mirror of https://github.com/MISP/MISP
fix: handle changed col decoding
parent
f18cda96db
commit
53c69c7a1c
|
@ -3,12 +3,12 @@
|
|||
namespace App\Controller\Admin;
|
||||
|
||||
use App\Controller\AppController;
|
||||
use Cake\Core\Configure;
|
||||
use Cake\Http\Exception\NotFoundException;
|
||||
use App\Model\Entity\AuditLog;
|
||||
use Cake\Core\Configure;
|
||||
use Cake\Http\Exception\MethodNotAllowedException;
|
||||
use Exception;
|
||||
use Cake\Http\Exception\NotFoundException;
|
||||
use Cake\ORM\Locator\LocatorAwareTrait;
|
||||
use Exception;
|
||||
|
||||
class AuditLogsController extends AppController
|
||||
{
|
||||
|
@ -59,10 +59,9 @@ class AuditLogsController extends AppController
|
|||
'WorkflowBlueprint',
|
||||
];
|
||||
|
||||
// TODO: [3.x-MIGRATION] handle `changed` (blog column, use JsonFieldBehavior)
|
||||
public $paginate = [
|
||||
'limit' => 60,
|
||||
'fields' => ['id', 'created', 'user_id', 'org_id', 'request_action','model', 'model_id', 'model_title', 'event_id', /* 'changed' */],
|
||||
'fields' => ['id', 'created', 'user_id', 'org_id', 'request_action', 'model', 'model_id', 'model_title', 'event_id', 'changed'],
|
||||
'contain' => [
|
||||
'Users' => ['fields' => ['id', 'email', 'org_id']],
|
||||
'Organisations' => ['fields' => ['id', 'name', 'uuid']],
|
||||
|
@ -121,20 +120,22 @@ class AuditLogsController extends AppController
|
|||
if (!Configure::read('MISP.log_new_audit')) {
|
||||
$this->Flash->warning(__("Audit log is not enabled. See 'MISP.log_new_audit' in the Server Settings. (Administration -> Server Settings -> MISP tab)"));
|
||||
}
|
||||
$params = $this->harvestParameters([
|
||||
'ip',
|
||||
'user',
|
||||
'request_id',
|
||||
'authkey_id',
|
||||
'model',
|
||||
'model_id',
|
||||
'event_id',
|
||||
'model_title',
|
||||
'action',
|
||||
'org',
|
||||
'created',
|
||||
'request_type',
|
||||
]);
|
||||
$params = $this->harvestParameters(
|
||||
[
|
||||
'ip',
|
||||
'user',
|
||||
'request_id',
|
||||
'authkey_id',
|
||||
'model',
|
||||
'model_id',
|
||||
'event_id',
|
||||
'model_title',
|
||||
'action',
|
||||
'org',
|
||||
'created',
|
||||
'request_type',
|
||||
]
|
||||
);
|
||||
|
||||
$this->paginate['conditions'] = $this->__searchConditions($params);
|
||||
$acl = $this->__applyAuditACL($this->ACL->getUser()->toArray());
|
||||
|
@ -153,19 +154,22 @@ class AuditLogsController extends AppController
|
|||
}
|
||||
|
||||
$this->set('list', $list);
|
||||
$this->set('actions', [
|
||||
AuditLog::ACTION_ADD => __('Add'),
|
||||
AuditLog::ACTION_EDIT => __('Edit'),
|
||||
AuditLog::ACTION_SOFT_DELETE => __('Soft delete'),
|
||||
AuditLog::ACTION_DELETE => __('Delete'),
|
||||
AuditLog::ACTION_UNDELETE => __('Undelete'),
|
||||
AuditLog::ACTION_TAG . '||' . AuditLog::ACTION_TAG_LOCAL => __('Tag'),
|
||||
AuditLog::ACTION_REMOVE_TAG . '||' . AuditLog::ACTION_REMOVE_TAG_LOCAL => __('Remove tag'),
|
||||
AuditLog::ACTION_GALAXY . '||' . AuditLog::ACTION_GALAXY_LOCAL => __('Galaxy cluster'),
|
||||
AuditLog::ACTION_REMOVE_GALAXY . '||' . AuditLog::ACTION_REMOVE_GALAXY_LOCAL => __('Remove galaxy cluster'),
|
||||
AuditLog::ACTION_PUBLISH => __('Publish'),
|
||||
AuditLog::ACTION_PUBLISH_SIGHTINGS => $this->actions[AuditLog::ACTION_PUBLISH_SIGHTINGS],
|
||||
]);
|
||||
$this->set(
|
||||
'actions',
|
||||
[
|
||||
AuditLog::ACTION_ADD => __('Add'),
|
||||
AuditLog::ACTION_EDIT => __('Edit'),
|
||||
AuditLog::ACTION_SOFT_DELETE => __('Soft delete'),
|
||||
AuditLog::ACTION_DELETE => __('Delete'),
|
||||
AuditLog::ACTION_UNDELETE => __('Undelete'),
|
||||
