public function addEvent(AuditEvent $event)
{
$event->setComponent($this->_component);
$cn = get_class($event);
$sev = serialize($event);
// Shove into DB -- echo $sev;
echo $cn . "\n\n" . $sev . "\n";
$db = new DatabaseConnection();
$db->insertRow("INSERT INTO auditlog " . "eventclass,component,severity,eventdate,data) " . "VALUES (%s,%s,%d,%d,NOW(),%s)", $cn, $event->getComponent(), $event->getSeverity(), $event->getAssociatedUserId(), $sev);
}
public function actionDetails($id)
{
$contact = static::getModelAndCatchNotFoundAndDisplayError('Contact', intval($id));
ControllerSecurityUtil::resolveAccessCanCurrentUserReadModel($contact);
if (!LeadsUtil::isStateALead($contact->state)) {
$urlParams = array('/contacts/' . $this->getId() . '/details', 'id' => $contact->id);
$this->redirect($urlParams);
} else {
AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_VIEWED, array(strval($contact), 'LeadsModule'), $contact);
$getData = GetUtil::getData();
$isKanbanBoardInRequest = ArrayUtil::getArrayValue($getData, 'kanbanBoard');
if ($isKanbanBoardInRequest == 0 || $isKanbanBoardInRequest == null || Yii::app()->userInterface->isMobile() === true) {
$breadCrumbView = StickySearchUtil::resolveBreadCrumbViewForDetailsControllerAction($this, 'LeadsSearchView', $contact);
$detailsAndRelationsView = $this->makeDetailsAndRelationsView($contact, 'LeadsModule', 'LeadDetailsAndRelationsView', Yii::app()->request->getRequestUri(), $breadCrumbView);
$view = new LeadsPageView(ZurmoDefaultViewUtil::makeStandardViewForCurrentUser($this, $detailsAndRelationsView));
} else {
$kanbanItem = new KanbanItem();
$kanbanBoard = new TaskKanbanBoard($kanbanItem, 'type', $contact, get_class($contact));
$kanbanBoard->setIsActive();
$params['relationModel'] = $contact;
$params['relationModuleId'] = $this->getModule()->getId();
$params['redirectUrl'] = null;
$listView = new TasksForLeadKanbanView($this->getId(), 'tasks', 'Task', null, $params, null, array(), $kanbanBoard);
$view = new LeadsPageView(ZurmoDefaultViewUtil::makeStandardViewForCurrentUser($this, $listView));
}
echo $view->render();
}
}
public function actionDetails($id)
{
$product = static::getModelAndCatchNotFoundAndDisplayError('Product', intval($id));
ControllerSecurityUtil::resolveAccessCanCurrentUserReadModel($product);
$breadCrumbLinks = array(StringUtil::getChoppedStringContent(strval($product), 25));
AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_VIEWED, array(strval($product), 'ProductsModule'), $product);
$detailsView = new ProductEditAndDetailsView('Details', $this->getId(), $this->getModule()->getId(), $product);
$view = new ProductsPageView(ProductDefaultViewUtil::makeViewWithBreadcrumbsForCurrentUser($this, $detailsView, $breadCrumbLinks, 'ProductBreadCrumbView'));
echo $view->render();
}
public function actionDetails($id)
{
$animal = static::getModelAndCatchNotFoundAndDisplayError('Animal', intval($id));
$breadCrumbView = StickySearchUtil::resolveBreadCrumbViewForDetailsControllerAction($this, 'AnimalsSearchView', $animal);
ControllerSecurityUtil::resolveAccessCanCurrentUserReadModel($animal);
AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_VIEWED, array(strval($animal), 'AnimalsModule'), $animal);
$titleBarAndEditView = $this->makeEditAndDetailsView($animal, 'Details');
$view = new AnimalsPageView(ZurmoDefaultViewUtil::makeStandardViewForCurrentUser($this, $titleBarAndEditView));
echo $view->render();
}
public function actionDetails($id)
{
$account = static::getModelAndCatchNotFoundAndDisplayError('Account', intval($id));
ControllerSecurityUtil::resolveAccessCanCurrentUserReadModel($account);
AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_VIEWED, array(strval($account), 'AccountsModule'), $account);
$breadCrumbView = StickySearchUtil::resolveBreadCrumbViewForDetailsControllerAction($this, 'AccountsSearchView', $account);
$detailsAndRelationsView = $this->makeDetailsAndRelationsView($account, 'AccountsModule', 'AccountDetailsAndRelationsView', Yii::app()->request->getRequestUri(), $breadCrumbView);
$view = new AccountsPageView(ZurmoDefaultViewUtil::makeStandardViewForCurrentUser($this, $detailsAndRelationsView));
echo $view->render();
}
/**
* @param $id
* @param null $redirectUrl
*/
public function actionDetails($id, $redirectUrl = null)
{
