public function addEvent(AuditEvent $event) { $event->setComponent($this->_component); $cn = get_class($event); $sev = serialize($event); // Shove into DB -- echo $sev; echo $cn . "\n\n" . $sev . "\n"; $db = new DatabaseConnection(); $db->insertRow("INSERT INTO auditlog " . "eventclass,component,severity,eventdate,data) " . "VALUES (%s,%s,%d,%d,NOW(),%s)", $cn, $event->getComponent(), $event->getSeverity(), $event->getAssociatedUserId(), $sev); }
public function actionDetails($id) { $contact = static::getModelAndCatchNotFoundAndDisplayError('Contact', intval($id)); ControllerSecurityUtil::resolveAccessCanCurrentUserReadModel($contact); if (!LeadsUtil::isStateALead($contact->state)) { $urlParams = array('/contacts/' . $this->getId() . '/details', 'id' => $contact->id); $this->redirect($urlParams); } else { AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_VIEWED, array(strval($contact), 'LeadsModule'), $contact); $getData = GetUtil::getData(); $isKanbanBoardInRequest = ArrayUtil::getArrayValue($getData, 'kanbanBoard'); if ($isKanbanBoardInRequest == 0 || $isKanbanBoardInRequest == null || Yii::app()->userInterface->isMobile() === true) { $breadCrumbView = StickySearchUtil::resolveBreadCrumbViewForDetailsControllerAction($this, 'LeadsSearchView', $contact); $detailsAndRelationsView = $this->makeDetailsAndRelationsView($contact, 'LeadsModule', 'LeadDetailsAndRelationsView', Yii::app()->request->getRequestUri(), $breadCrumbView); $view = new LeadsPageView(ZurmoDefaultViewUtil::makeStandardViewForCurrentUser($this, $detailsAndRelationsView)); } else { $kanbanItem = new KanbanItem(); $kanbanBoard = new TaskKanbanBoard($kanbanItem, 'type', $contact, get_class($contact)); $kanbanBoard->setIsActive(); $params['relationModel'] = $contact; $params['relationModuleId'] = $this->getModule()->getId(); $params['redirectUrl'] = null; $listView = new TasksForLeadKanbanView($this->getId(), 'tasks', 'Task', null, $params, null, array(), $kanbanBoard); $view = new LeadsPageView(ZurmoDefaultViewUtil::makeStandardViewForCurrentUser($this, $listView)); } echo $view->render(); } }
public function actionDetails($id) { $product = static::getModelAndCatchNotFoundAndDisplayError('Product', intval($id)); ControllerSecurityUtil::resolveAccessCanCurrentUserReadModel($product); $breadCrumbLinks = array(StringUtil::getChoppedStringContent(strval($product), 25)); AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_VIEWED, array(strval($product), 'ProductsModule'), $product); $detailsView = new ProductEditAndDetailsView('Details', $this->getId(), $this->getModule()->getId(), $product); $view = new ProductsPageView(ProductDefaultViewUtil::makeViewWithBreadcrumbsForCurrentUser($this, $detailsView, $breadCrumbLinks, 'ProductBreadCrumbView')); echo $view->render(); }
public function actionDetails($id) { $animal = static::getModelAndCatchNotFoundAndDisplayError('Animal', intval($id)); $breadCrumbView = StickySearchUtil::resolveBreadCrumbViewForDetailsControllerAction($this, 'AnimalsSearchView', $animal); ControllerSecurityUtil::resolveAccessCanCurrentUserReadModel($animal); AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_VIEWED, array(strval($animal), 'AnimalsModule'), $animal); $titleBarAndEditView = $this->makeEditAndDetailsView($animal, 'Details'); $view = new AnimalsPageView(ZurmoDefaultViewUtil::makeStandardViewForCurrentUser($this, $titleBarAndEditView)); echo $view->render(); }
public function actionDetails($id) { $account = static::getModelAndCatchNotFoundAndDisplayError('Account', intval($id)); ControllerSecurityUtil::resolveAccessCanCurrentUserReadModel($account); AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_VIEWED, array(strval($account), 'AccountsModule'), $account); $breadCrumbView = StickySearchUtil::resolveBreadCrumbViewForDetailsControllerAction($this, 'AccountsSearchView', $account); $detailsAndRelationsView = $this->makeDetailsAndRelationsView($account, 'AccountsModule', 'AccountDetailsAndRelationsView', Yii::app()->request->getRequestUri(), $breadCrumbView); $view = new AccountsPageView(ZurmoDefaultViewUtil::makeStandardViewForCurrentUser($this, $detailsAndRelationsView)); echo $view->render(); }
/** * @param $id * @param null $redirectUrl */ public function actionDetails($id, $redirectUrl = null) { $modelClassName = $this->getModule()->getPrimaryModelName(); $activity = static::getModelAndCatchNotFoundAndDisplayError($modelClassName, intval($id)); ControllerSecurityUtil::resolveAccessCanCurrentUserReadModel($activity); AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_VIEWED, array(strval($activity), get_class($this->getModule())), $activity); $pageViewClassName = $this->getPageViewClassName(); $view = new $pageViewClassName(ZurmoDefaultViewUtil::makeStandardViewForCurrentUser($this, $this->makeEditAndDetailsView($activity, 'Details'))); echo $view->render(); }
