016-01-20 12:34:56 |
Pengfei - Are you familiar with Envers? If this is a feasible solution, Mary Jo Kochendorfer and I will work through our ERD model and define which classes and class variables should be audited. Please schedule some time to discuss with me.
As an administrator, I want an audit log/trail on any object or process in the system. For example, I want to know who changed values on a Facility record, changes to a Requisition template, a log of the approvals on a Requisition, log of all requisition status changes.
These examples were deliberately chosen to show logging on 1) individual record/entity 2) to a composed entity (a Req template is likely a composition of many sub-objects), or a process. This may call for different types of logging. We may also wish to configure which entities are logged, e.g. do we really need to log changes on everything?
Levels
Individual record/entity logging
Composed entity (requisition template, order file template)
Process
...
This might be its own epic.
Acceptance:
...