$modelClassName = $this->getModule()->getPrimaryModelName();
$activity = static::getModelAndCatchNotFoundAndDisplayError($modelClassName, intval($id));
ControllerSecurityUtil::resolveAccessCanCurrentUserReadModel($activity);
AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_VIEWED, array(strval($activity), get_class($this->getModule())), $activity);
$pageViewClassName = $this->getPageViewClassName();
$view = new $pageViewClassName(ZurmoDefaultViewUtil::makeStandardViewForCurrentUser($this, $this->makeEditAndDetailsView($activity, 'Details')));
echo $view->render();
}
public function actionDetails($id)
{
$savedReport = static::getModelAndCatchNotFoundAndDisplayError('SavedReport', intval($id));
ControllerSecurityUtil::resolveCanCurrentUserAccessModule($savedReport->moduleClassName);
ControllerSecurityUtil::resolveAccessCanCurrentUserReadModel($savedReport);
AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_VIEWED, array(strval($savedReport), 'ReportsModule'), $savedReport);
$breadCrumbLinks = array(strval($savedReport));
$breadCrumbView = new ReportBreadCrumbView($this->getId(), $this->getModule()->getId(), $breadCrumbLinks);
$detailsAndRelationsView = $this->makeReportDetailsAndRelationsView($savedReport, Yii::app()->request->getRequestUri(), $breadCrumbView);
$view = new ReportsPageView(ZurmoDefaultViewUtil::makeStandardViewForCurrentUser($this, $detailsAndRelationsView));
echo $view->render();
}
public function actionDetails($id)
{
$conversation = static::getModelAndCatchNotFoundAndDisplayError('Conversation', intval($id));
ControllerSecurityUtil::resolveAccessCanCurrentUserReadModel($conversation);
AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_VIEWED, array(strval($conversation), 'ConversationsModule'), $conversation);
ConversationsUtil::markUserHasReadLatest($conversation, Yii::app()->user->userModel);
$detailsView = new ConversationDetailsView($this->getId(), $this->getModule()->getId(), $conversation);
$conversationsMashableInboxUrl = Yii::app()->createUrl('mashableInbox/default/list', array('modelClassName' => 'Conversation'));
$breadcrumbLinks = array(Zurmo::t('ConversationsModule', 'Conversations') => $conversationsMashableInboxUrl, StringUtil::getChoppedStringContent(strval($conversation), 25));
$view = new ConversationsPageView(ZurmoDefaultViewUtil::makeViewWithBreadcrumbsForCurrentUser($this, $detailsView, $breadcrumbLinks, 'ConversationBreadCrumbView'));
echo $view->render();
}
public function actionDetails($id)
{
$savedWorkflow = static::getModelAndCatchNotFoundAndDisplayError('SavedWorkflow', intval($id));
ControllerSecurityUtil::resolveCanCurrentUserAccessModule($savedWorkflow->moduleClassName);
ControllerSecurityUtil::resolveAccessCanCurrentUserReadModel($savedWorkflow);
AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_VIEWED, array(strval($savedWorkflow), 'WorkflowsModule'), $savedWorkflow);
$breadCrumbLinks = array(strval($savedWorkflow));
$workflow = SavedWorkflowToWorkflowAdapter::makeWorkflowBySavedWorkflow($savedWorkflow);
$workflowToWizardFormAdapter = new WorkflowToWizardFormAdapter($workflow);
$form = $workflowToWizardFormAdapter->makeFormByType();
$detailsView = new WorkflowDetailsView($this->getId(), $this->getModule()->getId(), $form);
$view = new WorkflowsPageView(ZurmoDefaultAdminViewUtil::makeViewWithBreadcrumbsForCurrentUser($this, $detailsView, $breadCrumbLinks, 'WorkflowBreadCrumbView'));
echo $view->render();
}
public function actionDetails($id)
{
$contact = static::getModelAndCatchNotFoundAndDisplayError('Contact', intval($id));
ControllerSecurityUtil::resolveAccessCanCurrentUserReadModel($contact);
AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_VIEWED, array(strval($contact), 'ContactsModule'), $contact);
if (KanbanUtil::isKanbanRequest() === false) {
$breadCrumbView = StickySearchUtil::resolveBreadCrumbViewForDetailsControllerAction($this, 'ContactsSearchView', $contact);
$detailsAndRelationsView = $this->makeDetailsAndRelationsView($contact, 'ContactsModule', 'ContactDetailsAndRelationsView', Yii::app()->request->getRequestUri(), $breadCrumbView);
$view = new ContactsPageView(ZurmoDefaultViewUtil::makeStandardViewForCurrentUser($this, $detailsAndRelationsView));
} else {
$view = TasksUtil::resolveTaskKanbanViewForRelation($contact, $this->getModule()->getId(), $this, 'TasksForContactKanbanView', 'ContactsPageView');
