Data Auditing in Spring Data JPA
Many systems require auditing and tracking the change in the persistence layer. It is really helpful to investigate problems related to the data. Data auditing typically answers these questions: when was it created, who was create the record, when was it created, who modified the record last and when was it modified last. In this article, we will learn how to implement auditing features.
How Spring Data JPA support auditing
By now, Spring provides four annotations in the spring-data-commons module for auditing features. They are:
@CreatedByrepresents the principal that created the entity containing the field.@CreatedDaterepresents the date the entity containing the field was created.@LastModifiedByrepresents the principal that recently modified the entity containing the field.@LastModifiedDaterepresents the date the entity containing the field was recently modified.
Besides the four mentioned annotations, Spring also provides @EnableJpaAuditing that aims enable auditing feature.
The AuditingEntityListener
In order to explain how the auditing feature works in Spring Data JPA, we should be known about an important class that listens to the change of the entity. It is AuditingEntityListener class. The AuditingEntityListener is one of the key factors of auditing features in Spring. Its responsibility is to listen to an update or a creation of an entity then perform necessary tasks to fill auditing information to the entity based on the annotated annotation of the entity. This class relies on the JPA Entity lifecycle event.
Take a look at the AuditingEntityListener we saw to main methods touchForCreate and touchForUpdate one is decorated with @PrePersist and @PreUpdate respectively.
Do you concern how Spring know who was created or modified the entity? The answer is spring doesn’t know how to fill the principal therefore we have to define a bean that has the implementation for org.springframework.data.domain.AuditorAware interface. At this time, I know that Spring has an implement in the spring security module. The name of the class is SpringSecurityAuditorAware. In case we don’t want to apply the SpringSecurityAuditorAware we have to make our own.
Example for auditing with Spring JPA
Project structure:
User table which created by the following data scripts
For this demo, I would like to define the auditable class separately then the main entity will extend the auditable class.
The AuditableEntity:
We set AuditingEntityListener to listen to events for the AuditableEntity and MappedSupperclass to allows the business entity can inherit this class. This reduces a lot of boiltplate code and more maintainable.
The User entity:
Configure essential beans and enable JpaAuditing:
As I have mentioned in the previous section, the auditing feature required a bean of AuditorAware so in the configuration class we just define that bean. To reduce the complexity of this demo, I have created a very basic implementation to AuditorAware that simply returns the user of the current machine where the application is running in.
I would like to skip the implementation for controllers, services, repositories, etc which we can found in my GitHub source repository.
Test our works
Start the demo application
sent a POST request with URL: http://localhost:8080/user/add
request body:
{ "userId": 1, "firstName": "First Name updated", "lastName": "Last Name"}
Verify the result by access h2-console following http://localhost:8080/h2-console/
Demo Source code
https://github.com/Programming-Sharing/spring-data-jpa-demo/tree/auditing-with-spring-data-jpa
