]>
Commit | Line | Data |
---|---|---|
59390818 | 1 | import { diff } from 'deep-object-diff' |
41fb13c3 C |
2 | import express from 'express' |
3 | import flatten from 'flat' | |
d95d1559 | 4 | import { chain } from 'lodash' |
41fb13c3 C |
5 | import { join } from 'path' |
6 | import { addColors, config, createLogger, format, transports } from 'winston' | |
d95d1559 | 7 | import { AUDIT_LOG_FILENAME } from '@server/initializers/constants' |
d17c7b4e | 8 | import { AdminAbuse, CustomConfig, User, VideoChannel, VideoComment, VideoDetails, VideoImport } from '@shared/models' |
6dd9de95 | 9 | import { CONFIG } from '../initializers/config' |
d95d1559 | 10 | import { jsonLoggerFormat, labelFormatter } from './logger' |
993cef4b C |
11 | |
12 | function getAuditIdFromRes (res: express.Response) { | |
2ba92871 | 13 | return res.locals.oauth.token.User.username |
993cef4b | 14 | } |
59390818 AB |
15 | |
16 | enum AUDIT_TYPE { | |
17 | CREATE = 'create', | |
18 | UPDATE = 'update', | |
19 | DELETE = 'delete' | |
20 | } | |
21 | ||
41fb13c3 C |
22 | const colors = config.npm.colors |
23 | colors.audit = config.npm.colors.info | |
59390818 | 24 | |
41fb13c3 | 25 | addColors(colors) |
59390818 | 26 | |
41fb13c3 | 27 | const auditLogger = createLogger({ |
59390818 AB |
28 | levels: { audit: 0 }, |
29 | transports: [ | |
41fb13c3 C |
30 | new transports.File({ |
31 | filename: join(CONFIG.STORAGE.LOG_DIR, AUDIT_LOG_FILENAME), | |
59390818 AB |
32 | level: 'audit', |
33 | maxsize: 5242880, | |
34 | maxFiles: 5, | |
41fb13c3 C |
35 | format: format.combine( |
36 | format.timestamp(), | |
1b05d82d | 37 | labelFormatter(), |
41fb13c3 | 38 | format.splat(), |
59390818 AB |
39 | jsonLoggerFormat |
40 | ) | |
41 | }) | |
42 | ], | |
43 | exitOnError: true | |
44 | }) | |
45 | ||
46 | function auditLoggerWrapper (domain: string, user: string, action: AUDIT_TYPE, entity: EntityAuditView, oldEntity: EntityAuditView = null) { | |
47 | let entityInfos: object | |
48 | if (action === AUDIT_TYPE.UPDATE && oldEntity) { | |
49 | const oldEntityKeys = oldEntity.toLogKeys() | |
50 | const diffObject = diff(oldEntityKeys, entity.toLogKeys()) | |
51 | const diffKeys = Object.entries(diffObject).reduce((newKeys, entry) => { | |
52 | newKeys[`new-${entry[0]}`] = entry[1] | |
53 | return newKeys | |
54 | }, {}) | |
55 | entityInfos = { ...oldEntityKeys, ...diffKeys } | |
56 | } else { | |
57 | entityInfos = { ...entity.toLogKeys() } | |
58 | } | |
59 | auditLogger.log('audit', JSON.stringify({ | |
60 | user, | |
61 | domain, | |
62 | action, | |
63 | ...entityInfos | |
64 | })) | |
65 | } | |
66 | ||
67 | function auditLoggerFactory (domain: string) { | |
68 | return { | |
69 | create (user: string, entity: EntityAuditView) { | |
70 | auditLoggerWrapper(domain, user, AUDIT_TYPE.CREATE, entity) | |
71 | }, | |
72 | update (user: string, entity: EntityAuditView, oldEntity: EntityAuditView) { | |
73 | auditLoggerWrapper(domain, user, AUDIT_TYPE.UPDATE, entity, oldEntity) | |
74 | }, | |
75 | delete (user: string, entity: EntityAuditView) { | |
76 | auditLoggerWrapper(domain, user, AUDIT_TYPE.DELETE, entity) | |