}
echo $view->render();
}
public function actionDetails($id)
{
$contact = static::getModelAndCatchNotFoundAndDisplayError('Contact', intval($id));
ControllerSecurityUtil::resolveAccessCanCurrentUserReadModel($contact);
if (!LeadsUtil::isStateALead($contact->state)) {
$urlParams = array('/contacts/' . $this->getId() . '/details', 'id' => $contact->id);
$this->redirect($urlParams);
} else {
AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_VIEWED, array(strval($contact), 'LeadsModule'), $contact);
$breadCrumbView = StickySearchUtil::resolveBreadCrumbViewForDetailsControllerAction($this, 'LeadsSearchView', $contact);
$detailsAndRelationsView = $this->makeDetailsAndRelationsView($contact, 'LeadsModule', 'LeadDetailsAndRelationsView', Yii::app()->request->getRequestUri(), $breadCrumbView);
$view = new LeadsPageView(ZurmoDefaultViewUtil::makeStandardViewForCurrentUser($this, $detailsAndRelationsView));
echo $view->render();
}
}
public static function logAuditEvent($moduleName, $eventName, $data = null, RedBeanModel $model = null, User $user = null)
{
assert('is_string($moduleName) && $moduleName != ""');
assert('is_string($eventName) && $eventName != ""');
if ($user === null) {
$user = Yii::app()->user->userModel;
if (!$user instanceof User) {
throw new NoCurrentUserSecurityException();
}
}
if ($eventName == ZurmoModule::AUDIT_EVENT_ITEM_VIEWED) {
AuditEventsRecentlyViewedUtil::resolveNewRecentlyViewedModel($data[1], $model, AuditEventsRecentlyViewedUtil::RECENTLY_VIEWED_COUNT + 1);
}
if ($eventName == ZurmoModule::AUDIT_EVENT_ITEM_DELETED) {
$modelClassName = get_class($model);
AuditEventsRecentlyViewedUtil::deleteModelFromRecentlyViewed($modelClassName::getModuleClassName(), $model);
}
if ($eventName != ZurmoModule::AUDIT_EVENT_ITEM_VIEWED) {
if (!AuditEvent::$isTableOptimized && !AUDITING_OPTIMIZED) {
$auditEvent = new AuditEvent();
$auditEvent->dateTime = DateTimeUtil::convertTimestampToDbFormatDateTime(time());
$auditEvent->moduleName = $moduleName;
$auditEvent->eventName = $eventName;
$auditEvent->user = $user;
$auditEvent->modelClassName = $model !== null ? get_class($model) : null;
$auditEvent->modelId = $model !== null ? $model->id : null;
$auditEvent->serializedData = serialize($data);
$saved = $auditEvent->save();
AuditEvent::$isTableOptimized = true;
} else {
$sql = "insert into auditevent (datetime,\n modulename,\n eventname,\n _user_id,\n modelclassname,\n modelid,\n serializeddata)\n values ('" . DateTimeUtil::convertTimestampToDbFormatDateTime(time()) . "',\n '{$moduleName}',\n '{$eventName}',\n {$user->id}, " . ($model !== null ? "'" . get_class($model) . "', " : 'null, ') . ($model !== null ? "{$model->id}, " : 'null, ') . ":data)";
ZurmoRedBean::exec($sql, array('data' => serialize($data))) !== null;
$saved = true;
}
return $saved;
}
}
/**
* Details view for project
* @param int $id
*/
public function actionDetails($id)
{
$project = static::getModelAndCatchNotFoundAndDisplayError('Project', intval($id));
ControllerSecurityUtil::resolveAccessCanCurrentUserReadModel($project);
AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_VIEWED, array(strval($project), 'ProjectsModule'), $project);
$view = TasksUtil::resolveTaskKanbanViewForRelation($project, $this->getModule()->getId(), $this, 'TasksForProjectKanbanView', 'ProjectsPageView');
echo $view->render();
}
public function testLogAuditEventsForIsActive()
{
$user = new User();
$user->username = '******';
$user->title->value = 'Mr.';
$user->firstName = 'My';
$user->lastName = 'testlogauditforisactive';
$user->setPassword('testlogauditforisactive');
$this->assertTrue($user->save());
unset($user);
$user = User::getByUsername('testlogauditforisactive');
$this->assertEquals(1, $user->isActive);
unset($user);
AuditEvent::deleteAll();
//Change the user's status to inactive and confirm new audit event is created
$user = User::getByUsername('testlogauditforisactive');
$user->setRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB, RIGHT::DENY);
$this->assertTrue($user->save());
$this->assertEquals(0, $user->isActive);
$auditEvents = AuditEvent::getAll();
$this->assertCount(1, $auditEvents);
$this->assertContains('Item Modified', strval($auditEvents[0]));
unset($user);
//Now change the user's status back to active and confirm new audit event is created
$user = User::getByUsername('testlogauditforisactive');
$user->setRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB, RIGHT::ALLOW);
$this->assertTrue($user->save());
$this->assertEquals(1, $user->isActive);
$auditEvents = AuditEvent::getAll();
$this->assertCount(2, $auditEvents);
$this->assertContains('Item Modified', strval($auditEvents[1]));
unset($user);
}
public function testDeleteModelFromRecentlyViewed()
{
Yii::app()->user->userModel = User::getByUsername('super');
ZurmoConfigurationUtil::setForCurrentUserByModuleName('ZurmoModule', 'recentlyViewed', null);
$account1 = new Account();
$account1->name = 'Dooble1';
$this->assertTrue($account1->save());
$account2 = new Account();
$account2->name = 'Dooble2';
$this->assertTrue($account2->save());
$account3 = new Account();
$account3->name = 'Dooble3';
$account3->owner = User::getByUsername('jimmy');
$this->assertTrue($account3->save());
//Now create some audit entries for the Item Viewed event.
AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_VIEWED, array(strval($account1), 'AccountsModule'), $account1);
AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_VIEWED, array(strval($account2), 'AccountsModule'), $account2);
AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_VIEWED, array(strval($account1), 'AccountsModule'), $account3);
$content = AuditEventsRecentlyViewedUtil::getRecentlyViewedAjaxContentByUser(Yii::app()->user->userModel, 5);
$this->assertContains('Dooble1', $content);
$this->assertContains('Dooble2', $content);
$this->assertContains('Dooble3', $content);
AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_DELETED, strval($account1), $account1);
$content = AuditEventsRecentlyViewedUtil::getRecentlyViewedAjaxContentByUser(Yii::app()->user->userModel, 5);
$this->assertNotContains('Dooble1', $content);
$this->assertContains('Dooble2', $content);
$this->assertContains('Dooble3', $content);
}
public function testChangingContactWithoutChangingRelatedAccountShouldNotAuditAccountChangeWhenDoneViaPost()
{
Yii::app()->user->userModel = User::getByUsername('super');
$contactStates = ContactState::getByName('Qualified');
$contact = new Contact();
$contact->owner = Yii::app()->user->userModel;
$contact->title->value = 'Mr.';
$contact->firstName = 'Supero';
$contact->lastName = 'Mano';
$contact->state = $contactStates[0];
$this->assertTrue($contact->save());
$beforeCount = AuditEvent::getCount();
//Test that saving an existing contact without a related contact will not produce an audit event showing the
//related account has changed. This is a test to show when the account is not populated but has a negative
//id.
$contactId = $contact->id;
$contact->forget();
unset($contact);
$contact = Contact::getById($contactId);
$fakePostData = array('account' => array('id' => ''));
$contact->setAttributes($fakePostData);
$this->assertTrue($contact->save());
$this->assertEquals($beforeCount, AuditEvent::getCount());
}
protected function logAuditEventsListForCreatedAndModifed($newModel)
{
if ($newModel) {
AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_CREATED, strval($this), $this);
} else {
AuditUtil::logAuditEventsListForChangedAttributeValues($this);
}
}
public function actionDetails($id)
{
$emailTemplate = static::getModelAndCatchNotFoundAndDisplayError('EmailTemplate', intval($id));
ControllerSecurityUtil::resolveAccessCanCurrentUserReadModel($emailTemplate);
AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_VIEWED, array(strval($emailTemplate), 'EmailTemplatesModule'), $emailTemplate);
$detailsView = new EmailTemplateDetailsView($this->getId(), $this->getModule()->getId(), $emailTemplate, strval($emailTemplate));
$viewUtil = static::getViewUtilByType($emailTemplate->type);
$breadCrumbView = static::getBreadCrumbViewByType($emailTemplate->type);
$breadCrumbLinks = static::getBreadCrumbLinksByType($emailTemplate->type);
$breadCrumbLinks[] = StringUtil::getChoppedStringContent(strval($emailTemplate), 25);
$view = new EmailTemplatesPageView($viewUtil::makeViewWithBreadcrumbsForCurrentUser($this, $detailsView, $breadCrumbLinks, $breadCrumbView));
echo $view->render();
}
/**
* Given a user and a count, get a tail of recent audit events for that user limited by the count.
