Skip to content
GitLab
Select Git revision
Find file BlameHistoryPermalink
class_logging.inc 5.13 KiB
1 
<?php
2
3 
/*
4 
  This code is part of FusionDirectory (http://www.fusiondirectory.org/)
5 
  Copyright (C) 2007  Fabian Hickert
6 
  Copyright (C) 2011-2016  FusionDirectory
7
8 
  This program is free software; you can redistribute it and/or modify
9 
  it under the terms of the GNU General Public License as published by
10 
  the Free Software Foundation; either version 2 of the License, or
11 
  (at your option) any later version.
12
13 
  This program is distributed in the hope that it will be useful,
14 
  but WITHOUT ANY WARRANTY; without even the implied warranty of
15 
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
16 
  GNU General Public License for more details.
17
18 
  You should have received a copy of the GNU General Public License
19 
  along with this program; if not, write to the Free Software
20 
  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
21 
*/
22
23 
/*!
24 
 * \file class_logging.inc
25 
 * Source code for the class logging
26 
 */
27
28 
/*!
29 
 * \brief This is the base class for the FusionDirectory logging functionality.
30 
 * All logging should lead to this class.
31 
 *
32 
 * \author  Fabian Hickert <hickert@gonicus.de>
33 
 * \version 2.6
34 
 * \date    11.04.2007
35 
 */
36 
class logging
37 
{
38 
  static $validActions = ['modify','create','remove','copy','snapshot','view','security','debug'];
39
40 
  /*!
41 
   * \brief logging method
42 
   *
43 
   * \param $action         One of these values (modify|create|remove|snapshot|copy|view|security|debug)
44 
   *
45 
   * \param $objecttype     represents the current edited objecttype, like user/user
46 
   *
47 
   * \param $object         represents the current edited object dn
48 
   *
49 
   * \param $changes_array  An array containing names of all touched attributes
50 
   *
51 
   * \param $result         A status message, containing errors or success messages
52 
   */
53 
  static function log ($action, $objecttype, $object, array $changes_array = [], $result = '')
54 
  {
55 
    global $config, $ui;
56
57 
    if ($result === NULL) {
58 
      trigger_error('"Result" parameter should not be NULL');
59 
      $result = '';
60 
    }
61
62 
    /* Create data object */
63 
    $entry = [
64 
      'timestamp'   => microtime(TRUE),
65 
      'action'      => $action,
66 
      'objecttype'  => $objecttype,
67 
      'object'      => $object,
68 
      'changes'     => $changes_array,
69 
      'result'      => $result
70 
    ];
7172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140
if (isset($ui->dn) && !empty($ui->dn)) { $entry['user'] = $ui->dn; } elseif (isset($_SERVER['REMOTE_ADDR'])) { $entry['user'] = $_SERVER['REMOTE_ADDR']; } else { $entry['user'] = 'unknown'; } /* Check if all given values are valid */ $msgs = static::check($entry); if (count($msgs)) { foreach ($msgs as $msg) { trigger_error('Logging failed, reason was: '.$msg); msg_dialog::display(_('Internal error'), sprintf(_('Logging failed: %s'), $msg), ERROR_DIALOG); } } else { if (is_object($config) && preg_match('/true/i', $config->get_cfg_value('logging', ''))) { static::log_into_syslog($entry); if (in_array($action, $config->get_cfg_value('auditActions', []))) { static::log_into_ldap($entry); } } } } /*! * \brief Check the options * * \param Array $entry to be checked */ static protected function check ($entry = []) { $msgs = []; if (!isset($entry['action']) || !in_array($entry['action'], static::$validActions)) { $msgs[] = sprintf(_('Invalid option "%s" specified!'), $entry['action']); } if (!isset($entry['objecttype']) || empty($entry['objecttype'])) { $msgs[] = _('Specified objectType is empty or invalid!'); } return $msgs; } /* * \brief This function is used to into the systems syslog * * \param Array $entry Entry to be loged */ static protected function log_into_syslog ($entry) { $str = ''; if (empty($entry['object']) && empty($entry['changes'])) { $str = '('.$entry['action'].') '.$entry['objecttype'].': '.$entry['result']; } else { $str = '('.$entry['action'].') '.$entry['object'].' of type '.$entry['objecttype'].' '.implode(',', $entry['changes']).': '.$entry['result']; } fusiondirectory_log($str); } /* * \brief This function is used to into the ldap for audit plugin * * \param Array $entry Entry to be loged */ static protected function log_into_ldap ($entry) { global $config; if ($entry['objecttype'] == 'plugin/auditEvent') {
141142143144145146147148149150151152153154155156157158159160161162163
/* Avoid infinite loop */ return; } if (empty($entry['object'])) { $entry['object'] = 'none'; } $tabObject = objects::create('auditEvent'); $baseObject = $tabObject->getBaseObject(); $baseObject->fdAuditDateTime = DateTime::createFromFormat('U.u', number_format($entry['timestamp'], 6, '.', '')); $baseObject->fdAuditAction = $entry['action']; $baseObject->fdAuditAuthorDN = $entry['user']; $baseObject->fdAuditObjectType = $entry['objecttype']; $baseObject->fdAuditObject = $entry['object']; $baseObject->fdAuditAttributes = $entry['changes']; $baseObject->fdAuditResult = $entry['result']; $baseObject->base = $config->current['BASE']; $message = $tabObject->save(); if (!empty($message)) { msg_dialog::displayChecks($message); } } }