Skynet/misc_pterodactyl-panel
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Hide IP addresses from activity logs not generated by the user themselves

Browse source
This commit is contained in:
DaneEveritt 2022-06-27 20:52:27 -04:00
parent b570769a34
commit 4aa163b76f
No known key found for this signature in database
GPG key ID: EEA66103B3D71F53
5 changed files with 15 additions and 18 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
app/Http/Controllers/Api/Client/ActivityLogController.php
View file

@ -16,10 +16,7 @@ class ActivityLogController extends ClientApiController
{ {
$activity = QueryBuilder::for($request->user()->activity()) $activity = QueryBuilder::for($request->user()->activity())
->with('actor') ->with('actor')
->allowedFilters([ ->allowedFilters([AllowedFilter::partial('event')])
AllowedFilter::exact('ip'),
AllowedFilter::partial('event'),
])
->allowedSorts(['timestamp']) ->allowedSorts(['timestamp'])
->paginate(min($request->query('per_page', 25), 100)) ->paginate(min($request->query('per_page', 25), 100))
->appends($request->query()); ->appends($request->query());

5
app/Http/Controllers/Api/Client/Servers/ActivityLogController.php
View file

@ -25,10 +25,7 @@ class ActivityLogController extends ClientApiController
$activity = QueryBuilder::for($server->activity()) $activity = QueryBuilder::for($server->activity())
->with('actor') ->with('actor')
->allowedSorts(['timestamp']) ->allowedSorts(['timestamp'])
->allowedFilters([ ->allowedFilters([AllowedFilter::partial('event')])
AllowedFilter::exact('ip'),
AllowedFilter::partial('event'),
])
->when(config('activity.hide_admin_activity'), function (Builder $builder) use ($server) { ->when(config('activity.hide_admin_activity'), function (Builder $builder) use ($server) {
// We could do this with a query and a lot of joins, but that gets pretty // We could do this with a query and a lot of joins, but that gets pretty
// painful so for now we'll execute a simpler query. // painful so for now we'll execute a simpler query.

8
app/Transformers/Api/Client/ActivityLogTransformer.php
View file

@ -21,7 +21,7 @@ class ActivityLogTransformer extends BaseClientTransformer
'batch' => $model->batch, 'batch' => $model->batch,
'event' => $model->event, 'event' => $model->event,
'is_api' => !is_null($model->api_key_id), 'is_api' => !is_null($model->api_key_id),
'ip' => $model->ip, 'ip' => optional($model->actor)->is($this->request->user()) ? $model->ip : null,
'description' => $model->description, 'description' => $model->description,
'properties' => $this->properties($model), 'properties' => $this->properties($model),
'has_additional_metadata' => $this->hasAdditionalMetadata($model), 'has_additional_metadata' => $this->hasAdditionalMetadata($model),
@ -49,7 +49,11 @@ class ActivityLogTransformer extends BaseClientTransformer
} }
$properties = $model->properties $properties = $model->properties
->mapWithKeys(function ($value, $key) { ->mapWithKeys(function ($value, $key) use ($model) {
if ($key === 'ip' && !optional($model->actor)->is($this->request->user())) {
return [$key => '[hidden]'];
}
if (!is_array($value)) { if (!is_array($value)) {
return [$key => $value]; return [$key => $value];
} }

2
resources/scripts/api/definitions/user/models.d.ts vendored
View file

@ -22,7 +22,7 @@ interface SSHKey extends Model {
interface ActivityLog extends Model<'actor'> { interface ActivityLog extends Model<'actor'> {
batch: UUID | null; batch: UUID | null;
event: string; event: string;
ip: string; ip: string | null;
isApi: boolean; isApi: boolean;
description: string | null; description: string | null;
properties: Record<string, string | unknown>; properties: Record<string, string | unknown>;

13
resources/scripts/components/elements/activity/ActivityLogEntry.tsx
View file

@ -75,13 +75,12 @@ export default ({ activity, children }: Props) => {
<Translate ns={'activity'} values={properties} i18nKey={activity.event.replace(':', '.')} /> <Translate ns={'activity'} values={properties} i18nKey={activity.event.replace(':', '.')} />
</p> </p>
<div className={'mt-1 flex items-center text-sm'}> <div className={'mt-1 flex items-center text-sm'}>
<Link {activity.ip && (
to={`#${pathTo({ ip: activity.ip })}`} <span>
className={'transition-colors duration-75 active:text-cyan-400 hover:text-cyan-400'} {activity.ip}
> <span className={'text-gray-400'}>&nbsp;|&nbsp;</span>
{activity.ip} </span>
</Link> )}
<span className={'text-gray-400'}>&nbsp;|&nbsp;</span>
<Tooltip placement={'right'} content={format(activity.timestamp, 'MMM do, yyyy H:mm:ss')}> <Tooltip placement={'right'} content={format(activity.timestamp, 'MMM do, yyyy H:mm:ss')}>
<span>{formatDistanceToNowStrict(activity.timestamp, { addSuffix: true })}</span> <span>{formatDistanceToNowStrict(activity.timestamp, { addSuffix: true })}</span>
</Tooltip> </Tooltip>