Skip to content

Commit

Permalink
API: Added audit log list endpoint
Browse files Browse the repository at this point in the history 
Not yested covered with testing.
Changes database columns for more presentable names and for future use
to connect additional model types.
For #4316
  • Loading branch information
@ssddanbrown
ssddanbrown committed May 4, 2024
1 parent dd251d9 commit 3946158
Show file tree
Hide file tree
Showing 10 changed files with 165 additions and 26 deletions.
10 changes: 5 additions & 5 deletions app/Activity/ActivityQueries.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,14 +27,14 @@ public function __construct(
public function latest(int $count = 20, int $page = 0): array
{
$activityList = $this->permissions
->restrictEntityRelationQuery(Activity::query(), 'activities', 'entity_id', 'entity_type')
->restrictEntityRelationQuery(Activity::query(), 'activities', 'loggable_id', 'loggable_type')
->orderBy('created_at', 'desc')
->with(['user'])
->skip($count * $page)
->take($count)
->get();

$this->listLoader->loadIntoRelations($activityList->all(), 'entity', false);
$this->listLoader->loadIntoRelations($activityList->all(), 'loggable', false);

return $this->filterSimilar($activityList);
}
Expand All @@ -59,8 +59,8 @@ public function entityActivity(Entity $entity, int $count = 20, int $page = 1):
$query->where(function (Builder $query) use ($queryIds) {
foreach ($queryIds as $morphClass => $idArr) {
$query->orWhere(function (Builder $innerQuery) use ($morphClass, $idArr) {
$innerQuery->where('entity_type', '=', $morphClass)
->whereIn('entity_id', $idArr);
$innerQuery->where('loggable_type', '=', $morphClass)
->whereIn('loggable_id', $idArr);
});
}
});
Expand All @@ -82,7 +82,7 @@ public function entityActivity(Entity $entity, int $count = 20, int $page = 1):
public function userActivity(User $user, int $count = 20, int $page = 0): array
{
$activityList = $this->permissions
->restrictEntityRelationQuery(Activity::query(), 'activities', 'entity_id', 'entity_type')
->restrictEntityRelationQuery(Activity::query(), 'activities', 'loggable_id', 'loggable_type')
->orderBy('created_at', 'desc')
->where('user_id', '=', $user->id)
->skip($count * $page)
Expand Down
28 changes: 28 additions & 0 deletions app/Activity/Controllers/AuditLogApiController.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
<?php

namespace BookStack\Activity\Controllers;

use BookStack\Activity\Models\Activity;
use BookStack\Http\ApiController;

class AuditLogApiController extends ApiController
{
/**
* Get a listing of audit log events in the system.
* The loggable relation fields currently only relates to core
* content types (page, book, bookshelf, chapter) but this may be
* used more in the future across other types.
* Requires permission to manage both users and system settings.
*/
public function list()
{
$this->checkPermission('settings-manage');
$this->checkPermission('users-manage');

$query = Activity::query()->with(['user']);

return $this->apiListingResponse($query, [
'id', 'type', 'detail', 'user_id', 'loggable_id', 'loggable_type', 'ip', 'created_at',
]);
}
}
2 changes: 1 addition & 1 deletion app/Activity/Controllers/AuditLogController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ public function index(Request $request)

$query = Activity::query()
->with([
'entity' => fn ($query) => $query->withTrashed(),
'loggable' => fn ($query) => $query->withTrashed(),
'user',
])
->orderBy($listOptions->getSort(), $listOptions->getOrder());
Expand Down
24 changes: 11 additions & 13 deletions app/Activity/Models/Activity.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,24 +17,22 @@
* @property User $user
* @property Entity $entity
* @property string $detail
* @property string $entity_type
* @property int $entity_id
* @property string $loggable_type
* @property int $loggable_id
* @property int $user_id
* @property Carbon $created_at
* @property Carbon $updated_at
*/
class Activity extends Model
{
/**
* Get the entity for this activity.
* Get the loggable model related to this activity.
* Currently only used for entities (previously entity_[id/type] columns).
* Could be used for others but will need an audit of uses where assumed
* to be entities.
*/
public function entity(): MorphTo
public function loggable(): MorphTo
{
if ($this->entity_type === '') {
$this->entity_type = null;
}

return $this->morphTo('entity');
return $this->morphTo('loggable');
}

/**
Expand All @@ -47,8 +45,8 @@ public function user(): BelongsTo

public function jointPermissions(): HasMany
{
return $this->hasMany(JointPermission::class, 'entity_id', 'entity_id')
->whereColumn('activities.entity_type', '=', 'joint_permissions.entity_type');
return $this->hasMany(JointPermission::class, 'entity_id', 'loggable_id')
->whereColumn('activities.loggable_type', '=', 'joint_permissions.entity_type');
}

