Moonlight-Panel/Moonlight
2
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added security logs. Removed unsued log models. Added dynamisc config load system for development

Browse Source
This commit is contained in:
Marcel Baumgartner
2023-07-19 20:07:57 +02:00
parent 6a30db07a7
commit 1cd0f0f96f
26 changed files with 1362 additions and 536 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
Moonlight/App/Database/DataContext.cs
View File

@@ -1,9 +1,7 @@
using Microsoft.EntityFrameworkCore;
using Moonlight.App.Database.Entities;
using Moonlight.App.Database.Entities.LogsEntries;
using Moonlight.App.Database.Entities.Notification;
using Moonlight.App.Database.Interceptors;
using Moonlight.App.Models.Misc;
using Moonlight.App.Services;
namespace Moonlight.App.Database;
@@ -27,10 +25,6 @@ public class DataContext : DbContext
public DbSet<ServerVariable> ServerVariables { get; set; }
public DbSet<User> Users { get; set; }
public DbSet<LoadingMessage> LoadingMessages { get; set; }
public DbSet<AuditLogEntry> AuditLog { get; set; }
public DbSet<ErrorLogEntry> ErrorLog { get; set; }
public DbSet<SecurityLogEntry> SecurityLog { get; set; }
public DbSet<SharedDomain> SharedDomains { get; set; }
public DbSet<Domain> Domains { get; set; }
public DbSet<Revoke> Revokes { get; set; }
@@ -47,6 +41,7 @@ public class DataContext : DbContext
public DbSet<SupportChatMessage> SupportChatMessages { get; set; }
public DbSet<IpBan> IpBans { get; set; }
public DbSet<PermissionGroup> PermissionGroups { get; set; }
public DbSet<SecurityLog> SecurityLogs { get; set; }
protected override void OnConfiguring(DbContextOptionsBuilder optionsBuilder)
{

13
Moonlight/App/Database/Entities/LogsEntries/AuditLogEntry.cs
View File

@@ -1,13 +0,0 @@
using Moonlight.App.Models.Misc;
namespace Moonlight.App.Database.Entities.LogsEntries;
public class AuditLogEntry
{
public int Id { get; set; }
public AuditLogType Type { get; set; }
public string JsonData { get; set; } = "";
public bool System { get; set; }
public string Ip { get; set; } = "";
public DateTime CreatedAt { get; set; } = DateTime.UtcNow;
}

12
Moonlight/App/Database/Entities/LogsEntries/ErrorLogEntry.cs
View File

@@ -1,12 +0,0 @@
namespace Moonlight.App.Database.Entities.LogsEntries;
public class ErrorLogEntry
{
public int Id { get; set; }
public string Stacktrace { get; set; } = "";
public bool System { get; set; }
public string JsonData { get; set; } = "";
public string Ip { get; set; } = "";
public string Class { get; set; } = "";
public DateTime CreatedAt { get; set; } = DateTime.UtcNow;
}

13
Moonlight/App/Database/Entities/LogsEntries/SecurityLogEntry.cs
View File

@@ -1,13 +0,0 @@
using Moonlight.App.Models.Misc;
namespace Moonlight.App.Database.Entities.LogsEntries;
public class SecurityLogEntry
{
public int Id { get; set; }
public bool System { get; set; }
public string Ip { get; set; } = "";
public SecurityLogType Type { get; set; }
public string JsonData { get; set; } = "";
public DateTime CreatedAt { get; set; } = DateTime.UtcNow;
}

8
Moonlight/App/Database/Entities/SecurityLog.cs Normal file
View File

@@ -0,0 +1,8 @@
namespace Moonlight.App.Database.Entities;
public class SecurityLog
{
public int Id { get; set; }
public string Text { get; set; } = "";
public DateTime CreatedAt { get; set; } = DateTime.UtcNow;
}

1068
Moonlight/App/Database/Migrations/20230718123232_RemovedOldLogsAndAddedErrorLog.Designer.cs generated Normal file
View File