77 | } | |
78 | } | |
79 | } | |
80 | ||
81 | abstract class EntityAuditView { | |
a1587156 C |
82 | constructor (private readonly keysToKeep: string[], private readonly prefix: string, private readonly entityInfos: object) { } |
83 | ||
59390818 | 84 | toLogKeys (): object { |
41fb13c3 | 85 | return chain(flatten<object, any>(this.entityInfos, { delimiter: '-', safe: true })) |
59390818 | 86 | .pick(this.keysToKeep) |
41fb13c3 | 87 | .mapKeys((_value, key) => `${this.prefix}-${key}`) |
59390818 AB |
88 | .value() |
89 | } | |
90 | } | |
91 | ||
92 | const videoKeysToKeep = [ | |
93 | 'tags', | |
94 | 'uuid', | |
95 | 'id', | |
96 | 'uuid', | |
97 | 'createdAt', | |
98 | 'updatedAt', | |
99 | 'publishedAt', | |
100 | 'category', | |
101 | 'licence', | |
102 | 'language', | |
103 | 'privacy', | |
104 | 'description', | |
105 | 'duration', | |
106 | 'isLocal', | |
107 | 'name', | |
108 | 'thumbnailPath', | |
109 | 'previewPath', | |
110 | 'nsfw', | |
111 | 'waitTranscoding', | |
112 | 'account-id', | |
113 | 'account-uuid', | |
114 | 'account-name', | |
115 | 'channel-id', | |
116 | 'channel-uuid', | |
117 | 'channel-name', | |
118 | 'support', | |
156c50af | 119 | 'commentsEnabled', |
7f2cfe3a | 120 | 'downloadEnabled' |
59390818 | 121 | ] |
80e36cd9 | 122 | class VideoAuditView extends EntityAuditView { |
a1587156 | 123 | constructor (private readonly video: VideoDetails) { |
59390818 AB |
124 | super(videoKeysToKeep, 'video', video) |
125 | } | |
126 | } | |
127 | ||
7e5f9f00 C |
128 | const videoImportKeysToKeep = [ |
129 | 'id', | |
130 | 'targetUrl', | |
131 | 'video-name' | |
132 | ] | |
133 | class VideoImportAuditView extends EntityAuditView { | |
a1587156 | 134 | constructor (private readonly videoImport: VideoImport) { |
7e5f9f00 C |
135 | super(videoImportKeysToKeep, 'video-import', videoImport) |
136 | } | |
137 | } | |
138 | ||
80e36cd9 AB |
139 | const commentKeysToKeep = [ |
140 | 'id', | |
141 | 'text', | |
142 | 'threadId', | |
143 | 'inReplyToCommentId', | |
144 | 'videoId', | |
145 | 'createdAt', | |
146 | 'updatedAt', | |
147 | 'totalReplies', | |
148 | 'account-id', | |
149 | 'account-uuid', | |
150 | 'account-name' | |
151 | ] | |
152 | class CommentAuditView extends EntityAuditView { | |
a1587156 | 153 | constructor (private readonly comment: VideoComment) { |
80e36cd9 AB |
154 | super(commentKeysToKeep, 'comment', comment) |
155 | } | |
156 | } | |
157 | ||
158 | const userKeysToKeep = [ | |
159 | 'id', | |
160 | 'username', | |
161 | 'email', | |
162 | 'nsfwPolicy', | |
163 | 'autoPlayVideo', | |
164 | 'role', | |
165 | 'videoQuota', | |
166 | 'createdAt', | |
167 | 'account-id', | |
168 | 'account-uuid', | |
169 | 'account-name', | |
170 | 'account-followingCount', | |
171 | 'account-followersCount', | |
172 | 'account-createdAt', | |
173 | 'account-updatedAt', | |
174 | 'account-avatar-path', | |
175 | 'account-avatar-createdAt', | |
176 | 'account-avatar-updatedAt', | |
177 | 'account-displayName', | |
178 | 'account-description', | |
179 | 'videoChannels' | |
180 | ] | |
181 | class UserAuditView extends EntityAuditView { | |
