feat(audit) Add security tab on users in audit plugin

This should be hidden if security audit is not activated.
UI may be improved later.

issue #6010
parent ad76e083
<?php
/*
This code is part of FusionDirectory (http://www.fusiondirectory.org/)
Copyright (C) 2018-2019 FusionDirectory
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
*/
class AuditLogAttribute extends OrderedArrayAttribute
{
function __construct ($label, $description, $ldapName, $required = FALSE, $defaultValue = [], $acl = '')
{
Attribute::__construct($label, $description, $ldapName, $required, $defaultValue, $acl);
$this->edit_enabled = FALSE;
$this->attribute = FALSE;
$this->order = FALSE;
$this->setInLdap(FALSE);
}
protected function getAttributeArrayValue ($key, $event)
{
try {
$author = ['html' => objects::link($event['fdAuditAuthorDN'], 'user')];
} catch (FusionDirectoryException $e) {
$author = $event['fdAuditAuthorDN'];
}
try {
$time = static::formatDateDiff(LdapGeneralizedTime::fromString($event['fdAuditDateTime']));
} catch (Exception $e) {
$time = $event['fdAuditDateTime'];
}
return [
$event['fdAuditObjectType'],
$author,
$event['fdAuditAuthorIP'] ?? '',
$time,
$event['fdAuditResult'],
];
}
protected function genRowIcons ($key, $value)
{
return ['', 0];
}
public function htmlIds (): array
{
return [];
}
function renderButtons ()
{
return '';
}
public static function formatDateDiff($date) {
$now = new DateTime();
$interval = $now->diff($date);
if ($interval->y > 0) {
return sprintf(_('%s years(s) ago'), $interval->y);
}
if ($interval->m > 0) {
return sprintf(_('%s month(s) ago'), $interval->m);
}
if ($interval->d > 0) {
return sprintf(_('%s day(s) ago'), $interval->d);
}
if ($interval->h > 0) {
return sprintf(_('%s hour(s) ago'), $interval->h);
}
if ($interval->i > 0) {
return sprintf(_('%s minute(s) ago'), $interval->i);
}
if ($interval->s > 0) {
return sprintf(_('%s second(s) ago'), $interval->s);
}
return _('Now');
}
}
<?php
/*
This code is part of FusionDirectory (http://www.fusiondirectory.org/)
Copyright (C) 2018-2019 FusionDirectory
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
*/
class auditSecurity extends simplePlugin
{
static function plInfo (): array
{
return [
'plShortName' => _('Security'),
'plDescription' => _('Security audit'),
'plObjectType' => ['user'],
'plSelfModify' => TRUE,
'plProvidedAcls' => parent::generatePlProvidedAcls(static::getAttributesInfo())
];
}
static function getAttributesInfo (): array
{
return [
'main' => [
'name' => _('Security audit'),
'class' => ['fullwidth'],
'attrs' => [
new AuditLogAttribute(
'', _('Important events involving your account'),
'fdAuditSecurityLog'
),
],
//~ 'template' => get_template_path('securityaudit.tpl', TRUE, dirname(__FILE__))
],
];
}
function __construct ($dn = NULL, $object = NULL, $parent = NULL, $mainTab = FALSE)
{
parent::__construct($dn, $object, $parent, $mainTab);
$this->attributesAccess['fdAuditSecurityLog']->setHeaders([
_('Event'),
_('Author'),
_('Origin'),
_('Time'),
_('Result'),
]);
$events = objects::ls(
'auditEvent',
[
'fdAuditDateTime' => 1,
'fdAuditAuthorDN' => 1,
'fdAuditAuthorIP' => 1,
'fdAuditObjectType' => 1,
'fdAuditObject' => 1,
'fdAuditAttributes' => '*',
'fdAuditResult' => 1
],
NULL,
'(&(|(fdAuditAction=security)(fdAuditAttributes=userPassword))(|(fdAuditObject='.$this->getUid().')(fdAuditObject='.$this->dn.')(fdAuditAuthorDN='.$this->dn.')))'
);
uasort(
$events,
function ($event1, $event2)
{
return $event2['fdAuditDateTime'] <=> $event1['fdAuditDateTime'];
}
);
$this->fdAuditSecurityLog = $events;
}
protected function getUid (): string
{
if (isset($this->parent)) {
$baseobject = $this->parent->getBaseObject();
return $baseobject->uid;
}
if (isset($this->attrs['uid'][0])) {
return $this->attrs['uid'][0];
}
return '';
}
function check (): array
{
return [];
}
function save (): array
{
return [];
}
function remove (bool $fulldelete = FALSE): array
{
return [];
}
}
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment