Skip to content
Permalink
Browse files

Audit Plugin Capability

- Add a Ticket Audit Log to show all Ticket activities
- Add a User Audit Log to show all actions a User makes in the system:
	- Login
	- Logout
	- Excessive Login Attempts
	- View Ticket (as User or Collaborator)
	- Edit Ticket Field
	- Edit User Profile
	- Create Ticket (through email or front end)
	- Add Collaborator (through email)
	- Post Message (as User or Collaborator)
  • Loading branch information...
aydreeihn committed Jan 18, 2019
1 parent 9b80889 commit 8e3fd4d4a92d2a85e8904582febf7feef3341b71
@@ -677,6 +677,10 @@ function login($user, $bk) {
$user->getUserName(), $user->getId(), $_SERVER['REMOTE_ADDR']);
$ost->logDebug(_S('User login'), $msg);
// Allow audit and other external interaction
$type = array('type' => 'Login', 'data' => array('id' => $user->getId(), 'name' => $user->getName()->name));
Signal::send('user.login', $user, $type);
if ($bk->supportsInteractiveAuthentication() && ($acct=$user->getAccount()))
$acct->cancelResetTokens();
@@ -712,6 +716,10 @@ static function signOut($user) {
$ost->logDebug(_S('User logout'),
sprintf(_S("%s logged out [%s]" /* Tokens are <username> and <ip> */),
$user->getUserName(), $_SERVER['REMOTE_ADDR']));
// Allow audit and other external interaction
$type = array('type' => 'Logout', 'data' => array('id' => $user->getId(), 'name' => $user->getName()->name));
Signal::send('user.logout', $user, $type);
}
protected function getAuthKey($user) {
@@ -950,6 +958,24 @@ function authstrike($credentials) {
_S('Attempts').": {$authsession['strikes']}";
$admin_alert = ($cfg->alertONLoginError() == 1 ? TRUE : FALSE);
$ost->logError(_S('Excessive login attempts (user)'), $alert, $admin_alert);
// Allow audit and other external interaction
if ($username) {
$account = UserAccount::lookupByUsername($username);
$id = UserEmailModel::getIdByEmail($username);
if ($account)
$user = User::lookup($account->user_id);
elseif ($id)
$user = User::lookup($id);
if ($user) {
$type = array('type' => 'Login',
'data' => array('id' => $user->getId(), 'name' => $user->getName()->name,
'msg' => 'Excessive login attempts (' . $authsession['strikes'] . ')'));
Signal::send('user.login', $user, $type);
}
}
return new AccessDenied(__('Access denied'));
} elseif($authsession['strikes']%3==0) { //Log every third failed login attempt as a warning.
$alert=_S('Username').": {$username}\n".
@@ -3048,6 +3048,10 @@ function postMessage($vars, $origin='', $alerts=true) {
// TODO: Can collaborators add others?
if ($collabs) {
$ticket->logEvent('collab', array('add' => $collabs), $message->user);
// Allow audit and other external interaction
$type = array('type' => 'Collaborator', 'data' => array('name' => $ticket->getNumber(), 'add' => $collabs));
Signal::send('object.created', $ticket, $type);
}
}
@@ -3133,6 +3137,10 @@ function postMessage($vars, $origin='', $alerts=true) {
$sentlist[] = $staff->getEmail();
}
}
// Allow audit and other external interaction
$type = array('type' => 'Message', 'uid' => $vars['userId']);
Signal::send('object.created', $this, $type);
return $message;
}
@@ -4225,6 +4233,10 @@ static function create($vars, &$errors, $origin, $autorespond=true,
// Start tracking ticket lifecycle events (created should come first!)
$ticket->logEvent('created', null, $thisstaff ?: $user);
// Allow audit and other external interaction
$type = array('type' => 'Created');
Signal::send('object.created', $ticket, $type);
// Add collaborators (if any)
if (isset($vars['ccs']) && count($vars['ccs']))
$ticket->addCollaborators($vars['ccs'], array(), $errors);
@@ -586,6 +586,9 @@ function updateInfo($vars, &$errors, $staff=false) {
$this->updated = SqlFunction::NOW();
}
}
// Allow audit and other external interaction
$type = array('type' => 'Edited', 'data' => array('id' => $this->getId(), 'name' => $this->getName()->name));
Signal::send('object.edited', $this, $type);
return $this->save();
}
@@ -3,6 +3,10 @@
$info=($_POST && $errors)?Format::htmlchars($_POST):array();
// Allow audit and other external interaction
$type = array('type' => 'Viewed');
Signal::send('object.view', $ticket, $type);
$dept = $ticket->getDept();
if ($ticket->isClosed() && !$ticket->isReopenable())
@@ -8,6 +8,10 @@
//Re-use the post info on error...savekeyboards.org (Why keyboard? -> some people care about objects than users!!)
$info=($_POST && $errors)?Format::input($_POST):array();
// Allow audit and other external interaction
$type = array('type' => 'Viewed');
Signal::send('object.view', $ticket, $type);
//Get the goodies.
$dept = $ticket->getDept(); //Dept
$role = $ticket->getRole($thisstaff);
@@ -260,6 +264,19 @@ class="icon-group"></i> <?php echo __('Team'); ?></a>
<?php
}
}
// Allow extensions to add extra items to this ticket.
// $extras should be a array of [url=>, name=>, icon=>]
$extras = new ArrayObject();
Signal::send('ticket.view.more', $ticket, $extras);
foreach ($extras as $li) {
?><li><a href="#<?php echo $li['url']; ?>"
onclick="javascript:
$.dialog($(this).attr('href').substr(1), 201);
return false"
><i class="<?php echo $li['icon'] ?: 'icon-cogs'; ?>"></i>
<?php echo $li['name'] ?: (string) $li; ?>
</a></li>
<?php }
if ($role->hasPerm(Ticket::PERM_DELETE)) {
?>
<li class="danger"><a class="ticket-action" href="#tickets/<?php
@@ -70,8 +70,20 @@ class="icon-lock"></i>
return false"
><i class="icon-paste"></i>
<?php echo __('Manage Forms'); ?></a></li>
<?php } ?>

<?php }
// Allow extensions to add extra items to this user.
// $extras should be a array of [url=>, name=>, icon=>]
$extras = new ArrayObject();
Signal::send('user.view.more', $user, $extras);
foreach ($extras as $li) {
?><li><a href="#<?php echo $li['url']; ?>"
onclick="javascript:
$.dialog($(this).attr('href').substr(1), 201);
return false"
><i class="<?php echo $li['icon'] ?: 'icon-cogs'; ?>"></i>
<?php echo $li['name'] ?: (string) $li; ?>
</a></li>
<?php } ?>
</ul>
</div>
</td>
@@ -68,6 +68,10 @@
if ($changes) {
$user = User::lookup($thisclient->getId());
$ticket->logEvent('edited', array('fields' => $changes), $user);
// Allow audit and other external interaction
$type = array('type' => 'Edited', 'data' => array('fields' => $changes));
Signal::send('object.edited', $ticket, $type);
}
$_REQUEST['a'] = null; //Clear edit action - going back to view.
}

0 comments on commit 8e3fd4d

Please sign in to comment.
You can’t perform that action at this time.