* @param User $user
*/
protected static function getRecentlyViewedAuditEventsByUser(User $user, $count)
{
assert('is_int($count)');
return AuditEvent::getTailDistinctEventsByEventName('Item Viewed', $user, $count);
}
/**
* to change isActive attribute properly during save
*/
protected function setIsActive()
{
if (Right::DENY == $this->getExplicitActualRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB) || Right::DENY == $this->getExplicitActualRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_MOBILE) || Right::DENY == $this->getExplicitActualRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API)) {
$isActive = false;
} else {
$isActive = true;
}
if ($this->isActive != $isActive) {
$data = array(strval($this), array('isActive'), BooleanUtil::boolToString((bool) $this->isActive), BooleanUtil::boolToString((bool) $isActive));
AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_MODIFIED, $data, $this);
$this->unrestrictedSet('isActive', $isActive);
$this->save();
}
}
public function testMakeDataProviderBySearchAttributeData()
{
$account = new Account();
$user = UserTestHelper::createBasicUser('Andy');
$account->name = 'aNewDawn Inc 2';
$account->owner = $user;
$this->assertTrue($account->save());
$account->name = 'aNewDawn Inc 3';
$this->assertTrue($account->save());
$searchAttributeData = AuditEventsListControllerUtil::makeModalSearchAttributeDataByAuditedModel($account);
$dataProvider = AuditEventsListControllerUtil::makeDataProviderBySearchAttributeData($searchAttributeData);
$this->assertTrue($dataProvider instanceof RedBeanModelDataProvider);
$data = $dataProvider->getData();
$this->assertEquals(1, count($data));
$firstAuditEvent = current($data);
$accountInfo = unserialize($firstAuditEvent->serializedData);
$this->assertEquals(strval($account), $accountInfo[0]);
$this->assertEquals('name', $accountInfo[1][0]);
$this->assertEquals('aNewDawn Inc 2', $accountInfo[2]);
$this->assertEquals($account->name, $accountInfo[3]);
//For login/logout events
$searchAttributeData = AuditEventsListControllerUtil::makeModalSearchAttributeDataByAuditedModel($user);
$dataProvider = AuditEventsListControllerUtil::makeDataProviderBySearchAttributeData($searchAttributeData);
$this->assertTrue($dataProvider instanceof RedBeanModelDataProvider);
$data = $dataProvider->getData();
$count = count($data);
AuditEvent::logAuditEvent('UsersModule', UsersModule::AUDIT_EVENT_USER_PASSWORD_CHANGED, $user->username, $user);
$searchAttributeData = AuditEventsListControllerUtil::makeModalSearchAttributeDataByAuditedModel($user);
$dataProvider = AuditEventsListControllerUtil::makeDataProviderBySearchAttributeData($searchAttributeData);
$this->assertTrue($dataProvider instanceof RedBeanModelDataProvider);
$data = $dataProvider->getData();
$this->assertEquals($count + 1, count($data));
}
/**
* @param Item $item
* @param array $attributeNames
* @param RedBeanModel $ownedModel
*/
public static function logAuditEventsListForChangedAttributeValues(Item $item, array $attributeNames = array(), RedBeanModel $ownedModel = null)
{
assert('$item->id > 0');
$attributeModel = $ownedModel === null ? $item : $ownedModel;
$noAuditAttributeNames = self::getNoAuditAttributeNames($attributeModel);
foreach ($attributeModel->originalAttributeValues as $attributeName => $oldValue) {
if (!in_array($attributeName, $noAuditAttributeNames)) {
$processAuditEvent = true;
if (!$attributeModel::isRelation($attributeName)) {
$newValue = $attributeModel->{$attributeName};
} elseif ($attributeModel->{$attributeName} instanceof RedBeanOneToManyRelatedModels) {
$newValue = $attributeModel->{$attributeName}->getStringifiedData();
assert('$oldValue != $newValue');
} else {
assert('$attributeModel->$attributeName instanceof RedBeanModel');
$relatedModel = $attributeModel->{$attributeName};
if ($relatedModel->id < 0 && $oldValue[1] < 0) {
$processAuditEvent = false;
} else {
$newValue = array(get_class($relatedModel), $relatedModel->id, strval($relatedModel));
assert('$oldValue != $newValue');
}
}
if ($processAuditEvent) {
$tempAttributeNames = $attributeNames;
$tempAttributeNames[] = $attributeName;
$data = array(strval($item), $tempAttributeNames, $oldValue, $newValue);
AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_MODIFIED, $data, $item);
}
}
}
foreach ($attributeModel->attributeNames() as $attributeName) {
if (!in_array($attributeName, $noAuditAttributeNames) && $attributeModel::isOwnedRelation($attributeName)) {
try {
$ownedModel = $attributeModel->{$attributeName};
} catch (AccessDeniedSecurityException $e) {
continue;
// If someone doesn't have access they
// they can't have modified the attributes.