/**
Expand All @@ -74,6 +72,6 @@ public function isForEntity(): bool
*/
public function isSimilarTo(self $activityB): bool
{
return [$this->type, $this->entity_type, $this->entity_id] === [$activityB->type, $activityB->entity_type, $activityB->entity_id];
return [$this->type, $this->loggable_type, $this->loggable_id] === [$activityB->type, $activityB->loggable_type, $activityB->loggable_id];
}
}
10 changes: 5 additions & 5 deletions app/Activity/Tools/ActivityLogger.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,8 +32,8 @@ public function add(string $type, string|Loggable $detail = ''): void
$activity->detail = $detailToStore;

if ($detail instanceof Entity) {
$activity->entity_id = $detail->id;
$activity->entity_type = $detail->getMorphClass();
$activity->loggable_id = $detail->id;
$activity->loggable_type = $detail->getMorphClass();
}

$activity->save();
Expand Down Expand Up @@ -64,9 +64,9 @@ protected function newActivityForUser(string $type): Activity
public function removeEntity(Entity $entity): void
{
$entity->activity()->update([
'detail' => $entity->name,
'entity_id' => null,
'entity_type' => null,
'detail' => $entity->name,
'loggable_id' => null,
'loggable_type' => null,
]);
}

Expand Down
2 changes: 1 addition & 1 deletion app/Console/Commands/ClearActivityCommand.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ class ClearActivityCommand extends Command
*
* @var string
*/
protected $description = 'Clear user activity from the system';
protected $description = 'Clear user (audit-log) activity from the system';

/**
* Execute the console command.
Expand Down
2 changes: 1 addition & 1 deletion app/Entities/Models/Entity.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -137,7 +137,7 @@ public function matchesOrContains(self $entity): bool
*/
public function activity(): MorphMany
{
return $this->morphMany(Activity::class, 'entity')
return $this->morphMany(Activity::class, 'loggable')
->orderBy('created_at', 'desc');
}

Expand Down
30 changes: 30 additions & 0 deletions database/migrations/2024_05_04_154409_rename_activity_relation_columns.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
<?php

use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;

return new class extends Migration
{
/**
* Run the migrations.
*/
public function up(): void
{
Schema::table('activities', function (Blueprint $table) {
$table->renameColumn('entity_id', 'loggable_id');
$table->renameColumn('entity_type', 'loggable_type');
});
}

/**
* Reverse the migrations.
*/
public function down(): void
{
Schema::table('activities', function (Blueprint $table) {
$table->renameColumn('loggable_id', 'entity_id');
$table->renameColumn('loggable_type', 'entity_type');
});
}
};
80 changes: 80 additions & 0 deletions dev/api/responses/audit-log-list.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,80 @@
{
"data": [
{
"id": 1,
"type": "bookshelf_create",
"detail": "",
"user_id": 1,
"loggable_id": 1,
"loggable_type": "bookshelf",
"ip": "124.4.x.x",
"created_at": "2021-09-29T12:32:02.000000Z",
"user": {
"id": 1,
"name": "Admins",
"slug": "admins"
}
},
{
"id": 2,
"type": "auth_login",
"detail": "standard; (1) Admin",
"user_id": 1,
"loggable_id": null,
"loggable_type": null,
"ip": "127.0.x.x",
"created_at": "2021-09-29T12:32:04.000000Z",
"user": {
"id": 1,
"name": "Admins",
"slug": "admins"
}
},
{
"id": 3,
"type": "bookshelf_update",
"detail": "",
"user_id": 1,
"loggable_id": 1,
"loggable_type": "bookshelf",
"ip": "127.0.x.x",
"created_at": "2021-09-29T12:32:07.000000Z",
"user": {
"id": 1,
"name": "Admins",
"slug": "admins"
}
},
{
"id": 4,
"type": "page_create",
"detail": "",
"user_id": 1,
"loggable_id": 1,
"loggable_type": "page",
"ip": "127.0.x.x",
"created_at": "2021-09-29T12:32:13.000000Z",
"user": {
"id": 1,
"name": "Admins",
"slug": "admins"
}
},
{
"id": 5,
"type": "page_update",
"detail": "",
"user_id": 1,
"loggable_id": 1,
"loggable_type": "page",
"ip": "127.0.x.x",
"created_at": "2021-09-29T12:37:27.000000Z",
"user": {
"id": 1,
"name": "Admins",
"slug": "admins"
}
}
],
"total": 6088
}
3 changes: 3 additions & 0 deletions routes/api.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@
* Controllers all end with "ApiController"
*/

use BookStack\Activity\Controllers\AuditLogApiController;
use BookStack\Api\ApiDocsController;
use BookStack\Entities\Controllers as EntityControllers;
use BookStack\Permissions\ContentPermissionApiController;
Expand Down Expand Up @@ -89,3 +90,5 @@

Route::get('content-permissions/{contentType}/{contentId}', [ContentPermissionApiController::class, 'read']);
Route::put('content-permissions/{contentType}/{contentId}', [ContentPermissionApiController::class, 'update']);

Route::get('audit-log', [AuditLogApiController::class, 'list']);

0 comments on commit 3946158

Please sign in to comment.