1
0
Fork 0
peertube/server/core/helpers/audit-logger.ts

299 lines
6.8 KiB
TypeScript
Raw Normal View History

import {
AdminAbuse,
CustomConfig,
User,
VideoChannel,
VideoChannelSync,
VideoComment,
VideoDetails,
VideoImport
} from '@peertube/peertube-models'
import { AUDIT_LOG_FILENAME } from '@server/initializers/constants.js'
2018-07-31 08:02:47 -04:00
import { diff } from 'deep-object-diff'
2021-08-27 08:32:44 -04:00
import express from 'express'
2023-10-11 03:20:23 -04:00
import { flatten } from 'flat'
2021-08-27 08:32:44 -04:00
import { join } from 'path'
import { addColors, config, createLogger, format, transports } from 'winston'
import { CONFIG } from '../initializers/config.js'
import { jsonLoggerFormat, labelFormatter } from './logger.js'
2018-09-19 11:02:16 -04:00
function getAuditIdFromRes (res: express.Response) {
2019-03-19 11:23:02 -04:00
return res.locals.oauth.token.User.username
2018-09-19 11:02:16 -04:00
}
2018-07-31 08:02:47 -04:00
enum AUDIT_TYPE {
CREATE = 'create',
UPDATE = 'update',
DELETE = 'delete'
}
2021-08-27 08:32:44 -04:00
const colors = config.npm.colors
colors.audit = config.npm.colors.info
2018-07-31 08:02:47 -04:00
2021-08-27 08:32:44 -04:00
addColors(colors)
2018-07-31 08:02:47 -04:00
2021-08-27 08:32:44 -04:00
const auditLogger = createLogger({
2018-07-31 08:02:47 -04:00
levels: { audit: 0 },
transports: [
2021-08-27 08:32:44 -04:00
new transports.File({
filename: join(CONFIG.STORAGE.LOG_DIR, AUDIT_LOG_FILENAME),
2018-07-31 08:02:47 -04:00
level: 'audit',
maxsize: 5242880,
maxFiles: 5,
2021-08-27 08:32:44 -04:00
format: format.combine(
format.timestamp(),
2020-04-09 05:00:30 -04:00
labelFormatter(),
2021-08-27 08:32:44 -04:00
format.splat(),
2018-07-31 08:02:47 -04:00
jsonLoggerFormat
)
})
],
exitOnError: true
})
function auditLoggerWrapper (domain: string, user: string, action: AUDIT_TYPE, entity: EntityAuditView, oldEntity: EntityAuditView = null) {
let entityInfos: object
2018-07-31 08:02:47 -04:00
if (action === AUDIT_TYPE.UPDATE && oldEntity) {
const oldEntityKeys = oldEntity.toLogKeys()
const diffObject = diff(oldEntityKeys, entity.toLogKeys())
const diffKeys = Object.entries(diffObject).reduce((newKeys, entry) => {
newKeys[`new-${entry[0]}`] = entry[1]
return newKeys
}, {})
entityInfos = { ...oldEntityKeys, ...diffKeys }
} else {
entityInfos = { ...entity.toLogKeys() }
}
2018-07-31 08:02:47 -04:00
auditLogger.log('audit', JSON.stringify({
user,
domain,
action,
...entityInfos
}))
}
function auditLoggerFactory (domain: string) {
return {
create (user: string, entity: EntityAuditView) {
auditLoggerWrapper(domain, user, AUDIT_TYPE.CREATE, entity)
},
update (user: string, entity: EntityAuditView, oldEntity: EntityAuditView) {
auditLoggerWrapper(domain, user, AUDIT_TYPE.UPDATE, entity, oldEntity)
},
delete (user: string, entity: EntityAuditView) {
auditLoggerWrapper(domain, user, AUDIT_TYPE.DELETE, entity)
}
}
}
abstract class EntityAuditView {
constructor (private readonly keysToKeep: Set<string>, private readonly prefix: string, private readonly entityInfos: object) { }
2020-01-31 10:56:52 -05:00
2018-07-31 08:02:47 -04:00
toLogKeys (): object {
const obj = flatten<object, any>(this.entityInfos, { delimiter: '-', safe: true })
return Object.keys(obj)
.filter(key => this.keysToKeep.has(key))
.reduce((p, k) => ({ ...p, [`${this.prefix}-${k}`]: obj[k] }), {})
2018-07-31 08:02:47 -04:00
}
}
const videoKeysToKeep = new Set([
2018-07-31 08:02:47 -04:00
'tags',
'uuid',
'id',
'uuid',
'createdAt',
'updatedAt',
'publishedAt',
'category',
'licence',
'language',
'privacy',
'description',
'duration',
'isLocal',
'name',
'thumbnailPath',
'previewPath',
'nsfw',
'waitTranscoding',
'account-id',
'account-uuid',
'account-name',
'channel-id',
'channel-uuid',
'channel-name',
'support',
'commentsEnabled',
'downloadEnabled'
])
class VideoAuditView extends EntityAuditView {
2022-06-03 10:17:28 -04:00
constructor (video: VideoDetails) {
2018-07-31 08:02:47 -04:00
super(videoKeysToKeep, 'video', video)
}
}
const videoImportKeysToKeep = new Set([
2018-08-03 04:26:47 -04:00
'id',
'targetUrl',
'video-name'
])
2018-08-03 04:26:47 -04:00
class VideoImportAuditView extends EntityAuditView {
2022-06-03 10:17:28 -04:00
constructor (videoImport: VideoImport) {
2018-08-03 04:26:47 -04:00
