mirror of
https://gitlab.com/comunic/comunicapiv3
synced 2024-11-25 23:09:22 +00:00
Can access admin logs from the API
This commit is contained in:
parent
b20c261c7d
commit
5d97ca18cb
@ -302,5 +302,5 @@ CREATE TABLE `comunic_admin_log` (
|
|||||||
`admin_id` INT NULL,
|
`admin_id` INT NULL,
|
||||||
`ip` VARCHAR(40) NULL,
|
`ip` VARCHAR(40) NULL,
|
||||||
`time` INT NULL,
|
`time` INT NULL,
|
||||||
`action` VARCHAR(100) NULL,
|
`action` VARCHAR(255) NULL,
|
||||||
PRIMARY KEY (`id`));
|
PRIMARY KEY (`id`));
|
||||||
|
@ -28,5 +28,5 @@ CREATE TABLE `comunic_admin_log` (
|
|||||||
`admin_id` INT NULL,
|
`admin_id` INT NULL,
|
||||||
`ip` VARCHAR(40) NULL,
|
`ip` VARCHAR(40) NULL,
|
||||||
`time` INT NULL,
|
`time` INT NULL,
|
||||||
`action` VARCHAR(100) NULL,
|
`action` VARCHAR(255) NULL,
|
||||||
PRIMARY KEY (`id`));
|
PRIMARY KEY (`id`));
|
||||||
|
26
src/api_data/admin/admin_log_api.rs
Normal file
26
src/api_data/admin/admin_log_api.rs
Normal file
@ -0,0 +1,26 @@
|
|||||||
|
//! # Admin log api entry
|
||||||
|
//!
|
||||||
|
//! @author Pierre Hubert
|
||||||
|
|
||||||
|
use crate::data::admin_action_log::{AdminActionLog, AdminAction};
|
||||||
|
|
||||||
|
#[derive(serde::Serialize)]
|
||||||
|
pub struct AdminLogAPI {
|
||||||
|
id: u64,
|
||||||
|
admin_id: u64,
|
||||||
|
ip: String,
|
||||||
|
time: u64,
|
||||||
|
action: AdminAction
|
||||||
|
}
|
||||||
|
|
||||||
|
impl AdminLogAPI {
|
||||||
|
pub fn new(log: &AdminActionLog) -> Self{
|
||||||
|
Self {
|
||||||
|
id: log.id,
|
||||||
|
admin_id: log.admin_id.id(),
|
||||||
|
ip: log.ip.to_string(),
|
||||||
|
time: log.time,
|
||||||
|
action: log.action.clone()
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
@ -9,4 +9,5 @@ pub mod admin_info_api;
|
|||||||
pub mod admin_keys_api;
|
pub mod admin_keys_api;
|
||||||
pub mod admin_res_create_reset_token;
|
pub mod admin_res_create_reset_token;
|
||||||
pub mod admin_role_api;
|
pub mod admin_role_api;
|
||||||
pub mod admin_res_create_account;
|
pub mod admin_res_create_account;
|
||||||
|
pub mod admin_log_api;
|
@ -273,7 +273,7 @@ pub mod admin {
|
|||||||
pub enum AdminRole {
|
pub enum AdminRole {
|
||||||
MANAGE_ADMINS,
|
MANAGE_ADMINS,
|
||||||
MANAGE_USERS,
|
MANAGE_USERS,
|
||||||
ACCESS_FULL_ADMIN_LOGS,
|
ACCESS_ALL_ADMINS_LOGS,
|
||||||
}
|
}
|
||||||
|
|
||||||
pub struct AdminRoleMetadata {
|
pub struct AdminRoleMetadata {
|
||||||
@ -297,10 +297,10 @@ pub mod admin {
|
|||||||
description: "Allow the admin to list, reset password and delete Comunic users",
|
description: "Allow the admin to list, reset password and delete Comunic users",
|
||||||
},
|
},
|
||||||
AdminRoleMetadata {
|
AdminRoleMetadata {
|
||||||
role: AdminRole::ACCESS_FULL_ADMIN_LOGS,
|
role: AdminRole::ACCESS_ALL_ADMINS_LOGS,
|
||||||
id: "access_full_admin_logs",
|
id: "access_all_admins_logs",
|
||||||
name: "Access full admin logs",
|
name: "Access all admins logs",
|
||||||
description: "Allow the admin to access the action history of all admins",
|
description: "Allow the admin to access the action history (log) of all admins",
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
}
|
}
|
20
src/controllers/admin/admin_logs_controller.rs
Normal file
20
src/controllers/admin/admin_logs_controller.rs
Normal file
@ -0,0 +1,20 @@
|
|||||||
|
//! # Admin action history (logs) controller
|
||||||
|
//!
|
||||||
|
//! @author Pierre Hubert
|
||||||
|
|
||||||
|
use crate::routes::RequestResult;
|
||||||
|
use crate::data::http_request_handler::HttpRequestHandler;
|
||||||
|
use crate::data::base_request_handler::BaseRequestHandler;
|
||||||
|
use crate::helpers::{admin_roles_helper, admin_log_helper};
|
||||||
|
use crate::constants::admin::AdminRole;
|
||||||
|
use crate::api_data::admin::admin_log_api::AdminLogAPI;
|
||||||
|
|
||||||
|
/// Get the list of logs of the user
|
||||||
|
pub fn get_list(r: &mut HttpRequestHandler) -> RequestResult {
|
||||||
|
let logs = match admin_roles_helper::has_role(r.admin_id()?, AdminRole::ACCESS_ALL_ADMINS_LOGS)? {
|
||||||
|
true => admin_log_helper::get_all_admin_logs(),
|
||||||
|
false => admin_log_helper::get_admin_logs(r.admin_id()?)
