mirror of
https://bitbucket.org/jsuto/piler.git
synced 2024-12-25 07:30:12 +01:00
auditors can view audit records
This commit is contained in:
parent
c44820f0df
commit
e7c26dbcc7
@ -297,6 +297,7 @@ create table if not exists `audit` (
|
||||
`id` bigint unsigned not null auto_increment,
|
||||
`ts` int not null,
|
||||
`email` varchar(128) not null,
|
||||
`domain` varchar(128) not null,
|
||||
`action` int not null,
|
||||
`ipaddr` char(15) not null,
|
||||
`meta_id` bigint unsigned not null,
|
||||
@ -309,6 +310,7 @@ create index `audit_idx` on `audit`(`email`);
|
||||
create index `audit_idx2` on `audit`(`action`);
|
||||
create index `audit_idx3` on `audit`(`ipaddr`);
|
||||
create index `audit_idx4` on `audit`(`ts`);
|
||||
create index `audit_idx5` on `audit`(`domain`);
|
||||
|
||||
|
||||
|
||||
@ -345,3 +347,14 @@ CREATE TABLE IF NOT EXISTS `counter_stats` (
|
||||
) ENGINE=InnoDB;
|
||||
|
||||
|
||||
create table if not exists `ldap` (
|
||||
`id` int not null auto_increment primary key,
|
||||
`description` varchar(255) not null,
|
||||
`ldap_type` varchar(255) not null,
|
||||
`ldap_host` varchar(255) not null,
|
||||
`ldap_base_dn` varchar(255) not null,
|
||||
`ldap_bind_dn` varchar(255) not null,
|
||||
`ldap_bind_pw` varchar(255) not null
|
||||
) Engine=InnoDB;
|
||||
|
||||
|
||||
|
18
util/db-upgrade-0.1.23-vs-0.1.24.sql
Normal file
18
util/db-upgrade-0.1.23-vs-0.1.24.sql
Normal file
@ -0,0 +1,18 @@
|
||||
alter table `domain` add column `ldap_id` int default 0;
|
||||
|
||||
alter table `audit` add column `domain` varchar(128) not null,
|
||||
|
||||
create index `audit_idx5` on `audit`(`domain`);
|
||||
|
||||
create table if not exists `ldap` (
|
||||
`id` int not null auto_increment primary key,
|
||||
`description` varchar(255) not null,
|
||||
`ldap_type` varchar(255) not null,
|
||||
`ldap_host` varchar(255) not null,
|
||||
`ldap_base_dn` varchar(255) not null,
|
||||
`ldap_bind_dn` varchar(255) not null,
|
||||
`ldap_bind_pw` varchar(255) not null
|
||||
) Engine=InnoDB;
|
||||
|
||||
|
||||
|
@ -229,7 +229,10 @@ require_once 'config-site.php';
|
||||
if(isset($_SESSION['theme']) && preg_match("/^([a-zA-Z0-9\-\_]+)$/", $_SESSION['theme'])) { $config['THEME'] = $_SESSION['theme']; }
|
||||
|
||||
// make sure auditors are restricted in a saas environment
|
||||
if($config['ENABLE_SAAS'] == 1 && $_SESSION['username'] != 'auditor@local') { $config['RESTRICTED_AUDITOR'] = 1; }
|
||||
if($config['ENABLE_SAAS'] == 1) { $config['RESTRICTED_AUDITOR'] = 1; }
|
||||
if(isset($_SESSION['username']) && $_SESSION['username'] == 'auditor@local') { $config['RESTRICTED_AUDITOR'] = 0; }
|
||||
|
||||
|
||||
|
||||
foreach ($config as $k => $v) {
|
||||
define($k, $v);
|
||||
|
@ -14,7 +14,7 @@ class ControllerAuditAudit extends Controller {
|
||||
|
||||
$this->load->model('audit/audit');
|
||||
|
||||
if(Registry::get('admin_user') == 0) {
|
||||
if(Registry::get('admin_user') == 0 && Registry::get('auditor_user') == 0) {
|
||||
die("go away");
|
||||
}
|
||||
|
||||
|
@ -28,7 +28,7 @@ class ControllerAuditHelper extends Controller {
|
||||
|
||||
$this->load->model('audit/audit');
|
||||
|
||||
if(Registry::get('admin_user') == 0) {
|
||||
if(Registry::get('admin_user') == 0 && Registry::get('auditor_user') == 0) {
|
||||
die("go away");
|
||||
}
|
||||
|
||||
|
@ -24,6 +24,7 @@ class ControllerLoginLogin extends Controller {
|
||||
$this->load->model('user/auth');
|
||||
$this->load->model('user/user');
|
||||
$this->load->model('user/prefs');
|
||||
$this->load->model('domain/domain');
|
||||
$this->load->model('folder/folder');
|
||||
|
||||
if(ENABLE_SAAS == 1) {
|
||||
|
@ -40,6 +40,19 @@ class ModelAuditAudit extends Model {
|
||||
$where .= " AND meta_id IN (" . $this->append_search_criteria($data['ref'], $arr) . ")";
|
||||
}
|
||||
|
||||
if(Registry::get('admin_user') == 0) {
|
||||
while(list($k, $v) = each($_SESSION['auditdomains'])) {
|
||||
if($q) { $q .= ","; }
|
||||
$q .= "?";
|
||||
array_push($arr, $v);
|
||||
}
|
||||
|
||||
$where .= " AND domain IN ($q) ";
|
||||
|
||||
reset($_SESSION['auditdomains']);
|
||||
}
|
||||
|
||||
|
||||
if(isset($data['date1'])) { $date1 = $data['date1']; }
|
||||
if(isset($data['date2'])) { $date2 = $data['date2']; }
|
||||
|
||||
|
@ -39,6 +39,25 @@ class ModelDomainDomain extends Model {
|
||||
}
|
||||
|
||||
|
||||
public function get_your_all_domains_by_email($email = '') {
|
||||
$data = array();
|
||||
|
||||
if($email == '') { return $data; }
|
||||
|
||||
$a = explode("@", $email);
|
||||
|
||||
$query = $this->db->query("SELECT domain FROM " . TABLE_DOMAIN . " WHERE mapped IN (SELECT mapped FROM " . TABLE_DOMAIN . " WHERE domain=?)", array($a[1]));
|
||||
|
||||
if(isset($query->rows)) {
|
||||
foreach ($query->rows as $q) {
|
||||
array_push($data, $q['domain']);
|
||||
}
|
||||
}
|
||||
|
||||
return $data;
|
||||
}
|
||||
|
||||
|
||||
public function deleteDomain($domain = '') {
|
||||
if($domain == "") { return 0; }
|
||||
|
||||
|
@ -232,7 +232,7 @@ class ModelUserAuth extends Model {
|
||||
$_SESSION['domain'] = $a[1];
|
||||
$_SESSION['realname'] = $name;
|
||||
|
||||
$_SESSION['auditdomains'] = array();
|
||||
$_SESSION['auditdomains'] = $this->model_domain_domain->get_your_all_domains_by_email($email);
|
||||
$_SESSION['emails'] = $emails;
|
||||
$_SESSION['folders'] = array();
|
||||
$_SESSION['extra_folders'] = array();
|
||||
|
@ -26,9 +26,11 @@ function AUDIT($action = 0, $email = '', $ipaddr = '', $id = 0, $description = '
|
||||
if($ipaddr == '' && isset($_SERVER['REMOTE_ADDR'])) { $ipaddr = $_SERVER['REMOTE_ADDR']; }
|
||||
if($email == '') { $email = $_SESSION['email']; }
|
||||
|
||||
$a = explode("@", $email);
|
||||
|
||||
$db = Registry::get('db');
|
||||
|
||||
$query = $db->query("INSERT INTO " . TABLE_AUDIT . " (ts, email, action, ipaddr, meta_id, description) VALUES(?,?,?,?,?,?)", array(time(), $email, $action, $ipaddr, $id, $description));
|
||||
$query = $db->query("INSERT INTO " . TABLE_AUDIT . " (ts, email, domain, action, ipaddr, meta_id, description) VALUES(?,?,?,?,?,?,?)", array(time(), $email, $a[1], $action, $ipaddr, $id, $description));
|
||||
|
||||
return $db->countAffected();
|
||||
}
|
||||
|
@ -48,6 +48,11 @@
|
||||
|
||||
<li><a href="search.php"><i class="icon-search"></i> <?php print $text_search; ?></a></li>
|
||||
|
||||
<?php if(ENABLE_AUDIT == 1 && $auditor_user == 1) { ?>
|
||||
<li><a href="index.php?route=audit/audit"><i class="icon-book"></i> <?php print $text_audit; ?></a></li>
|
||||
<?php } ?>
|
||||
|
||||
|
||||
<?php if(ENABLE_FOLDER_RESTRICTIONS == 1) { ?>
|
||||
<li><a href="/folders.php"><i class="icon-folder-close"></i> <?php print $text_folders; ?></a></li>
|
||||
<?php } ?>
|
||||
|
Loading…
Reference in New Issue
Block a user