diff --git a/library/Icinga/Application/Hook/AuditHook.php b/library/Icinga/Application/Hook/AuditHook.php index 9d81e05a2..e6209da3f 100644 --- a/library/Icinga/Application/Hook/AuditHook.php +++ b/library/Icinga/Application/Hook/AuditHook.php @@ -5,6 +5,7 @@ namespace Icinga\Application\Hook; use Exception; use InvalidArgumentException; +use Icinga\Authentication\Auth; use Icinga\Application\Hook; use Icinga\Application\Logger; @@ -18,13 +19,23 @@ abstract class AuditHook * @param string $type An arbitrary name identifying the type of activity * @param string $message A detailed description possibly referencing parameters in $data * @param array $data Additional information (How this is stored or used is up to each implementation) + * @param string $identity An arbitrary name identifying the responsible subject, defaults to the current user + * @param int $time A timestamp defining when the activity occurred, defaults to now */ - public static function logActivity($type, $message, array $data = null) + public static function logActivity($type, $message, array $data = null, $identity = null, $time = null) { if (! Hook::has('audit')) { return; } + if ($identity === null) { + $identity = Auth::getInstance()->getUser()->getUsername(); + } + + if ($time === null) { + $time = time(); + } + foreach (Hook::all('audit') as $hook) { /** @var self $hook */ try { @@ -35,7 +46,7 @@ abstract class AuditHook $formattedMessage = $hook->formatMessage($message, $data); } - $hook->logMessage($type, $formattedMessage, $data); + $hook->logMessage($time, $identity, $type, $formattedMessage, $data); } catch (Exception $e) { Logger::error( 'Failed to propagate audit message to hook "%s". An error occurred: %s', @@ -49,11 +60,13 @@ abstract class AuditHook /** * Log a message to the audit log * + * @param int $time A timestamp defining when the activity occurred + * @param string $identity An arbitrary name identifying the responsible subject * @param string $type An arbitrary name identifying the type of activity * @param string $message A detailed description of the activity * @param array $data Additional activity information */ - abstract public function logMessage($type, $message, array $data = null); + abstract public function logMessage($time, $identity, $type, $message, array $data = null); /** * Substitute the given message with its accompanying data diff --git a/library/Icinga/Authentication/Auth.php b/library/Icinga/Authentication/Auth.php index 27e1ac98c..c627ccac0 100644 --- a/library/Icinga/Authentication/Auth.php +++ b/library/Icinga/Authentication/Auth.php @@ -165,7 +165,7 @@ class Auth if ($persist) { $this->persistCurrentUser(); } - AuditHook::logActivity('login', 'User {{username}} logged in', ['username' => $user->getUsername()]); + AuditHook::logActivity('login', 'User logged in'); } /** @@ -364,7 +364,7 @@ class Auth */ public function removeAuthorization() { - AuditHook::logActivity('logout', 'User {{username}} logged out', ['username' => $this->user->getUsername()]); + AuditHook::logActivity('logout', 'User logged out'); $this->user = null; Session::getSession()->purge(); } diff --git a/test/php/library/Icinga/Application/Hook/AuditHookTest.php b/test/php/library/Icinga/Application/Hook/AuditHookTest.php index 3ef35806b..8f0a12507 100644 --- a/test/php/library/Icinga/Application/Hook/AuditHookTest.php +++ b/test/php/library/Icinga/Application/Hook/AuditHookTest.php @@ -8,7 +8,7 @@ use Icinga\Test\BaseTestCase; class TestAuditHook extends AuditHook { - public function logMessage($type, $message, array $data = null) + public function logMessage($time, $identity, $type, $message, array $data = null) { // TODO: Implement logMessage() method. }