File diff suppressed because it is too large Load Diff

111
Moonlight/App/Database/Migrations/20230718123232_RemovedOldLogsAndAddedErrorLog.cs Normal file
View File

@@ -0,0 +1,111 @@
using System;
using Microsoft.EntityFrameworkCore.Metadata;
using Microsoft.EntityFrameworkCore.Migrations;
#nullable disable
namespace Moonlight.App.Database.Migrations
{
/// <inheritdoc />
public partial class RemovedOldLogsAndAddedErrorLog : Migration
{
/// <inheritdoc />
protected override void Up(MigrationBuilder migrationBuilder)
{
migrationBuilder.DropTable(
name: "AuditLog");
migrationBuilder.DropTable(
name: "ErrorLog");
migrationBuilder.DropTable(
name: "SecurityLog");
migrationBuilder.CreateTable(
name: "SecurityLogs",
columns: table => new
{
Id = table.Column<int>(type: "int", nullable: false)
.Annotation("MySql:ValueGenerationStrategy", MySqlValueGenerationStrategy.IdentityColumn),
Text = table.Column<string>(type: "longtext", nullable: false)
.Annotation("MySql:CharSet", "utf8mb4"),
CreatedAt = table.Column<DateTime>(type: "datetime(6)", nullable: false)
},
constraints: table =>
{
table.PrimaryKey("PK_SecurityLogs", x => x.Id);
})
.Annotation("MySql:CharSet", "utf8mb4");
}
/// <inheritdoc />
protected override void Down(MigrationBuilder migrationBuilder)
{
migrationBuilder.DropTable(
name: "SecurityLogs");
migrationBuilder.CreateTable(
name: "AuditLog",
columns: table => new
{
Id = table.Column<int>(type: "int", nullable: false)
.Annotation("MySql:ValueGenerationStrategy", MySqlValueGenerationStrategy.IdentityColumn),
CreatedAt = table.Column<DateTime>(type: "datetime(6)", nullable: false),
Ip = table.Column<string>(type: "longtext", nullable: false)
.Annotation("MySql:CharSet", "utf8mb4"),
JsonData = table.Column<string>(type: "longtext", nullable: false)
.Annotation("MySql:CharSet", "utf8mb4"),
System = table.Column<bool>(type: "tinyint(1)", nullable: false),
Type = table.Column<int>(type: "int", nullable: false)
},
constraints: table =>
{
table.PrimaryKey("PK_AuditLog", x => x.Id);
})
.Annotation("MySql:CharSet", "utf8mb4");
migrationBuilder.CreateTable(
name: "ErrorLog",
columns: table => new
{
Id = table.Column<int>(type: "int", nullable: false)
.Annotation("MySql:ValueGenerationStrategy", MySqlValueGenerationStrategy.IdentityColumn),
Class = table.Column<string>(type: "longtext", nullable: false)
.Annotation("MySql:CharSet", "utf8mb4"),
CreatedAt = table.Column<DateTime>(type: "datetime(6)", nullable: false),
Ip = table.Column<string>(type: "longtext", nullable: false)
.Annotation("MySql:CharSet", "utf8mb4"),
JsonData = table.Column<string>(type: "longtext", nullable: false)
.Annotation("MySql:CharSet", "utf8mb4"),
Stacktrace = table.Column<string>(type: "longtext", nullable: false)
.Annotation("MySql:CharSet", "utf8mb4"),
System = table.Column<bool>(type: "tinyint(1)", nullable: false)
},
constraints: table =>
{
table.PrimaryKey("PK_ErrorLog", x => x.Id);
})
.Annotation("MySql:CharSet", "utf8mb4");
migrationBuilder.CreateTable(
name: "SecurityLog",
columns: table => new
{
Id = table.Column<int>(type: "int", nullable: false)
.Annotation("MySql:ValueGenerationStrategy", MySqlValueGenerationStrategy.IdentityColumn),
CreatedAt = table.Column<DateTime>(type: "datetime(6)", nullable: false),
Ip = table.Column<string>(type: "longtext", nullable: false)
.Annotation("MySql:CharSet", "utf8mb4"),
JsonData = table.Column<string>(type: "longtext", nullable: false)
.Annotation("MySql:CharSet", "utf8mb4"),
System = table.Column<bool>(type: "tinyint(1)", nullable: false),
Type = table.Column<int>(type: "int", nullable: false)
},
constraints: table =>
{
table.PrimaryKey("PK_SecurityLog", x => x.Id);
})
.Annotation("MySql:CharSet", "utf8mb4");
}
}
}

