Skip to content
GitLab
Verified Commit 8a3529c2 authored by dockx thibault's avatar dockx thibault
Browse files

:sparkles: Feat(Integrator) - a first commit of future potential audit lib cli 

audit lib first commit
parent 5337f64f
dev main 1.2
2 merge requests!52:sparkles: Releasing Fusiondirectory Integrator 1.2,!42Resolve "[Integrator] - AUDIT - Removal of audit after set period - new lib"
Pipeline #29260 failed with stages
in 49 seconds
Hide whitespace changes
Inline Side-by-side
Showing
with 73 additions and 0 deletions
+73 -0
src/FusionDirectory/Audit/AuditLib.php 0 → 100644
+ 73
0
View file @ 8a3529c2
<?php
namespace FusionDirectory\Audit;
class AuditLib
{
private $subTaskDN, $subTaskCN;
private int $auditRetention;
// Usage of CLI bool is to make sure we use proper method in case of direct CLI call. (Instead of Orchestrator).
private bool $CLI;
public function __construct (INT $auditRetention, BOOL $CLI = FALSE, STRING $subTaskDN = NULL, STRING $subTaskCN = NULL)
{
$this->auditRetention = $auditRetention;
$this->CLI = $CLI;
$this->subTaskDN = $subTaskDN;
$this->subTaskCN = $subTaskCN;
}
/**
* @param $auditRetention
* @param $subTaskDN
* @param $subTaskCN
* @return array
* Note : This will return a validation of audit log suppression
*/
public function checkAuditPassedRetention ($auditRetention, $subTaskDN, $subTaskCN): array
{
$result = [];
// Date time object will use the timezone defined in FD, code is in index.php
$today = new DateTime();
// Search in LDAP for audit entries (All entries ! This can be pretty heavy.
$audit = $this->gateway->getLdapTasks('(objectClass=fdAuditEvent)', ['fdAuditDateTime'], '', '');
// Remove the count key from the audit array.
$this->gateway->unsetCountKeys($audit);
// In case no audit exists, we have to update the tasks as well. Meaning below loop won't be reached.
if (empty($audit)) {
$result[$subTaskCN]['result'] = TRUE;
$result[$subTaskCN]['info'] = 'No audit to be removed.';
$result[$subTaskCN]['statusUpdate'] = $this->gateway->updateTaskStatus($subTaskDN, $subTaskCN, "2");
}
foreach ($audit as $record) {
// Record in Human Readable date time object
$auditDateTime = $this->generalizeLdapTimeToPhpObject($record['fdauditdatetime'][0]);
$interval = $today->diff($auditDateTime);
// Check if the interval is equal or greater than auditRetention setting
if ($interval->days >= $auditRetention) {
// If greater, delete the DN audit entry, we reuse removeSubTask method from gateway and get ldap response.(bool).
$result[$subTaskCN]['result'] = $this->gateway->removeSubTask($record['dn']);
$result[$subTaskCN]['info'] = 'Audit record removed.';
// Update tasks accordingly if LDAP succeeded. TRUE Boolean returned by ldap.
if ($result[$subTaskCN]['result']) {
// Update the subtask with the status completed a.k.a "2".
$result[$subTaskCN]['statusUpdate'] = $this->gateway->updateTaskStatus($subTaskDN, $subTaskCN, "2");
} else {
// Update the task with the LDAP potential error code.
$result[$subTaskCN]['statusUpdate'] = $this->gateway->updateTaskStatus($subTaskDN, $subTaskCN, $result[$record['dn']]['result']);
}
}
}
return $result;
}
}
\ No newline at end of file
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment