feat(audit): add syslog transformation option for audit logs and update task dependencies

4b6237b0 · dockx thibault · e902d940 · 4b6237b0 · 4b6237b0
Verified Commit 4b6237b0 authored 4 weeks ago by dockx thibault
Hide whitespace changes
Inline Side-by-side

Showing

with 53 additions and 12 deletions
+53 -12
--- a/audit/contrib/openldap/audit-fd.schema
+++ b/audit/contrib/openldap/audit-fd.schema
@@ -72,6 +72,12 @@ attributetype ( 1.3.6.1.4.1.38414.60.1.10 NAME 'fdAuditTasksRetention'
  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
  SINGLE-VALUE )
+attributetype ( 1.3.6.1.4.1.38414.60.1.11 NAME 'fdAuditSyslogEnabled'
+  DESC 'FusionDirectory - enable syslog transformation for audit logs'
+  EQUALITY booleanMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
+  SINGLE-VALUE )
 # Object Class
 objectclass (1.3.6.1.4.1.38414.60.2.1 NAME 'fdAuditEvent'
  DESC 'FusionDirectory - audit event'
@@ -81,5 +87,4 @@ objectclass (1.3.6.1.4.1.38414.60.2.1 NAME 'fdAuditEvent'
 objectclass (1.3.6.1.4.1.38414.60.2.2 NAME 'fdAuditTasks'
  DESC 'FusionDirectory - audit tasks'
  SUP top AUXILIARY
-  MUST ( fdAuditTasksRetention )
+  MAY ( fdAuditTasksRetention $ fdAuditSyslogEnabled ) )
-  MAY  ())
\ No newline at end of file
\ No newline at end of file
--- a/audit/workflow/tasks/class_auditTask.inc
+++ b/audit/workflow/tasks/class_auditTask.inc
@@ -22,8 +22,6 @@
 class auditTask extends simplePlugin
 {
  protected $displayHeader = TRUE;
-  // To understand the last Exec mechanism, reference yourself to Notifications tasks.
-  protected $lastExec = NULL;
  static function plInfo (): array
  {
@@ -36,7 +34,7 @@ class auditTask extends simplePlugin
      'plFilter'       => '(objectClass=fdAuditTasks)',
      'plObjectType'   => ['tasks'],
      // plConflicts take the name of the object class without the 'fd' in front.
-      'plConflicts'    => ['tasksMail', 'tasksLifeCycle', 'tasksNotifications'],
+      'plConflicts'    => ['tasksMail', 'tasksLifeCycle', 'tasksNotifications', 'tasksArchive', 'tasksReminder'],
      'plProvidedAcls' => parent::generatePlProvidedAcls(static::getAttributesInfo()),
      'plForeignKeys'  => [],
    ];
@@ -45,7 +43,7 @@ class auditTask extends simplePlugin
  static function getAttributesInfo (): array
  {
    return [
-      'section1'                => [
+      'section1' => [
        'name'  => _('Schedule Audit Retention'),
        'attrs' => [
          new IntAttribute(
@@ -54,15 +52,37 @@ class auditTask extends simplePlugin
          ),
        ]
      ],
+      'section2' => [
+        'name'  => _('Syslog Transformation'),
+        'attrs' => [
+          new BooleanAttribute(
+            _('Enable Syslog Transformation'), _('Enable transformation of audit logs into syslog format'),
+            'fdAuditSyslogEnabled', FALSE, FALSE
+          ),
+        ]
+      ],
    ];
  }
+  function __construct($dn = NULL, $object = NULL, $parent = NULL, $mainTab = FALSE)
-  function __construct ($dn = NULL, $object = NULL, $parent = NULL, $mainTab = FALSE)
  {
    parent::__construct($dn, $object, $parent, $mainTab);
-    // Set the list of available attributes to follow in the set selection
+    // Dynamically disable "Retaining days" if Syslog Transformation is enabled
+    $this->attributesAccess['fdAuditTasksRetention']->setDisabled(
+      $this->attributesAccess['fdAuditSyslogEnabled']->getValue()
+    );
+    // Add a listener to update the state dynamically when Syslog Transformation is toggled
+    $this->attributesAccess['fdAuditSyslogEnabled']->setSubmitForm('updateFieldsState');
+  }
+  function updateFieldsState()
+  {
+    // Disable "Retaining days" if Syslog Transformation is enabled
+    $this->attributesAccess['fdAuditTasksRetention']->setDisabled(
+      $this->attributesAccess['fdAuditSyslogEnabled']->getValue()
+    );
  }
  /**
@@ -71,11 +91,19 @@ class auditTask extends simplePlugin
   */
  function generateSlaveTasks ()
  {
-    // The attribute required to be search in createSlaveTasks
+    // Check if syslog transformation is enabled
+    $syslogEnabled = $this->attributesAccess['fdAuditSyslogEnabled']->getValue();
+    // The attribute required to be searched in createSlaveTasks
    $attributeType = 'fdTasksGranularDN';
-    // Call the method from parent tasks object (first tab) to create sub-tasks.
+    if ($syslogEnabled) {
-    $this->parent->getBaseObject()->createSlaveTasks(['auditRetentionTask'], $attributeType, NULL, 'Audit');
+      // Create sub-tasks for audit syslog transformation
+      $this->parent->getBaseObject()->createSlaveTasks(['auditSyslogTask'], $attributeType, NULL, 'Audit-Syslog');
+    } else {
+      // Create sub-tasks for audit deletion
+      $this->parent->getBaseObject()->createSlaveTasks(['auditRetentionTask'], $attributeType, NULL, 'Audit');
+    }
  }
  /**
@@ -83,6 +111,14 @@ class auditTask extends simplePlugin
   */
  function update (): bool
  {
+    // Ensure that both "deletion" and "syslog" are not activated at the same time
+    $syslogEnabled = $this->attributesAccess['fdAuditSyslogEnabled']->getValue();
+    $retentionDays = $this->attributesAccess['fdAuditTasksRetention']->getValue();
+    if ($syslogEnabled && $retentionDays > 0) {
+      throw new Exception(_('Audit deletion and syslog transformation cannot be activated at the same time.'));
+    }
    parent::update();
    return TRUE;