Merge branch...

Merge branch '6350-audit-account-locked-is-not-logged-within-audit-upon-clicking-on-the-lock-icon' into 'dev' Resolve "[Audit] - Account locked is not logged within audit upon clicking on the lock icon" See merge request fusiondirectory/fd!1090

Merge branch...
Merge branch '6350-audit-account-locked-is-not-logged-within-audit-upon-clicking-on-the-lock-icon' into 'dev' Resolve "[Audit] - Account locked is not logged within audit upon clicking on the lock icon" See merge request fusiondirectory/fd!1090
3e47cf89 · dockx thibault · 34ebf49e · 2394ef23 · 3e47cf89
Commit 3e47cf89 authored 7 months ago by dockx thibault
Hide whitespace changes
Inline Side-by-side

Showing

with 25 additions and 16 deletions
+25 -16
--- a/plugins/management/users/class_userManagement.inc
+++ b/plugins/management/users/class_userManagement.inc
@@ -25,14 +25,15 @@ class userManagement extends management
  public static $skipTemplates = FALSE;
-  public static $columns = [
+  public static $columns
-    ['ObjectTypeColumn', []],
+    = [
-    ['LinkColumn', ['attributes' => 'sn', 'label' => 'Last name']],
+      ['ObjectTypeColumn', []],
-    ['LinkColumn', ['attributes' => 'givenName', 'label' => 'First name']],
+      ['LinkColumn', ['attributes' => 'sn', 'label' => 'Last name']],
-    ['Column', ['attributes' => 'uid', 'label' => 'Login']],
+      ['LinkColumn', ['attributes' => 'givenName', 'label' => 'First name']],
-    ['PropertiesColumn', ['label' => 'Properties']],
+      ['Column', ['attributes' => 'uid', 'label' => 'Login']],
-    ['ActionsColumn', ['label' => 'Actions']],
+      ['PropertiesColumn', ['label' => 'Properties']],
-  ];
+      ['ActionsColumn', ['label' => 'Actions']],
+    ];
  static function plInfo (): array
  {
@@ -117,10 +118,10 @@ class userManagement extends management
        }
        $error = new FusionDirectoryError(
          htmlescape(sprintf(
-            _('Password method "%s" does not support locking. Account "%s" has not been locked!'),
+                       _('Password method "%s" does not support locking. Account "%s" has not been locked!'),
-            $hn,
+                       $hn,
-            $dn
+                       $dn
-          ))
+                     ))
        );
        $error->display();
        return;
@@ -129,8 +130,16 @@ class userManagement extends management
      $success = TRUE;
      if (($action == 'lock') && !$method->is_locked($dn)) {
        $success = $method->lock_account($dn);
+        // Requiring logging mechanism for audit.
+        if ($success) {
+          logging::log('security', 'account', $dn, [], 'DN : ' . $dn . ' is locked.');
+        }
      } elseif (($action == 'unlock') && $method->is_locked($dn)) {
        $success = $method->unlock_account($dn);
+        // Requiring logging mechanism for audit.
+        if ($success) {
+          logging::log('security', 'account', $dn, [], 'DN : ' . $dn . ' is unlocked.');
+        }
      }
      // Check if everything went fine.
@@ -141,10 +150,10 @@ class userManagement extends management
        }
        $error = new FusionDirectoryError(
          htmlescape(sprintf(
-            _('Locking failed using password method "%s". Account "%s" has not been locked!'),
+                       _('Locking failed using password method "%s". Account "%s" has not been locked!'),
-            $hn,
+                       $hn,
-            $dn
+                       $dn
-          ))
+                     ))
        );
        $error->display();
      }