|
||||||
|
}?;
|
||||||
|
|
||||||
|
r.set_response(logs.iter().map(AdminLogAPI::new).collect::<Vec<_>>())
|
||||||
|
}
|
@ -4,4 +4,5 @@
|
|||||||
|
|
||||||
pub mod admin_account_controller;
|
pub mod admin_account_controller;
|
||||||
pub mod admin_keys_controller;
|
pub mod admin_keys_controller;
|
||||||
pub mod admin_roles_controller;
|
pub mod admin_roles_controller;
|
||||||
|
pub mod admin_logs_controller;
|
@ -2,7 +2,7 @@
|
|||||||
|
|
||||||
use crate::data::admin::AdminID;
|
use crate::data::admin::AdminID;
|
||||||
|
|
||||||
#[derive(serde::Serialize, serde::Deserialize)]
|
#[derive(serde::Serialize, serde::Deserialize, Clone)]
|
||||||
pub enum AdminAction {
|
pub enum AdminAction {
|
||||||
AuthWithResetToken,
|
AuthWithResetToken,
|
||||||
AuthWithAccessKey { key: String, key_id: u64 },
|
AuthWithAccessKey { key: String, key_id: u64 },
|
||||||
|
@ -5,7 +5,7 @@
|
|||||||
use crate::constants::conservation_policy::ADMIN_ACTIONS_LOG_LIFETIME;
|
use crate::constants::conservation_policy::ADMIN_ACTIONS_LOG_LIFETIME;
|
||||||
use crate::constants::database_tables_names::ADMIN_LOGS_TABLE;
|
use crate::constants::database_tables_names::ADMIN_LOGS_TABLE;
|
||||||
use crate::data::admin::AdminID;
|
use crate::data::admin::AdminID;
|
||||||
use crate::data::admin_action_log::AdminAction;
|
use crate::data::admin_action_log::{AdminAction, AdminActionLog};
|
||||||
use crate::data::error::Res;
|
use crate::data::error::Res;
|
||||||
use crate::helpers::database;
|
use crate::helpers::database;
|
||||||
use crate::utils::date_utils::time;
|
use crate::utils::date_utils::time;
|
||||||
@ -26,4 +26,28 @@ pub fn clean_old_logs() -> Res {
|
|||||||
.set_custom_where("time < ?")
|
.set_custom_where("time < ?")
|
||||||
.add_custom_where_arg_u64(time() - ADMIN_ACTIONS_LOG_LIFETIME.as_secs())
|
.add_custom_where_arg_u64(time() - ADMIN_ACTIONS_LOG_LIFETIME.as_secs())
|
||||||
.exec()
|
.exec()
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/// Get all administrators action log history
|
||||||
|
pub fn get_all_admin_logs() -> Res<Vec<AdminActionLog>> {
|
||||||
|
database::QueryInfo::new(ADMIN_LOGS_TABLE).exec(db_to_log)
|
||||||
|
}
|
||||||
|
|
||||||
|
/// Get a specific administrator action log history
|
||||||
|
pub fn get_admin_logs(id: AdminID) -> Res<Vec<AdminActionLog>> {
|
||||||
|
database::QueryInfo::new(ADMIN_LOGS_TABLE)
|
||||||
|
.cond_admin_id("admin_id", id)
|
||||||
|
.exec(db_to_log)
|
||||||
|
}
|
||||||
|
|
||||||
|
fn db_to_log(row: &database::RowResult) -> Res<AdminActionLog> {
|
||||||
|
Ok(AdminActionLog {
|
||||||
|
id: row.get_u64("id")?,
|
||||||
|
admin_id: row.get_admin_id("admin_id")?,
|
||||||
|
ip: row.get_str("ip")?,
|
||||||
|
time: row.get_u64("time")?,
|
||||||
|
action: serde_json::from_str(&row.get_str("action")?)
|
||||||
|
.unwrap_or(AdminAction::UnsupportedAction),
|
||||||
|
})
|
||||||
}
|
}
|
@ -391,5 +391,8 @@ pub fn get_routes() -> Vec<Route> {
|
|||||||
// Admin roles controller
|
// Admin roles controller
|
||||||
Route::admin_post("/admin/roles/list", Box::new(admin_roles_controller::get_list)),
|
Route::admin_post("/admin/roles/list", Box::new(admin_roles_controller::get_list)),
|
||||||
Route::admin_post_restricted("/admin/roles/toggle", Box::new(admin_roles_controller::toggle), AdminRole::MANAGE_ADMINS),
|
Route::admin_post_restricted("/admin/roles/toggle", Box::new(admin_roles_controller::toggle), AdminRole::MANAGE_ADMINS),
|
||||||
|
|
||||||
|
// Admin logs controller
|
||||||
|
Route::admin_post("/admin/logs/list", Box::new(admin_logs_controller::get_list)),
|
||||||
]
|
]
|
||||||
}
|
}
|
Loading…
Reference in New Issue
Block a user