bb0f4bfa62
* Fix wrapping when too many hosts are shown (#207) * Update npm packages, fixes CVE-2019-10757 * Revert some breaking packages * Major overhaul - Docker buildx support in CI - Cypress API Testing in CI - Restructured folder layout (insert clean face meme) - Added Swagger documentation and validate API against that (to be completed) - Use common base image for all supported archs, which includes updated nginx with ipv6 support - Updated certbot and changes required for it - Large amount of Hosts names will wrap in UI - Updated packages for frontend - Version bump 2.1.0 * Updated documentation * Fix JWT expire time going crazy. Now set to 1day * Backend JS formatting rules * Remove v1 importer, I doubt anyone is using v1 anymore * Added backend formatting rules and enforce them in Jenkins builds * Fix CI, doesn't need a tty * Thanks bcrypt. Why can't you just be normal. * Cleanup after syntax check Co-authored-by: Marcelo Castagna <margaale@users.noreply.github.com>
79 lines
2.1 KiB
JavaScript
79 lines
2.1 KiB
JavaScript
const error = require('../lib/error');
|
|
const auditLogModel = require('../models/audit-log');
|
|
|
|
const internalAuditLog = {
|
|
|
|
/**
|
|
* All logs
|
|
*
|
|
* @param {Access} access
|
|
* @param {Array} [expand]
|
|
* @param {String} [search_query]
|
|
* @returns {Promise}
|
|
*/
|
|
getAll: (access, expand, search_query) => {
|
|
return access.can('auditlog:list')
|
|
.then(() => {
|
|
let query = auditLogModel
|
|
.query()
|
|
.orderBy('created_on', 'DESC')
|
|
.orderBy('id', 'DESC')
|
|
.limit(100)
|
|
.allowEager('[user]');
|
|
|
|
// Query is used for searching
|
|
if (typeof search_query === 'string') {
|
|
query.where(function () {
|
|
this.where('meta', 'like', '%' + search_query + '%');
|
|
});
|
|
}
|
|
|
|
if (typeof expand !== 'undefined' && expand !== null) {
|
|
query.eager('[' + expand.join(', ') + ']');
|
|
}
|
|
|
|
return query;
|
|
});
|
|
},
|
|
|
|
/**
|
|
* This method should not be publicly used, it doesn't check certain things. It will be assumed
|
|
* that permission to add to audit log is already considered, however the access token is used for
|
|
* default user id determination.
|
|
*
|
|
* @param {Access} access
|
|
* @param {Object} data
|
|
* @param {String} data.action
|
|
* @param {Number} [data.user_id]
|
|
* @param {Number} [data.object_id]
|
|
* @param {Number} [data.object_type]
|
|
* @param {Object} [data.meta]
|
|
* @returns {Promise}
|
|
*/
|
|
add: (access, data) => {
|
|
return new Promise((resolve, reject) => {
|
|
// Default the user id
|
|
if (typeof data.user_id === 'undefined' || !data.user_id) {
|
|
data.user_id = access.token.getUserId(1);
|
|
}
|
|
|
|
if (typeof data.action === 'undefined' || !data.action) {
|
|
reject(new error.InternalValidationError('Audit log entry must contain an Action'));
|
|
} else {
|
|
// Make sure at least 1 of the IDs are set and action
|
|
resolve(auditLogModel
|
|
.query()
|
|
.insert({
|
|
user_id: data.user_id,
|
|
action: data.action,
|
|
object_type: data.object_type || '',
|
|
object_id: data.object_id || 0,
|
|
meta: data.meta || {}
|
|
}));
|
|
}
|
|
});
|
|
}
|
|
};
|
|
|
|
module.exports = internalAuditLog;
|