New feature: Auditing plugin

Dev Now audits participant deletions
LimeSurvey · Mar 28, 2013 · 5798711 · 5798711
1 parent 44118e9
commit 5798711
Show file tree

Hide file tree

Showing 3 changed files with 38 additions and 3 deletions.
diff --git a/application/models/Participant.php b/application/models/Participant.php
@@ -371,7 +371,14 @@ function deleteParticipants($rows, $bFilter=true)
             {
                 $aParticipantsIDs=$this->filterParticipantIDs($aParticipantsIDs);
             }
-
+            foreach($aParticipantsIDs as $aID){
+                $oParticipant=Participant::model()->findByPk($aID);
+                if ($oParticipant)
+                {
+                    $oParticipant->delete();
+                }
+            }
+
             Yii::app()->db->createCommand()->delete(Participant::model()->tableName(), array('in', 'participant_id', $aParticipantsIDs));
 
             // Delete survey links

diff --git a/plugins/AuditLog/AuditLog.php b/plugins/AuditLog/AuditLog.php
@@ -16,6 +16,7 @@ public function __construct(PluginManager $manager, $id) {
             $this->subscribe('beforeUserDelete');
             $this->subscribe('beforePermissionSetSave'); 
             $this->subscribe('beforeParticipantSave'); 
+            $this->subscribe('beforeParticipantDelete'); 
         }
 
         /**
@@ -36,6 +37,7 @@ public function beforePermissionSetSave(PluginEvent $event)
                 $oAutoLog = $this->api->newModel($this, 'log');
                 $oAutoLog->uid=$oCurrentUser->uid;
                 $oAutoLog->entity='permission';
+                $oAutoLog->entityid=$aNewPermissions['uid'].'-'.$aNewPermissions['sid'];
                 $oAutoLog->action=$sAction;
                 $oAutoLog->oldvalues=json_encode(array_diff_assoc_recursive($oOldPermission,$aNewPermissions));
                 $oAutoLog->newvalues=json_encode(array_diff_assoc_recursive($aNewPermissions,$oOldPermission));
@@ -64,18 +66,41 @@ public function beforeParticipantSave(PluginEvent $event)
 
             if (count(array_diff_assoc($aNewValues,$aOldValues)))
             {
-
                 $oAutoLog = $this->api->newModel($this, 'log');
                 $oAutoLog->uid=$oCurrentUser->uid;
                 $oAutoLog->entity='participant';
                 $oAutoLog->action='update';
+                $oAutoLog->entityid=$aNewValues['participant_id'];
                 $oAutoLog->oldvalues=json_encode(array_diff_assoc($aOldValues,$aNewValues));
                 $oAutoLog->newvalues=json_encode(array_diff_assoc($aNewValues,$aOldValues));
                 $oAutoLog->fields=implode(',',array_keys(array_diff_assoc($aNewValues,$aOldValues)));
                 $oAutoLog->save();
             }
         }        
 
+        /**
+        * Function catches if a participant was modified or created
+        * All data is saved - only the password hash is anonymized for security reasons
+        * 
+        * @param PluginEvent $event
+        */
+        public function beforeParticipantDelete(PluginEvent $event)
+        {
+            $oNewParticipant=$event->getSender();
+            $oCurrentUser=$this->api->getCurrentUser();
+
+            $aValues=$oNewParticipant->getAttributes();
+
+            $oAutoLog = $this->api->newModel($this, 'log');
+            $oAutoLog->uid=$oCurrentUser->uid;
+            $oAutoLog->entity='participant';
+            $oAutoLog->action='delete';
+            $oAutoLog->entityid=$aValues['participant_id'];
+            $oAutoLog->oldvalues=json_encode($aValues);
+            $oAutoLog->fields=implode(',',array_keys($aValues));
+            $oAutoLog->save();
+        }            
+
 
         /**
         * Function catches if a user was modified or created
@@ -109,10 +134,10 @@ public function beforeUserSave(PluginEvent $event)
 
             if (count(array_diff_assoc($aNewValues,$aOldValues)))
             {
-
                 $oAutoLog = $this->api->newModel($this, 'log');
                 $oAutoLog->uid=$oCurrentUser->uid;
                 $oAutoLog->entity='user';
+                if ($sAction=='update') $oAutoLog->entityid=$oOldUser['uid'];
                 $oAutoLog->action=$sAction;
                 $oAutoLog->oldvalues=json_encode(array_diff_assoc($aOldValues,$aNewValues));
                 $oAutoLog->newvalues=json_encode(array_diff_assoc($aNewValues,$aOldValues));
@@ -133,6 +158,7 @@ public function beforeUserDelete(PluginEvent $event)
                 $oAutoLog = $this->api->newModel($this, 'log');
                 $oAutoLog->uid=$oCurrentUser->uid;
                 $oAutoLog->entity='user';
+                $oAutoLog->entityid=$oOldUser['uid'];
                 $oAutoLog->action='delete';
                 $oAutoLog->oldvalues=json_encode($aOldValues);
                 $oAutoLog->fields=implode(',',array_keys($aOldValues));
@@ -150,6 +176,7 @@ public function beforeActivate(PluginEvent $event)
                     'created'=>'datetime',
                     'uid'=>'string',
                     'entity'=>'string',
+                    'entityid'=>'string',
                     'action'=>'string',
                     'fields'=>'text',
                     'oldvalues'=>'text',

diff --git a/styles/gringegreen/jquery-ui/jquery-ui.css b/styles/gringegreen/jquery-ui/jquery-ui.css
@@ -799,6 +799,7 @@ body .ui-tooltip {
 .ui-widget-content {
 	border: 0px solid #cdf078;
 	color: #666;
+    background-color: #fff;
 }
 .ui-widget-content a {
 	color: #666;