107
Moonlight/App/Database/Migrations/DataContextModelSnapshot.cs
View File

@@ -241,95 +241,6 @@ namespace Moonlight.App.Database.Migrations
b.ToTable("LoadingMessages");
});
modelBuilder.Entity("Moonlight.App.Database.Entities.LogsEntries.AuditLogEntry", b =>
{
b.Property<int>("Id")
.ValueGeneratedOnAdd()
.HasColumnType("int");
b.Property<DateTime>("CreatedAt")
.HasColumnType("datetime(6)");
b.Property<string>("Ip")
.IsRequired()
.HasColumnType("longtext");
b.Property<string>("JsonData")
.IsRequired()
.HasColumnType("longtext");
b.Property<bool>("System")
.HasColumnType("tinyint(1)");
b.Property<int>("Type")
.HasColumnType("int");
b.HasKey("Id");
b.ToTable("AuditLog");
});
modelBuilder.Entity("Moonlight.App.Database.Entities.LogsEntries.ErrorLogEntry", b =>
{
b.Property<int>("Id")
.ValueGeneratedOnAdd()
.HasColumnType("int");
b.Property<string>("Class")
.IsRequired()
.HasColumnType("longtext");
b.Property<DateTime>("CreatedAt")
.HasColumnType("datetime(6)");
b.Property<string>("Ip")
.IsRequired()
.HasColumnType("longtext");
b.Property<string>("JsonData")
.IsRequired()
.HasColumnType("longtext");
b.Property<string>("Stacktrace")
.IsRequired()
.HasColumnType("longtext");
b.Property<bool>("System")
.HasColumnType("tinyint(1)");
b.HasKey("Id");
b.ToTable("ErrorLog");
});
modelBuilder.Entity("Moonlight.App.Database.Entities.LogsEntries.SecurityLogEntry", b =>
{
b.Property<int>("Id")
.ValueGeneratedOnAdd()
.HasColumnType("int");
b.Property<DateTime>("CreatedAt")
.HasColumnType("datetime(6)");
b.Property<string>("Ip")
.IsRequired()
.HasColumnType("longtext");
b.Property<string>("JsonData")
.IsRequired()
.HasColumnType("longtext");
b.Property<bool>("System")
.HasColumnType("tinyint(1)");
b.Property<int>("Type")
.HasColumnType("int");
b.HasKey("Id");
b.ToTable("SecurityLog");
});
modelBuilder.Entity("Moonlight.App.Database.Entities.MySqlDatabase", b =>
{
b.Property<int>("Id")
@@ -509,6 +420,24 @@ namespace Moonlight.App.Database.Migrations
b.ToTable("Revokes");
});
modelBuilder.Entity("Moonlight.App.Database.Entities.SecurityLog", b =>
{
b.Property<int>("Id")
.ValueGeneratedOnAdd()
.HasColumnType("int");
b.Property<DateTime>("CreatedAt")
.HasColumnType("datetime(6)");
b.Property<string>("Text")
.IsRequired()
.HasColumnType("longtext");
b.HasKey("Id");
b.ToTable("SecurityLogs");
});
modelBuilder.Entity("Moonlight.App.Database.Entities.Server", b =>
{
b.Property<int>("Id")

