Skip to content
This repository was archived by the owner on Jun 24, 2024. It is now read-only.

Auditing

Jump to bottom
Tristan Cebulla edited this page Feb 18, 2023 · 3 revisions

Why Auditing?

A GDPR audit is something that every company/business need to go through, and will determine whether you're truly compliant with GDPR or not. Performing regular internal self-assessments is always recommended and should ensure that you meet all your GDPR requirements if an external GDPR audit is necessary.

The Audit data that are collected by this plugin shall be used as proof of action and must never be deleted.

Self-Assessment

TBD

Audit Data Storage

TODO: describe the database / table structure

Audit Messages

An audit message is always bound to an issuer (usually null or a player's UUID) and always affects a subject (null for generic/bulk operations or a player's UUID).

Each time an audit message is logged, a new AuditEvent is created to track down a single operation. If multiple log messages have to be bound to a single specific event, you can always set the AuditEvent to its original value:

@Override
public void deletePlayerData(AuditEvent auditEvent, UUID issuer, UUID subject) {
    // set the auditEvent to the previous/provided one
    // resulting in unique AuditEvent IDs throughout the whole deletePlayerData()-chain
    AuditLogger auditLogger = this.getAuditLogger().setAuditEvent(auditEvent);

    // do something with a file
    File file = ...

    auditLogger.logMessage(issuer, subject, "Deleting user data file " + file.getCanonicalFile());
    if (!file.delete()) {
        auditLogger
            .setContext(ContextType.MESSAGE_TYPE, ContextMessageType.ERROR.toString())
            .logMessage(issuer, subject, "Failed to delete file " + file.getCanonicalFile());
        }
    } catch (IOException e) {
        // always handle exceptions!
    }
}

Contexts

Contexts are used to put a message into a specific scope. There are two predefined contexts "SERVER" and "INTEGRATION". The SERVER context is only interesting when GDPRotect is used on a multi-server environment (like with BungeeCord, Waterfall, Velocity, etc). The INTEGRATION environment is used to assign a log message to a specifc plugin (action).

Plugin maintainers / developers can add custom contexts to -- TBD

Events

Messages

Usage

Clone this wiki locally