Moonlight-Panel/Moonlight
2
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

new audit log

Browse Source
This commit is contained in:
Daniel Balk
2023-04-03 19:40:42 +02:00
parent 48a0d3452e
commit b6ef64a766
11 changed files with 130 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
Moonlight/App/Models/Log/LogData.cs Normal file
View File

@@ -0,0 +1,7 @@
namespace Moonlight.App.Models.Log;
public class LogData
{
public Type Type { get; set; }
public string Value { get; set; }
}

18
Moonlight/App/Services/DomainService.cs
View File

@@ -169,7 +169,11 @@ public class DomainService
})); }));
} }
await AuditLogService.Log(AuditLogType.AddDomainRecord, new[] { d.Id.ToString(), dnsRecord.Name }); await AuditLogService.Log(AuditLogType.AddDomainRecord, x =>
{
x.Add<Domain>(d.Id);
x.Add<DnsRecord>(dnsRecord.Name);
});
} }
public async Task UpdateDnsRecord(Domain d, DnsRecord dnsRecord) public async Task UpdateDnsRecord(Domain d, DnsRecord dnsRecord)
@@ -199,7 +203,11 @@ public class DomainService
})); }));
} }
await AuditLogService.Log(AuditLogType.UpdateDomainRecord, new[] { d.Id.ToString(), dnsRecord.Name }); await AuditLogService.Log(AuditLogType.UpdateDomainRecord, x =>
{
x.Add<Domain>(d.Id);
x.Add<DnsRecord>(dnsRecord.Name);
});
} }
public async Task DeleteDnsRecord(Domain d, DnsRecord dnsRecord) public async Task DeleteDnsRecord(Domain d, DnsRecord dnsRecord)
@@ -210,7 +218,11 @@ public class DomainService
await Client.Zones.DnsRecords.DeleteAsync(domain.SharedDomain.CloudflareId, dnsRecord.Id) await Client.Zones.DnsRecords.DeleteAsync(domain.SharedDomain.CloudflareId, dnsRecord.Id)
); );
await AuditLogService.Log(AuditLogType.DeleteDomainRecord, new[] { d.Id.ToString(), dnsRecord.Name }); await AuditLogService.Log(AuditLogType.DeleteDomainRecord, x =>
{
x.Add<Domain>(d.Id);
x.Add<DnsRecord>(dnsRecord.Name);
});
} }
private Domain EnsureData(Domain domain) private Domain EnsureData(Domain domain)

26
Moonlight/App/Services/LogServices/AuditLogService.cs
View File

@@ -1,4 +1,5 @@
using Moonlight.App.Database.Entities.LogsEntries; using Moonlight.App.Database.Entities.LogsEntries;
using Moonlight.App.Models.Log;
using Moonlight.App.Models.Misc; using Moonlight.App.Models.Misc;
using Moonlight.App.Repositories.LogEntries; using Moonlight.App.Repositories.LogEntries;
using Moonlight.App.Services.Sessions; using Moonlight.App.Services.Sessions;
@@ -19,16 +20,18 @@ public class AuditLogService
HttpContextAccessor = httpContextAccessor; HttpContextAccessor = httpContextAccessor;
} }
public Task Log(AuditLogType type, params object[] data) public Task Log(AuditLogType type, Action<AuditLogParameters> data)
{ {
var ip = GetIp(); var ip = GetIp();
var al = new AuditLogParameters();
data(al);
var entry = new AuditLogEntry() var entry = new AuditLogEntry()
{ {
Ip = ip, Ip = ip,
Type = type, Type = type,
System = false, System = false,
JsonData = data.Length == 0 ? "" : JsonConvert.SerializeObject(data) JsonData = al.Build()
}; };
Repository.Add(entry); Repository.Add(entry);
@@ -62,4 +65,23 @@ public class AuditLogService
return HttpContextAccessor.HttpContext.Connection.RemoteIpAddress!.ToString(); return HttpContextAccessor.HttpContext.Connection.RemoteIpAddress!.ToString();
} }
public class AuditLogParameters
{
private List<LogData> Data = new List<LogData>();
public void Add<T>(object data)
{
Data.Add(new LogData()
{
Type = typeof(T),
Value = data.ToString()
});
}
internal string Build()
{
return JsonConvert.SerializeObject(Data);
}
}
} }

40
Moonlight/App/Services/ServerService.cs
View File

@@ -96,7 +96,11 @@ public class ServerService
Action = rawSignal Action = rawSignal
}); });
await AuditLogService.Log(AuditLogType.ChangePowerState, new[] { server.Uuid.ToString(), rawSignal }); await AuditLogService.Log(AuditLogType.ChangePowerState, x =>
{
x.Add<Server>(server.Uuid);
x.Add<PowerSignal>(rawSignal);
});
} }
public async Task<ServerBackup> CreateBackup(Server server) public async Task<ServerBackup> CreateBackup(Server server)
@@ -126,7 +130,11 @@ public class ServerService
}); });
await AuditLogService.Log(AuditLogType.CreateBackup, await AuditLogService.Log(AuditLogType.CreateBackup,
new[] { serverData.Uuid.ToString(), backup.Uuid.ToString() }); x =>
{
x.Add<Server>(server.Uuid);
x.Add<ServerBackup>(backup.Uuid);
});
return backup; return backup;
} }
@@ -164,7 +172,11 @@ public class ServerService
}); });
await AuditLogService.Log(AuditLogType.RestoreBackup, await AuditLogService.Log(AuditLogType.RestoreBackup,
new[] { s.Uuid.ToString(), serverBackup.Uuid.ToString() }); x =>
{
x.Add<Server>(server.Uuid);
x.Add<ServerBackup>(serverBackup.Uuid);
});
} }
public async Task DeleteBackup(Server server, ServerBackup serverBackup) public async Task DeleteBackup(Server server, ServerBackup serverBackup)
@@ -186,7 +198,11 @@ public class ServerService
await MessageService.Emit("wings.backups.delete", backup); await MessageService.Emit("wings.backups.delete", backup);
await AuditLogService.Log(AuditLogType.DeleteBackup, await AuditLogService.Log(AuditLogType.DeleteBackup,
new[] { serverBackup.Uuid.ToString(), serverBackup.Uuid.ToString() }); x =>
{
x.Add<Server>(server.Uuid);
x.Add<ServerBackup>(backup.Uuid);
});
} }
public async Task<string> DownloadBackup(Server s, ServerBackup serverBackup) public async Task<string> DownloadBackup(Server s, ServerBackup serverBackup)
@@ -200,7 +216,11 @@ public class ServerService
}); });
await AuditLogService.Log(AuditLogType.DownloadBackup, await AuditLogService.Log(AuditLogType.DownloadBackup,
new[] { serverBackup.Uuid.ToString(), serverBackup.Uuid.ToString() }); x =>
{
x.Add<Server>(server.Uuid);
x.Add<ServerBackup>(serverBackup.Uuid);
});
return $"https://{server.Node.Fqdn}:{server.Node.HttpPort}/download/backup?token={token}"; return $"https://{server.Node.Fqdn}:{server.Node.HttpPort}/download/backup?token={token}";
} }
@@ -305,7 +325,10 @@ public class ServerService
StartOnCompletion = false StartOnCompletion = false
}); });
await AuditLogService.Log(AuditLogType.CreateServer, newServerData.Uuid.ToString()); await AuditLogService.Log(AuditLogType.CreateServer, x =>
{
x.Add<Server>(newServerData.Uuid);
});
return newServerData; return newServerData;
} }
@@ -325,7 +348,10 @@ public class ServerService
await WingsApiHelper.Post(server.Node, $"api/servers/{server.Uuid}/reinstall", null); await WingsApiHelper.Post(server.Node, $"api/servers/{server.Uuid}/reinstall", null);
await AuditLogService.Log(AuditLogType.ReinstallServer, server.Uuid.ToString()); await AuditLogService.Log(AuditLogType.ReinstallServer, x =>
{
x.Add<Server>(server.Uuid);
});
} }
public async Task<Server> SftpServerLogin(int serverId, int id, string password) public async Task<Server> SftpServerLogin(int serverId, int id, string password)

13
Moonlight/App/Services/TotpService.cs
View File

@@ -1,4 +1,5 @@
using Moonlight.App.Models.Misc; using Moonlight.App.Database.Entities;
using Moonlight.App.Models.Misc;
using Moonlight.App.Repositories; using Moonlight.App.Repositories;
using Moonlight.App.Services.LogServices; using Moonlight.App.Services.LogServices;
using Moonlight.App.Services.Sessions; using Moonlight.App.Services.Sessions;
@@ -51,7 +52,10 @@ public class TotpService
UserRepository.Update(user); UserRepository.Update(user);
await AuditLogService.Log(AuditLogType.EnableTotp, user.Email); await AuditLogService.Log(AuditLogType.EnableTotp, x =>
{
x.Add<User>(user.Email);
});
} }
public async Task EnforceTotpLogin() public async Task EnforceTotpLogin()
@@ -70,7 +74,10 @@ public class TotpService
UserRepository.Update(user); UserRepository.Update(user);
await AuditLogService.Log(AuditLogType.DisableTotp, user.Email); await AuditLogService.Log(AuditLogType.DisableTotp,x =>
{
x.Add<User>(user.Email);
});
} }
private string GenerateSecret() private string GenerateSecret()

22
Moonlight/App/Services/UserService.cs
View File

@@ -77,7 +77,10 @@ public class UserService
}); });
await MailService.SendMail(user!, "register", values => {}); await MailService.SendMail(user!, "register", values => {});
await AuditLogService.Log(AuditLogType.Register, user.Email); await AuditLogService.Log(AuditLogType.Register, x =>
{
x.Add<User>(user.Email);
});
return await GenerateToken(user); return await GenerateToken(user);
} }
@@ -125,7 +128,10 @@ public class UserService
if (totpCodeValid) if (totpCodeValid)
{ {
await AuditLogService.Log(AuditLogType.Login, email); await AuditLogService.Log(AuditLogType.Login, x =>
{
x.Add<User>(email);
});
return await GenerateToken(user, true); return await GenerateToken(user, true);
} }
else else
@@ -136,7 +142,10 @@ public class UserService
} }
else else
{ {
await AuditLogService.Log(AuditLogType.Login, email); await AuditLogService.Log(AuditLogType.Login, x =>
{
x.Add<User>(email);
});
return await GenerateToken(user!, true); return await GenerateToken(user!, true);
} }
} }
@@ -160,7 +169,10 @@ public class UserService
values.Add("Location", "In your walls"); values.Add("Location", "In your walls");
}); });
await AuditLogService.Log(AuditLogType.ChangePassword, user.Email); await AuditLogService.Log(AuditLogType.ChangePassword, x =>
{
x.Add<User>(user.Email);
});
} }
} }
@@ -218,7 +230,7 @@ public class UserService
var newPassword = StringHelper.GenerateString(16); var newPassword = StringHelper.GenerateString(16);
await ChangePassword(user, newPassword, true); await ChangePassword(user, newPassword, true);
await AuditLogService.Log(AuditLogType.PasswordReset); await AuditLogService.Log(AuditLogType.PasswordReset, x => {});
await MailService.SendMail(user, "passwordReset", values => await MailService.SendMail(user, "passwordReset", values =>
{ {

9
Moonlight/Shared/Components/AuditLogEntrys/AuditLogEntryChangePassword.razor
View File

@@ -3,6 +3,7 @@
@using Moonlight.App.Repositories @using Moonlight.App.Repositories
@using Newtonsoft.Json @using Newtonsoft.Json
@using Moonlight.App.Database.Entities @using Moonlight.App.Database.Entities
@using Moonlight.App.Models.Log
@inject UserRepository UserRepository @inject UserRepository UserRepository
@@ -18,7 +19,7 @@
<div class="fs-5 fw-semibold mb-2"> <div class="fs-5 fw-semibold mb-2">
@if (User == null) @if (User == null)
{ {
<TL>Password change for</TL> @(Data[0]) <TL>Password change for</TL> @(Data[0].Value)
} }
else else
{ {
@@ -38,18 +39,18 @@
public AuditLogEntry Entry { get; set; } public AuditLogEntry Entry { get; set; }
private User? User; private User? User;
private string[] Data; private LogData[] Data;
protected override void OnInitialized() protected override void OnInitialized()
{ {
Data = JsonConvert.DeserializeObject<string[]>(Entry.JsonData)!; Data = JsonConvert.DeserializeObject<LogData[]>(Entry.JsonData)!;
} }
protected override async Task OnAfterRenderAsync(bool firstRender) protected override async Task OnAfterRenderAsync(bool firstRender)
{ {
if (firstRender) if (firstRender)
{ {
User = UserRepository.Get().FirstOrDefault(x => x.Email == Data[0]); User = UserRepository.Get().FirstOrDefault(x => x.Email == Data[0].Value);
await InvokeAsync(StateHasChanged); await InvokeAsync(StateHasChanged);
} }

11
Moonlight/Shared/Components/AuditLogEntrys/AuditLogEntryChangePowerState.razor
View File

@@ -2,6 +2,7 @@
@using Moonlight.App.Helpers @using Moonlight.App.Helpers
@using Newtonsoft.Json @using Newtonsoft.Json
@using Moonlight.App.Database.Entities @using Moonlight.App.Database.Entities
@using Moonlight.App.Models.Log
@using Moonlight.App.Repositories.Servers @using Moonlight.App.Repositories.Servers
@inject ServerRepository ServerRepository @inject ServerRepository ServerRepository
@@ -18,11 +19,11 @@
<div class="fs-5 fw-semibold mb-2"> <div class="fs-5 fw-semibold mb-2">
@if (Server == null) @if (Server == null)
{ {
<TL>Change power state for</TL> @(Data[0]) <TL>to</TL> @(Data[1]) <TL>Change power state for</TL> @(Data[0].Value) <TL>to</TL> @(Data[1].Value)
} }
else else
{ {
<TL>Change power state for</TL> <a href="/admin/servers/edit/@(Server.Id)">@(Server.Name)</a> <TL>to</TL> @(Data[1]) <TL>Change power state for</TL> <a href="/admin/servers/edit/@(Server.Id)">@(Server.Name)</a> <TL>to</TL> @(Data[1].Value)
} }
</div> </div>
<div class="d-flex align-items-center mt-1 fs-6"> <div class="d-flex align-items-center mt-1 fs-6">
@@ -38,18 +39,18 @@
public AuditLogEntry Entry { get; set; } public AuditLogEntry Entry { get; set; }
private Server? Server; private Server? Server;
private string[] Data; private LogData[] Data;
protected override void OnInitialized() protected override void OnInitialized()
{ {
Data = JsonConvert.DeserializeObject<string[]>(Entry.JsonData)!; Data = JsonConvert.DeserializeObject<LogData[]>(Entry.JsonData)!;
} }
protected override async Task OnAfterRenderAsync(bool firstRender) protected override async Task OnAfterRenderAsync(bool firstRender)
{ {
if (firstRender) if (firstRender)
{ {
Server = ServerRepository.Get().FirstOrDefault(x => x.Uuid == Guid.Parse(Data[0])); Server = ServerRepository.Get().FirstOrDefault(x => x.Uuid == Guid.Parse(Data[0].Value));
await InvokeAsync(StateHasChanged); await InvokeAsync(StateHasChanged);
} }

9
Moonlight/Shared/Components/AuditLogEntrys/AuditLogEntryLogin.razor
View File

@@ -3,6 +3,7 @@
@using Moonlight.App.Repositories @using Moonlight.App.Repositories
@using Newtonsoft.Json @using Newtonsoft.Json
@using Moonlight.App.Database.Entities @using Moonlight.App.Database.Entities
@using Moonlight.App.Models.Log
@inject UserRepository UserRepository @inject UserRepository UserRepository
@@ -18,7 +19,7 @@
<div class="fs-5 fw-semibold mb-2"> <div class="fs-5 fw-semibold mb-2">
@if (User == null) @if (User == null)
{ {
<TL>New login for</TL> @(Data[0]) <TL>New login for</TL> @(Data[0].Value)
} }
else else
{ {
@@ -38,18 +39,18 @@
public AuditLogEntry Entry { get; set; } public AuditLogEntry Entry { get; set; }
private User? User; private User? User;
private string[] Data; private LogData[] Data;
protected override void OnInitialized() protected override void OnInitialized()
{ {
Data = JsonConvert.DeserializeObject<string[]>(Entry.JsonData)!; Data = JsonConvert.DeserializeObject<LogData[]>(Entry.JsonData)!;
} }
protected override async Task OnAfterRenderAsync(bool firstRender) protected override async Task OnAfterRenderAsync(bool firstRender)
{ {
if (firstRender) if (firstRender)
{ {
User = UserRepository.Get().FirstOrDefault(x => x.Email == Data[0]); User = UserRepository.Get().FirstOrDefault(x => x.Email == Data[0].Value);
await InvokeAsync(StateHasChanged); await InvokeAsync(StateHasChanged);
} }