63
Moonlight/App/Helpers/Logger.cs
View File

@@ -1,46 +1,70 @@
using System.Diagnostics;
using System.Reflection;
using Moonlight.App.Database;
using Moonlight.App.Services;
using Moonlight.App.Services.Files;
using Serilog;
namespace Moonlight.App.Helpers;
public static class Logger
{
// The private static instance of the config service, because we have no di here
private static ConfigService ConfigService = new(new StorageService());
#region String method calls
public static void Verbose(string message, string channel = "default")
{
Log.ForContext("SourceContext", GetNameOfCallingClass())
.Verbose("{Message}", message);
if(channel == "security")
LogSecurityInDb(message);
}
public static void Info(string message, string channel = "default")
{
Log.ForContext("SourceContext", GetNameOfCallingClass())
.Information("{Message}", message);
if(channel == "security")
LogSecurityInDb(message);
}
public static void Debug(string message, string channel = "default")
{
Log.ForContext("SourceContext", GetNameOfCallingClass())
.Debug("{Message}", message);
if(channel == "security")
LogSecurityInDb(message);
}
public static void Error(string message, string channel = "default")
{
Log.ForContext("SourceContext", GetNameOfCallingClass())
.Error("{Message}", message);
if(channel == "security")
LogSecurityInDb(message);
}
public static void Warn(string message, string channel = "default")
{
Log.ForContext("SourceContext", GetNameOfCallingClass())
.Warning("{Message}", message);
if(channel == "security")
LogSecurityInDb(message);
}
public static void Fatal(string message, string channel = "default")
{
Log.ForContext("SourceContext", GetNameOfCallingClass())
.Fatal("{Message}", message);
if(channel == "security")
LogSecurityInDb(message);
}
#endregion
@@ -49,36 +73,54 @@ public static class Logger
{
Log.ForContext("SourceContext", GetNameOfCallingClass())
.Verbose(exception, "");
if(channel == "security")
LogSecurityInDb(exception);
}
public static void Info(Exception exception, string channel = "default")
{
Log.ForContext("SourceContext", GetNameOfCallingClass())
.Information(exception, "");
if(channel == "security")
LogSecurityInDb(exception);
}
public static void Debug(Exception exception, string channel = "default")
{
Log.ForContext("SourceContext", GetNameOfCallingClass())
.Debug(exception, "");
if(channel == "security")
LogSecurityInDb(exception);
}
public static void Error(Exception exception, string channel = "default")
{
Log.ForContext("SourceContext", GetNameOfCallingClass())
.Error(exception, "");
if(channel == "security")
LogSecurityInDb(exception);
}
public static void Warn(Exception exception, string channel = "default")
{
Log.ForContext("SourceContext", GetNameOfCallingClass())
.Warning(exception, "");
if(channel == "security")
LogSecurityInDb(exception);
}
public static void Fatal(Exception exception, string channel = "default")
{
Log.ForContext("SourceContext", GetNameOfCallingClass())
.Fatal(exception, "");
if(channel == "security")
LogSecurityInDb(exception);
}
#endregion
@@ -105,4 +147,25 @@ public static class Logger
return fullName;
}
private static void LogSecurityInDb(Exception exception)
{
LogSecurityInDb(exception.ToStringDemystified());
}
private static void LogSecurityInDb(string text)
{
Task.Run(() =>
{
var dataContext = new DataContext(ConfigService);
dataContext.SecurityLogs.Add(new()
{
Text = text
});
dataContext.SaveChanges();
dataContext.Dispose();
});
}
}

27
Moonlight/App/Models/Misc/AuditLogType.cs
View File

@@ -1,27 +0,0 @@
namespace Moonlight.App.Models.Misc;
public enum AuditLogType
{
Login,
Register,
ChangePassword,
ChangePowerState,
CreateBackup,
RestoreBackup,
DeleteBackup,
DownloadBackup,
CreateServer,
ReinstallServer,
CancelSubscription,
ApplySubscriptionCode,
EnableTotp,
DisableTotp,
AddDomainRecord,
UpdateDomainRecord,
DeleteDomainRecord,
PasswordReset,
CleanupEnabled,
CleanupDisabled,
CleanupTriggered,
PasswordChange,
}

9
Moonlight/App/Models/Misc/SecurityLogType.cs
View File

@@ -1,9 +0,0 @@
namespace Moonlight.App.Models.Misc;
public enum SecurityLogType
{
ManipulatedJwt,
PathTransversal,
SftpBruteForce,
LoginFail
}

7
Moonlight/App/Perms/Permissions.cs
View File

@@ -393,6 +393,13 @@ public static class Permissions
Name = "Admin security permission groups",
Description = "View, add and delete permission groups"
};
public static Permission AdminSecurityLogs = new()
{
Index = 58,
Name = "Admin security logs",
Description = "View the security logs"
};
public static Permission? FromString(string name)
{

32
Moonlight/App/Repositories/LogEntries/AuditLogEntryRepository.cs
View File

@@ -1,32 +0,0 @@
using Microsoft.EntityFrameworkCore;
using Moonlight.App.Database;
using Moonlight.App.Database.Entities.LogsEntries;
namespace Moonlight.App.Repositories.LogEntries;
public class AuditLogEntryRepository : IDisposable
{
private readonly DataContext DataContext;
public AuditLogEntryRepository(DataContext dataContext)
{
DataContext = dataContext;
}
public AuditLogEntry Add(AuditLogEntry entry)
{
var x = DataContext.AuditLog.Add(entry);
DataContext.SaveChanges();
return x.Entity;
}
public DbSet<AuditLogEntry> Get()
{
return DataContext.AuditLog;
}
public void Dispose()
{
DataContext.Dispose();
}
}