super(videoImportKeysToKeep, 'video-import', videoImport)
}
}
const commentKeysToKeep = new Set([
'id',
'text',
'threadId',
'inReplyToCommentId',
'videoId',
'createdAt',
'updatedAt',
'totalReplies',
'account-id',
'account-uuid',
'account-name'
])
class CommentAuditView extends EntityAuditView {
2022-06-03 10:17:28 -04:00
constructor (comment: VideoComment) {
super(commentKeysToKeep, 'comment', comment)
}
}
const userKeysToKeep = new Set([
'id',
'username',
'email',
'nsfwPolicy',
'autoPlayVideo',
'role',
'videoQuota',
'createdAt',
'account-id',
'account-uuid',
'account-name',
'account-followingCount',
'account-followersCount',
'account-createdAt',
'account-updatedAt',
'account-avatar-path',
'account-avatar-createdAt',
'account-avatar-updatedAt',
'account-displayName',
'account-description',
'videoChannels'
])
class UserAuditView extends EntityAuditView {
2022-06-03 10:17:28 -04:00
constructor (user: User) {
super(userKeysToKeep, 'user', user)
}
}
const channelKeysToKeep = new Set([
'id',
'uuid',
'name',
'followingCount',
'followersCount',
'createdAt',
'updatedAt',
'avatar-path',
'avatar-createdAt',
'avatar-updatedAt',
'displayName',
'description',
'support',
'isLocal',
'ownerAccount-id',
'ownerAccount-uuid',
'ownerAccount-name',
'ownerAccount-displayedName'
])
class VideoChannelAuditView extends EntityAuditView {
2022-06-03 10:17:28 -04:00
constructor (channel: VideoChannel) {
super(channelKeysToKeep, 'channel', channel)
}
}
const abuseKeysToKeep = new Set([
'id',
'reason',
'reporterAccount',
'createdAt'
])
2020-07-01 10:05:30 -04:00
class AbuseAuditView extends EntityAuditView {
2022-06-03 10:17:28 -04:00
constructor (abuse: AdminAbuse) {
2020-07-01 10:05:30 -04:00
super(abuseKeysToKeep, 'abuse', abuse)
}
}
const customConfigKeysToKeep = new Set([
'instance-name',
'instance-shortDescription',
'instance-description',
'instance-terms',
'instance-defaultClientRoute',
'instance-defaultNSFWPolicy',
'instance-customizations-javascript',
'instance-customizations-css',
'services-twitter-username',
'services-twitter-whitelisted',
'cache-previews-size',
'cache-captions-size',
'signup-enabled',
'signup-limit',
'signup-requiresEmailVerification',
'admin-email',
'user-videoQuota',
'transcoding-enabled',
'transcoding-threads',
'transcoding-resolutions'
])
class CustomConfigAuditView extends EntityAuditView {
constructor (customConfig: CustomConfig) {
const infos: any = customConfig
const resolutionsDict = infos.transcoding.resolutions
const resolutionsArray = []
2020-01-31 10:56:52 -05:00
Object.entries(resolutionsDict)
.forEach(([ resolution, isEnabled ]) => {
if (isEnabled) resolutionsArray.push(resolution)
})
2018-08-03 05:10:31 -04:00
Object.assign({}, infos, { transcoding: { resolutions: resolutionsArray } })
super(customConfigKeysToKeep, 'config', infos)
}
}
const channelSyncKeysToKeep = new Set([
Channel sync (#5135) * Add external channel URL for channel update / creation (#754) * Disallow synchronisation if user has no video quota (#754) * More constraints serverside (#754) * Disable sync if server configuration does not allow HTTP import (#754) * Working version synchronizing videos with a job (#754) TODO: refactoring, too much code duplication * More logs and try/catch (#754) * Fix eslint error (#754) * WIP: support synchronization time change (#754) * New frontend #754 * WIP: Create sync front (#754) * Enhance UI, sync creation form (#754) * Warning message when HTTP upload is disallowed * More consistent names (#754) * Binding Front with API (#754) * Add a /me API (#754) * Improve list UI (#754) * Implement creation and deletion routes (#754) * Lint (#754) * Lint again (#754) * WIP: UI for triggering import existing videos (#754) * Implement jobs for syncing and importing channels * Don't sync videos before sync creation + avoid concurrency issue (#754) * Cleanup (#754) * Cleanup: OpenAPI + API rework (#754) * Remove dead code (#754) * Eslint (#754) * Revert the mess with whitespaces in constants.ts (#754) * Some fixes after rebase (#754) * Several fixes after PR remarks (#754) * Front + API: Rename video-channels-sync to video-channel-syncs (#754) * Allow enabling channel sync through UI (#754) * getChannelInfo (#754) * Minor fixes: openapi + model + sql (#754) * Simplified API validators (#754) * Rename MChannelSync to MChannelSyncChannel (#754) * Add command for VideoChannelSync (#754) * Use synchronization.enabled config (#754) * Check parameters test + some fixes (#754) * Fix conflict mistake (#754) * Restrict access to video channel sync list API (#754) * Start adding unit test for synchronization (#754) * Continue testing (#754) * Tests finished + convertion of job to scheduler (#754) * Add lastSyncAt field (#754) * Fix externalRemoteUrl sort + creation date not well formatted (#754) * Small fix (#754) * Factorize addYoutubeDLImport and buildVideo (#754) * Check duplicates on channel not on users (#754) * factorize thumbnail generation (#754) * Fetch error should return status 400 (#754) * Separate video-channel-import and video-channel-sync-latest (#754) * Bump DB migration version after rebase (#754) * Prettier states in UI table (#754) * Add DefaultScope in VideoChannelSyncModel (#754) * Fix audit logs (#754) * Ensure user can upload when importing channel + minor fixes (#754) * Mark synchronization as failed on exception + typos (#754) * Change REST API for importing videos into channel (#754) * Add option for fully synchronize a chnanel (#754) * Return a whole sync object on creation to avoid tricks in Front (#754) * Various remarks (#754) * Single quotes by default (#754) * Rename synchronization to video_channel_synchronization * Add check.latest_videos_count and max_per_user options (#754) * Better channel rendering in list #754 * Allow sorting with channel name and state (#754) * Add missing tests for channel imports (#754) * Prefer using a parent job for channel sync * Styling * Client styling Co-authored-by: Chocobozzz <me@florianbigard.com>
2022-08-10 03:53:39 -04:00
'id',
'externalChannelUrl',
'channel-id',
'channel-name'
])
Channel sync (#5135) * Add external channel URL for channel update / creation (#754) * Disallow synchronisation if user has no video quota (#754) * More constraints serverside (#754) * Disable sync if server configuration does not allow HTTP import (#754) * Working version synchronizing videos with a job (#754) TODO: refactoring, too much code duplication * More logs and try/catch (#754) * Fix eslint error (#754) * WIP: support synchronization time change (#754) * New frontend #754 * WIP: Create sync front (#754) * Enhance UI, sync creation form (#754) * Warning message when HTTP upload is disallowed * More consistent names (#754) * Binding Front with API (#754) * Add a /me API (#754) * Improve list UI (#754) * Implement creation and deletion routes (#754) * Lint (#754) * Lint again (#754) * WIP: UI for triggering import existing videos (#754) * Implement jobs for syncing and importing channels * Don't sync videos before sync creation + avoid concurrency issue (#754) * Cleanup (#754) * Cleanup: OpenAPI + API rework (#754) * Remove dead code (#754) * Eslint (#754) * Revert the mess with whitespaces in constants.ts (#754) * Some fixes after rebase (#754) * Several fixes after PR remarks (#754) * Front + API: Rename video-channels-sync to video-channel-syncs (#754) * Allow enabling channel sync through UI (#754) * getChannelInfo (#754) * Minor fixes: openapi + model + sql (#754) * Simplified API validators (#754) * Rename MChannelSync to MChannelSyncChannel (#754) * Add command for VideoChannelSync (#754) * Use synchronization.enabled config (#754) * Check parameters test + some fixes (#754) * Fix conflict mistake (#754) * Restrict access to video channel sync list API (#754) * Start adding unit test for synchronization (#754) * Continue testing (#754) * Tests finished + convertion of job to scheduler (#754) * Add lastSyncAt field (#754) * Fix externalRemoteUrl sort + creation date not well formatted (#754) * Small fix (#754) * Factorize addYoutubeDLImport and buildVideo (#754) * Check duplicates on channel not on users (#754) * factorize thumbnail generation (#754) * Fetch error should return status 400 (#754) * Separate video-channel-import and video-channel-sync-latest (#754) * Bump DB migration version after rebase (#754) * Prettier states in UI table (#754) * Add DefaultScope in VideoChannelSyncModel (#754) * Fix audit logs (#754) * Ensure user can upload when importing channel + minor fixes (#754) * Mark synchronization as failed on exception + typos (#754) * Change REST API for importing videos into channel (#754) * Add option for fully synchronize a chnanel (#754) * Return a whole sync object on creation to avoid tricks in Front (#754) * Various remarks (#754) * Single quotes by default (#754) * Rename synchronization to video_channel_synchronization * Add check.latest_videos_count and max_per_user options (#754) * Better channel rendering in list #754 * Allow sorting with channel name and state (#754) * Add missing tests for channel imports (#754) * Prefer using a parent job for channel sync * Styling * Client styling Co-authored-by: Chocobozzz <me@florianbigard.com>
