...
 
Commits (3)
......@@ -33,7 +33,7 @@ class AuditLogAttribute extends OrderedArrayAttribute
protected function getAttributeArrayValue ($key, $event)
{
try {
$author = ['html' => objects::link($event['fdAuditAuthorDN'], 'user')];
$author = ['html' => objects::link($event['fdAuditAuthorDN'], 'user', '', NULL, TRUE, ($event['fdAuditAuthorDN'] != $this->plugin->dn))];
} catch (FusionDirectoryException $e) {
$author = $event['fdAuditAuthorDN'];
}
......@@ -42,8 +42,35 @@ class AuditLogAttribute extends OrderedArrayAttribute
} catch (Exception $e) {
$time = $event['fdAuditDateTime'];
}
switch ($event['fdAuditAction']) {
case 'security':
if ($event['fdAuditObjectType'] == 'login') {
$name = _('Sign in');
} elseif ($event['fdAuditObjectType'] == 'logout') {
$name = _('Sign out');
} else {
$name = $event['fdAuditObjectType'];
}
break;
case 'modify':
if (in_array('userPassword', $event['fdAuditAttributes'])) {
$name = _('Password modification');
} else {
$name = sprintf(_('Account modification (%s)'), implode(',', $event['fdAuditAttributes']));
}
break;
case 'create':
case 'remove':
case 'copy':
case 'snapshot':
case 'view':
case 'debug':
default:
$name = $event['fdAuditAction'].' '.$event['fdAuditObjectType'];
break;
}
return [
$event['fdAuditObjectType'],
$name,
$author,
$event['fdAuditAuthorIP'] ?? '',
$time,
......
......@@ -60,9 +60,14 @@ class auditSecurity extends simplePlugin
_('Time'),
_('Result'),
]);
}
protected function loadEvents()
{
$events = objects::ls(
'auditEvent',
[
'fdAuditAction' => 1,
'fdAuditDateTime' => 1,
'fdAuditAuthorDN' => 1,
'fdAuditAuthorIP' => 1,
......@@ -72,7 +77,20 @@ class auditSecurity extends simplePlugin
'fdAuditResult' => 1
],
NULL,
'(&(|(fdAuditAction=security)(fdAuditAttributes=userPassword))(|(fdAuditObject='.$this->getUid().')(fdAuditObject='.$this->dn.')(fdAuditAuthorDN='.$this->dn.')))'
'(|'.
'(&'.
'(fdAuditAction=security)'.
'(|'.
'(fdAuditObject='.ldap_escape_f($this->getUid()).')'.
'(fdAuditObject='.ldap_escape_f($this->dn).')'.
'(fdAuditAuthorDN='.ldap_escape_f($this->dn).')'.
')'.
')'.
'(&'.
'(fdAuditAttributes=userPassword)'.
'(fdAuditObject='.ldap_escape_f($this->dn).')'.
')'.
')'
);
uasort(
$events,
......@@ -84,6 +102,12 @@ class auditSecurity extends simplePlugin
$this->fdAuditSecurityLog = $events;
}
public function execute (): string
{
$this->loadEvents();
return parent::execute();
}
protected function getUid (): string
{
if (isset($this->parent)) {
......