Add base logic for audit logging
This commit is contained in:
parent
9684456480
commit
b15679d3bb
3 changed files with 177 additions and 0 deletions
120
app/Models/AuditLog.php
Normal file
120
app/Models/AuditLog.php
Normal file
|
@ -0,0 +1,120 @@
|
|||
<?php
|
||||
|
||||
namespace Pterodactyl\Models;
|
||||
|
||||
use Ramsey\Uuid\Uuid;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Container\Container;
|
||||
|
||||
/**
|
||||
* @property int $id
|
||||
* @property string $uuid
|
||||
* @property bool $is_system
|
||||
* @property int|null $user_id
|
||||
* @property int|null $server_id
|
||||
* @property string $action
|
||||
* @property array $device
|
||||
* @property array $metadata
|
||||
* @property \Carbon\CarbonImmutable $created_at
|
||||
*
|
||||
* @property \Pterodactyl\Models\User|null $user
|
||||
* @property \Pterodactyl\Models\Server|null $server
|
||||
*/
|
||||
class AuditLog extends Model
|
||||
{
|
||||
const UPDATED_AT = null;
|
||||
|
||||
const ACTION_USER_AUTH_LOGIN = 'user:auth.login';
|
||||
const ACTION_USER_AUTH_FAILED = 'user:auth.failed';
|
||||
const ACTION_USER_AUTH_PASSWORD_CHANGED = 'user:auth.password-changed';
|
||||
|
||||
const ACTION_SERVER_BACKUP_RESTORE_STARTED = 'server:backup.restore.started';
|
||||
const ACTION_SERVER_BACKUP_RESTORE_COMPLETED = 'server:backup.restore.completed';
|
||||
const ACTION_SERVER_BACKUP_RESTORE_FAILED = 'server:backup.restore.failed';
|
||||
|
||||
/**
|
||||
* @var string[]
|
||||
*/
|
||||
public static $validationRules = [
|
||||
'uuid' => 'required|uuid',
|
||||
'action' => 'required|string',
|
||||
'device' => 'required|array',
|
||||
'device.ip_address' => 'ip',
|
||||
'device.user_agent' => 'string',
|
||||
'metadata' => 'array',
|
||||
];
|
||||
|
||||
/**
|
||||
* @var string
|
||||
*/
|
||||
protected $table = 'audit_logs';
|
||||
|
||||
/**
|
||||
* @var bool
|
||||
*/
|
||||
protected $immutableDates = true;
|
||||
|
||||
/**
|
||||
* @var string[]
|
||||
*/
|
||||
protected $casts = [
|
||||
'device' => 'array',
|
||||
'metadata' => 'array',
|
||||
];
|
||||
|
||||
/**
|
||||
* @var string[]
|
||||
*/
|
||||
protected $guarded = [
|
||||
'id',
|
||||
'created_at',
|
||||
];
|
||||
|
||||
/**
|
||||
* @return \Illuminate\Database\Eloquent\Relations\BelongsTo
|
||||
*/
|
||||
public function user()
|
||||
{
|
||||
return $this->belongsTo(User::class);
|
||||
}
|
||||
|
||||
/**
|
||||
* @return \Illuminate\Database\Eloquent\Relations\BelongsTo
|
||||
*/
|
||||
public function server()
|
||||
{
|
||||
return $this->belongsTo(Server::class);
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a new AuditLog model and returns it, attaching device information and the
|
||||
* currently authenticated user if available. This model is not saved at this point, so
|
||||
* you can always make modifications to it as needed before saving.
|
||||
*
|
||||
* @param string $action
|
||||
* @param array $metadata
|
||||
* @param bool $isSystem
|
||||
* @return $this
|
||||
*/
|
||||
public static function factory(string $action, array $metadata, bool $isSystem = false)
|
||||
{
|
||||
/** @var \Illuminate\Http\Request $request */
|
||||
$request = Container::getInstance()->make('request');
|
||||
if (! $isSystem || ! $request instanceof Request) {
|
||||
$request = null;
|
||||
}
|
||||
|
||||
return (new self())->fill([
|
||||
'uuid' => Uuid::uuid4()->toString(),
|
||||
'is_system' => $isSystem,
|
||||
'user_id' => $request->user() ? $request->user()->id : null,
|
||||
'server_id' => null,
|
||||
'action' => $action,
|
||||
'device' => $request ? [
|
||||
'ip_address' => $request->getClientIp(),
|
||||
'user_agent' => $request->userAgent(),
|
||||
] : [],
|
||||
'metadata' => $metadata,
|
||||
]);
|
||||
}
|
||||
}
|
|
@ -50,6 +50,7 @@ use Znck\Eloquent\Traits\BelongsToThrough;
|
|||
* @property \Pterodactyl\Models\ServerTransfer $transfer
|
||||
* @property \Pterodactyl\Models\Backup[]|\Illuminate\Database\Eloquent\Collection $backups
|
||||
* @property \Pterodactyl\Models\Mount[]|\Illuminate\Database\Eloquent\Collection $mounts
|
||||
* @property \Pterodactyl\Models\AuditLog[] $audits
|
||||
*/
|
||||
class Server extends Model
|
||||
{
|
||||
|
@ -326,4 +327,29 @@ class Server extends Model
|
|||
{
|
||||
return $this->hasManyThrough(Mount::class, MountServer::class, 'server_id', 'id', 'id', 'mount_id');
|
||||
}
|
||||
|
||||
/**
|
||||
* Saves an audit entry to the database for the server.
|
||||
*
|
||||
* @param string $action
|
||||
* @param array $metadata
|
||||
* @return \Pterodactyl\Models\AuditLog
|
||||
*/
|
||||
public function audit(string $action, array $metadata): AuditLog
|
||||
{
|
||||
$model = AuditLog::factory($action, $metadata)->fill([
|
||||
'server_id' => $this->id,
|
||||
]);
|
||||
$model->save();
|
||||
|
||||
return $model;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return \Illuminate\Database\Eloquent\Relations\HasMany
|
||||
*/
|
||||
public function audits()
|
||||
{
|
||||
return $this->hasMany(AuditLog::class);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -0,0 +1,31 @@
|
|||
<?php
|
||||
|
||||
use Illuminate\Database\Migrations\Migration;
|
||||
use Illuminate\Database\Schema\Blueprint;
|
||||
use Illuminate\Support\Facades\Schema;
|
||||
|
||||
class CreateAuditLogsTable extends Migration
|
||||
{
|
||||
/**
|
||||
* Run the migrations.
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function up()
|
||||
{
|
||||
Schema::create('audit_logs', function (Blueprint $table) {
|
||||
$table->id();
|
||||
$table->timestamps();
|
||||
});
|
||||
}
|
||||
|
||||
/**
|
||||
* Reverse the migrations.
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function down()
|
||||
{
|
||||
Schema::dropIfExists('audit_logs');
|
||||
}
|
||||
}
|
Loading…
Reference in a new issue