a1587156 | 182 | constructor (private readonly user: User) { |
80e36cd9 AB |
183 | super(userKeysToKeep, 'user', user) |
184 | } | |
185 | } | |
186 | ||
187 | const channelKeysToKeep = [ | |
188 | 'id', | |
189 | 'uuid', | |
190 | 'name', | |
191 | 'followingCount', | |
192 | 'followersCount', | |
193 | 'createdAt', | |
194 | 'updatedAt', | |
195 | 'avatar-path', | |
196 | 'avatar-createdAt', | |
197 | 'avatar-updatedAt', | |
198 | 'displayName', | |
199 | 'description', | |
200 | 'support', | |
201 | 'isLocal', | |
202 | 'ownerAccount-id', | |
203 | 'ownerAccount-uuid', | |
204 | 'ownerAccount-name', | |
205 | 'ownerAccount-displayedName' | |
206 | ] | |
207 | class VideoChannelAuditView extends EntityAuditView { | |
a1587156 | 208 | constructor (private readonly channel: VideoChannel) { |
80e36cd9 AB |
209 | super(channelKeysToKeep, 'channel', channel) |
210 | } | |
211 | } | |
212 | ||
d95d1559 | 213 | const abuseKeysToKeep = [ |
80e36cd9 AB |
214 | 'id', |
215 | 'reason', | |
216 | 'reporterAccount', | |
80e36cd9 AB |
217 | 'createdAt' |
218 | ] | |
d95d1559 | 219 | class AbuseAuditView extends EntityAuditView { |
edbc9325 | 220 | constructor (private readonly abuse: AdminAbuse) { |
d95d1559 | 221 | super(abuseKeysToKeep, 'abuse', abuse) |
80e36cd9 AB |
222 | } |
223 | } | |
224 | ||
225 | const customConfigKeysToKeep = [ | |
226 | 'instance-name', | |
227 | 'instance-shortDescription', | |
228 | 'instance-description', | |
229 | 'instance-terms', | |
230 | 'instance-defaultClientRoute', | |
231 | 'instance-defaultNSFWPolicy', | |
232 | 'instance-customizations-javascript', | |
233 | 'instance-customizations-css', | |
234 | 'services-twitter-username', | |
235 | 'services-twitter-whitelisted', | |
236 | 'cache-previews-size', | |
237 | 'cache-captions-size', | |
238 | 'signup-enabled', | |
239 | 'signup-limit', | |
d9eaee39 | 240 | 'signup-requiresEmailVerification', |
80e36cd9 AB |
241 | 'admin-email', |
242 | 'user-videoQuota', | |
243 | 'transcoding-enabled', | |
244 | 'transcoding-threads', | |
245 | 'transcoding-resolutions' | |
246 | ] | |
247 | class CustomConfigAuditView extends EntityAuditView { | |
248 | constructor (customConfig: CustomConfig) { | |
249 | const infos: any = customConfig | |
250 | const resolutionsDict = infos.transcoding.resolutions | |
251 | const resolutionsArray = [] | |
a1587156 C |
252 | |
253 | Object.entries(resolutionsDict) | |
254 | .forEach(([ resolution, isEnabled ]) => { | |
255 | if (isEnabled) resolutionsArray.push(resolution) | |
256 | }) | |
257 | ||
5d08a6a7 | 258 | Object.assign({}, infos, { transcoding: { resolutions: resolutionsArray } }) |
80e36cd9 AB |
259 | super(customConfigKeysToKeep, 'config', infos) |
260 | } | |
261 | } | |
262 | ||
59390818 | 263 | export { |
993cef4b C |
264 | getAuditIdFromRes, |
265 | ||
59390818 | 266 | auditLoggerFactory, |
7e5f9f00 | 267 | VideoImportAuditView, |
80e36cd9 AB |
268 | VideoChannelAuditView, |
269 | CommentAuditView, | |
270 | UserAuditView, | |
271 | VideoAuditView, | |
d95d1559 | 272 | AbuseAuditView, |
80e36cd9 | 273 | CustomConfigAuditView |
59390818 | 274 | } |