Mirrored_Repos/crafty-4
1
0
Fork 0
mirror of https://gitlab.com/crafty-controller/crafty-4.git synced 2024-08-30 18:23:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add and improve audit logging in the API

Browse Source
This commit is contained in:
luukas 2022-05-18 01:34:31 +03:00
parent 8c8ae652c8
commit 14665042c6
4 changed files with 36 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
app/classes/web/routes/api/roles/role/index.py
View File

@ -65,7 +65,7 @@ class ApiRolesRoleIndexHandler(BaseApiHandler):
_,
_,
superuser,
_,
user,
) = auth_data
if not superuser:
@ -78,6 +78,13 @@ class ApiRolesRoleIndexHandler(BaseApiHandler):
{"status": "ok", "data": role_id},
)
self.controller.management.add_to_audit_log(
user["user_id"],
f"deleted role with ID {role_id}",
server_id=0,
source_ip=self.get_remote_ip(),
)
def patch(self, role_id: str):
auth_data = self.authenticate_user()
if not auth_data:
@ -87,7 +94,7 @@ class ApiRolesRoleIndexHandler(BaseApiHandler):
_,
_,
superuser,
_,
user,
) = auth_data
if not superuser:
@ -116,6 +123,13 @@ class ApiRolesRoleIndexHandler(BaseApiHandler):
role_id, data.get("role_name", None), data.get("servers", None)
)
self.controller.management.add_to_audit_log(
user["user_id"],
f"modified role with ID {role_id}",
server_id=0,
source_ip=self.get_remote_ip(),
)
self.finish_json(
200,
{"status": "ok", "data": self.controller.roles.get_role(role_id)},

16
app/classes/web/routes/api/servers/server/index.py
View File

@ -112,6 +112,13 @@ class ApiServersServerIndexHandler(BaseApiHandler):
setattr(self, key, data[key])
self.controller.servers.update_server(server_obj)
self.controller.management.add_to_audit_log(
auth_data[4]["user_id"],
f"modified the server with ID {server_id}",
server_id,
self.get_remote_ip(),
)
return self.finish_json(200, {"status": "ok"})
def delete(self, server_id: str):
@ -144,19 +151,16 @@ class ApiServersServerIndexHandler(BaseApiHandler):
+ self.controller.servers.get_server_friendly_name(server_id)
)
server_data = self.controller.get_server_data(server_id)
server_name = server_data["server_name"]
self.tasks_manager.remove_all_server_tasks(server_id)
self.controller.remove_server(server_id, remove_files)
self.controller.management.add_to_audit_log(
auth_data[4]["user_id"],
f"deleted server {server_id} named {server_name}",
f"deleted the server {server_id}",
server_id,
self.get_remote_ip(),
)
self.tasks_manager.remove_all_server_tasks(server_id)
self.controller.remove_server(server_id, remove_files)
self.finish_json(
200,
{"status": "ok"},

8
app/classes/web/routes/api/users/index.py
View File

@ -152,13 +152,7 @@ class ApiUsersIndexHandler(BaseApiHandler):
self.controller.management.add_to_audit_log(
user["user_id"],
f"added user {username} (UID:{user_id})",
server_id=0,
source_ip=self.get_remote_ip(),
)
self.controller.management.add_to_audit_log(
user["user_id"],
f"edited user {username} (UID:{user_id}) with roles {roles}",
f"added user {username} (UID:{user_id}) with roles {roles}",
server_id=0,
source_ip=self.get_remote_ip(),
)

10
app/classes/web/routes/api/users/user/index.py
View File

@ -75,7 +75,8 @@ class ApiUsersUserIndexHandler(BaseApiHandler):
if (user_id in ["@me", user["user_id"]]) and self.helper.get_setting(
"allow_self_delete", False
):
self.controller.users.remove_user(user["user_id"])
user_id = user["user_id"]
self.controller.users.remove_user(user_id)
elif EnumPermissionsCrafty.USER_CONFIG not in exec_user_crafty_permissions:
return self.finish_json(
400,
@ -88,6 +89,13 @@ class ApiUsersUserIndexHandler(BaseApiHandler):
# has User_Config permission
self.controller.users.remove_user(user_id)
self.controller.management.add_to_audit_log(
user["user_id"],
f"deleted the user {user_id}",
server_id=0,
source_ip=self.get_remote_ip(),
)
self.finish_json(
200,
{"status": "ok"},