tyler.durden/icingaweb2-module-director
1
0
Fork 0
mirror of https://github.com/Icinga/icingaweb2-module-director.git synced 2025-07-30 17:24:18 +02:00
Code Issues Packages Projects Releases Wiki Activity

DirectorActivityLog: optionally log to file/syslog

Browse Source 
fixes #12976
This commit is contained in:
Thomas Gelf 2016-11-02 18:40:43 +01:00
parent 984740db9a
commit 468a2719a7
3 changed files with 61 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
application/forms/SettingsForm.php
View File

@ -60,6 +60,27 @@ class SettingsForm extends QuickForm
$settings->getStoredValue('disable_all_jobs') $settings->getStoredValue('disable_all_jobs')
); );
$this->addElement('select', 'enable_audit_log', array(
'label' => $this->translate('Enable audit log'),
'multiOptions' => $this->eventuallyConfiguredEnum(
'enable_audit_log',
array(
'n' => $this->translate('No'),
'y' => $this->translate('Yes'),
)
),
'description' => $this->translate(
'All changes are tracked in the Director database. In addition'
. ' you might also want to send an audit log through the Icinga'
. " Web 2 logging mechanism. That way all changes would be"
. ' written to either Syslog or the configured log file'
),
));
$this->getElement('disable_all_jobs')->setValue(
$settings->getStoredValue('disable_all_jobs')
);
$this->addElement('select', 'config_format', array( $this->addElement('select', 'config_format', array(
'label' => $this->translate('Configuration format'), 'label' => $this->translate('Configuration format'),
'multiOptions' => $this->eventuallyConfiguredEnum( 'multiOptions' => $this->eventuallyConfiguredEnum(

53
library/Director/Objects/DirectorActivityLog.php
View File

@ -7,6 +7,7 @@ use Icinga\Module\Director\Db;
use Icinga\Module\Director\Util; use Icinga\Module\Director\Util;
use Icinga\Authentication\Auth; use Icinga\Authentication\Auth;
use Icinga\Application\Icinga; use Icinga\Application\Icinga;
use Icinga\Application\Logger;
class DirectorActivityLog extends DbObject class DirectorActivityLog extends DbObject
{ {
@ -30,7 +31,11 @@ class DirectorActivityLog extends DbObject
); );
/** /**
* @param $name
*
* @codingStandardsIgnoreStart * @codingStandardsIgnoreStart
*
* @return self
*/ */
protected function setObject_Name($name) protected function setObject_Name($name)
{ {
@ -64,56 +69,76 @@ class DirectorActivityLog extends DbObject
return static::load($db->fetchOne($query), $connection); return static::load($db->fetchOne($query), $connection);
} }
public static function logCreation(DbObject $object, Db $db) public static function logCreation(IcingaObject $object, Db $db)
{ {
// TODO: extend this to support non-IcingaObjects and multikey objects
$name = $object->getObjectName();
$type = $object->getTableName();
$newProps = $object->toJson(null, true);
$data = array( $data = array(
'object_name' => $object->object_name, 'object_name' => $name,
'action_name' => 'create', 'action_name' => 'create',
'author' => self::username(), 'author' => self::username(),
'object_type' => $object->getTableName(), 'object_type' => $type,
'new_properties' => $object->toJson(null, true), 'new_properties' => $newProps,
'change_time' => date('Y-m-d H:i:s'), // TODO -> postgres! 'change_time' => date('Y-m-d H:i:s'), // TODO -> postgres!
'parent_checksum' => $db->getLastActivityChecksum() 'parent_checksum' => $db->getLastActivityChecksum()
); );
$data['checksum'] = sha1(json_encode($data), true); $data['checksum'] = sha1(json_encode($data), true);
$data['parent_checksum'] = Util::hex2binary($data['parent_checksum']); $data['parent_checksum'] = Util::hex2binary($data['parent_checksum']);
if ($db->settings()->enable_audit_log === 'y') {
Logger::info('(director) %s[%s] has been created: %s', $type, $name, $newProps);
}
return self::create($data)->store($db); return self::create($data)->store($db);
} }
public static function logModification(DbObject $object, Db $db) public static function logModification(IcingaObject $object, Db $db)
{ {
$name = $object->getObjectName();
$type = $object->getTableName();
$oldProps = json_encode($object->getPlainUnmodifiedObject());
$newProps = $object->toJson(null, true);
$data = array( $data = array(
'object_name' => $object->object_name, 'object_name' => $name,
'action_name' => 'modify', 'action_name' => 'modify',
'author' => self::username(), 'author' => self::username(),
'object_type' => $object->getTableName(), 'object_type' => $type,
'old_properties' => json_encode($object->getPlainUnmodifiedObject()), 'old_properties' => $oldProps,
'new_properties' => $object->toJson(null, true), 'new_properties' => $newProps,
'change_time' => date('Y-m-d H:i:s'), // TODO -> postgres! 'change_time' => date('Y-m-d H:i:s'), // TODO -> postgres!
'parent_checksum' => $db->getLastActivityChecksum() 'parent_checksum' => $db->getLastActivityChecksum()
); );
$data['checksum'] = sha1(json_encode($data), true); $data['checksum'] = sha1(json_encode($data), true);
$data['parent_checksum'] = Util::hex2binary($data['parent_checksum']); $data['parent_checksum'] = Util::hex2binary($data['parent_checksum']);
if ($db->settings()->enable_audit_log === 'y') {
Logger::info('(director) %s[%s] has been modified from %s to %s', $type, $name, $oldProps, $newProps);
}
return self::create($data)->store($db); return self::create($data)->store($db);
} }
public static function logRemoval(DbObject $object, Db $db) public static function logRemoval(IcingaObject $object, Db $db)
{ {
$plain = $object->getCachedUnmodifiedObject(); $name = $object->getObjectName();
$type = $object->getTableName();
$oldProps = json_encode($object->getPlainUnmodifiedObject());
$data = array( $data = array(
'object_name' => $plain->object_name, 'object_name' => $name,
'action_name' => 'delete', 'action_name' => 'delete',
'author' => self::username(), 'author' => self::username(),
'object_type' => $object->getTableName(), 'object_type' => $type,
'old_properties' => json_encode($plain), 'old_properties' => $oldProps,
'change_time' => date('Y-m-d H:i:s'), // TODO -> postgres! 'change_time' => date('Y-m-d H:i:s'), // TODO -> postgres!
'parent_checksum' => $db->getLastActivityChecksum() 'parent_checksum' => $db->getLastActivityChecksum()
); );
$data['checksum'] = sha1(json_encode($data), true); $data['checksum'] = sha1(json_encode($data), true);
$data['parent_checksum'] = Util::hex2binary($data['parent_checksum']); $data['parent_checksum'] = Util::hex2binary($data['parent_checksum']);
if ($db->settings()->enable_audit_log === 'y') {
Logger::info('(director) %s[%s] has been removed: %s', $type, $name, $oldProps);
}
return self::create($data)->store($db); return self::create($data)->store($db);
} }
} }

1
library/Director/Settings.php
View File

@ -17,6 +17,7 @@ class Settings
'override_services_varname' => '_override_servicevars', 'override_services_varname' => '_override_servicevars',
'override_services_templatename' => 'host var overrides (Director)', 'override_services_templatename' => 'host var overrides (Director)',
'disable_all_jobs' => 'n', // 'y' 'disable_all_jobs' => 'n', // 'y'
'enable_audit_log' => 'n',
// 'experimental_features' => null, // 'allow' // 'experimental_features' => null, // 'allow'
// 'master_zone' => null, // 'master_zone' => null,
); );