I have a web application written in Java, Oracle, and AngularJS. I want to save log in database when user changes, creates or updates something.
There are two way of implementing this:
1. Auditing tables via Triggers
Cons: On database level I don't have user information who makes changes, so I have to save userName in every table I make any change.
For example: my table will look like this:
my_table {
field_1,
field_2,
...,
userName
)
2. Adding event logging functionality in Web application API functions
For example, when user changes data I have to call both functions: changeObject and AuditUserChange.
In addition to this I have to add trigger on the table to save audit log when somebody (support specialist) makes any change directly in database tables.
Which strategy should I use? Which option is better?
Best Answer
Question: Do you ever change any of this data by means other than the Web application? (Do you ever need to "fix" data?).
If the answer is "Yes" then use triggers.
The username needs to be accessible to the database - oracle's client_identifier is a good option, but you have to code the client application to pass it through.
Then you might create a table that largely duplicates the audited table, like this:
Your trigger then copies values from one table to the other, using the old: and new: pseudo tables. (Change Type might have values for Insert and Deletes and, for Updates, two values representing the "before" and "after" images of the record (what the values were is often as important as what they are now).
A Sequence of changes might look like this: