nginx-proxy-manager/backend/internal/audit-log.js

const error         = require('../lib/error');
const auditLogModel = require('../models/audit-log');

const internalAuditLog = {

	/**
	 * All logs
	 *
	 * @param   {Access}  access
	 * @param   {Array}   [expand]
	 * @param   {String}  [search_query]
	 * @returns {Promise}
	 */
	getAll: (access, expand, search_query) => {
		return access.can('auditlog:list')
			.then(() => {
				let query = auditLogModel
					.query()
					.orderBy('created_on', 'DESC')
					.orderBy('id', 'DESC')
					.limit(100)
					.allowEager('[user]');

				// Query is used for searching
				if (typeof search_query === 'string') {
					query.where(function () {
						this.where('meta', 'like', '%' + search_query + '%');
					});
				}

				if (typeof expand !== 'undefined' && expand !== null) {
					query.eager('[' + expand.join(', ') + ']');
				}

				return query;
			});
	},

	/**
	 * This method should not be publicly used, it doesn't check certain things. It will be assumed
	 * that permission to add to audit log is already considered, however the access token is used for
	 * default user id determination.
	 *
	 * @param   {Access}   access
	 * @param   {Object}   data
	 * @param   {String}   data.action
	 * @param   {Number}   [data.user_id]
	 * @param   {Number}   [data.object_id]
	 * @param   {Number}   [data.object_type]
	 * @param   {Object}   [data.meta]
	 * @returns {Promise}
	 */
	add: (access, data) => {
		return new Promise((resolve, reject) => {
			// Default the user id
			if (typeof data.user_id === 'undefined' || !data.user_id) {
				data.user_id = access.token.getUserId(1);
			}

			if (typeof data.action === 'undefined' || !data.action) {
				reject(new error.InternalValidationError('Audit log entry must contain an Action'));
			} else {
				// Make sure at least 1 of the IDs are set and action
				resolve(auditLogModel
					.query()
					.insert({
						user_id:     data.user_id,
						action:      data.action,
						object_type: data.object_type || '',
						object_id:   data.object_id || 0,
						meta:        data.meta || {}
					}));
			}
		});
	}
};

module.exports = internalAuditLog;
v2.1.0 (#293) * Fix wrapping when too many hosts are shown (#207) * Update npm packages, fixes CVE-2019-10757 * Revert some breaking packages * Major overhaul - Docker buildx support in CI - Cypress API Testing in CI - Restructured folder layout (insert clean face meme) - Added Swagger documentation and validate API against that (to be completed) - Use common base image for all supported archs, which includes updated nginx with ipv6 support - Updated certbot and changes required for it - Large amount of Hosts names will wrap in UI - Updated packages for frontend - Version bump 2.1.0 * Updated documentation * Fix JWT expire time going crazy. Now set to 1day * Backend JS formatting rules * Remove v1 importer, I doubt anyone is using v1 anymore * Added backend formatting rules and enforce them in Jenkins builds * Fix CI, doesn't need a tty * Thanks bcrypt. Why can't you just be normal. * Cleanup after syntax check Co-authored-by: Marcelo Castagna <margaale@users.noreply.github.com> 2020-02-18 23:55:06 -05:00			`const error = require('../lib/error');`
			`const auditLogModel = require('../models/audit-log');`

			`const internalAuditLog = {`

			`/**`
			`* All logs`
			`*`
			`* @param {Access} access`
			`* @param {Array} [expand]`
			`* @param {String} [search_query]`
			`* @returns {Promise}`
			`*/`
			`getAll: (access, expand, search_query) => {`
			`return access.can('auditlog:list')`
			`.then(() => {`
			`let query = auditLogModel`
			`.query()`
			`.orderBy('created_on', 'DESC')`
			`.orderBy('id', 'DESC')`
			`.limit(100)`
			`.allowEager('[user]');`

			`// Query is used for searching`
			`if (typeof search_query === 'string') {`
			`query.where(function () {`
			`this.where('meta', 'like', '%' + search_query + '%');`
			`});`
			`}`

			`if (typeof expand !== 'undefined' && expand !== null) {`
			`query.eager('[' + expand.join(', ') + ']');`
			`}`

			`return query;`
			`});`
			`},`

			`/**`
			`* This method should not be publicly used, it doesn't check certain things. It will be assumed`
			`* that permission to add to audit log is already considered, however the access token is used for`
			`* default user id determination.`
			`*`
			`* @param {Access} access`
			`* @param {Object} data`
			`* @param {String} data.action`
			`* @param {Number} [data.user_id]`
			`* @param {Number} [data.object_id]`
			`* @param {Number} [data.object_type]`
			`* @param {Object} [data.meta]`
			`* @returns {Promise}`
			`*/`
			`add: (access, data) => {`
			`return new Promise((resolve, reject) => {`
			`// Default the user id`
			`if (typeof data.user_id === 'undefined' \|\| !data.user_id) {`
			`data.user_id = access.token.getUserId(1);`
			`}`

			`if (typeof data.action === 'undefined' \|\| !data.action) {`
			`reject(new error.InternalValidationError('Audit log entry must contain an Action'));`
			`} else {`
			`// Make sure at least 1 of the IDs are set and action`
			`resolve(auditLogModel`
			`.query()`
			`.insert({`
			`user_id: data.user_id,`
			`action: data.action,`
			`object_type: data.object_type \|\| '',`
			`object_id: data.object_id \|\| 0,`
			`meta: data.meta \|\| {}`
			`}));`
			`}`
			`});`
			`}`
			`};`

			`module.exports = internalAuditLog;`