2018-07-31 14:02:47 +02:00
|
|
|
import { diff } from 'deep-object-diff'
|
2020-07-01 16:05:30 +02:00
|
|
|
import * as express from 'express'
|
2018-07-31 14:02:47 +02:00
|
|
|
import * as flatten from 'flat'
|
2020-07-01 16:05:30 +02:00
|
|
|
import { chain } from 'lodash'
|
|
|
|
import * as path from 'path'
|
2018-07-31 14:02:47 +02:00
|
|
|
import * as winston from 'winston'
|
2020-07-01 16:05:30 +02:00
|
|
|
import { AUDIT_LOG_FILENAME } from '@server/initializers/constants'
|
2020-07-24 15:05:51 +02:00
|
|
|
import { AdminAbuse, User, VideoChannel, VideoDetails, VideoImport } from '../../shared'
|
2018-07-31 14:04:26 +02:00
|
|
|
import { CustomConfig } from '../../shared/models/server/custom-config.model'
|
2021-05-11 11:27:40 +02:00
|
|
|
import { VideoComment } from '../../shared/models/videos/comment/video-comment.model'
|
2019-04-11 11:33:44 +02:00
|
|
|
import { CONFIG } from '../initializers/config'
|
2020-07-01 16:05:30 +02:00
|
|
|
import { jsonLoggerFormat, labelFormatter } from './logger'
|
2018-09-19 17:02:16 +02:00
|
|
|
|
|
|
|
function getAuditIdFromRes (res: express.Response) {
|
2019-03-19 16:23:02 +01:00
|
|
|
return res.locals.oauth.token.User.username
|
2018-09-19 17:02:16 +02:00
|
|
|
}
|
2018-07-31 14:02:47 +02:00
|
|
|
|
|
|
|
enum AUDIT_TYPE {
|
|
|
|
CREATE = 'create',
|
|
|
|
UPDATE = 'update',
|
|
|
|
DELETE = 'delete'
|
|
|
|
}
|
|
|
|
|
|
|
|
const colors = winston.config.npm.colors
|
|
|
|
colors.audit = winston.config.npm.colors.info
|
|
|
|
|
|
|
|
winston.addColors(colors)
|
|
|
|
|
|
|
|
const auditLogger = winston.createLogger({
|
|
|
|
levels: { audit: 0 },
|
|
|
|
transports: [
|
|
|
|
new winston.transports.File({
|
2019-12-11 14:14:01 +01:00
|
|
|
filename: path.join(CONFIG.STORAGE.LOG_DIR, AUDIT_LOG_FILENAME),
|
2018-07-31 14:02:47 +02:00
|
|
|
level: 'audit',
|
|
|
|
maxsize: 5242880,
|
|
|
|
maxFiles: 5,
|
|
|
|
format: winston.format.combine(
|
|
|
|
winston.format.timestamp(),
|
2020-04-09 11:00:30 +02:00
|
|
|
labelFormatter(),
|
2018-07-31 14:02:47 +02:00
|
|
|
winston.format.splat(),
|
|
|
|
jsonLoggerFormat
|
|
|
|
)
|
|
|
|
})
|
|
|
|
],
|
|
|
|
exitOnError: true
|
|
|
|
})
|
|
|
|
|
|
|
|
function auditLoggerWrapper (domain: string, user: string, action: AUDIT_TYPE, entity: EntityAuditView, oldEntity: EntityAuditView = null) {
|
|
|
|
let entityInfos: object
|
|
|
|
if (action === AUDIT_TYPE.UPDATE && oldEntity) {
|
|
|
|
const oldEntityKeys = oldEntity.toLogKeys()
|
|
|
|
const diffObject = diff(oldEntityKeys, entity.toLogKeys())
|
|
|
|
const diffKeys = Object.entries(diffObject).reduce((newKeys, entry) => {
|
|
|
|
newKeys[`new-${entry[0]}`] = entry[1]
|
|
|
|
return newKeys
|
|
|
|
}, {})
|
|
|
|
entityInfos = { ...oldEntityKeys, ...diffKeys }
|
|
|
|
} else {
|
|
|
|
entityInfos = { ...entity.toLogKeys() }
|
|
|
|
}
|
|
|
|
auditLogger.log('audit', JSON.stringify({
|
|
|
|
user,
|
|
|
|
domain,
|
|
|
|
action,
|
|
|
|
...entityInfos
|
|
|
|
}))
|
|
|
|
}
|
|
|
|
|
|
|
|
function auditLoggerFactory (domain: string) {
|
|
|
|
return {
|
|
|
|
create (user: string, entity: EntityAuditView) {
|
|
|
|
auditLoggerWrapper(domain, user, AUDIT_TYPE.CREATE, entity)
|
|
|
|
},
|
|
|
|
update (user: string, entity: EntityAuditView, oldEntity: EntityAuditView) {
|
|
|
|
auditLoggerWrapper(domain, user, AUDIT_TYPE.UPDATE, entity, oldEntity)
|
|
|
|
},
|
|
|
|
delete (user: string, entity: EntityAuditView) {
|
|
|
|
auditLoggerWrapper(domain, user, AUDIT_TYPE.DELETE, entity)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
abstract class EntityAuditView {
|
2020-01-31 16:56:52 +01:00
|
|
|
constructor (private readonly keysToKeep: string[], private readonly prefix: string, private readonly entityInfos: object) { }
|
|
|
|
|
2018-07-31 14:02:47 +02:00
|
|
|
toLogKeys (): object {
|
|
|
|
return chain(flatten(this.entityInfos, { delimiter: '-', safe: true }))
|
|
|
|
.pick(this.keysToKeep)
|
|
|
|
.mapKeys((value, key) => `${this.prefix}-${key}`)
|
|
|
|
.value()
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
const videoKeysToKeep = [
|
|
|
|
'tags',
|
|
|
|
'uuid',
|
|
|
|
'id',
|
|
|
|
'uuid',
|
|
|
|
'createdAt',
|
|
|
|
'updatedAt',
|
|
|
|
'publishedAt',
|
|
|
|
'category',
|
|
|
|
'licence',
|
|
|
|
'language',
|
|
|
|
'privacy',
|
|
|
|
'description',
|
|
|
|
'duration',
|
|
|
|
'isLocal',
|
|
|
|
'name',
|
|
|
|
'thumbnailPath',
|
|
|
|
'previewPath',
|
|
|
|
'nsfw',
|
|
|
|
'waitTranscoding',
|
|
|
|
'account-id',
|
|
|
|
'account-uuid',
|
|
|
|
'account-name',
|
|
|
|
'channel-id',
|
|
|
|
'channel-uuid',
|
|
|
|
'channel-name',
|
|
|
|
'support',
|
2018-10-06 19:17:21 +02:00
|
|
|
'commentsEnabled',
|
2018-10-08 14:45:22 +02:00
|
|
|
'downloadEnabled'
|
2018-07-31 14:02:47 +02:00
|
|
|
]
|
2018-07-31 14:04:26 +02:00
|
|
|
class VideoAuditView extends EntityAuditView {
|
2020-01-31 16:56:52 +01:00
|
|
|
constructor (private readonly video: VideoDetails) {
|
2018-07-31 14:02:47 +02:00
|
|
|
super(videoKeysToKeep, 'video', video)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2018-08-03 10:26:47 +02:00
|
|
|
const videoImportKeysToKeep = [
|
|
|
|
'id',
|
|
|
|
'targetUrl',
|
|
|
|
'video-name'
|
|
|
|
]
|
|
|
|
class VideoImportAuditView extends EntityAuditView {
|
2020-01-31 16:56:52 +01:00
|
|
|
constructor (private readonly videoImport: VideoImport) {
|
2018-08-03 10:26:47 +02:00
|
|
|
super(videoImportKeysToKeep, 'video-import', videoImport)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2018-07-31 14:04:26 +02:00
|
|
|
const commentKeysToKeep = [
|
|
|
|
'id',
|
|
|
|
'text',
|
|
|
|
'threadId',
|
|
|
|
'inReplyToCommentId',
|
|
|
|
'videoId',
|
|
|
|
'createdAt',
|
|
|
|
'updatedAt',
|
|
|
|
'totalReplies',
|
|
|
|
'account-id',
|
|
|
|
'account-uuid',
|
|
|
|
'account-name'
|
|
|
|
]
|
|
|
|
class CommentAuditView extends EntityAuditView {
|
2020-01-31 16:56:52 +01:00
|
|
|
constructor (private readonly comment: VideoComment) {
|
2018-07-31 14:04:26 +02:00
|
|
|
super(commentKeysToKeep, 'comment', comment)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
const userKeysToKeep = [
|
|
|
|
'id',
|
|
|
|
'username',
|
|
|
|
'email',
|
|
|
|
'nsfwPolicy',
|
|
|
|
'autoPlayVideo',
|
|
|
|
'role',
|
|
|
|
'videoQuota',
|
|
|
|
'createdAt',
|
|
|
|
'account-id',
|
|
|
|
'account-uuid',
|
|
|
|
'account-name',
|
|
|
|
'account-followingCount',
|
|
|
|
'account-followersCount',
|
|
|
|
'account-createdAt',
|
|
|
|
'account-updatedAt',
|
|
|
|
'account-avatar-path',
|
|
|
|
'account-avatar-createdAt',
|
|
|
|
'account-avatar-updatedAt',
|
|
|
|
'account-displayName',
|
|
|
|
'account-description',
|
|
|
|
'videoChannels'
|
|
|
|
]
|
|
|
|
class UserAuditView extends EntityAuditView {
|
2020-01-31 16:56:52 +01:00
|
|