AuditLog::ACTION_TAG . '||' . AuditLog::ACTION_TAG_LOCAL => __('Tag'),
|
||||
AuditLog::ACTION_REMOVE_TAG . '||' . AuditLog::ACTION_REMOVE_TAG_LOCAL => __('Remove tag'),
|
||||
AuditLog::ACTION_GALAXY . '||' . AuditLog::ACTION_GALAXY_LOCAL => __('Galaxy cluster'),
|
||||
AuditLog::ACTION_REMOVE_GALAXY . '||' . AuditLog::ACTION_REMOVE_GALAXY_LOCAL => __('Remove galaxy cluster'),
|
||||
AuditLog::ACTION_PUBLISH => __('Publish'),
|
||||
AuditLog::ACTION_PUBLISH_SIGHTINGS => $this->actions[AuditLog::ACTION_PUBLISH_SIGHTINGS],
|
||||
]
|
||||
);
|
||||
$models = $this->models;
|
||||
sort($models);
|
||||
$this->set('models', $models);
|
||||
|
@ -191,10 +195,13 @@ class AuditLogsController extends AppController
|
|||
|
||||
if (!$this->isSiteAdmin()) {
|
||||
// Remove all user info about users from different org
|
||||
$orgUserIds = $this->Users->find('column', [
|
||||
'conditions' => ['Users.org_id' => $this->Auth->user('org_id')],
|
||||
'fields' => ['Users.id'],
|
||||
]);
|
||||
$orgUserIds = $this->Users->find(
|
||||
'column',
|
||||
[
|
||||
'conditions' => ['Users.org_id' => $this->Auth->user('org_id')],
|
||||
'fields' => ['Users.id'],
|
||||
]
|
||||
);
|
||||
foreach ($list as $k => $item) {
|
||||
if ($item['AuditLog']['user_id'] == 0) {
|
||||
continue;
|
||||
|
@ -216,20 +223,26 @@ class AuditLogsController extends AppController
|
|||
|
||||
$this->set('data', $list);
|
||||
$this->set('event', $event);
|
||||
$this->set('mayModify', $this->canModifyEvent($event));
|
||||
$this->set('menuData', [
|
||||
'menuList' => 'event',
|
||||
'menuItem' => 'eventLog'
|
||||
]);
|
||||
$this->set('mayModify', $this->ACL->canModifyEvent($event));
|
||||
$this->set(
|
||||
'menuData',
|
||||
[
|
||||
'menuList' => 'event',
|
||||
'menuItem' => 'eventLog'
|
||||
]
|
||||
);
|
||||
}
|
||||
|
||||
public function fullChange($id)
|
||||
{
|
||||
$log = $this->AuditLogs->find('first', [
|
||||
'conditions' => ['id' => $id],
|
||||
'recursive' => -1,
|
||||
'fields' => ['changed', 'request_action'],
|
||||
]);
|
||||
$log = $this->AuditLogs->find(
|
||||
'first',
|
||||
[
|
||||
'conditions' => ['id' => $id],
|
||||
'recursive' => -1,
|
||||
'fields' => ['changed', 'request_action'],
|
||||
]
|
||||
);
|
||||
if (empty($log)) {
|
||||
throw new Exception('Log not found.');
|
||||
}
|
||||
|
@ -291,10 +304,13 @@ class AuditLogsController extends AppController
|
|||
} else if (is_numeric($params['user'])) {
|
||||
$conditions['AuditLog.user_id'] = $params['user'];
|
||||
} else {
|
||||
$user = $this->Users->find('first', [
|
||||
'conditions' => ['Users.email' => $params['user']],
|
||||
'fields' => ['id'],
|
||||
]);
|
||||
$user = $this->Users->find(
|
||||
'first',
|
||||
[
|
||||
'conditions' => ['Users.email' => $params['user']],
|
||||
'fields' => ['id'],
|
||||
]
|
||||
);
|
||||
if (!empty($user)) {
|
||||
$conditions['AuditLog.user_id'] = $user['User']['id'];
|
||||
} else {
|
||||
|
@ -372,15 +388,18 @@ class AuditLogsController extends AppController
|
|||
// Site admins and event owners can see all changes
|
||||
return ['event_id' => $event['Event']['id']];
|
||||
}
|
||||
$event = $this->AuditLogs->Event->fetchEvent($this->Auth->user(), [
|
||||
'eventid' => $event['Event']['id'],
|
||||
'sgReferenceOnly' => 1,
|
||||
'deleted' => [0, 1],
|
||||
'deleted_proposals' => 1,
|
||||
'noSightings' => true,
|
||||
'includeEventCorrelations' => false,
|
||||
'excludeGalaxy' => true,
|
||||
])[0];
|
||||
$event = $this->AuditLogs->Event->fetchEvent(
|
||||
$this->Auth->user(),
|
||||
[
|
||||
'eventid' => $event['Event']['id'],
|
||||
'sgReferenceOnly' => 1,
|
||||
'deleted' => [0, 1],
|
||||
'deleted_proposals' => 1,
|
||||
'noSightings' => true,
|
||||
'includeEventCorrelations' => false,
|
||||
'excludeGalaxy' => true,
|
||||
]
|
||||
)[0];
|
||||
$attributeIds = [];
|
||||
$objectIds = [];
|
||||
$proposalIds = array_column($event['ShadowAttribute'], 'id');
|
||||
|
@ -456,35 +475,46 @@ class AuditLogsController extends AppController
|
|||
|
||||
if (isset($models['ObjectReference'])) {
|
||||
$ObjectReferencesTable = $this->fetchTable('ObjectReferences');
|
||||
$objectReferences = $ObjectReferencesTable->find('list', [
|
||||
'conditions' => ['ObjectReference.id' => array_unique($models['ObjectReference'])],
|
||||
'fields' => ['ObjectReference.id', 'ObjectReference.object_id'],
|
||||
])->toArray();
|
||||
$objectReferences = $ObjectReferencesTable->find(
|
||||
'list',
|
||||
[
|
||||
'conditions' => ['ObjectReference.id' => array_unique($models['ObjectReference'])],
|
||||
'fields' => ['ObjectReference.id', 'ObjectReference.object_id'],
|
||||
]
|
||||
)->toArray();
|
||||
}
|
||||
|
||||
if (isset($models['Object']) || isset($objectReferences)) {
|
||||
$objectIds = array_unique(array_merge(
|
||||
isset($models['Object']) ? $models['Object'] : [],
|
||||
isset($objectReferences) ? array_values($objectReferences) : []
|
||||
));
|
||||
$objectIds = array_unique(
|
||||
array_merge(
|
||||
isset($models['Object']) ? $models['Object'] : [],
|
||||
isset($objectReferences) ? array_values($objectReferences) : []
|
||||
)
|
||||
);
|
||||
$MispObjectsTable = $this->fetchTable('MispObjects');
|
||||
$conditions = $MispObjectsTable->buildConditions($this->Auth->user());
|
||||
$conditions['Object.id'] = $objectIds;
|
||||
$objects = $this->MispObject->find('all', [
|
||||
'conditions' => $conditions,
|
||||
'contain' => ['Event'],
|
||||
'fields' => ['Object.id', 'Object.event_id', 'Object.uuid', 'Object.deleted'],
|
||||
]);
|
||||
$objects = $this->MispObject->find(
|
||||
'all',
|
||||
[
|
||||
'conditions' => $conditions,
|
||||
'contain' => ['Event'],
|
||||
'fields' => ['Object.id', 'Object.event_id', 'Object.uuid', 'Object.deleted'],
|
||||
]
|
||||
);
|
||||
$objects = array_column(array_column($objects, 'Object'), null, 'id');
|
||||
$eventIds = array_merge($eventIds, array_column($objects, 'event_id'));
|
||||
}
|
||||
|
||||
if (isset($models['Attribute'])) {
|
||||
$AttributesTable = $this->fetchTable('Attributes');
|
||||
$attributes = $AttributesTable->fetchAttributesSimple($this->Auth->user(), [
|
||||
'conditions' => ['Attribute.id' => array_unique($models['Attribute'])],
|
||||
'fields' => ['Attribute.id', 'Attribute.event_id', 'Attribute.uuid', 'Attribute.deleted'],
|
||||
]);
|
||||
$attributes = $AttributesTable->fetchAttributesSimple(
|
||||
$this->Auth->user(),
|
||||
[
|
||||
'conditions' => ['Attribute.id' => array_unique($models['Attribute'])],
|
||||
'fields' => ['Attribute.id', 'Attribute.event_id', 'Attribute.uuid', 'Attribute.deleted'],
|
||||
]
|
||||
);
|
||||
$attributes = array_column(array_column($attributes, 'Attribute'), null, 'id');
|
||||
$eventIds = array_merge($eventIds, array_column($attributes, 'event_id'));
|
||||
}
|
||||
|
@ -493,11 +523,14 @@ class AuditLogsController extends AppController
|
|||
$ShadowAttributesTable = $this->fetchTable('ShadowAttributes');
|
||||
$conditions = $ShadowAttributesTable->buildConditions($this->Auth->user());
|
||||
$conditions['AND'][] = ['ShadowAttribute.id' => array_unique($models['ShadowAttribute'])];
|
||||
$shadowAttributes = $ShadowAttributesTable->find('all', [
|
||||
'conditions' => $conditions,
