mirror of https://github.com/MISP/MISP
Audit log
Following events are now being logged: 1. Adding a new user. 2. Deleting a user.pull/63/head
parent
1c3ca8909b
commit
6495787023
|
@ -162,7 +162,6 @@ class UsersController extends AppController {
|
||||||
if ($this->request->is('post')) {
|
if ($this->request->is('post')) {
|
||||||
$this->User->create();
|
$this->User->create();
|
||||||
// set invited by
|
// set invited by
|
||||||
debug($this->request->data['User']);
|
|
||||||
$this->request->data['User']['invited_by'] = $this->Auth->user('id');
|
$this->request->data['User']['invited_by'] = $this->Auth->user('id');
|
||||||
if ($this->User->save($this->request->data)) {
|
if ($this->User->save($this->request->data)) {
|
||||||
$this->Session->setFlash(__('The user has been saved'));
|
$this->Session->setFlash(__('The user has been saved'));
|
||||||
|
@ -276,10 +275,13 @@ class UsersController extends AppController {
|
||||||
throw new MethodNotAllowedException();
|
throw new MethodNotAllowedException();
|
||||||
}
|
}
|
||||||
$this->User->id = $id;
|
$this->User->id = $id;
|
||||||
|
$user = $this->User->read('email', $id);
|
||||||
|
$fieldsDescrStr = 'User (' . $id . '): ' . $user['User']['email'];
|
||||||
if (!$this->User->exists()) {
|
if (!$this->User->exists()) {
|
||||||
throw new NotFoundException(__('Invalid user'));
|
throw new NotFoundException(__('Invalid user'));
|
||||||
}
|
}
|
||||||
if ($this->User->delete()) {
|
if ($this->User->delete()) {
|
||||||
|
$this->extraLog("delete", $fieldsDescrStr, ''); // TODO Audit, check: modify User
|
||||||
$this->Session->setFlash(__('User deleted'));
|
$this->Session->setFlash(__('User deleted'));
|
||||||
$this->redirect(array('action' => 'index'));
|
$this->redirect(array('action' => 'index'));
|
||||||
}
|
}
|
||||||
|
@ -426,7 +428,7 @@ class UsersController extends AppController {
|
||||||
$description = "User (" . $this->Auth->user('id') . "): " . $this->data['User']['email'];
|
$description = "User (" . $this->Auth->user('id') . "): " . $this->data['User']['email'];
|
||||||
} elseif ($action == 'logout') {
|
} elseif ($action == 'logout') {
|
||||||
$description = "User (" . $this->Auth->user('id') . "): " . $this->Auth->user('email');
|
$description = "User (" . $this->Auth->user('id') . "): " . $this->Auth->user('email');
|
||||||
} else { // edit
|
} elseif ($action == 'edit') {
|
||||||
$description = "User (" . $this->User->id . "): " . $this->data['User']['email'];
|
$description = "User (" . $this->User->id . "): " . $this->data['User']['email'];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -219,7 +219,17 @@ class User extends AppModel {
|
||||||
/**
|
/**
|
||||||
* TODO ACL: 1: be requester to CakePHP ACL system
|
* TODO ACL: 1: be requester to CakePHP ACL system
|
||||||
*/
|
*/
|
||||||
public $actsAs = array('Acl' => array('type' => 'requester', 'enabled' => false)); // TODO ACL, + 'enabled' => false
|
public $actsAs = array(
|
||||||
|
'Acl' => array( // TODO ACL, + 'enabled' => false
|
||||||
|
'type' => 'requester',
|
||||||
|
'enabled' => false
|
||||||
|
),
|
||||||
|
'SysLogLogable.SysLogLogable' => array( // TODO Audit, logable
|
||||||
|
'userModel' => 'User',
|
||||||
|
'userKey' => 'user_id',
|
||||||
|
'change' => 'full'
|
||||||
|
)
|
||||||
|
);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* TODO ACL: 2: hook User into CakePHP ACL system (so link to aros)
|
* TODO ACL: 2: hook User into CakePHP ACL system (so link to aros)
|
||||||
|
|
|
@ -102,7 +102,11 @@ class SysLogLogableBehavior extends LogableBehavior {
|
||||||
} elseif ($Model->displayField == $Model->primaryKey) {
|
} elseif ($Model->displayField == $Model->primaryKey) {
|
||||||
$logData['Log']['title'] = $Model->alias . ' (' . $Model->id . ')';
|
$logData['Log']['title'] = $Model->alias . ' (' . $Model->id . ')';
|
||||||
} elseif (isset($Model->data[$Model->alias][$Model->displayField])) {
|
} elseif (isset($Model->data[$Model->alias][$Model->displayField])) {
|
||||||
$logData['Log']['title'] = $Model->data[$Model->alias][$Model->displayField];
|
if (($Model->alias == "User") && ($logData['Log']['action'] != 'edit')) {
|
||||||
|
$logData['Log']['title'] = 'User (' . $Model->data[$Model->alias][$Model->primaryKey] . '): ' . $Model->data[$Model->alias][$Model->displayField];
|
||||||
|
} else {
|
||||||
|
$logData['Log']['title'] = $Model->data[$Model->alias][$Model->displayField];
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
$logData['Log']['title'] = $Model->field($Model->displayField);
|
$logData['Log']['title'] = $Model->field($Model->displayField);
|
||||||
}
|
}
|
||||||
|
@ -173,6 +177,9 @@ class SysLogLogableBehavior extends LogableBehavior {
|
||||||
if ($this->user && $this->UserModel) { // $Model->data[$Model->alias][$Model->displayField]
|
if ($this->user && $this->UserModel) { // $Model->data[$Model->alias][$Model->displayField]
|
||||||
switch ($Model->alias) {
|
switch ($Model->alias) {
|
||||||
case "User": // TODO Audit, not used here but done in UsersController
|
case "User": // TODO Audit, not used here but done in UsersController
|
||||||
|
if (($logData['Log']['action'] == 'edit') || ($logData['Log']['action'] == 'delete')) {
|
||||||
|
return; // handle in model itself
|
||||||
|
}
|
||||||
$title = 'User ('. $Model->data[$Model->alias]['id'].') '. $Model->data[$Model->alias]['email'];
|
$title = 'User ('. $Model->data[$Model->alias]['id'].') '. $Model->data[$Model->alias]['email'];
|
||||||
break;
|
break;
|
||||||
case "Event":
|
case "Event":
|
||||||
|
|
Loading…
Reference in New Issue