mirror of
https://gitlab.com/comunic/comunicapiv3
synced 2024-12-26 13:38:51 +00:00
Can access admin logs from the API
This commit is contained in:
parent
b20c261c7d
commit
5d97ca18cb
@ -302,5 +302,5 @@ CREATE TABLE `comunic_admin_log` (
|
||||
`admin_id` INT NULL,
|
||||
`ip` VARCHAR(40) NULL,
|
||||
`time` INT NULL,
|
||||
`action` VARCHAR(100) NULL,
|
||||
`action` VARCHAR(255) NULL,
|
||||
PRIMARY KEY (`id`));
|
||||
|
@ -28,5 +28,5 @@ CREATE TABLE `comunic_admin_log` (
|
||||
`admin_id` INT NULL,
|
||||
`ip` VARCHAR(40) NULL,
|
||||
`time` INT NULL,
|
||||
`action` VARCHAR(100) NULL,
|
||||
`action` VARCHAR(255) NULL,
|
||||
PRIMARY KEY (`id`));
|
||||
|
26
src/api_data/admin/admin_log_api.rs
Normal file
26
src/api_data/admin/admin_log_api.rs
Normal file
@ -0,0 +1,26 @@
|
||||
//! # Admin log api entry
|
||||
//!
|
||||
//! @author Pierre Hubert
|
||||
|
||||
use crate::data::admin_action_log::{AdminActionLog, AdminAction};
|
||||
|
||||
#[derive(serde::Serialize)]
|
||||
pub struct AdminLogAPI {
|
||||
id: u64,
|
||||
admin_id: u64,
|
||||
ip: String,
|
||||
time: u64,
|
||||
action: AdminAction
|
||||
}
|
||||
|
||||
impl AdminLogAPI {
|
||||
pub fn new(log: &AdminActionLog) -> Self{
|
||||
Self {
|
||||
id: log.id,
|
||||
admin_id: log.admin_id.id(),
|
||||
ip: log.ip.to_string(),
|
||||
time: log.time,
|
||||
action: log.action.clone()
|
||||
}
|
||||
}
|
||||
}
|
@ -9,4 +9,5 @@ pub mod admin_info_api;
|
||||
pub mod admin_keys_api;
|
||||
pub mod admin_res_create_reset_token;
|
||||
pub mod admin_role_api;
|
||||
pub mod admin_res_create_account;
|
||||
pub mod admin_res_create_account;
|
||||
pub mod admin_log_api;
|
@ -273,7 +273,7 @@ pub mod admin {
|
||||
pub enum AdminRole {
|
||||
MANAGE_ADMINS,
|
||||
MANAGE_USERS,
|
||||
ACCESS_FULL_ADMIN_LOGS,
|
||||
ACCESS_ALL_ADMINS_LOGS,
|
||||
}
|
||||
|
||||
pub struct AdminRoleMetadata {
|
||||
@ -297,10 +297,10 @@ pub mod admin {
|
||||
description: "Allow the admin to list, reset password and delete Comunic users",
|
||||
},
|
||||
AdminRoleMetadata {
|
||||
role: AdminRole::ACCESS_FULL_ADMIN_LOGS,
|
||||
id: "access_full_admin_logs",
|
||||
name: "Access full admin logs",
|
||||
description: "Allow the admin to access the action history of all admins",
|
||||
role: AdminRole::ACCESS_ALL_ADMINS_LOGS,
|
||||
id: "access_all_admins_logs",
|
||||
name: "Access all admins logs",
|
||||
description: "Allow the admin to access the action history (log) of all admins",
|
||||
}
|
||||
];
|
||||
}
|
20
src/controllers/admin/admin_logs_controller.rs
Normal file
20
src/controllers/admin/admin_logs_controller.rs
Normal file
@ -0,0 +1,20 @@
|
||||
//! # Admin action history (logs) controller
|
||||
//!
|
||||
//! @author Pierre Hubert
|
||||
|
||||
use crate::routes::RequestResult;
|
||||
use crate::data::http_request_handler::HttpRequestHandler;
|
||||
use crate::data::base_request_handler::BaseRequestHandler;
|
||||
use crate::helpers::{admin_roles_helper, admin_log_helper};
|
||||
use crate::constants::admin::AdminRole;
|
||||
use crate::api_data::admin::admin_log_api::AdminLogAPI;
|
||||
|
||||
/// Get the list of logs of the user
|
||||
pub fn get_list(r: &mut HttpRequestHandler) -> RequestResult {
|
||||
let logs = match admin_roles_helper::has_role(r.admin_id()?, AdminRole::ACCESS_ALL_ADMINS_LOGS)? {
|
||||
true => admin_log_helper::get_all_admin_logs(),
|
||||
false => admin_log_helper::get_admin_logs(r.admin_id()?)
|
||||
}?;
|
||||
|
||||
r.set_response(logs.iter().map(AdminLogAPI::new).collect::<Vec<_>>())
|
||||
}
|
@ -4,4 +4,5 @@
|
||||
|
||||
pub mod admin_account_controller;
|
||||
pub mod admin_keys_controller;
|
||||
pub mod admin_roles_controller;
|
||||
pub mod admin_roles_controller;
|
||||
pub mod admin_logs_controller;
|
@ -2,7 +2,7 @@
|
||||
|
||||
use crate::data::admin::AdminID;
|
||||
|
||||
#[derive(serde::Serialize, serde::Deserialize)]
|
||||
#[derive(serde::Serialize, serde::Deserialize, Clone)]
|
||||
pub enum AdminAction {
|
||||
AuthWithResetToken,
|
||||
AuthWithAccessKey { key: String, key_id: u64 },
|
||||
|
@ -5,7 +5,7 @@
|
||||
use crate::constants::conservation_policy::ADMIN_ACTIONS_LOG_LIFETIME;
|
||||
use crate::constants::database_tables_names::ADMIN_LOGS_TABLE;
|
||||
use crate::data::admin::AdminID;
|
||||
use crate::data::admin_action_log::AdminAction;
|
||||
use crate::data::admin_action_log::{AdminAction, AdminActionLog};
|
||||
use crate::data::error::Res;
|
||||
use crate::helpers::database;
|
||||
use crate::utils::date_utils::time;
|
||||
@ -26,4 +26,28 @@ pub fn clean_old_logs() -> Res {
|
||||
.set_custom_where("time < ?")
|
||||
.add_custom_where_arg_u64(time() - ADMIN_ACTIONS_LOG_LIFETIME.as_secs())
|
||||
.exec()
|
||||
}
|
||||
|
||||
|
||||
/// Get all administrators action log history
|
||||
pub fn get_all_admin_logs() -> Res<Vec<AdminActionLog>> {
|
||||
database::QueryInfo::new(ADMIN_LOGS_TABLE).exec(db_to_log)
|
||||
}
|
||||
|
||||
/// Get a specific administrator action log history
|
||||
pub fn get_admin_logs(id: AdminID) -> Res<Vec<AdminActionLog>> {
|
||||
database::QueryInfo::new(ADMIN_LOGS_TABLE)
|
||||
.cond_admin_id("admin_id", id)
|
||||
.exec(db_to_log)
|
||||
}
|
||||
|
||||
fn db_to_log(row: &database::RowResult) -> Res<AdminActionLog> {
|
||||
Ok(AdminActionLog {
|
||||
id: row.get_u64("id")?,
|
||||
admin_id: row.get_admin_id("admin_id")?,
|
||||
ip: row.get_str("ip")?,
|
||||
time: row.get_u64("time")?,
|
||||
action: serde_json::from_str(&row.get_str("action")?)
|
||||
.unwrap_or(AdminAction::UnsupportedAction),
|
||||
})
|
||||
}
|
@ -391,5 +391,8 @@ pub fn get_routes() -> Vec<Route> {
|
||||
// Admin roles controller
|
||||
Route::admin_post("/admin/roles/list", Box::new(admin_roles_controller::get_list)),
|
||||
Route::admin_post_restricted("/admin/roles/toggle", Box::new(admin_roles_controller::toggle), AdminRole::MANAGE_ADMINS),
|
||||
|
||||
// Admin logs controller
|
||||
Route::admin_post("/admin/logs/list", Box::new(admin_logs_controller::get_list)),
|
||||
]
|
||||
}
|
Loading…
Reference in New Issue
Block a user