From 045a31174273a3e55f51a4e8bf758852bc5a904d Mon Sep 17 00:00:00 2001 From: Matteo Gheza Date: Fri, 1 Sep 2023 14:24:10 +0200 Subject: [PATCH] Add user action logs --- .../app/Http/Controllers/AuthController.php | 6 +++ .../app/Http/Controllers/LogsController.php | 23 +++++++++++ .../Controllers/ScheduleSlotsController.php | 3 ++ .../Http/Controllers/ServiceController.php | 7 ++-- .../Controllers/ServiceTypeController.php | 3 ++ .../Http/Controllers/TelegramController.php | 3 ++ backend/app/Models/Log.php | 37 ++++++++++++++++++ backend/app/Telegram/WebhookController.php | 8 ++-- backend/app/Utils/Availability.php | 19 +++++++++- backend/app/Utils/Logger.php | 38 +++++++++++++++++++ .../2023_09_01_132436_create_logs_table.php | 34 +++++++++++++++++ backend/routes/api.php | 6 ++- .../_components/table/table.component.html | 2 +- .../src/app/_routes/logs/logs.component.html | 5 +-- 14 files changed, 178 insertions(+), 16 deletions(-) create mode 100644 backend/app/Http/Controllers/LogsController.php create mode 100644 backend/app/Models/Log.php create mode 100644 backend/app/Utils/Logger.php create mode 100644 backend/database/migrations/2023_09_01_132436_create_logs_table.php diff --git a/backend/app/Http/Controllers/AuthController.php b/backend/app/Http/Controllers/AuthController.php index 11dbd6e..aed50c0 100644 --- a/backend/app/Http/Controllers/AuthController.php +++ b/backend/app/Http/Controllers/AuthController.php @@ -6,6 +6,7 @@ use App\Models\User; use Illuminate\Support\Facades\Auth; use Illuminate\Support\Facades\Hash; use Illuminate\Http\Request; +use App\Utils\Logger; class AuthController extends Controller { @@ -27,6 +28,8 @@ class AuthController extends Controller $token = $user->createToken('auth_token')->plainTextToken; + Logger::log("Creato utente $user->name ($user->username)", $user); + return response()->json([ 'access_token' => $token, 'token_type' => 'Bearer', @@ -47,6 +50,8 @@ class AuthController extends Controller $token = $user->createToken('auth_token')->plainTextToken; + Logger::log("Login", $user, $user); + return response()->json([ 'access_token' => $token, 'token_type' => 'Bearer', @@ -56,6 +61,7 @@ class AuthController extends Controller public function logout(Request $request) { //TODO: https://stackoverflow.com/a/73980629 + Logger::log("Logout"); auth('web')->logout(); return; } diff --git a/backend/app/Http/Controllers/LogsController.php b/backend/app/Http/Controllers/LogsController.php new file mode 100644 index 0000000..37bd57f --- /dev/null +++ b/backend/app/Http/Controllers/LogsController.php @@ -0,0 +1,23 @@ +json( + Log::join('users as changed_user', 'changed_user.id', '=', 'logs.changed_id') + ->join('users as editor_user', 'editor_user.id', '=', 'logs.editor_id') + ->select("logs.id", "logs.action", "logs.editor_id", "logs.changed_id", "logs.created_at", "changed_user.name as changed", "editor_user.name as editor") + ->orderBy('created_at', 'desc') + ->get() + ); + } +} diff --git a/backend/app/Http/Controllers/ScheduleSlotsController.php b/backend/app/Http/Controllers/ScheduleSlotsController.php index 6b07d6a..6db4241 100644 --- a/backend/app/Http/Controllers/ScheduleSlotsController.php +++ b/backend/app/Http/Controllers/ScheduleSlotsController.php @@ -4,6 +4,7 @@ namespace App\Http\Controllers; use App\Models\ScheduleSlots; use Illuminate\Http\Request; +use App\Utils\Logger; class ScheduleSlotsController extends Controller { @@ -29,6 +30,8 @@ class ScheduleSlotsController extends Controller return $schedule; }, $request->input('schedules')); + Logger::log("Aggiornata disponibilità oraria"); + return ScheduleSlots::insert($schedules); } } diff --git a/backend/app/Http/Controllers/ServiceController.php b/backend/app/Http/Controllers/ServiceController.php index 58ebdc1..b15b05b 100644 --- a/backend/app/Http/Controllers/ServiceController.php +++ b/backend/app/Http/Controllers/ServiceController.php @@ -7,7 +7,7 @@ use App\Models\Service; use App\Models\User; use Illuminate\Http\Request; use Illuminate\Support\Facades\Http; -use Illuminate\Support\Facades\DB; +use App\Utils\Logger; class ServiceController extends Controller { @@ -61,8 +61,6 @@ class ServiceController extends Controller */ public function createOrUpdate(Request $request) { - DB::connection()->enableQueryLog(); - $adding = !isset($request->id) || is_null($request->id); $service = $adding ? new Service() : Service::find($request->id)->with('drivers')->with('crew')->first(); @@ -134,7 +132,7 @@ class ServiceController extends Controller )); User::whereIn('id', $usersToIncrement)->increment('services'); - return response()->json(DB::getQueryLog()); + Logger::log($adding ? "Intervento aggiunto" : "Intervento modificato"); } /** @@ -146,5 +144,6 @@ class ServiceController extends Controller $usersToDecrement = $this->extractServiceUsers($service); User::whereIn('id', $usersToDecrement)->decrement('services'); $service->delete(); + Logger::log("Intervento eliminato"); } } diff --git a/backend/app/Http/Controllers/ServiceTypeController.php b/backend/app/Http/Controllers/ServiceTypeController.php index 553c89e..638198a 100644 --- a/backend/app/Http/Controllers/ServiceTypeController.php +++ b/backend/app/Http/Controllers/ServiceTypeController.php @@ -4,6 +4,7 @@ namespace App\Http\Controllers; use App\Models\ServiceType; use Illuminate\Http\Request; +use App\Utils\Logger; class ServiceTypeController extends Controller { @@ -26,6 +27,8 @@ class ServiceTypeController extends Controller $serviceType->name = $request->name; $serviceType->save(); + Logger::log("Aggiunto tipo di intervento ($serviceType->name)"); + return response()->json( $serviceType ); diff --git a/backend/app/Http/Controllers/TelegramController.php b/backend/app/Http/Controllers/TelegramController.php index 16a5d95..3be77e7 100644 --- a/backend/app/Http/Controllers/TelegramController.php +++ b/backend/app/Http/Controllers/TelegramController.php @@ -6,6 +6,7 @@ use Illuminate\Http\Request; use App\Models\TelegramBotLogins; use DefStudio\Telegraph\Models\TelegraphBot; use Illuminate\Support\Str; +use App\Utils\Logger; class TelegramController extends Controller { @@ -21,6 +22,8 @@ class TelegramController extends Controller $row->user = $request->user()->id; $row->save(); + Logger::log("Inizio procedura collegamento bot Telegram"); + return [ "start_link" => "https://t.me/$telegramBotUsername?start=$telegramBotStartParameter" ]; diff --git a/backend/app/Models/Log.php b/backend/app/Models/Log.php new file mode 100644 index 0000000..6f65092 --- /dev/null +++ b/backend/app/Models/Log.php @@ -0,0 +1,37 @@ + + */ + protected $fillable = [ + 'action', + 'ip', + 'source_type', + 'user_agent' + ]; + + public function changed(): BelongsTo + { + return $this->belongsTo(User::class); + } + + public function editor(): BelongsTo + { + return $this->belongsTo(User::class); + } +} diff --git a/backend/app/Telegram/WebhookController.php b/backend/app/Telegram/WebhookController.php index 67d2ae7..5f07ef1 100644 --- a/backend/app/Telegram/WebhookController.php +++ b/backend/app/Telegram/WebhookController.php @@ -133,7 +133,7 @@ class WebhookController extends return; } - Availability::updateAvailability($user, true); + Availability::updateAvailability($user, true, true); $this->reply("Disponibilità aggiornata con successo.\nOra sei operativo."); } @@ -144,7 +144,7 @@ class WebhookController extends return; } - Availability::updateAvailability($user, false); + Availability::updateAvailability($user, false, true); $this->reply("Disponibilità aggiornata con successo.\nOra sei non operativo."); } @@ -155,7 +155,7 @@ class WebhookController extends return; } - Availability::updateAvailabilityManualMode($user, false); + Availability::updateAvailabilityManualMode($user, false, true); $this->reply("Programmazione oraria abilitata.\nPer disabilitarla (e tornare in modalità manuale), cambiare la disponbilità usando i comandi \"/attiva\" e \"/disattiva\""); } @@ -210,7 +210,7 @@ class WebhookController extends $this->reply("⚠️ Il tuo account Allerta non è collegato con Telegram.", true); return; } - Availability::updateAvailabilityManualMode($user, false); + Availability::updateAvailabilityManualMode($user, false, true); $this->reply("✅ Programmazione oraria abilitata", true); //Delete the message that triggered the callback diff --git a/backend/app/Utils/Availability.php b/backend/app/Utils/Availability.php index e0b4a48..c334d25 100644 --- a/backend/app/Utils/Availability.php +++ b/backend/app/Utils/Availability.php @@ -5,9 +5,10 @@ namespace App\Utils; use App\Models\User; use App\Models\TelegramBotNotifications; use DefStudio\Telegraph\Facades\Telegraph; +use App\Utils\Logger; class Availability { - public static function updateAvailability(User|int $id, bool $available) + public static function updateAvailability(User|int $id, bool $available, bool $fromTelegram = false) { if(is_int($id)) { $user = User::find($id); @@ -52,13 +53,20 @@ class Availability { } } + Logger::log( + "Disponibilità cambiata in ".