|
||||
'fields' => ['ShadowAttribute.id', 'ShadowAttribute.event_id', 'ShadowAttribute.uuid', 'ShadowAttribute.deleted'],
|
||||
'contain' => ['Event', 'Attribute'],
|
||||
])->toArray();
|
||||
$shadowAttributes = $ShadowAttributesTable->find(
|
||||
'all',
|
||||
[
|
||||
'conditions' => $conditions,
|
||||
'fields' => ['ShadowAttribute.id', 'ShadowAttribute.event_id', 'ShadowAttribute.uuid', 'ShadowAttribute.deleted'],
|
||||
'contain' => ['Event', 'Attribute'],
|
||||
]
|
||||
)->toArray();
|
||||
$shadowAttributes = array_column(array_column($shadowAttributes, 'ShadowAttribute'), null, 'id');
|
||||
$eventIds = array_merge($eventIds, array_column($shadowAttributes, 'event_id'));
|
||||
}
|
||||
|
@ -506,10 +539,13 @@ class AuditLogsController extends AppController
|
|||
$EventsTable = $this->fetchTable('Events');
|
||||
$conditions = $EventsTable->createEventConditions($this->Auth->user());
|
||||
$conditions['Event.id'] = array_unique($eventIds);
|
||||
$events = $EventsTable->find('list', [
|
||||
'conditions' => $conditions,
|
||||
'fields' => ['Event.id', 'Event.info'],
|
||||
]);
|
||||
$events = $EventsTable->find(
|
||||
'list',
|
||||
[
|
||||
'conditions' => $conditions,
|
||||
'fields' => ['Event.id', 'Event.info'],
|
||||
]
|
||||
);
|
||||
}
|
||||
|
||||
$links = [
|
||||
|
@ -530,10 +566,13 @@ class AuditLogsController extends AppController
|
|||
foreach ($links as $modelName => $foo) {
|
||||
if (isset($models[$modelName])) {
|
||||
$ModelTable = $this->fetchTable($modelName);
|
||||
$data = $ModelTable->find('column', [
|
||||
'conditions' => ['id' => array_unique($models[$modelName])],
|
||||
'fields' => ['id'],
|
||||
])->toArray();
|
||||
$data = $ModelTable->find(
|
||||
'column',
|
||||
[
|
||||
'conditions' => ['id' => array_unique($models[$modelName])],
|
||||
'fields' => ['id'],
|
||||
]
|
||||
)->toArray();
|
||||
$existingObjects[$modelName] = array_flip($data);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -10,6 +10,7 @@ use Cake\Http\Exception\MethodNotAllowedException;
|
|||
use Cake\Http\Exception\NotFoundException;
|
||||
use Cake\ORM\TableRegistry;
|
||||
use Cake\Utility\Inflector;
|
||||
use InvalidArgumentException;
|
||||
|
||||
class ACLComponent extends Component
|
||||
{
|
||||
|
@ -674,4 +675,28 @@ class ACLComponent extends Component
|
|||
}
|
||||
return $menu;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns true if user can modify given event.
|
||||
*
|
||||
* @param array $event
|
||||
* @param array $user
|
||||
* @return bool
|
||||
*/
|
||||
public function canModifyEvent(array $user, array $event)
|
||||
{
|
||||
if (!isset($event['Event'])) {
|
||||
throw new InvalidArgumentException('Passed object does not contain an Event.');
|
||||
}
|
||||
if ($user['Role']['perm_site_admin']) {
|
||||
return true;
|
||||
}
|
||||
if ($user['Role']['perm_modify_org'] && $event['Event']['orgc_id'] == $user['org_id']) {
|
||||
return true;
|
||||
}
|
||||
if ($user['Role']['perm_modify'] && $event['Event']['user_id'] == $user['id']) {
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -3,67 +3,89 @@
|
|||
namespace App\Model\Entity;
|
||||
|
||||
use App\Model\Entity\AppModel;
|
||||
use Cake\ORM\Entity;
|
||||
use Cake\Core\Configure;
|
||||
|
||||
class AuditLog extends AppModel
|
||||
{
|
||||
private $compressionEnabled = false;
|
||||
|
||||
public const ACTION_ADD = 'add',
|
||||
ACTION_EDIT = 'edit',
|
||||
ACTION_SOFT_DELETE = 'soft_delete',
|
||||
ACTION_DELETE = 'delete',
|
||||
ACTION_UNDELETE = 'undelete',
|
||||
ACTION_TAG = 'tag',
|
||||
ACTION_TAG_LOCAL = 'tag_local',
|
||||
ACTION_REMOVE_TAG = 'remove_tag',
|
||||
ACTION_REMOVE_TAG_LOCAL = 'remove_local_tag',
|
||||
ACTION_GALAXY = 'galaxy',
|
||||
ACTION_GALAXY_LOCAL = 'galaxy_local',
|
||||
ACTION_REMOVE_GALAXY = 'remove_galaxy',
|
||||
ACTION_REMOVE_GALAXY_LOCAL = 'remove_local_galaxy',
|
||||
ACTION_PUBLISH = 'publish',
|
||||
ACTION_PUBLISH_SIGHTINGS = 'publish_sightings',
|
||||
ACTION_LOGIN = 'login',
|
||||
ACTION_PASSWDCHANGE = 'password_change',
|
||||
ACTION_LOGOUT = 'logout',
|
||||
ACTION_LOGIN_FAILED = 'login_failed';
|
||||
|
||||
public const REQUEST_TYPE_DEFAULT = 0,
|
||||
REQUEST_TYPE_API = 1,
|
||||
REQUEST_TYPE_CLI = 2;
|
||||
|
||||
|
||||
public function __construct(array $properties = [], array $options = [])
|
||||
{
|
||||
$this->compressionEnabled = Configure::read('Cerebrate.log_compress') && function_exists('brotli_compress');
|
||||
parent::__construct($properties, $options);
|
||||
}
|
||||
|
||||
protected function _getTitle(): String
|
||||
protected function _getTitle(): string
|
||||
{
|
||||
return $this->generateUserFriendlyTitle($this);
|
||||
return $this->generateUserFriendlyTitle();
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $change
|
||||
* @return array|string
|
||||
* @throws JsonException
|
||||
*/
|
||||
private function decodeChange($change)
|
||||
{
|
||||
if (substr($change, 0, 4) === self::BROTLI_HEADER) {
|
||||
if (function_exists('brotli_uncompress')) {
|
||||
$change = brotli_uncompress(substr($change, 4));
|
||||
if ($change === false) {
|
||||
return 'Compressed';
|
||||
}
|
||||
} else {
|
||||
return 'Compressed';
|
||||
}
|
||||
}
|
||||
return json_decode($change, true);
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @param array $auditLog
|
||||
* @return string
|
||||
*/
|
||||
public function generateUserFriendlyTitle($auditLog)
|
||||
public function generateUserFriendlyTitle()
|
||||
{
|
||||
if (in_array($auditLog['request_action'], [self::ACTION_TAG, self::ACTION_TAG_LOCAL, self::ACTION_REMOVE_TAG, self::ACTION_REMOVE_TAG_LOCAL], true)) {
|
||||
$attached = ($auditLog['request_action'] === self::ACTION_TAG || $auditLog['request_action'] === self::ACTION_TAG_LOCAL);
|
||||
$local = ($auditLog['request_action'] === self::ACTION_TAG_LOCAL || $auditLog['request_action'] === self::ACTION_REMOVE_TAG_LOCAL) ? __('local') : __('global');
|
||||
if (in_array($this['request_action'], [AuditLog::ACTION_TAG, AuditLog::ACTION_TAG_LOCAL, AuditLog::ACTION_REMOVE_TAG, AuditLog::ACTION_REMOVE_TAG_LOCAL], true)) {
|
||||
$attached = ($this['request_action'] === AuditLog::ACTION_TAG || $this['request_action'] === AuditLog::ACTION_TAG_LOCAL);
|
||||
$local = ($this['request_action'] === AuditLog::ACTION_TAG_LOCAL || $this['request_action'] === AuditLog::ACTION_REMOVE_TAG_LOCAL) ? __('local') : __('global');
|
||||
if ($attached) {
|
||||
return __('Attached %s tag "%s" to %s #%s', $local, $auditLog['model_title'], strtolower($auditLog['model']), $auditLog['model_id']);
|
||||
return __('Attached %s tag "%s" to %s #%s', $local, $this['model_title'], strtolower($this['model']), $this['model_id']);
|
||||
} else {
|
||||
return __('Detached %s tag "%s" from %s #%s', $local, $auditLog['model_title'], strtolower($auditLog['model']), $auditLog['model_id']);
|
||||
return __('Detached %s tag "%s" from %s #%s', $local, $this['model_title'], strtolower($this['model']), $this['model_id']);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
$title = "{$auditLog['model']} #{$auditLog['model_id']}";
|
||||
|
||||
if (isset($auditLog['model_title']) && $auditLog['model_title']) {