9
Moonlight/Shared/Components/AuditLogEntrys/AuditLogEntryRegister.razor
View File

@@ -3,6 +3,7 @@
@using Moonlight.App.Repositories @using Moonlight.App.Repositories
@using Newtonsoft.Json @using Newtonsoft.Json
@using Moonlight.App.Database.Entities @using Moonlight.App.Database.Entities
@using Moonlight.App.Models.Log
@inject UserRepository UserRepository @inject UserRepository UserRepository
@@ -18,7 +19,7 @@
<div class="fs-5 fw-semibold mb-2"> <div class="fs-5 fw-semibold mb-2">
@if (User == null) @if (User == null)
{ {
<TL>Register for</TL> @(Data[0]) <TL>Register for</TL> @(Data[0].Value)
} }
else else
{ {
@@ -38,18 +39,18 @@
public AuditLogEntry Entry { get; set; } public AuditLogEntry Entry { get; set; }
private User? User; private User? User;
private string[] Data; private LogData[] Data;
protected override void OnInitialized() protected override void OnInitialized()
{ {
Data = JsonConvert.DeserializeObject<string[]>(Entry.JsonData)!; Data = JsonConvert.DeserializeObject<LogData[]>(Entry.JsonData)!;
} }
protected override async Task OnAfterRenderAsync(bool firstRender) protected override async Task OnAfterRenderAsync(bool firstRender)
{ {
if (firstRender) if (firstRender)
{ {
User = UserRepository.Get().FirstOrDefault(x => x.Email == Data[0]); User = UserRepository.Get().FirstOrDefault(x => x.Email == Data[0].Value);
await InvokeAsync(StateHasChanged); await InvokeAsync(StateHasChanged);
} }

6
Moonlight/Shared/Views/Profile/Security.razor
View File

@@ -236,7 +236,7 @@
private async void Enable() private async void Enable()
{ {
await AuditLogService.Log(AuditLogType.EnableTotp, "Totp enabled"); await AuditLogService.Log(AuditLogType.EnableTotp, x => x.Add<string>("Totp enabled"));
await TotpService.Enable(); await TotpService.Enable();
TotpEnabled = await TotpService.GetEnabled(); TotpEnabled = await TotpService.GetEnabled();
TotpSecret = await TotpService.GetSecret(); TotpSecret = await TotpService.GetSecret();
@@ -262,7 +262,7 @@
private async void Disable() private async void Disable()
{ {
await AuditLogService.Log(AuditLogType.DisableTotp, "Totp disabled"); await AuditLogService.Log(AuditLogType.DisableTotp, x => x.Add<string>("Totp disabled"));
await TotpService.Disable(); await TotpService.Disable();
NavigationManager.NavigateTo(NavigationManager.Uri, true); NavigationManager.NavigateTo(NavigationManager.Uri, true);
} }
@@ -286,7 +286,7 @@
{ {
await UserService.ChangePassword(User, Password); await UserService.ChangePassword(User, Password);
await AuditLogService.Log(AuditLogType.PasswordChange, "The password has been set to a new one"); await AuditLogService.Log(AuditLogType.PasswordChange, x => x.Add<string>("The password has been set to a new one"));
// Reload to make the user login again // Reload to make the user login again
NavigationManager.NavigateTo(NavigationManager.Uri, true); NavigationManager.NavigateTo(NavigationManager.Uri, true);