Coding the Creation of Information Management Audit Policy

This is a quick post to demonstrate how you would create or update the Information Rights audit policy for a specific content type in SharePoint.

First things first, lets have a look at the method that implements this for us:

public void EnsureAuditPolicy(SPContentType ct)
{
    const string AUDIT_POLICY_NAME = "Custom Audit Policy";
    // Policy XML for enabling all out of the box auditing
    const string AUDIT_POLICY = "<Audit><Update /><View /><CheckInOut /><MoveCopy /><DeleteRestore /></Audit>";
 
    Policy policy = Policy.GetPolicy(ct);
    if (policy == null)
    {
        // Create new custom policy
        Policy.CreatePolicy(ct, null);
        // Retrieve newly created policy
        policy = Policy.GetPolicy(ct);
 
        if (policy == null)
        {
            throw new NullReferenceException("policy");
        }
 
        // Update policy information
        policy.Statement = string.Format("Custom audit policy for viewing, editing, checking in or out, moving or copying and deleting or restoring \"{0}\" items", policy.Name);
        policy.Name = string.Format("{0} - {1}", policy.Name, AUDIT_POLICY_NAME);
        policy.Description = "Custom Audit Policy";
    }
 
    if (policy != null)
    {
        // The PolicyId property provides the policyFeatureId parameter for the PolicyItemCollection indexer
        PolicyItem auditItem = policy.Items[PolicyAudit.PolicyId];
        if (auditItem == null)
        {
            // Update policy with custom audit requirements
            policy.Items.Add(PolicyAudit.PolicyId, AUDIT_POLICY);
        }
        else
        {
            // Modify existing policy with the custom audit requirements
            auditItem.CustomData = AUDIT_POLICY;
        }
    }
}

For the code to compile you’ll need to add a reference to the Microsoft.Office.Policy assembly which is located in the ISAPI folder of the hive.

%ProgramFiles%\Common Files\Microsoft Shared\Web Server Extensions\14\ISAPI\Microsoft.Office.Policy.dll

The two namespaces that should be added to your code are:

using Microsoft.Office.RecordsManagement.InformationPolicy;
using Microsoft.Office.RecordsManagement.PolicyFeatures;

From looking at the code you can see it’s pretty straight forward. You call the static method GetPolicy of Microsoft.Office.RecordsManagement.InformationPolicy.Policy to try and retrieve the policy object for the content type that was passed into the method.

From here we check if there is already a policy for the content type. Where there is no policy we create a new one via the CreatePolicy static method. We then assign a name, statement and description – the text for this has no bearing on the type of audit that will be implemented.

The last step is to check if the policy object has an existing policy item for auditing. We check this by attempting to retrieve the PolicyItem that has the feature id of the audit class. The feature id is provided for us by the policy object that we are creating – Microsoft.Office.RecordsManagement.PolicyFeatures.PolicyAudit.PolicyId

The policy configuration in this example is provided by the AUDIT_POLICY constant. This enables all out of the box auditing for the content type.

An easy way to retrieve the custom data for a policy is to create the policy through the UI and then write a simple console application to return the policy object for your content type, something like:

public string GetAuditPolicyCustomData(SPContentType ct)
{
    string customData = string.Empty;
    Policy policy = Policy.GetPolicy(ct);
 
    if (policy != null)
    {
        PolicyItem auditItem = policy.Items[PolicyAudit.PolicyId];
        if (auditItem != null)
        {
            customData = auditItem.CustomData;
            Console.WriteLine(customData);
        }
    }
 
    return customData;
}

Here we are retrieving the audit policy configuration data for the manually configured content type, which for a fully enabled audit policy is:

<Audit><Update /><View /><CheckInOut /><MoveCopy /><DeleteRestore /></Audit>

Examples of other audit objects that can be used are:

Microsoft.Office.RecordsManagement.PolicyFeatures.Barcode
Microsoft.Office.RecordsManagement.PolicyFeatures.Expiration
Microsoft.Office.RecordsManagement.PolicyFeatures.PolicyLabel

2 comments

  1. KjellSJ says:

    Thank you, just what I was looking for.

Leave a Reply

Your email address will not be published. Required fields are marked *

Solve the maths problem shown below before posting: *

Follow

Get every new post delivered to your Inbox

Join other followers: