Add base logic for audit logging
This commit is contained in:
parent
9684456480
commit
b15679d3bb
3 changed files with 177 additions and 0 deletions
120
app/Models/AuditLog.php
Normal file
120
app/Models/AuditLog.php
Normal file
|
@ -0,0 +1,120 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
namespace Pterodactyl\Models;
|
||||||
|
|
||||||
|
use Ramsey\Uuid\Uuid;
|
||||||
|
use Illuminate\Http\Request;
|
||||||
|
use Illuminate\Container\Container;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @property int $id
|
||||||
|
* @property string $uuid
|
||||||
|
* @property bool $is_system
|
||||||
|
* @property int|null $user_id
|
||||||
|
* @property int|null $server_id
|
||||||
|
* @property string $action
|
||||||
|
* @property array $device
|
||||||
|
* @property array $metadata
|
||||||
|
* @property \Carbon\CarbonImmutable $created_at
|
||||||
|
*
|
||||||
|
* @property \Pterodactyl\Models\User|null $user
|
||||||
|
* @property \Pterodactyl\Models\Server|null $server
|
||||||
|
*/
|
||||||
|
class AuditLog extends Model
|
||||||
|
{
|
||||||
|
const UPDATED_AT = null;
|
||||||
|
|
||||||
|
const ACTION_USER_AUTH_LOGIN = 'user:auth.login';
|
||||||
|
const ACTION_USER_AUTH_FAILED = 'user:auth.failed';
|
||||||
|
const ACTION_USER_AUTH_PASSWORD_CHANGED = 'user:auth.password-changed';
|
||||||
|
|
||||||
|
const ACTION_SERVER_BACKUP_RESTORE_STARTED = 'server:backup.restore.started';
|
||||||
|
const ACTION_SERVER_BACKUP_RESTORE_COMPLETED = 'server:backup.restore.completed';
|
||||||
|
const ACTION_SERVER_BACKUP_RESTORE_FAILED = 'server:backup.restore.failed';
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @var string[]
|
||||||
|
*/
|
||||||
|
public static $validationRules = [
|
||||||
|
'uuid' => 'required|uuid',
|
||||||
|
'action' => 'required|string',
|
||||||
|
'device' => 'required|array',
|
||||||
|
'device.ip_address' => 'ip',
|
||||||
|
'device.user_agent' => 'string',
|
||||||
|
'metadata' => 'array',
|
||||||
|
];
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @var string
|
||||||
|
*/
|
||||||
|
protected $table = 'audit_logs';
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @var bool
|
||||||
|
*/
|
||||||
|
protected $immutableDates = true;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @var string[]
|
||||||
|
*/
|
||||||
|
protected $casts = [
|
||||||
|
'device' => 'array',
|
||||||
|
'metadata' => 'array',
|
||||||
|
];
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @var string[]
|
||||||
|
*/
|
||||||
|
protected $guarded = [
|
||||||
|
'id',
|
||||||
|
'created_at',
|
||||||
|
];
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @return \Illuminate\Database\Eloquent\Relations\BelongsTo
|
||||||
|
*/
|
||||||
|
public function user()
|
||||||
|
{
|
||||||
|
return $this->belongsTo(User::class);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @return \Illuminate\Database\Eloquent\Relations\BelongsTo
|
||||||
|
*/
|
||||||
|
public function server()
|
||||||
|
{
|
||||||
|
return $this->belongsTo(Server::class);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Creates a new AuditLog model and returns it, attaching device information and the
|
||||||
|
* currently authenticated user if available. This model is not saved at this point, so
|
||||||
|
* you can always make modifications to it as needed before saving.
|
||||||
|
*
|
||||||
|
* @param string $action
|
||||||
|
* @param array $metadata
|
||||||
|
* @param bool $isSystem
|
||||||
|
* @return $this
|
||||||
|
*/
|
||||||
|
public static function factory(string $action, array $metadata, bool $isSystem = false)
|
||||||
|
{
|
||||||
|
/** @var \Illuminate\Http\Request $request */
|
||||||
|
$request = Container::getInstance()->make('request');
|
||||||
|
if (! $isSystem || ! $request instanceof Request) {
|
||||||
|
$request = null;
|
||||||
|
}
|
||||||
|
|
||||||
|
return (new self())->fill([
|
||||||
|
'uuid' => Uuid::uuid4()->toString(),
|
||||||
|
'is_system' => $isSystem,
|
||||||
|
'user_id' => $request->user() ? $request->user()->id : null,
|
||||||
|
'server_id' => null,
|
||||||
|
'action' => $action,
|
||||||
|
'device' => $request ? [
|
||||||
|
'ip_address' => $request->getClientIp(),
|
||||||
|
'user_agent' => $request->userAgent(),
|
||||||
|
] : [],
|
||||||
|
'metadata' => $metadata,
|
||||||
|
]);
|
||||||
|
}
|
||||||
|
}
|
|
@ -50,6 +50,7 @@ use Znck\Eloquent\Traits\BelongsToThrough;
|
||||||
* @property \Pterodactyl\Models\ServerTransfer $transfer
|
* @property \Pterodactyl\Models\ServerTransfer $transfer
|
||||||
* @property \Pterodactyl\Models\Backup[]|\Illuminate\Database\Eloquent\Collection $backups
|
* @property \Pterodactyl\Models\Backup[]|\Illuminate\Database\Eloquent\Collection $backups
|
||||||
* @property \Pterodactyl\Models\Mount[]|\Illuminate\Database\Eloquent\Collection $mounts
|
* @property \Pterodactyl\Models\Mount[]|\Illuminate\Database\Eloquent\Collection $mounts
|
||||||
|
* @property \Pterodactyl\Models\AuditLog[] $audits
|
||||||
*/
|
*/
|
||||||
class Server extends Model
|
class Server extends Model
|
||||||
{
|
{
|
||||||
|
@ -326,4 +327,29 @@ class Server extends Model
|
||||||
{
|
{
|
||||||
return $this->hasManyThrough(Mount::class, MountServer::class, 'server_id', 'id', 'id', 'mount_id');
|
return $this->hasManyThrough(Mount::class, MountServer::class, 'server_id', 'id', 'id', 'mount_id');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Saves an audit entry to the database for the server.
|
||||||
|
*
|
||||||
|
* @param string $action
|
||||||
|
* @param array $metadata
|
||||||
|
* @return \Pterodactyl\Models\AuditLog
|
||||||
|
*/
|
||||||
|
public function audit(string $action, array $metadata): AuditLog
|
||||||
|
{
|
||||||
|
$model = AuditLog::factory($action, $metadata)->fill([
|
||||||
|
'server_id' => $this->id,
|
||||||
|
]);
|
||||||
|
$model->save();
|
||||||
|
|
||||||
|
return $model;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @return \Illuminate\Database\Eloquent\Relations\HasMany
|
||||||
|
*/
|
||||||
|
public function audits()
|
||||||
|
{
|
||||||
|
return $this->hasMany(AuditLog::class);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,31 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
use Illuminate\Database\Migrations\Migration;
|
||||||
|
use Illuminate\Database\Schema\Blueprint;
|
||||||
|
use Illuminate\Support\Facades\Schema;
|
||||||
|
|
||||||
|
class CreateAuditLogsTable extends Migration
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* Run the migrations.
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function up()
|
||||||
|
{
|
||||||
|
Schema::create('audit_logs', function (Blueprint $table) {
|
||||||
|
$table->id();
|
||||||
|
$table->timestamps();
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Reverse the migrations.
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function down()
|
||||||
|
{
|
||||||
|
Schema::dropIfExists('audit_logs');
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in a new issue