From dc25bd7de72aa574767876341e5792733c2ee0e0 Mon Sep 17 00:00:00 2001 From: Jannik Schönartz Date: Sun, 1 Dec 2019 15:03:55 +0000 Subject: [server/log] Add logging to all modules Logging with snapshots: Client: create / edit / delete / added to group / removed from group Group: create / edit / delete / added to group / removed from group Logging without snapshot: Wake-on-lan: wakup Ipxe-Builder: build / clear / cancel / script save IP-Ranges: create / edit / delete Logging: with info in description: User: create / edit / delete / grant role / revoke role Event: create / edit / delete Permission-Manager-Role: create / edit / delete Registration-Hook: create / delete / edit / change order Ipxe Configuration: create / delete / edit Backend: create / edit / delete --- server/api/groups.js | 282 ++++++++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 268 insertions(+), 14 deletions(-) (limited to 'server/api/groups.js') diff --git a/server/api/groups.js b/server/api/groups.js index 633b63d..bdc560b 100644 --- a/server/api/groups.js +++ b/server/api/groups.js @@ -8,6 +8,7 @@ const { decorateApp } = require('@awaitjs/express') const router = decorateApp(express.Router()) const HttpResponse = require(path.join(__appdir, 'lib', 'httpresponse')) const backendHelper = require(path.join(__appdir, 'lib', 'external-backends', 'backendhelper')) +const log = require(path.join(__appdir, 'lib', 'log')) // ############################################################################ // ########################### GET requests ################################# @@ -49,18 +50,74 @@ router.getAsync('/:id', async (req, res) => { router.postAsync(['', '/:id'], async (req, res) => { if (req.query.delete !== undefined && req.query.delete !== 'false') { if (!Array.isArray(req.body.ids)) return HttpResponse.invalidBodyValue('ids', 'an array').send(res) - const count = await db.group.destroy({ where: { id: req.body.ids } }) - HttpResponse.successBatch('deleted', 'group', count).send(res) + + const user = await db.user.findOne({ where: { id: req.user.id } }) + // Only need to log batch request if there is more than one client to delete. + if (req.body.ids.length > 1) { + await log({ + category: 'GROUP_BATCH_DELETE', + description: 'Batch deletion of ' + req.body.ids.length + ' groups initiated by user.', + user, + userId: req.user.id + }) + } + let deletionCounter = 0 + // Delete every group on its own, to get a better log + for (let index in req.body.ids) { + const group = await db.group.findOne({ where: { id: req.body.ids[index] } }) + const count = await db.group.destroy({ where: { id: req.body.ids[index] } }) + if (count !== 1) { + await log({ + category: 'ERROR_GROUP_DELETE', + description: 'Group could not be deleted.', + group, + user, + userId: req.user.id + }) + } else { + await log({ + category: 'GROUP_DELETE', + description: 'Group successfully deleted.', + group, + user, + userId: req.user.id + }) + deletionCounter++ + } + } + if (req.body.ids.length > 1) { + log({ + category: 'GROUP_BATCH_DELETE', + description: deletionCounter + '/' + req.body.ids.length + ' groups successfully deleted.', + user, + userId: req.user.id + }) + } + HttpResponse.successBatch('deleted', 'group', deletionCounter).send(res) } else { let group let action = 'updated' if (req.params.id === undefined) { group = await db.group.create(req.body.data) action = 'created' + log({ + category: 'GROUP_CREATE', + description: 'Group successfully created.', + groupId: group.id, + userId: req.user.id + }) } else if (req.params.id > 0) { group = await db.group.findOne({ where: { id: req.params.id }, include: ['ipranges'] }) if (!group) return HttpResponse.notFound(req.params.id).send(res) - else await group.update(req.body.data) + else { + await group.update(req.body.data) + log({ + category: 'GROUP_EDIT', + description: 'Group successfully edited.', + groupId: group.id, + userId: req.user.id + }) + } } else { return HttpResponse.invalidId().send(res) } @@ -104,13 +161,107 @@ router.postAsync(['', '/:id'], async (req, res) => { router.postAsync('/:id/subgroups', async (req, res) => { if (!(req.params.id > 0)) return HttpResponse.invalidId().send(res) const group = await db.group.findOne({ where: { id: req.params.id } }) + if (group) { + let deletionCounter = 0 + const user = await db.user.findOne({ where: { id: req.user.id } }) + if (req.query.delete !== undefined && req.query.delete !== 'false') { - const count = await group.removeSubgroups(req.body.ids) - HttpResponse.successBatch('removed', 'subgroup', count).send(res) + // Remove method for subgroups + if (req.body.ids.length > 1) { + await log({ + category: 'GROUP_BATCH_REMOVE_SUBGROUP', + description: 'Group batch removal of ' + req.body.ids.length + ' subgroups initiated by user.', + user, + userId: req.user.id, + group, + groupId: group.id + }) + } + + for (let index in req.body.ids) { + const count = await group.removeSubgroups(req.body.ids[index]) + if (count !== 1) { + await log({ + category: 'ERROR_GROUP_REMOVE_SUBGROUP', + description: 'Subgroup [' + req.body.ids[index] + '] could not be removed from group [' + group.id + '] ' + group.name, + user, + userId: req.user.id, + group, + groupId: group.id + }) + } else { + await log({ + category: 'GROUP_REMOVE_SUBGROUP', + description: 'Subgroup [' + req.body.ids[index] + '] successfully removed from group [' + group.id + '] ' + group.name, + user, + userId: req.user.id, + group, + groupId: group.id + }) + deletionCounter++ + } + } + + if (req.body.ids.length > 1) { + log({ + category: 'GROUP_BATCH_REMOVE_SUBGROUP', + description: deletionCounter + '/' + req.body.ids.length + ' subgroups successfully removed.', + user, + userId: req.user.id, + group, + groupId: group.id + }) + } + HttpResponse.successBatch('removed', 'subgroup', deletionCounter).send(res) } else { - const count = await group.addSubgroups(req.body.ids) - HttpResponse.successBatch('added', 'subgroup', count).send(res) + // Add method for subgroups + if (req.body.ids.length > 1) { + await log({ + category: 'GROUP_BATCH_ADD_SUBGROUP', + description: 'Group batch addition of ' + req.body.ids.length + ' subgroups initiated by user.', + user, + userId: req.user.id, + group, + groupId: group.id + }) + } + + for (let index in req.body.ids) { + const count = await group.addSubgroups(req.body.ids[index]) + if (count.length !== 1) { + await log({ + category: 'ERROR_GROUP_ADD_SUBGROUP', + description: 'Subgroup [' + req.body.ids[index] + '] could not be added to group [' + group.id + '] ' + group.name, + user, + userId: req.user.id, + group, + groupId: group.id + }) + } else { + await log({ + category: 'GROUP_ADD_SUBGROUP', + description: 'Subgroup [' + req.body.ids[index] + '] successfully added to group [' + group.id + '] ' + group.name, + user, + userId: req.user.id, + group, + groupId: group.id + }) + deletionCounter++ + } + } + + if (req.body.ids.length > 1) { + log({ + category: 'GROUP_BATCH_ADD_SUBGROUP', + description: deletionCounter + '/' + req.body.ids.length + ' subgroups successfully added.', + user, + userId: req.user.id, + group, + groupId: group.id + }) + } + HttpResponse.successBatch('added', 'subgroup', deletionCounter).send(res) } } else { HttpResponse.notFound(req.params.id).send(res) @@ -121,13 +272,108 @@ router.postAsync('/:id/clients', async (req, res) => { if (!(req.params.id > 0)) return HttpResponse.invalidId().send(res) const group = await db.group.findOne({ where: { id: req.params.id } }) if (group) { + let deletionCounter = 0 + const user = await db.user.findOne({ where: { id: req.user.id } }) let groupid = null if (req.query.delete !== undefined && req.query.delete !== 'false') { - const count = await group.removeClients(req.body.ids) - HttpResponse.successBatch('removed', 'client', count).send(res) + // Remove method for clients to groups + if (req.body.ids.length > 1) { + await log({ + category: 'GROUP_BATCH_REMOVE_CLIENT', + description: 'Group batch removal of ' + req.body.ids.length + ' clients initiated by user.', + user, + userId: req.user.id, + group, + groupId: group.id + }) + } + + for (let index in req.body.ids) { + const count = await group.removeClients(req.body.ids[index]) + if (count !== 1) { + await log({ + category: 'ERROR_GROUP_REMOVE_CLIENT', + description: 'Client [' + req.body.ids[index] + '] could not be removed from group [' + group.id + '] ' + group.name, + user, + userId: req.user.id, + group, + groupId: group.id + }) + } else { + await log({ + category: 'GROUP_REMOVE_CLIENT', + description: 'Client [' + req.body.ids[index] + '] successfully removed from group [' + group.id + '] ' + group.name, + user, + userId: req.user.id, + group, + groupId: group.id, + clientId: req.body.ids[index] + }) + deletionCounter++ + } + } + + if (req.body.ids.length > 1) { + log({ + category: 'GROUP_BATCH_REMOVE_CLIENT', + description: deletionCounter + '/' + req.body.ids.length + ' clients successfully deleted.', + user, + userId: req.user.id, + group, + groupId: group.id + }) + } + HttpResponse.successBatch('removed', 'client', deletionCounter).send(res) } else { - const count = await group.addClients(req.body.ids) - HttpResponse.successBatch('added', 'client', count).send(res) + // Add method for clients to groups + + if (req.body.ids.length > 1) { + await log({ + category: 'GROUP_BATCH_ADD_CLIENT', + description: 'Group batch addition of ' + req.body.ids.length + ' clients initiated by user.', + user, + userId: req.user.id, + group, + groupId: group.id + }) + } + + for (let index in req.body.ids) { + const count = await group.addClients(req.body.ids[index]) + if (count.length !== 1) { + await log({ + category: 'ERROR_GROUP_ADD_CLIENT', + description: 'Client [' + req.body.ids[index] + '] could not be added to group [' + group.id + '] ' + group.name, + user, + userId: req.user.id, + group, + groupId: group.id + }) + } else { + await log({ + category: 'GROUP_ADD_CLIENT', + description: 'Client [' + req.body.ids[index] + '] successfully added to group [' + group.id + '] ' + group.name, + user, + userId: req.user.id, + group, + groupId: group.id, + clientId: req.body.ids[index] + }) + deletionCounter++ + } + } + + if (req.body.ids.length > 1) { + log({ + category: 'GROUP_BATCH_ADD_CLIENT', + description: deletionCounter + '/' + req.body.ids.length + ' clients successfully added.', + user, + userId: req.user.id, + group, + groupId: group.id + }) + } + HttpResponse.successBatch('added', 'client', deletionCounter).send(res) groupid = group.id } @@ -144,11 +390,19 @@ router.postAsync('/:id/clients', async (req, res) => { // ############################################################################ // ########################## DELETE requests ############################### -router.delete('/:id', async (req, res) => { +router.deleteAsync('/:id', async (req, res) => { if (!(req.params.id > 0)) return HttpResponse.invalidId().send(res) + const group = db.group.findOne({ where: { id: req.params.id } }) const count = await db.group.destroy({ where: { id: req.params.id } }) - if (count) HttpResponse.success('deleted', 'group', req.params.id).send(res) - else HttpResponse.notFound(req.params.id).send(res) + if (count) { + log({ + category: 'GROUP_DELETE', + description: 'Group successfully deleted.', + group, + userId: req.user.id + }) + HttpResponse.success('deleted', 'group', req.params.id).send(res) + } else HttpResponse.notFound(req.params.id).send(res) }) // ############################################################################ -- cgit v1.2.3-55-g7522