} catch (NotSupportedException $e) {
continue;
// Certain attributes can't be modified, like
// rights on the super administrators group
// so we can safely ignore them.
}
if ($ownedModel instanceof OwnedModel || $ownedModel instanceof OwnedCustomField || $ownedModel instanceof OwnedMultipleValuesCustomField) {
$ownedModels = array($ownedModel);
} else {
assert('$ownedModel instanceof RedBeanModels');
$ownedModels = array();
}
foreach ($ownedModels as $ownedModel) {
$tempAttributeNames = $attributeNames;
$tempAttributeNames[] = $attributeName;
self::logAuditEventsListForChangedAttributeValues($item, $tempAttributeNames, $ownedModel);
}
}
}
}
protected function logAuditEventsListForCreatedAndModifed($newModel)
{
if ($newModel) {
// When the first user is created there can be no
// current user. Log the first user as creating themselves.
if (Yii::app()->user->userModel == null || !Yii::app()->user->userModel->id > 0) {
Yii::app()->user->userModel = $this;
}
AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_CREATED, strval($this), $this);
} else {
AuditUtil::logAuditEventsListForChangedAttributeValues($this);
}
}
public function testGetTailDistinctEventsByEventName()
{
Yii::app()->user->userModel = User::getByUsername('super');
$account1 = new Account();
$account1->name = 'Dooble1';
$this->assertTrue($account1->save());
$account2 = new Account();
$account2->name = 'Dooble2';
$this->assertTrue($account2->save());
$account3 = new Account();
$account3->name = 'Dooble3';
$account3->owner = User::getByUsername('jimmy');
$this->assertTrue($account3->save());
$auditEvents = AuditEvent::getTailDistinctEventsByEventName('Item Viewed', Yii::app()->user->userModel, 5);
$this->assertEquals(0, count($auditEvents));
//Now create some audit entries for the Item Viewed event.
AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_VIEWED, array(strval($account1), 'AccountsModule'), $account1);
AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_VIEWED, array(strval($account2), 'AccountsModule'), $account2);
AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_VIEWED, array(strval($account1), 'AccountsModule'), $account1);
//Switch users to add an audit event.
Yii::app()->user->userModel = User::getByUsername('jimmy');
AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_VIEWED, array(strval($account3), 'AccountsModule'), $account3);
Yii::app()->user->userModel = User::getByUsername('super');
$auditEvents = AuditEvent::getTailDistinctEventsByEventName('Item Viewed', Yii::app()->user->userModel, 5);
$this->assertEquals(2, count($auditEvents));
}
public function testAuditEventsModalList()
{
$super = $this->logoutCurrentUserLoginNewUserAndGetByUsername('super');
AuditEvent::logAuditEvent('UsersModule', UsersModule::AUDIT_EVENT_USER_PASSWORD_CHANGED, $super->username, $super);
$this->setGetArray(array('id' => $super->id));
$this->resetPostArray();
$content = $this->runControllerWithNoExceptionsAndGetContent('users/default/auditEventsModalList');
$this->assertContains('User Password Changed', $content);
}
public function actionDetails($id, $renderJson = false, $includeFilesInJson = false)
{
$emailTemplate = static::getModelAndCatchNotFoundAndDisplayError('EmailTemplate', intval($id));
ControllerSecurityUtil::resolveAccessCanCurrentUserReadModel($emailTemplate);
if ($renderJson) {
header('Content-type: application/json');
echo $this->resolveEmailTemplateAsJson($emailTemplate, $includeFilesInJson);
Yii::app()->end(0, false);
}
AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_VIEWED, array(strval($emailTemplate), 'EmailTemplatesModule'), $emailTemplate);
$detailsView = new EmailTemplateEditAndDetailsView('Details', $this->getId(), $this->getModule()->getId(), $emailTemplate);
if ($emailTemplate->type == EmailTemplate::TYPE_WORKFLOW) {
$breadcrumbLinks = static::getDetailsAndEditForWorkflowBreadcrumbLinks();
$breadcrumbLinks[] = StringUtil::getChoppedStringContent(strval($emailTemplate), 25);
$view = new EmailTemplatesPageView(WorkflowDefaultAdminViewUtil::makeViewWithBreadcrumbsForCurrentUser($this, $detailsView, $breadcrumbLinks, 'WorkflowBreadCrumbView'));
} elseif ($emailTemplate->type == EmailTemplate::TYPE_CONTACT) {
$breadcrumbLinks = static::getDetailsAndEditForMarketingBreadcrumbLinks();
$breadcrumbLinks[] = StringUtil::getChoppedStringContent(strval($emailTemplate), 25);
$view = new EmailTemplatesPageView(MarketingDefaultViewUtil::makeViewWithBreadcrumbsForCurrentUser($this, $detailsView, $breadcrumbLinks, 'MarketingBreadCrumbView'));
} else {
throw new NotSupportedException();
}
echo $view->render();
}
/**
* Auto building of models (and therefore the database) involves...