32
Moonlight/App/Repositories/LogEntries/ErrorLogEntryRepository.cs
View File

@@ -1,32 +0,0 @@
using Microsoft.EntityFrameworkCore;
using Moonlight.App.Database;
using Moonlight.App.Database.Entities.LogsEntries;
namespace Moonlight.App.Repositories.LogEntries;
public class ErrorLogEntryRepository : IDisposable
{
private readonly DataContext DataContext;
public ErrorLogEntryRepository(DataContext dataContext)
{
DataContext = dataContext;
}
public ErrorLogEntry Add(ErrorLogEntry errorLogEntry)
{
var x = DataContext.ErrorLog.Add(errorLogEntry);
DataContext.SaveChanges();
return x.Entity;
}
public DbSet<ErrorLogEntry> Get()
{
return DataContext.ErrorLog;
}
public void Dispose()
{
DataContext.Dispose();
}
}

32
Moonlight/App/Repositories/LogEntries/SecurityLogEntryRepository.cs
View File

@@ -1,32 +0,0 @@
using Microsoft.EntityFrameworkCore;
using Moonlight.App.Database;
using Moonlight.App.Database.Entities.LogsEntries;
namespace Moonlight.App.Repositories.LogEntries;
public class SecurityLogEntryRepository : IDisposable
{
private readonly DataContext DataContext;
public SecurityLogEntryRepository(DataContext dataContext)
{
DataContext = dataContext;
}
public SecurityLogEntry Add(SecurityLogEntry securityLogEntry)
{
var x = DataContext.SecurityLog.Add(securityLogEntry);
DataContext.SaveChanges();
return x.Entity;
}
public DbSet<SecurityLogEntry> Get()
{
return DataContext.SecurityLog;
}
public void Dispose()
{
DataContext.Dispose();
}
}

24
Moonlight/App/Services/ConfigService.cs
View File

@@ -8,6 +8,7 @@ namespace Moonlight.App.Services;
public class ConfigService
{
private readonly StorageService StorageService;
private readonly string Path;
private ConfigV1 Configuration;
public bool DebugMode { get; private set; } = false;
@@ -18,6 +19,11 @@ public class ConfigService
StorageService = storageService;
StorageService.EnsureCreated();
if (!string.IsNullOrEmpty(Environment.GetEnvironmentVariable("ML_CONFIG_PATH")))
Path = Environment.GetEnvironmentVariable("ML_CONFIG_PATH")!;
else
Path = PathBuilder.File("storage", "configs", "config.json");
Reload();
// Env vars
@@ -40,18 +46,16 @@ public class ConfigService
public void Reload()
{
var path = PathBuilder.File("storage", "configs", "config.json");
if (!File.Exists(path))
if (!File.Exists(Path))
{
File.WriteAllText(path, "{}");
File.WriteAllText(Path, "{}");
}
Configuration = JsonConvert.DeserializeObject<ConfigV1>(
File.ReadAllText(path)
File.ReadAllText(Path)
) ?? new ConfigV1();
File.WriteAllText(path, JsonConvert.SerializeObject(Configuration, Formatting.Indented));
File.WriteAllText(Path, JsonConvert.SerializeObject(Configuration, Formatting.Indented));
}
public void Save(ConfigV1 configV1)
@@ -62,14 +66,12 @@ public class ConfigService
public void Save()
{
var path = PathBuilder.File("storage", "configs", "config.json");
if (!File.Exists(path))
if (!File.Exists(Path))
{
File.WriteAllText(path, "{}");
File.WriteAllText(Path, "{}");
}
File.WriteAllText(path, JsonConvert.SerializeObject(Configuration, Formatting.Indented));
File.WriteAllText(Path, JsonConvert.SerializeObject(Configuration, Formatting.Indented));
Reload();
}

3
Moonlight/App/Services/UserService.cs
View File

@@ -54,7 +54,10 @@ public class UserService
throw new DisplayException("This operation was disabled");
if (await TempMailService.IsTempMail(email))
{
Logger.Warn($"A user tried to use a blacklisted domain to register. Email: '{email}'", "security");
throw new DisplayException("This email is blacklisted");
}
// Check if the email is already taken
var emailTaken = UserRepository.Get().FirstOrDefault(x => x.Email == email) != null;