|
constructor (private readonly user: User) {
|
2018-07-31 14:04:26 +02:00
|
|
|
super(userKeysToKeep, 'user', user)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
const channelKeysToKeep = [
|
|
|
|
'id',
|
|
|
|
'uuid',
|
|
|
|
'name',
|
|
|
|
'followingCount',
|
|
|
|
'followersCount',
|
|
|
|
'createdAt',
|
|
|
|
'updatedAt',
|
|
|
|
'avatar-path',
|
|
|
|
'avatar-createdAt',
|
|
|
|
'avatar-updatedAt',
|
|
|
|
'displayName',
|
|
|
|
'description',
|
|
|
|
'support',
|
|
|
|
'isLocal',
|
|
|
|
'ownerAccount-id',
|
|
|
|
'ownerAccount-uuid',
|
|
|
|
'ownerAccount-name',
|
|
|
|
'ownerAccount-displayedName'
|
|
|
|
]
|
|
|
|
class VideoChannelAuditView extends EntityAuditView {
|
2020-01-31 16:56:52 +01:00
|
|
|
constructor (private readonly channel: VideoChannel) {
|
2018-07-31 14:04:26 +02:00
|
|
|
super(channelKeysToKeep, 'channel', channel)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2020-07-01 16:05:30 +02:00
|
|
|
const abuseKeysToKeep = [
|
2018-07-31 14:04:26 +02:00
|
|
|
'id',
|
|
|
|
'reason',
|
|
|
|
'reporterAccount',
|
|
|
|
'createdAt'
|
|
|
|
]
|
2020-07-01 16:05:30 +02:00
|
|
|
class AbuseAuditView extends EntityAuditView {
|
2020-07-24 15:05:51 +02:00
|
|
|
constructor (private readonly abuse: AdminAbuse) {
|
2020-07-01 16:05:30 +02:00
|
|
|
super(abuseKeysToKeep, 'abuse', abuse)
|
2018-07-31 14:04:26 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
const customConfigKeysToKeep = [
|
|
|
|
'instance-name',
|
|
|
|
'instance-shortDescription',
|
|
|
|
'instance-description',
|
|
|
|
'instance-terms',
|
|
|
|
'instance-defaultClientRoute',
|
|
|
|
'instance-defaultNSFWPolicy',
|
|
|
|
'instance-customizations-javascript',
|
|
|
|
'instance-customizations-css',
|
|
|
|
'services-twitter-username',
|
|
|
|
'services-twitter-whitelisted',
|
|
|
|
'cache-previews-size',
|
|
|
|
'cache-captions-size',
|
|
|
|
'signup-enabled',
|
|
|
|
'signup-limit',
|
2018-08-31 09:18:19 +02:00
|
|
|
'signup-requiresEmailVerification',
|
2018-07-31 14:04:26 +02:00
|
|
|
'admin-email',
|
|
|
|
'user-videoQuota',
|
|
|
|
'transcoding-enabled',
|
|
|
|
'transcoding-threads',
|
|
|
|
'transcoding-resolutions'
|
|
|
|
]
|
|
|
|
class CustomConfigAuditView extends EntityAuditView {
|
|
|
|
constructor (customConfig: CustomConfig) {
|
|
|
|
const infos: any = customConfig
|
|
|
|
const resolutionsDict = infos.transcoding.resolutions
|
|
|
|
const resolutionsArray = []
|
2020-01-31 16:56:52 +01:00
|
|
|
|
|
|
|
Object.entries(resolutionsDict)
|
|
|
|
.forEach(([ resolution, isEnabled ]) => {
|
|
|
|
if (isEnabled) resolutionsArray.push(resolution)
|
|
|
|
})
|
|
|
|
|
2018-08-03 11:10:31 +02:00
|
|
|
Object.assign({}, infos, { transcoding: { resolutions: resolutionsArray } })
|
2018-07-31 14:04:26 +02:00
|
|
|
super(customConfigKeysToKeep, 'config', infos)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2018-07-31 14:02:47 +02:00
|
|
|
export {
|
2018-09-19 17:02:16 +02:00
|
|
|
getAuditIdFromRes,
|
|
|
|
|
2018-07-31 14:02:47 +02:00
|
|
|
auditLoggerFactory,
|
2018-08-03 10:26:47 +02:00
|
|
|
VideoImportAuditView,
|
2018-07-31 14:04:26 +02:00
|
|
|
VideoChannelAuditView,
|
|
|
|
CommentAuditView,
|
|
|
|
UserAuditView,
|
|
|
|
VideoAuditView,
|
2020-07-01 16:05:30 +02:00
|
|
|
AbuseAuditView,
|
2018-07-31 14:04:26 +02:00
|
|
|
CustomConfigAuditView
|
2018-07-31 14:02:47 +02:00
|
|
|
}
|