*
* - Creating each model.
* - Setting its members to made up values that conform to the rules specified for the member.
* - Setting or adding to its relations while avoiding making new objects of the same types
* as have already been made.
* - Saving it so that the tables and columns are created.
* - Deleting it so that it doesn't leave rows behind.
* - (The database is now ready for freezing.)
*
* The aim of the auto build is to populate models in a 'valid enough way' to save them
* such that RedBean creates the tables and columns it needs with the right column types.
* This means it does not necessarily make models that are valid, for example it will set
* a model's parent to itself if model and the parent are of the same type. These kinds of
* inconsistencies do not matter for the purpose of auto building the database, and are
* semantic information that is not available and not needed for this process. The idea is
* to create as few models as possible.
*
* Call this an empty unfrozen database with all the models required for certain tests, or
* all the models required for the production database. Then freeze the database.
*
* If a model references a non-leaf model in the hierarchy an example of a model subclassed
* from that type must be included in the $modelClassNames. eg: 'Opportunity' references
* Permitable via its permissions and an abstract 'Permitable' cannot be created, so 'User'
* needs be created at the same time since it is concrete and can be used to create an
* Opportunity.
* ie: $modelClassNames = array('Opportunity', 'User').
*/
public static function autoBuildModels(array $modelClassNames, &$messageLogger)
{
assert('AssertUtil::all($modelClassNames, "is_string")');
assert('$messageLogger instanceof MessageLogger');
if (!self::isAutoBuildStateValid()) {
self::deleteAllSampleModelsFromStatePersisterAndDatabase($messageLogger);
}
self::setAutoBuildStateInStatePersister(self::AUTO_BUILD_STATE_INVALID);
AuditEvent::$isTableOptimized = false;
self::$modelClassNamesToSampleModels = array();
foreach ($modelClassNames as $modelClassName) {
$messages[] = array('info' => "Auto building {$modelClassName}.");
self::autoBuildSampleModel($modelClassName, $modelClassNames, $messageLogger);
$messageLogger->addInfoMessage("Auto build of {$modelClassName} done.");
}
foreach (self::$modelClassNamesToSampleModels as $modelClassName => $model) {
if (!$model instanceof OwnedModel && !$model instanceof OwnedCustomField && !$model instanceof OwnedMultipleValuesCustomField) {
try {
$model->setScenario('autoBuildDatabase');
$saved = $model->save();
if ($saved) {
self::setSampleModelInStatePersister(get_class($model), $model->id);
$metadata = $model->getMetadata();
foreach ($metadata as $unused => $classMetadata) {
if (!empty($classMetadata['relations'])) {
foreach ($classMetadata['relations'] as $relationName => $relationTypeModelClassNameAndOwns) {
$relationType = $relationTypeModelClassNameAndOwns[0];
$relatedModelClassName = $relationTypeModelClassNameAndOwns[1];
$owned = isset($relationTypeModelClassNameAndOwns[2]) && $relationTypeModelClassNameAndOwns[2] == RedBeanModel::OWNED;
if (get_class($model) == get_class($model->{$relationName}) && $model->id == $model->{$relationName}->id) {
$messageLogger->addInfoMessage("Unset {$modelClassName}->{$relationName} to avoid recursion and thread stack overrun.");
$model->{$relationName} = null;
$model->save();
}
}
}
}
} else {
$messageLogger->addErrorMessage("*** Saving the sample {$modelClassName} failed.");
$errors = $model->getErrors();
if (count($errors) > 0) {
$messageLogger->addErrorMessage('The attributes that did not validate probably need more rules, or are not deletable types.');
$messageLogger->addErrorMessage(print_r($errors, true));
} else {
$messageLogger->addErrorMessage('No attributes failed to validate!');
}
}
$messageLogger->addInfoMessage("Auto built {$modelClassName} saved.");
} catch (NotSupportedException $e) {
$messageLogger->addErrorMessage("*** Saving the sample {$modelClassName} failed.");
