From 9def2ce23c56d362c9f933e7e871d6dd3fe66f78 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=B4me=20Chilliet?= <come.bernigaud@opensides.be>
Date: Thu, 2 Jun 2016 14:01:46 +0200
Subject: [PATCH] Fixes #4774 Added code for logging into LDAP when audit
 plugin is installed

---
 include/class_logging.inc | 35 +++++++++++++++++++++++++++++++----
 1 file changed, 31 insertions(+), 4 deletions(-)

diff --git a/include/class_logging.inc b/include/class_logging.inc
index b9a38c146..1e0b4343a 100644
--- a/include/class_logging.inc
+++ b/include/class_logging.inc
@@ -39,7 +39,7 @@ class logging {
   /*!
    * \brief logging method
    *
-   * \param $action         One of these values (modify|create|remove|snapshot|copy)
+   * \param $action         One of these values (modify|create|remove|snapshot|copy|view|security|debug)
    *
    * \param $objecttype     represents the current edited objecttype, like user/user
    *
@@ -63,7 +63,7 @@ class logging {
       'action'      => $action,
       'objecttype'  => $objecttype,
       'object'      => $object,
-      'changes'     => implode(',', $changes_array),
+      'changes'     => $changes_array,
       'result'      => $result
     );
     if (isset($ui->dn) && !empty($ui->dn)) {
@@ -82,6 +82,9 @@ class logging {
     } else {
       if (is_object($config) && preg_match('/true/i', $config->get_cfg_value('logging', ''))) {
         static::log_into_syslog($entry);
+        if (in_array($action, $config->get_cfg_value('auditActions', array()))) {
+          static::log_into_ldap($entry);
+        }
       }
     }
   }
@@ -111,15 +114,39 @@ class logging {
    *
    * \param Array $entry Entry to be loged
    */
-  static function protected log_into_syslog($entry)
+  static protected function log_into_syslog($entry)
   {
     $str = '';
     if (empty($entry['object']) && empty($entry['changes'])) {
       $str = '('.$entry['action'].') '.$entry['objecttype'].': '.$entry['result'];
     } else {
-      $str = '('.$entry['action'].') '.$entry['object'].' of type '.$entry['objecttype'].' '.$entry['changes'].': '.$entry['result'];
+      $str = '('.$entry['action'].') '.$entry['object'].' of type '.$entry['objecttype'].' '.implode(',', $entry['changes']).': '.$entry['result'];
     }
     fusiondirectory_log($str);
   }
+
+  /*
+   * \brief This function is used to into the ldap for audit plugin
+   *
+   * \param Array $entry Entry to be loged
+   */
+  static protected function log_into_ldap($entry)
+  {
+    $tabObject = objects::create('auditAction');
+    $baseObject = $tabObject->getBaseObject();
+    $baseObject->fdAuditDateTime    = $entry['timestamp'];
+    $baseObject->fdAuditAction      = $entry['action'];
+    $baseObject->fdAuditAuthorDN    = $entry['user'];
+    $baseObject->fdAuditObjectType  = $entry['objecttype'];
+    $baseObject->fdAuditObject      = $entry['object'];
+    $baseObject->fdAuditAttributes  = $entry['changes'];
+    $baseObject->fdAuditResult      = $entry['result'];
+    $message = $tabObject->check();
+    if (count($message) == 0) {
+      $tabObject->save();
+    } else {
+      msg_dialog::displayChecks($message);
+    }
+  }
 }
 ?>
-- 
GitLab