|
||||
$title .= ": {$auditLog['model_title']}";
|
||||
if (in_array($this['request_action'], [AuditLog::ACTION_GALAXY, AuditLog::ACTION_GALAXY_LOCAL, AuditLog::ACTION_REMOVE_GALAXY, AuditLog::ACTION_REMOVE_GALAXY_LOCAL], true)) {
|
||||
$attached = ($this['request_action'] === AuditLog::ACTION_GALAXY || $this['request_action'] === AuditLog::ACTION_GALAXY_LOCAL);
|
||||
$local = ($this['request_action'] === AuditLog::ACTION_GALAXY_LOCAL || $this['request_action'] === AuditLog::ACTION_REMOVE_GALAXY_LOCAL) ? __('local') : __('global');
|
||||
if ($attached) {
|
||||
return __('Attached %s galaxy cluster "%s" to %s #%s', $local, $this['model_title'], strtolower($this['model']), $this['model_id']);
|
||||
} else {
|
||||
return __('Detached %s galaxy cluster "%s" from %s #%s', $local, $this['model_title'], strtolower($this['model']), $this['model_id']);
|
||||
}
|
||||
}
|
||||
return $title;
|
||||
|
||||
if (in_array($this['model'], ['Attribute', 'Object', 'ShadowAttribute'], true)) {
|
||||
$modelName = $this['model'] === 'ShadowAttribute' ? 'Proposal' : $this['model'];
|
||||
$title = __('%s from Event #%s', $modelName, $this['event_id']);
|
||||
}
|
||||
|
||||
if (isset($this['model_title']) && $this['model_title']) {
|
||||
if (isset($title)) {
|
||||
$title .= ": {$this['model_title']}";
|
||||
return $title;
|
||||
} else {
|
||||
return $this['model_title'];
|
||||
}
|
||||
}
|
||||
return '';
|
||||
}
|
||||
|
||||
public function rearrangeForAPI(): void
|
||||
|
|
|
@ -1,18 +1,20 @@
|
|||
<?php
|
||||
|
||||
namespace App\Model\Table;
|
||||
|
||||
use App\Model\Entity\AuditLog;
|
||||
use App\Model\Table\AppTable;
|
||||
use Cake\ORM\Table;
|
||||
use Cake\Validation\Validator;
|
||||
use Cake\Datasource\EntityInterface;
|
||||
use Cake\Event\Event;
|
||||
use Cake\Event\EventInterface;
|
||||
use Cake\Auth\DefaultPasswordHasher;
|
||||
use Cake\Utility\Security;
|
||||
use Cake\Core\Configure;
|
||||
use Cake\Routing\Router;
|
||||
use Cake\Http\Exception\MethodNotAllowedException;
|
||||
use ArrayObject;
|
||||
use Cake\Collection\CollectionInterface;
|
||||
use Cake\Core\Configure;
|
||||
use Cake\Datasource\ConnectionManager;
|
||||
use Cake\Datasource\EntityInterface;
|
||||
use Cake\Event\EventInterface;
|
||||
use Cake\Http\Exception\NotFoundException;
|
||||
use Cake\Log\Engine\SyslogLog;
|
||||
use Cake\ORM\Query;
|
||||
use Cake\Routing\Router;
|
||||
use Exception;
|
||||
|
||||
/**
|
||||
* @property Event $Event
|
||||
|
@ -21,19 +23,15 @@ use ArrayObject;
|
|||
*/
|
||||
class AuditLogsTable extends AppTable
|
||||
{
|
||||
const BROTLI_HEADER = "\xce\xb2\xcf\x81";
|
||||
const BROTLI_MIN_LENGTH = 200;
|
||||
|
||||
const REQUEST_TYPE_DEFAULT = 0,
|
||||
REQUEST_TYPE_API = 1,
|
||||
REQUEST_TYPE_CLI = 2;
|
||||
|
||||
/** @var array|null */
|
||||
private $user = null;
|
||||
|
||||
/** @var bool */
|
||||
private $compressionEnabled;
|
||||
|
||||
public const BROTLI_HEADER = "\xce\xb2\xcf\x81";
|
||||
public const COMPRESS_MIN_LENGTH = 256;
|
||||
|
||||
/**
|
||||
* Null when not defined, false when not enabled
|
||||
* @var Syslog|null|false
|
||||
|
@ -45,6 +43,13 @@ class AuditLogsTable extends AppTable
|
|||
parent::initialize($config);
|
||||
$this->addBehavior('Timestamp');
|
||||
$this->belongsTo('Users');
|
||||
$this->belongsTo(
|
||||
'Organisations',
|
||||
[
|
||||
'className' => 'Organisations',
|
||||
'foreignKey' => 'org_id'
|
||||
]
|
||||
);
|
||||
$this->compressionEnabled = Configure::read('Cerebrate.log_new_audit_compress') && function_exists('brotli_compress');
|
||||
}
|
||||
|
||||
|
@ -61,7 +66,7 @@ class AuditLogsTable extends AppTable
|
|||
$defaults = [
|
||||
'user_id' => 0,
|
||||
'org_id' => 0,
|
||||
'request_type' => self::REQUEST_TYPE_CLI,
|
||||
'request_type' => AuditLog::REQUEST_TYPE_CLI,
|
||||
'authkey_id' => 0
|
||||
];
|
||||
foreach (array_keys($defaults) as $field) {
|
||||
|
@ -77,7 +82,7 @@ class AuditLogsTable extends AppTable
|
|||
}
|
||||
}
|
||||
|
||||
if (!isset($data['request_id'] ) && isset($_SERVER['HTTP_X_REQUEST_ID'])) {
|
||||
if (!isset($data['request_id']) && isset($_SERVER['HTTP_X_REQUEST_ID'])) {
|
||||
$data['request_id'] = $_SERVER['HTTP_X_REQUEST_ID'];
|
||||
}
|
||||
|
||||
|
@ -93,8 +98,8 @@ class AuditLogsTable extends AppTable
|
|||
|
||||
if (isset($data['changed'])) {
|
||||
$changed = json_encode($data['changed'], JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES);
|
||||
if ($this->compressionEnabled && strlen($changed) >= self::BROTLI_MIN_LENGTH) {
|
||||
$changed = self::BROTLI_HEADER . brotli_compress($changed, 4, BROTLI_TEXT);
|
||||
if ($this->compressionEnabled && strlen($changed) >= AuditLog::BROTLI_MIN_LENGTH) {
|
||||
$changed = AuditLog::BROTLI_HEADER . brotli_compress($changed, 4, BROTLI_TEXT);
|
||||
}
|
||||
$data['changed'] = $changed;
|
||||
}
|
||||
|
@ -112,10 +117,34 @@ class AuditLogsTable extends AppTable
|
|||
ArrayObject $options
|
||||
) {
|
||||
if ($entity->request_type === null) {
|
||||
$entity->request_type = self::REQUEST_TYPE_CLI;
|
||||
$entity->request_type = AuditLog::REQUEST_TYPE_CLI;
|
||||
}
|
||||
}
|
||||
|
||||
public function beforeFind(EventInterface $event, Query $query, ArrayObject $options)
|
||||
{
|
||||
$query->formatResults(
|
||||
function (CollectionInterface $results) {
|
||||
return $results->map(
|
||||
function ($row) {
|
||||
if (isset($row['ip'])) {
|
||||
$row['ip'] = inet_ntop($row['ip']);
|
||||
}
|
||||
if (isset($row['changed']) && $row['changed']) {
|
||||
$row['changed'] = $this->decodeChange($row['changed']);
|
||||
}
|
||||
if (isset($row['request_action']) && isset($row['model']) && isset($row['model_id'])) {
|
||||
$row['title'] = $row->generateUserFriendlyTitle();
|
||||
}
|
||||
|
||||
return $row;
|
||||
}
|
||||
);
|
||||
},
|
||||
$query::APPEND
|
||||
);
|
||||
}
|
||||
|
||||
public function beforeSave(EventInterface $event, EntityInterface $entity, ArrayObject $options)
|
||||
{
|
||||
$entity->request_ip = inet_pton($entity->request_ip);
|
||||
|
@ -124,14 +153,38 @@ class AuditLogsTable extends AppTable
|
|||
}
|
||||
|
||||
/**
|
||||
* @param array $data
|
||||
* @param resource|string $change
|
||||
* @return array|string
|
||||
* @throws JsonException
|
||||
*/
|
||||
public function decodeChange($change)
|
||||
{
|
||||
if (is_resource($change)) {
|
||||
$change = stream_get_contents($change);
|
||||
}
|
||||
|
||||
if (substr($change, 0, 4) === self::BROTLI_HEADER) {
|
||||
if (function_exists('brotli_uncompress')) {
|
||||
$change = brotli_uncompress(substr($change, 4));
|
||||
if ($change === false) {
|
||||
return 'Compressed';
|
||||
}
|
||||
} else {
|
||||
return 'Compressed';
|
||||
}
|
||||
}
|
||||
return json_decode($change, true);
|
||||
}
|
||||
|
||||
/**
|
||||
* @param AuditLog $data
|
||||
* @return bool
|
||||
*/
|
||||
private function logData(EntityInterface $entity)
|
||||
private function logData(AuditLog $data)
|
||||
{
|
||||
if (Configure::read('Plugin.ZeroMQ_enable') && Configure::read('Plugin.ZeroMQ_audit_notifications_enable')) {
|
||||
$pubSubTool = $this->getPubSubTool();
|
||||
$pubSubTool->publish($data, 'audit', 'log');
|
||||
$pubSubTool->publish($data->toArray(), 'audit', 'log');
|
||||
}
|
||||
|
||||
//$this->publishKafkaNotification('audit', $data, 'log');
|
||||
|
@ -140,7 +193,7 @@ class AuditLogsTable extends AppTable
|
|||
// send off our logs to distributed /dev/null
|
||||
$logIndex = Configure::read("Plugin.ElasticSearch_log_index");
|
||||
$elasticSearchClient = $this->getElasticSearchTool();
|
||||
$elasticSearchClient->pushDocument($logIndex, "log", $data);
|
||||
$elasticSearchClient->pushDocument($logIndex, "log", $data->toArray());
|
||||
}
|
||||
|
||||
// write to syslogd as well if enabled
|
||||
|
@ -155,14 +208,14 @@ class AuditLogsTable extends AppTable
|
|||
if ($syslogIdent) {
|
||||
$options['ident'] = $syslogIdent;
|
||||
}
|
||||
$this->syslog = new SysLog($options);
|
||||
$this->syslog = new SyslogLog($options);
|
||||
} else {
|
||||
$this->syslog = false;
|
||||
}
|
||||
}
|
||||
if ($this->syslog) {
|
||||
$entry = $data['request_action'];
|
||||
$title = $entity->generateUserFriendlyTitle();
|
||||
$title = $data->generateUserFriendlyTitle();
|
||||
if ($title) {
|
||||
$entry .= " -- $title";
|
||||
}
|
||||
|
@ -180,12 +233,12 @@ class AuditLogsTable extends AppTable
|
|||
return $this->user;
|
||||
}
|
||||
|
||||
$this->user = ['id' => 0, /*'org_id' => 0, */'authkey_id' => 0, 'request_type' => self::REQUEST_TYPE_DEFAULT, 'name' => ''];
|
||||
$this->user = ['id' => 0, /*'org_id' => 0, */ 'authkey_id' => 0, 'request_type' => AuditLog::REQUEST_TYPE_DEFAULT, 'name' => ''];
|
||||
|
||||
$isShell = (php_sapi_name() === 'cli');
|
||||
if ($isShell) {
|
||||
// do not start session for shell commands and fetch user info from configuration
|
||||
$this->user['request_type'] = self::REQUEST_TYPE_CLI;
|
||||
$this->user['request_type'] = AuditLog::REQUEST_TYPE_CLI;
|
||||
$currentUserId = Configure::read('CurrentUserId');
|
||||
if (!empty($currentUserId)) {
|
||||
$this->user['id'] = $currentUserId;
|
||||
|
@ -201,7 +254,7 @@ class AuditLogsTable extends AppTable
|
|||
$this->user['name'] = $authUser['name'];
|
||||
//$this->user['org_id'] = $authUser['org_id'];
|
||||
if (isset($authUser['logged_by_authkey']) && $authUser['logged_by_authkey']) {
|
||||
$this->user['request_type'] = self::REQUEST_TYPE_API;
|
||||
$this->user['request_type'] = AuditLog::REQUEST_TYPE_API;
|
||||
}
|
||||
if (isset($authUser['authkey_id'])) {
|
||||
$this->user['authkey_id'] = $authUser['authkey_id'];
|
||||
|
@ -236,15 +289,19 @@ class AuditLogsTable extends AppTable
|
|||
$conditions['org_id'] = $org['id'];
|
||||
}
|
||||
|
||||
$dataSource = ConnectionManager::getDataSource('default')->config['datasource'];
|
||||
$dataSource = ConnectionManager::get('default')->config['datasource'];
|
||||
|
||||
if ($dataSource === 'Database/Mysql' || $dataSource === 'Database/MysqlObserver') {
|
||||
$validDates = $this->find('all', [
|
||||
'recursive' => -1,
|
||||
'fields' => ['DISTINCT UNIX_TIMESTAMP(DATE(created)) AS Date', 'count(id) AS count'],
|
||||
'conditions' => $conditions,
|
||||
'group' => ['Date'],
|
||||
'order' => ['Date'],
|
||||
]);
|
||||
$validDates = $this->find(
|
||||
'all',
|
||||
[
|
||||
'recursive' => -1,
|
||||
'fields' => ['DISTINCT UNIX_TIMESTAMP(DATE(created)) AS Date', 'count(id) AS count'],
|
||||
'conditions' => $conditions,
|
||||
'group' => ['Date'],
|
||||
'order' => ['Date'],
|
||||
]
|
||||
);
|
||||
} elseif ($dataSource === 'Database/Postgres') {
|
||||
if (!empty($conditions['org_id'])) {
|
||||
$condOrg = sprintf('WHERE org_id = %s', intval($conditions['org_id']));
|
||||
|
|
Loading…
Reference in New Issue