2022-08-10 03:53:39 -04:00
class VideoChannelSyncAuditView extends EntityAuditView {
constructor (channelSync: VideoChannelSync) {
super(channelSyncKeysToKeep, 'channelSync', channelSync)
}
}
2018-07-31 08:02:47 -04:00
export {
2018-09-19 11:02:16 -04:00
getAuditIdFromRes,
2018-07-31 08:02:47 -04:00
auditLoggerFactory,
2018-08-03 04:26:47 -04:00
VideoImportAuditView,
VideoChannelAuditView,
CommentAuditView,
UserAuditView,
VideoAuditView,
2020-07-01 10:05:30 -04:00
AbuseAuditView,
Channel sync (#5135) * Add external channel URL for channel update / creation (#754) * Disallow synchronisation if user has no video quota (#754) * More constraints serverside (#754) * Disable sync if server configuration does not allow HTTP import (#754) * Working version synchronizing videos with a job (#754) TODO: refactoring, too much code duplication * More logs and try/catch (#754) * Fix eslint error (#754) * WIP: support synchronization time change (#754) * New frontend #754 * WIP: Create sync front (#754) * Enhance UI, sync creation form (#754) * Warning message when HTTP upload is disallowed * More consistent names (#754) * Binding Front with API (#754) * Add a /me API (#754) * Improve list UI (#754) * Implement creation and deletion routes (#754) * Lint (#754) * Lint again (#754) * WIP: UI for triggering import existing videos (#754) * Implement jobs for syncing and importing channels * Don't sync videos before sync creation + avoid concurrency issue (#754) * Cleanup (#754) * Cleanup: OpenAPI + API rework (#754) * Remove dead code (#754) * Eslint (#754) * Revert the mess with whitespaces in constants.ts (#754) * Some fixes after rebase (#754) * Several fixes after PR remarks (#754) * Front + API: Rename video-channels-sync to video-channel-syncs (#754) * Allow enabling channel sync through UI (#754) * getChannelInfo (#754) * Minor fixes: openapi + model + sql (#754) * Simplified API validators (#754) * Rename MChannelSync to MChannelSyncChannel (#754) * Add command for VideoChannelSync (#754) * Use synchronization.enabled config (#754) * Check parameters test + some fixes (#754) * Fix conflict mistake (#754) * Restrict access to video channel sync list API (#754) * Start adding unit test for synchronization (#754) * Continue testing (#754) * Tests finished + convertion of job to scheduler (#754) * Add lastSyncAt field (#754) * Fix externalRemoteUrl sort + creation date not well formatted (#754) * Small fix (#754) * Factorize addYoutubeDLImport and buildVideo (#754) * Check duplicates on channel not on users (#754) * factorize thumbnail generation (#754) * Fetch error should return status 400 (#754) * Separate video-channel-import and video-channel-sync-latest (#754) * Bump DB migration version after rebase (#754) * Prettier states in UI table (#754) * Add DefaultScope in VideoChannelSyncModel (#754) * Fix audit logs (#754) * Ensure user can upload when importing channel + minor fixes (#754) * Mark synchronization as failed on exception + typos (#754) * Change REST API for importing videos into channel (#754) * Add option for fully synchronize a chnanel (#754) * Return a whole sync object on creation to avoid tricks in Front (#754) * Various remarks (#754) * Single quotes by default (#754) * Rename synchronization to video_channel_synchronization * Add check.latest_videos_count and max_per_user options (#754) * Better channel rendering in list #754 * Allow sorting with channel name and state (#754) * Add missing tests for channel imports (#754) * Prefer using a parent job for channel sync * Styling * Client styling Co-authored-by: Chocobozzz <me@florianbigard.com>
2022-08-10 03:53:39 -04:00
CustomConfigAuditView,
VideoChannelSyncAuditView
2018-07-31 08:02:47 -04:00
}