($available ? "disponibile" : "non disponibile"), + $user, + $fromTelegram ? $user : null, + $fromTelegram ? "telegram" : "web" + ); + return [ "updated_user_id" => $user->id, "updated_user_name" => $user->name ]; } - public static function updateAvailabilityManualMode(User|int $id, bool $manual_mode) + public static function updateAvailabilityManualMode(User|int $id, bool $manual_mode, bool $fromTelegram = false) { if(is_int($id)) { $user = User::find($id); @@ -68,6 +76,13 @@ class Availability { $user->availability_manual_mode = $manual_mode; $user->save(); + Logger::log( + ($manual_mode ? "Disattivazione" : "Attivazione")." programmazione oraria", + $user, + $fromTelegram ? $user : null, + $fromTelegram ? "telegram" : "web" + ); + return; } } \ No newline at end of file diff --git a/backend/app/Utils/Logger.php b/backend/app/Utils/Logger.php new file mode 100644 index 0000000..5108e42 --- /dev/null +++ b/backend/app/Utils/Logger.php @@ -0,0 +1,38 @@ +action = $action; + + $request = request(); + if($source_type !== "web") { + $log->ip = null; + $log->source_type = $source_type; + $log->user_agent = null; + } else { + $log->source_type = "web"; + $request = request(); + if(!is_null($request)) { + $log->ip = $request->ip(); + $log->user_agent = $request->userAgent(); + } else { + $log->ip = null; + $log->user_agent = null; + } + } + + if(is_null($changed)) $changed = auth()->user(); + $log->changed()->associate($changed); + if(is_null($editor)) $editor = auth()->user(); + $log->editor()->associate($editor); + + $log->save(); + } +} diff --git a/backend/database/migrations/2023_09_01_132436_create_logs_table.php b/backend/database/migrations/2023_09_01_132436_create_logs_table.php new file mode 100644 index 0000000..1de1d4c --- /dev/null +++ b/backend/database/migrations/2023_09_01_132436_create_logs_table.php @@ -0,0 +1,34 @@ +id(); + $table->string('action'); + $table->string('ip')->nullable(); + $table->string('source_type'); + $table->string('user_agent')->nullable(); + $table->foreignId('changed_id')->nullable()->constrained('users'); + $table->foreignId('editor_id')->nullable()->constrained('users'); + $table->timestamps(); + $table->dropColumn('updated_at'); + }); + } + + /** + * Reverse the migrations. + */ + public function down(): void + { + Schema::dropIfExists('logs'); + } +}; diff --git a/backend/routes/api.php b/backend/routes/api.php index 68f691b..41861e1 100644 --- a/backend/routes/api.php +++ b/backend/routes/api.php @@ -5,6 +5,7 @@ use App\Http\Controllers\AuthController; use App\Http\Controllers\UserController; use App\Http\Controllers\ScheduleSlotsController; use App\Http\Controllers\AvailabilityController; +use App\Http\Controllers\LogsController; use App\Http\Controllers\TelegramController; use App\Http\Controllers\ServiceController; use App\Http\Controllers\PlacesController; @@ -23,10 +24,11 @@ use Illuminate\Support\Facades\Artisan; | */ -Route::post('/register', [AuthController::class, 'register']); Route::post('/login', [AuthController::class, 'login']); Route::middleware('auth:web')->group( function () { + //Route::post('/register', [AuthController::class, 'register']); //TODO: replace with admin only route + Route::get('/me', [AuthController::class, 'me']); Route::post('/me', [AuthController::class, 'me']); @@ -52,6 +54,8 @@ Route::middleware('auth:web')->group( function () { Route::get('/places/search', [PlacesController::class, 'search']); Route::get('/places/{id}', [PlacesController::class, 'show']); + Route::get('/logs', [LogsController::class, 'index']); + Route::post('/telegram_login_token', [TelegramController::class, 'loginToken']); Route::post('/logout', [AuthController::class, 'logout']); diff --git a/frontend/src/app/_components/table/table.component.html b/frontend/src/app/_components/table/table.component.html index 92834e0..ce98cad 100644 --- a/frontend/src/app/_components/table/table.component.html +++ b/frontend/src/app/_components/table/table.component.html @@ -52,7 +52,7 @@ {{ row.action }} {{ row.changed }} {{ row.editor }} - {{ row.timestamp }} + {{ row.created_at | date: 'dd/MM/YYYY HH:mm:ss' }} diff --git a/frontend/src/app/_routes/logs/logs.component.html b/frontend/src/app/_routes/logs/logs.component.html index a8b066d..255731e 100644 --- a/frontend/src/app/_routes/logs/logs.component.html +++ b/frontend/src/app/_routes/logs/logs.component.html @@ -1,5 +1,2 @@ - - \ No newline at end of file +