Support hiding activity from admin accounts not associated with the server

This commit is contained in:
DaneEveritt 2022-06-18 15:48:22 -04:00
parent 95de4c30fc
commit cf01490883
No known key found for this signature in database
GPG key ID: EEA66103B3D71F53
4 changed files with 40 additions and 11 deletions

View file

@ -2,10 +2,13 @@
namespace Pterodactyl\Http\Controllers\Api\Client\Servers;
use Pterodactyl\Models\User;
use Pterodactyl\Models\Server;
use Pterodactyl\Models\Permission;
use Spatie\QueryBuilder\QueryBuilder;
use Spatie\QueryBuilder\AllowedFilter;
use Illuminate\Database\Eloquent\Builder;
use Illuminate\Database\Query\JoinClause;
use Pterodactyl\Http\Requests\Api\Client\ClientApiRequest;
use Pterodactyl\Transformers\Api\Client\ActivityLogTransformer;
use Pterodactyl\Http\Controllers\Api\Client\ClientApiController;
@ -26,6 +29,22 @@ class ActivityLogController extends ClientApiController
AllowedFilter::exact('ip'),
AllowedFilter::partial('event'),
])
->when(config('activity.hide_admin_activity'), function (Builder $builder) use ($server) {
// We could do this with a query and a lot of joins, but that gets pretty
// painful so for now we'll execute a simpler query.
$subusers = $server->subusers()->pluck('user_id')->merge($server->owner_id);
$builder->select('activity_logs.*')
->leftJoin('users', function (JoinClause $join) {
$join->on('users.id', 'activity_logs.actor_id')
->where('activity_logs.actor_type', (new User())->getMorphClass());
})
->where(function (Builder $builder) use ($subusers) {
$builder->whereNull('users.id')
->orWhere('users.root_admin', 0)
->orWhereIn('users.id', $subusers);
});
})
->paginate(min($request->query('per_page', 25), 100))
->appends($request->query());

View file

@ -1,9 +1,12 @@
<?php
return [
/*
* The number of days that must elapse before old activity log entries are deleted
* from the database.
*/
// The number of days ellapsed before old activity log entries are deleted.
'prune_days' => env('APP_ACTIVITY_PRUNE_DAYS', 90),
// If set to true activity log entries generated by an admin user that is not also
// a part of the server in question will be hidden from the activity logs API response.
//
// Activity will still be properly tracked, just not displayed.
'hide_admin_activity' => env('APP_ACTIVITY_HIDE_ADMIN', false),
];

View file

@ -26,6 +26,10 @@ const PaginationFooter = ({ pagination, className, onPageSelect }: Props) => {
}
}
if (pagination.total === 0) {
return null;
}
return (
<div className={classNames('flex items-center justify-between my-2', className)}>
<p className={'text-sm text-neutral-500'}>

View file

@ -48,13 +48,16 @@ export default () => {
{!data && isValidating ?
<Spinner centered/>
:
<div className={'bg-gray-700'}>
{data?.items.map((activity) => (
<ActivityLogEntry key={activity.timestamp.toString() + activity.event} activity={activity}>
<span/>
</ActivityLogEntry>
))}
</div>
!data?.items.length ?
<p className={'text-sm text-center text-gray-400'}>No activity logs available for this server.</p>
:
<div className={'bg-gray-700'}>
{data?.items.map((activity) => (
<ActivityLogEntry key={activity.timestamp.toString() + activity.event} activity={activity}>
<span/>
</ActivityLogEntry>
))}
</div>
}
{data && <PaginationFooter
pagination={data.pagination}