MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

fix: handle changed col decoding

pull/9458/head
Luciano Righetti 2023-12-29 12:42:21 +01:00
parent f18cda96db
commit 53c69c7a1c
4 changed files with 306 additions and 163 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

217
src/Controller/Admin/AuditLogsController.php
View File

@ -3,12 +3,12 @@
namespace App\Controller\Admin;
use App\Controller\AppController;
use Cake\Core\Configure;
use Cake\Http\Exception\NotFoundException;
use App\Model\Entity\AuditLog;
use Cake\Core\Configure;
use Cake\Http\Exception\MethodNotAllowedException;
use Exception;
use Cake\Http\Exception\NotFoundException;
use Cake\ORM\Locator\LocatorAwareTrait;
use Exception;
class AuditLogsController extends AppController
{
@ -59,10 +59,9 @@ class AuditLogsController extends AppController
'WorkflowBlueprint',
];
// TODO: [3.x-MIGRATION] handle `changed` (blog column, use JsonFieldBehavior)
public $paginate = [
'limit' => 60,
'fields' => ['id', 'created', 'user_id', 'org_id', 'request_action','model', 'model_id', 'model_title', 'event_id', /* 'changed' */],
'fields' => ['id', 'created', 'user_id', 'org_id', 'request_action', 'model', 'model_id', 'model_title', 'event_id', 'changed'],
'contain' => [
'Users' => ['fields' => ['id', 'email', 'org_id']],
'Organisations' => ['fields' => ['id', 'name', 'uuid']],
@ -121,20 +120,22 @@ class AuditLogsController extends AppController
if (!Configure::read('MISP.log_new_audit')) {
$this->Flash->warning(__("Audit log is not enabled. See 'MISP.log_new_audit' in the Server Settings. (Administration -> Server Settings -> MISP tab)"));
}
$params = $this->harvestParameters([
'ip',
'user',
'request_id',
'authkey_id',
'model',
'model_id',
'event_id',
'model_title',
'action',
'org',
'created',
'request_type',
]);
$params = $this->harvestParameters(
[
'ip',
'user',
'request_id',
'authkey_id',
'model',
'model_id',
'event_id',
'model_title',
'action',
'org',
'created',
'request_type',
]
);
$this->paginate['conditions'] = $this->__searchConditions($params);
$acl = $this->__applyAuditACL($this->ACL->getUser()->toArray());
@ -153,19 +154,22 @@ class AuditLogsController extends AppController
}
$this->set('list', $list);
$this->set('actions', [
AuditLog::ACTION_ADD => __('Add'),
AuditLog::ACTION_EDIT => __('Edit'),
AuditLog::ACTION_SOFT_DELETE => __('Soft delete'),
AuditLog::ACTION_DELETE => __('Delete'),
AuditLog::ACTION_UNDELETE => __('Undelete'),
AuditLog::ACTION_TAG . '||' . AuditLog::ACTION_TAG_LOCAL => __('Tag'),
AuditLog::ACTION_REMOVE_TAG . '||' . AuditLog::ACTION_REMOVE_TAG_LOCAL => __('Remove tag'),
AuditLog::ACTION_GALAXY . '||' . AuditLog::ACTION_GALAXY_LOCAL => __('Galaxy cluster'),
AuditLog::ACTION_REMOVE_GALAXY . '||' . AuditLog::ACTION_REMOVE_GALAXY_LOCAL => __('Remove galaxy cluster'),
AuditLog::ACTION_PUBLISH => __('Publish'),
AuditLog::ACTION_PUBLISH_SIGHTINGS => $this->actions[AuditLog::ACTION_PUBLISH_SIGHTINGS],
]);
$this->set(
'actions',
[
AuditLog::ACTION_ADD => __('Add'),
AuditLog::ACTION_EDIT => __('Edit'),
AuditLog::ACTION_SOFT_DELETE => __('Soft delete'),
AuditLog::ACTION_DELETE => __('Delete'),
AuditLog::ACTION_UNDELETE => __('Undelete'),
AuditLog::ACTION_TAG . '||' . AuditLog::ACTION_TAG_LOCAL => __('Tag'),
AuditLog::ACTION_REMOVE_TAG . '||' . AuditLog::ACTION_REMOVE_TAG_LOCAL => __('Remove tag'),
AuditLog::ACTION_GALAXY . '||' . AuditLog::ACTION_GALAXY_LOCAL => __('Galaxy cluster'),
AuditLog::ACTION_REMOVE_GALAXY . '||' . AuditLog::ACTION_REMOVE_GALAXY_LOCAL => __('Remove galaxy cluster'),
AuditLog::ACTION_PUBLISH => __('Publish'),
AuditLog::ACTION_PUBLISH_SIGHTINGS => $this->actions[AuditLog::ACTION_PUBLISH_SIGHTINGS],
]
);
$models = $this->models;
sort($models);
$this->set('models', $models);
@ -191,10 +195,13 @@ class AuditLogsController extends AppController
if (!$this->isSiteAdmin()) {
// Remove all user info about users from different org
$orgUserIds = $this->Users->find('column', [
'conditions' => ['Users.org_id' => $this->Auth->user('org_id')],
'fields' => ['Users.id'],
]);
$orgUserIds = $this->Users->find(
'column',
[
'conditions' => ['Users.org_id' => $this->Auth->user('org_id')],
'fields' => ['Users.id'],
]
);
foreach ($list as $k => $item) {
if ($item['AuditLog']['user_id'] == 0) {
continue;
@ -216,20 +223,26 @@ class AuditLogsController extends AppController
$this->set('data', $list);
$this->set('event', $event);
$this->set('mayModify', $this->canModifyEvent($event));
$this->set('menuData', [
'menuList' => 'event',
'menuItem' => 'eventLog'
]);
$this->set('mayModify', $this->ACL->canModifyEvent($event));
$this->set(
'menuData',
[
'menuList' => 'event',
'menuItem' => 'eventLog'
]
);
}
public function fullChange($id)
{
$log = $this->AuditLogs->find('first', [
'conditions' => ['id' => $id],
'recursive' => -1,
'fields' => ['changed', 'request_action'],
]);
$log = $this->AuditLogs->find(
'first',
[
'conditions' => ['id' => $id],
'recursive' => -1,
'fields' => ['changed', 'request_action'],
]
);
if (empty($log)) {
throw new Exception('Log not found.');
}
@ -291,10 +304,13 @@ class AuditLogsController extends AppController
} else if (is_numeric($params['user'])) {
$conditions['AuditLog.user_id'] = $params['user'];
} else {
$user = $this->Users->find('first', [
'conditions' => ['Users.email' => $params['user']],
'fields' => ['id'],
]);
$user = $this->Users->find(
'first',
[
'conditions' => ['Users.email' => $params['user']],
'fields' => ['id'],
]
);
if (!empty($user)) {
$conditions['AuditLog.user_id'] = $user['User']['id'];
} else {
@ -372,15 +388,18 @@ class AuditLogsController extends AppController
// Site admins and event owners can see all changes
return ['event_id' => $event['Event']['id']];
}
$event = $this->AuditLogs->Event->fetchEvent($this->Auth->user(), [
'eventid' => $event['Event']['id'],
'sgReferenceOnly' => 1,
'deleted' => [0, 1],
'deleted_proposals' => 1,
'noSightings' => true,
'includeEventCorrelations' => false,
'excludeGalaxy' => true,
])[0];
$event = $this->AuditLogs->Event->fetchEvent(
$this->Auth->user(),
[
'eventid' => $event['Event']['id'],
'sgReferenceOnly' => 1,
'deleted' => [0, 1],
'deleted_proposals' => 1,
'noSightings' => true,
'includeEventCorrelations' => false,
'excludeGalaxy' => true,
]
)[0];
$attributeIds = [];
$objectIds = [];
$proposalIds = array_column($event['ShadowAttribute'], 'id');
@ -456,35 +475,46 @@ class AuditLogsController extends AppController
if (isset($models['ObjectReference'])) {
$ObjectReferencesTable = $this->fetchTable('ObjectReferences');
$objectReferences = $ObjectReferencesTable->find('list', [
'conditions' => ['ObjectReference.id' => array_unique($models['ObjectReference'])],
'fields' => ['ObjectReference.id', 'ObjectReference.object_id'],
])->toArray();
$objectReferences = $ObjectReferencesTable->find(
'list',
[
'conditions' => ['ObjectReference.id' => array_unique($models['ObjectReference'])],
'fields' => ['ObjectReference.id', 'ObjectReference.object_id'],
]
)->toArray();
}
if (isset($models['Object']) || isset($objectReferences)) {
$objectIds = array_unique(array_merge(
isset($models['Object']) ? $models['Object'] : [],
isset($objectReferences) ? array_values($objectReferences) : []
));
$objectIds = array_unique(
array_merge(
isset($models['Object']) ? $models['Object'] : [],
isset($objectReferences) ? array_values($objectReferences) : []
)
);
$MispObjectsTable = $this->fetchTable('MispObjects');
$conditions = $MispObjectsTable->buildConditions($this->Auth->user());
$conditions['Object.id'] = $objectIds;
$objects = $this->MispObject->find('all', [
'conditions' => $conditions,
'contain' => ['Event'],
'fields' => ['Object.id', 'Object.event_id', 'Object.uuid', 'Object.deleted'],
]);
$objects = $this->MispObject->find(
'all',
[
'conditions' => $conditions,
'contain' => ['Event'],
'fields' => ['Object.id', 'Object.event_id', 'Object.uuid', 'Object.deleted'],
]
);
$objects = array_column(array_column($objects, 'Object'), null, 'id');
$eventIds = array_merge($eventIds, array_column($objects, 'event_id'));
}
if (isset($models['Attribute'])) {
$AttributesTable = $this->fetchTable('Attributes');
$attributes = $AttributesTable->fetchAttributesSimple($this->Auth->user(), [
'conditions' => ['Attribute.id' => array_unique($models['Attribute'])],
'fields' => ['Attribute.id', 'Attribute.event_id', 'Attribute.uuid', 'Attribute.deleted'],
]);
$attributes = $AttributesTable->fetchAttributesSimple(
$this->Auth->user(),
[
'conditions' => ['Attribute.id' => array_unique($models['Attribute'])],
'fields' => ['Attribute.id', 'Attribute.event_id', 'Attribute.uuid', 'Attribute.deleted'],
]
);
$attributes = array_column(array_column($attributes, 'Attribute'), null, 'id');
$eventIds = array_merge($eventIds, array_column($attributes, 'event_id'));
}
@ -493,11 +523,14 @@ class AuditLogsController extends AppController
$ShadowAttributesTable = $this->fetchTable('ShadowAttributes');
$conditions = $ShadowAttributesTable->buildConditions($this->Auth->user());
$conditions['AND'][] = ['ShadowAttribute.id' => array_unique($models['ShadowAttribute'])];
$shadowAttributes = $ShadowAttributesTable->find('all', [
'conditions' => $conditions,
'fields' => ['ShadowAttribute.id', 'ShadowAttribute.event_id', 'ShadowAttribute.uuid', 'ShadowAttribute.deleted'],
'contain' => ['Event', 'Attribute'],
])->toArray();
$shadowAttributes = $ShadowAttributesTable->find(
'all',
[
'conditions' => $conditions,
'fields' => ['ShadowAttribute.id', 'ShadowAttribute.event_id', 'ShadowAttribute.uuid', 'ShadowAttribute.deleted'],
'contain' => ['Event', 'Attribute'],
]
)->toArray();
$shadowAttributes = array_column(array_column($shadowAttributes, 'ShadowAttribute'), null, 'id');
$eventIds = array_merge($eventIds, array_column($shadowAttributes, 'event_id'));
}
@ -506,10 +539,13 @@ class AuditLogsController extends AppController
$EventsTable = $this->fetchTable('Events');
$conditions = $EventsTable->createEventConditions($this->Auth->user());
$conditions['Event.id'] = array_unique($eventIds);
$events = $EventsTable->find('list', [
'conditions' => $conditions,
'fields' => ['Event.id', 'Event.info'],
]);
$events = $EventsTable->find(
'list',
[
'conditions' => $conditions,
'fields' => ['Event.id', 'Event.info'],
]
);
}
$links = [
@ -530,10 +566,13 @@ class AuditLogsController extends AppController
foreach ($links as $modelName => $foo) {
if (isset($models[$modelName])) {
$ModelTable = $this->fetchTable($modelName);
$data = $ModelTable->find('column', [
'conditions' => ['id' => array_unique($models[$modelName])],
'fields' => ['id'],
])->toArray();
$data = $ModelTable->find(
'column',
[
'conditions' => ['id' => array_unique($models[$modelName])],
'fields' => ['id'],
]
)->toArray();
$existingObjects[$modelName] = array_flip($data);
}
}

25
src/Controller/Component/ACLComponent.php
View File

@ -10,6 +10,7 @@ use Cake\Http\Exception\MethodNotAllowedException;
use Cake\Http\Exception\NotFoundException;
use Cake\ORM\TableRegistry;
use Cake\Utility\Inflector;
use InvalidArgumentException;
class ACLComponent extends Component
{
@ -674,4 +675,28 @@ class ACLComponent extends Component
}
return $menu;
}
/**
* Returns true if user can modify given event.
*
* @param array $event
* @param array $user
* @return bool
*/
public function canModifyEvent(array $user, array $event)
{
if (!isset($event['Event'])) {
throw new InvalidArgumentException('Passed object does not contain an Event.');
}
if ($user['Role']['perm_site_admin']) {
return true;
}
if ($user['Role']['perm_modify_org'] && $event['Event']['orgc_id'] == $user['org_id']) {
return true;
}
if ($user['Role']['perm_modify'] && $event['Event']['user_id'] == $user['id']) {
return true;
}
return false;
}
}

92
src/Model/Entity/AuditLog.php
View File

@ -3,67 +3,89 @@
namespace App\Model\Entity;
use App\Model\Entity\AppModel;
use Cake\ORM\Entity;
use Cake\Core\Configure;
class AuditLog extends AppModel
{
private $compressionEnabled = false;
public const ACTION_ADD = 'add',
ACTION_EDIT = 'edit',
ACTION_SOFT_DELETE = 'soft_delete',
ACTION_DELETE = 'delete',
ACTION_UNDELETE = 'undelete',
ACTION_TAG = 'tag',
ACTION_TAG_LOCAL = 'tag_local',
ACTION_REMOVE_TAG = 'remove_tag',
ACTION_REMOVE_TAG_LOCAL = 'remove_local_tag',
ACTION_GALAXY = 'galaxy',
ACTION_GALAXY_LOCAL = 'galaxy_local',
ACTION_REMOVE_GALAXY = 'remove_galaxy',
ACTION_REMOVE_GALAXY_LOCAL = 'remove_local_galaxy',
ACTION_PUBLISH = 'publish',
ACTION_PUBLISH_SIGHTINGS = 'publish_sightings',
ACTION_LOGIN = 'login',
ACTION_PASSWDCHANGE = 'password_change',
ACTION_LOGOUT = 'logout',
ACTION_LOGIN_FAILED = 'login_failed';
public const REQUEST_TYPE_DEFAULT = 0,
REQUEST_TYPE_API = 1,
REQUEST_TYPE_CLI = 2;
public function __construct(array $properties = [], array $options = [])
{
$this->compressionEnabled = Configure::read('Cerebrate.log_compress') && function_exists('brotli_compress');
parent::__construct($properties, $options);
}
protected function _getTitle(): String
protected function _getTitle(): string
{
return $this->generateUserFriendlyTitle($this);
return $this->generateUserFriendlyTitle();
}
/**
* @param string $change
* @return array|string
* @throws JsonException
*/
private function decodeChange($change)
{
if (substr($change, 0, 4) === self::BROTLI_HEADER) {
if (function_exists('brotli_uncompress')) {
$change = brotli_uncompress(substr($change, 4));
if ($change === false) {
return 'Compressed';
}
} else {
return 'Compressed';
}
}
return json_decode($change, true);
}
/**
* @param array $auditLog
* @return string
*/
public function generateUserFriendlyTitle($auditLog)
public function generateUserFriendlyTitle()
{
if (in_array($auditLog['request_action'], [self::ACTION_TAG, self::ACTION_TAG_LOCAL, self::ACTION_REMOVE_TAG, self::ACTION_REMOVE_TAG_LOCAL], true)) {
$attached = ($auditLog['request_action'] === self::ACTION_TAG || $auditLog['request_action'] === self::ACTION_TAG_LOCAL);
$local = ($auditLog['request_action'] === self::ACTION_TAG_LOCAL || $auditLog['request_action'] === self::ACTION_REMOVE_TAG_LOCAL) ? __('local') : __('global');
if (in_array($this['request_action'], [AuditLog::ACTION_TAG, AuditLog::ACTION_TAG_LOCAL, AuditLog::ACTION_REMOVE_TAG, AuditLog::ACTION_REMOVE_TAG_LOCAL], true)) {
$attached = ($this['request_action'] === AuditLog::ACTION_TAG || $this['request_action'] === AuditLog::ACTION_TAG_LOCAL);
$local = ($this['request_action'] === AuditLog::ACTION_TAG_LOCAL || $this['request_action'] === AuditLog::ACTION_REMOVE_TAG_LOCAL) ? __('local') : __('global');
if ($attached) {
return __('Attached %s tag "%s" to %s #%s', $local, $auditLog['model_title'], strtolower($auditLog['model']), $auditLog['model_id']);
return __('Attached %s tag "%s" to %s #%s', $local, $this['model_title'], strtolower($this['model']), $this['model_id']);
} else {
return __('Detached %s tag "%s" from %s #%s', $local, $auditLog['model_title'], strtolower($auditLog['model']), $auditLog['model_id']);
return __('Detached %s tag "%s" from %s #%s', $local, $this['model_title'], strtolower($this['model']), $this['model_id']);
}
}
$title = "{$auditLog['model']} #{$auditLog['model_id']}";
if (isset($auditLog['model_title']) && $auditLog['model_title']) {
$title .= ": {$auditLog['model_title']}";
if (in_array($this['request_action'], [AuditLog::ACTION_GALAXY, AuditLog::ACTION_GALAXY_LOCAL, AuditLog::ACTION_REMOVE_GALAXY, AuditLog::ACTION_REMOVE_GALAXY_LOCAL], true)) {
$attached = ($this['request_action'] === AuditLog::ACTION_GALAXY || $this['request_action'] === AuditLog::ACTION_GALAXY_LOCAL);
$local = ($this['request_action'] === AuditLog::ACTION_GALAXY_LOCAL || $this['request_action'] === AuditLog::ACTION_REMOVE_GALAXY_LOCAL) ? __('local') : __('global');
if ($attached) {
return __('Attached %s galaxy cluster "%s" to %s #%s', $local, $this['model_title'], strtolower($this['model']), $this['model_id']);
} else {
return __('Detached %s galaxy cluster "%s" from %s #%s', $local, $this['model_title'], strtolower($this['model']), $this['model_id']);
}
}
return $title;
if (in_array($this['model'], ['Attribute', 'Object', 'ShadowAttribute'], true)) {
$modelName = $this['model'] === 'ShadowAttribute' ? 'Proposal' : $this['model'];
$title = __('%s from Event #%s', $modelName, $this['event_id']);
}
if (isset($this['model_title']) && $this['model_title']) {
if (isset($title)) {
$title .= ": {$this['model_title']}";
return $title;
} else {
return $this['model_title'];
}
}
return '';
}
public function rearrangeForAPI(): void

135
src/Model/Table/AuditLogsTable.php
View File

@ -1,18 +1,20 @@
<?php
namespace App\Model\Table;
use App\Model\Entity\AuditLog;
use App\Model\Table\AppTable;
use Cake\ORM\Table;
use Cake\Validation\Validator;
use Cake\Datasource\EntityInterface;
use Cake\Event\Event;
use Cake\Event\EventInterface;
use Cake\Auth\DefaultPasswordHasher;
use Cake\Utility\Security;
use Cake\Core\Configure;
use Cake\Routing\Router;
use Cake\Http\Exception\MethodNotAllowedException;
use ArrayObject;
use Cake\Collection\CollectionInterface;
use Cake\Core\Configure;
use Cake\Datasource\ConnectionManager;
use Cake\Datasource\EntityInterface;
use Cake\Event\EventInterface;
use Cake\Http\Exception\NotFoundException;
use Cake\Log\Engine\SyslogLog;
use Cake\ORM\Query;
use Cake\Routing\Router;
use Exception;
/**
* @property Event $Event
@ -21,19 +23,15 @@ use ArrayObject;
*/
class AuditLogsTable extends AppTable
{
const BROTLI_HEADER = "\xce\xb2\xcf\x81";
const BROTLI_MIN_LENGTH = 200;
const REQUEST_TYPE_DEFAULT = 0,
REQUEST_TYPE_API = 1,
REQUEST_TYPE_CLI = 2;
/** @var array|null */
private $user = null;
/** @var bool */
private $compressionEnabled;
public const BROTLI_HEADER = "\xce\xb2\xcf\x81";
public const COMPRESS_MIN_LENGTH = 256;
/**
* Null when not defined, false when not enabled
* @var Syslog|null|false
@ -45,6 +43,13 @@ class AuditLogsTable extends AppTable
parent::initialize($config);
$this->addBehavior('Timestamp');
$this->belongsTo('Users');
$this->belongsTo(
'Organisations',
[
'className' => 'Organisations',
'foreignKey' => 'org_id'
]
);
$this->compressionEnabled = Configure::read('Cerebrate.log_new_audit_compress') && function_exists('brotli_compress');
}
@ -61,7 +66,7 @@ class AuditLogsTable extends AppTable
$defaults = [
'user_id' => 0,
'org_id' => 0,
'request_type' => self::REQUEST_TYPE_CLI,
'request_type' => AuditLog::REQUEST_TYPE_CLI,
'authkey_id' => 0
];
foreach (array_keys($defaults) as $field) {
@ -77,7 +82,7 @@ class AuditLogsTable extends AppTable
}
}
if (!isset($data['request_id'] ) && isset($_SERVER['HTTP_X_REQUEST_ID'])) {
if (!isset($data['request_id']) && isset($_SERVER['HTTP_X_REQUEST_ID'])) {
$data['request_id'] = $_SERVER['HTTP_X_REQUEST_ID'];
}
@ -93,8 +98,8 @@ class AuditLogsTable extends AppTable
if (isset($data['changed'])) {
$changed = json_encode($data['changed'], JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES);
if ($this->compressionEnabled && strlen($changed) >= self::BROTLI_MIN_LENGTH) {
$changed = self::BROTLI_HEADER . brotli_compress($changed, 4, BROTLI_TEXT);
if ($this->compressionEnabled && strlen($changed) >= AuditLog::BROTLI_MIN_LENGTH) {
$changed = AuditLog::BROTLI_HEADER . brotli_compress($changed, 4, BROTLI_TEXT);
}
$data['changed'] = $changed;
}
@ -112,10 +117,34 @@ class AuditLogsTable extends AppTable
ArrayObject $options
) {
if ($entity->request_type === null) {
$entity->request_type = self::REQUEST_TYPE_CLI;
$entity->request_type = AuditLog::REQUEST_TYPE_CLI;
}
}
public function beforeFind(EventInterface $event, Query $query, ArrayObject $options)
{
$query->formatResults(
function (CollectionInterface $results) {
return $results->map(
function ($row) {
if (isset($row['ip'])) {
$row['ip'] = inet_ntop($row['ip']);
}
if (isset($row['changed']) && $row['changed']) {
$row['changed'] = $this->decodeChange($row['changed']);
}
if (isset($row['request_action']) && isset($row['model']) && isset($row['model_id'])) {
$row['title'] = $row->generateUserFriendlyTitle();
}
return $row;
}
);
},
$query::APPEND
);
}
public function beforeSave(EventInterface $event, EntityInterface $entity, ArrayObject $options)
{
$entity->request_ip = inet_pton($entity->request_ip);
@ -124,14 +153,38 @@ class AuditLogsTable extends AppTable
}
/**
* @param array $data
* @param resource|string $change
* @return array|string
* @throws JsonException
*/
public function decodeChange($change)
{
if (is_resource($change)) {
$change = stream_get_contents($change);
}
if (substr($change, 0, 4) === self::BROTLI_HEADER) {
if (function_exists('brotli_uncompress')) {
$change = brotli_uncompress(substr($change, 4));
if ($change === false) {
return 'Compressed';
}
} else {
return 'Compressed';
}
}
return json_decode($change, true);
}
/**
* @param AuditLog $data
* @return bool
*/
private function logData(EntityInterface $entity)
private function logData(AuditLog $data)
{
if (Configure::read('Plugin.ZeroMQ_enable') && Configure::read('Plugin.ZeroMQ_audit_notifications_enable')) {
$pubSubTool = $this->getPubSubTool();
$pubSubTool->publish($data, 'audit', 'log');
$pubSubTool->publish($data->toArray(), 'audit', 'log');
}
//$this->publishKafkaNotification('audit', $data, 'log');
@ -140,7 +193,7 @@ class AuditLogsTable extends AppTable
// send off our logs to distributed /dev/null
$logIndex = Configure::read("Plugin.ElasticSearch_log_index");
$elasticSearchClient = $this->getElasticSearchTool();
$elasticSearchClient->pushDocument($logIndex, "log", $data);
$elasticSearchClient->pushDocument($logIndex, "log", $data->toArray());
}
// write to syslogd as well if enabled
@ -155,14 +208,14 @@ class AuditLogsTable extends AppTable
if ($syslogIdent) {
$options['ident'] = $syslogIdent;
}
$this->syslog = new SysLog($options);
$this->syslog = new SyslogLog($options);
} else {
$this->syslog = false;
}
}
if ($this->syslog) {
$entry = $data['request_action'];
$title = $entity->generateUserFriendlyTitle();
$title = $data->generateUserFriendlyTitle();
if ($title) {
$entry .= " -- $title";
}
@ -180,12 +233,12 @@ class AuditLogsTable extends AppTable
return $this->user;
}
$this->user = ['id' => 0, /*'org_id' => 0, */'authkey_id' => 0, 'request_type' => self::REQUEST_TYPE_DEFAULT, 'name' => ''];
$this->user = ['id' => 0, /*'org_id' => 0, */ 'authkey_id' => 0, 'request_type' => AuditLog::REQUEST_TYPE_DEFAULT, 'name' => ''];
$isShell = (php_sapi_name() === 'cli');
if ($isShell) {
// do not start session for shell commands and fetch user info from configuration
$this->user['request_type'] = self::REQUEST_TYPE_CLI;
$this->user['request_type'] = AuditLog::REQUEST_TYPE_CLI;
$currentUserId = Configure::read('CurrentUserId');
if (!empty($currentUserId)) {
$this->user['id'] = $currentUserId;
@ -201,7 +254,7 @@ class AuditLogsTable extends AppTable
$this->user['name'] = $authUser['name'];
//$this->user['org_id'] = $authUser['org_id'];
if (isset($authUser['logged_by_authkey']) && $authUser['logged_by_authkey']) {
$this->user['request_type'] = self::REQUEST_TYPE_API;
$this->user['request_type'] = AuditLog::REQUEST_TYPE_API;
}
if (isset($authUser['authkey_id'])) {
$this->user['authkey_id'] = $authUser['authkey_id'];
@ -236,15 +289,19 @@ class AuditLogsTable extends AppTable
$conditions['org_id'] = $org['id'];
}
$dataSource = ConnectionManager::getDataSource('default')->config['datasource'];
$dataSource = ConnectionManager::get('default')->config['datasource'];
if ($dataSource === 'Database/Mysql' || $dataSource === 'Database/MysqlObserver') {
$validDates = $this->find('all', [
'recursive' => -1,
'fields' => ['DISTINCT UNIX_TIMESTAMP(DATE(created)) AS Date', 'count(id) AS count'],
'conditions' => $conditions,
'group' => ['Date'],
'order' => ['Date'],
]);
$validDates = $this->find(
'all',
[
'recursive' => -1,
'fields' => ['DISTINCT UNIX_TIMESTAMP(DATE(created)) AS Date', 'count(id) AS count'],
'conditions' => $conditions,
'group' => ['Date'],
'order' => ['Date'],
]
);
} elseif ($dataSource === 'Database/Postgres') {
if (!empty($conditions['org_id'])) {
$condOrg = sprintf('WHERE org_id = %s', intval($conditions['org_id']));