if (is_subclass_of($modelClassName, 'OwnedCustomField') || is_subclass_of($modelClassName, 'OwnedMultipleValuesCustomField') || is_subclass_of($modelClassName, 'OwnedModel')) {
$messageLogger->addErrorMessage('It is OWNED and was probably not saved via its owner, making it not a root model.');
} else {
$messageLogger->addErrorMessage('The save failed but there were no validation errors.');
}
}
}
}
foreach (self::$modelClassNamesToSampleModels as $modelClassName => $model) {
try {
if (!$model->isDeleted()) {
if (!$model->delete()) {
if ($model->id < 0) {
$messageLogger->addInfoMessage(get_class($model) . " Not Deleted but never saved so this is ok. (Most likely it is a - Has Many Owned)");
} else {
$messageLogger->addErrorMessage("*** Deleting the sample " . get_class($model) . " failed. It would not delete.");
}
} else {
$messageLogger->addInfoMessage(get_class($model) . " Deleted (Not Owned).");
}
} else {
$messageLogger->addInfoMessage(get_class($model) . " Deleted Already (Owned).");
}
AuditEvent::deleteAllByModel($model);
unset(self::$modelClassNamesToSampleModels[$modelClassName]);
} catch (NotSupportedException $e) {
$messageLogger->addErrorMessage("*** Deleting the sample {$modelClassName} failed. It is marked not deletable.");
}
}
if (count(self::$modelClassNamesToSampleModels)) {
$messageLogger->addErrorMessage('*** Deleting of the sample(s) ' . join(', ', array_keys(self::$modelClassNamesToSampleModels)) . " didn't happen.");
}
AuditEvent::$isTableOptimized = false;
self::deleteAllSampleModelsFromStatePersister();
self::setAutoBuildStateInStatePersister(self::AUTO_BUILD_STATE_VALID);
}
public function actionDetails($id)
{
$user = User::getById(intval($id));
UserAccessUtil::resolveAccessingASystemUser($user);
$title = Zurmo::t('UsersModule', 'Profile');
$breadCrumbLinks = array(strval($user) => array('default/details', 'id' => $id), $title);
AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_VIEWED, array(strval($user), 'UsersModule'), $user);
$params = array('controllerId' => $this->getId(), 'relationModuleId' => $this->getModule()->getId(), 'relationModel' => $user);
$detailsAndRelationsView = new UserDetailsAndRelationsView($this->getId(), $this->getModule()->getId(), $params);
$view = new UsersPageView($this->resolveZurmoDefaultOrAdminView($detailsAndRelationsView, $breadCrumbLinks, 'UserBreadCrumbView'));
echo $view->render();
}
protected function beforeLogout()
{
AuditEvent::logAuditEvent('UsersModule', UsersModule::AUDIT_EVENT_USER_LOGGED_OUT);
return true;
}
* In accordance with Section 7(b) of the GNU Affero General Public License version 3,
* these Appropriate Legal Notices must retain the display of the Zurmo
* logo and Zurmo copyright notice. If the display of the logo is not reasonably
* feasible for technical reasons, the Appropriate Legal Notices must display the words
* "Copyright Zurmo Inc. 2014. All rights reserved".
********************************************************************************/
require_once '../../config/debug.php';
require_once '../common/bootstrap.php';
if (!($argc == 1 || $argc == 3 && $argv[1] == '-n' && is_numeric($argv[2]))) {
echo "\nAuditLog - Displays the audit log.\nUsage: php AuditLog.php [-n #]\nOptions: -n # Displays the tail of the log up to # entries.\n";
exit;
}
$count = $argc == 3 ? intval($argv[2]) : null;
try {
RedBeanDatabase::setup(Yii::app()->db->connectionString, Yii::app()->db->username, Yii::app()->db->password);
} catch (Exception $e) {
echo "Could not open the database.\n";
exit;
}
try {
Yii::app()->user->userModel = User::getByUsername('super');
} catch (Exception $e) {
echo "Super user does not exist.\n";
exit;
}
$AuditEventsList = $count === null ? AuditEvent::getAll() : AuditEvent::getTailEvents($count);
foreach ($AuditEventsList as $auditEvent) {
$moduleName = $auditEvent->moduleName;
echo $moduleName::stringifyAuditEvent($auditEvent) . "\n";
}
echo '(' . count($AuditEventsList) . " events)\n";