public function actionDetails($id) { $savedReport = static::getModelAndCatchNotFoundAndDisplayError('SavedReport', intval($id)); ControllerSecurityUtil::resolveCanCurrentUserAccessModule($savedReport->moduleClassName); ControllerSecurityUtil::resolveAccessCanCurrentUserReadModel($savedReport); AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_VIEWED, array(strval($savedReport), 'ReportsModule'), $savedReport); $breadCrumbLinks = array(strval($savedReport)); $breadCrumbView = new ReportBreadCrumbView($this->getId(), $this->getModule()->getId(), $breadCrumbLinks); $detailsAndRelationsView = $this->makeReportDetailsAndRelationsView($savedReport, Yii::app()->request->getRequestUri(), $breadCrumbView); $view = new ReportsPageView(ZurmoDefaultViewUtil::makeStandardViewForCurrentUser($this, $detailsAndRelationsView)); echo $view->render(); }
public function actionDetails($id) { $conversation = static::getModelAndCatchNotFoundAndDisplayError('Conversation', intval($id)); ControllerSecurityUtil::resolveAccessCanCurrentUserReadModel($conversation); AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_VIEWED, array(strval($conversation), 'ConversationsModule'), $conversation); ConversationsUtil::markUserHasReadLatest($conversation, Yii::app()->user->userModel); $detailsView = new ConversationDetailsView($this->getId(), $this->getModule()->getId(), $conversation); $conversationsMashableInboxUrl = Yii::app()->createUrl('mashableInbox/default/list', array('modelClassName' => 'Conversation')); $breadcrumbLinks = array(Zurmo::t('ConversationsModule', 'Conversations') => $conversationsMashableInboxUrl, StringUtil::getChoppedStringContent(strval($conversation), 25)); $view = new ConversationsPageView(ZurmoDefaultViewUtil::makeViewWithBreadcrumbsForCurrentUser($this, $detailsView, $breadcrumbLinks, 'ConversationBreadCrumbView')); echo $view->render(); }
public function actionDetails($id) { $savedWorkflow = static::getModelAndCatchNotFoundAndDisplayError('SavedWorkflow', intval($id)); ControllerSecurityUtil::resolveCanCurrentUserAccessModule($savedWorkflow->moduleClassName); ControllerSecurityUtil::resolveAccessCanCurrentUserReadModel($savedWorkflow); AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_VIEWED, array(strval($savedWorkflow), 'WorkflowsModule'), $savedWorkflow); $breadCrumbLinks = array(strval($savedWorkflow)); $workflow = SavedWorkflowToWorkflowAdapter::makeWorkflowBySavedWorkflow($savedWorkflow); $workflowToWizardFormAdapter = new WorkflowToWizardFormAdapter($workflow); $form = $workflowToWizardFormAdapter->makeFormByType(); $detailsView = new WorkflowDetailsView($this->getId(), $this->getModule()->getId(), $form); $view = new WorkflowsPageView(ZurmoDefaultAdminViewUtil::makeViewWithBreadcrumbsForCurrentUser($this, $detailsView, $breadCrumbLinks, 'WorkflowBreadCrumbView')); echo $view->render(); }
public function actionDetails($id) { $contact = static::getModelAndCatchNotFoundAndDisplayError('Contact', intval($id)); ControllerSecurityUtil::resolveAccessCanCurrentUserReadModel($contact); AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_VIEWED, array(strval($contact), 'ContactsModule'), $contact); if (KanbanUtil::isKanbanRequest() === false) { $breadCrumbView = StickySearchUtil::resolveBreadCrumbViewForDetailsControllerAction($this, 'ContactsSearchView', $contact); $detailsAndRelationsView = $this->makeDetailsAndRelationsView($contact, 'ContactsModule', 'ContactDetailsAndRelationsView', Yii::app()->request->getRequestUri(), $breadCrumbView); $view = new ContactsPageView(ZurmoDefaultViewUtil::makeStandardViewForCurrentUser($this, $detailsAndRelationsView)); } else { $view = TasksUtil::resolveTaskKanbanViewForRelation($contact, $this->getModule()->getId(), $this, 'TasksForContactKanbanView', 'ContactsPageView'); } echo $view->render(); }
public function actionDetails($id) { $contact = static::getModelAndCatchNotFoundAndDisplayError('Contact', intval($id)); ControllerSecurityUtil::resolveAccessCanCurrentUserReadModel($contact); if (!LeadsUtil::isStateALead($contact->state)) { $urlParams = array('/contacts/' . $this->getId() . '/details', 'id' => $contact->id); $this->redirect($urlParams); } else { AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_VIEWED, array(strval($contact), 'LeadsModule'), $contact); $breadCrumbView = StickySearchUtil::resolveBreadCrumbViewForDetailsControllerAction($this, 'LeadsSearchView', $contact); $detailsAndRelationsView = $this->makeDetailsAndRelationsView($contact, 'LeadsModule', 'LeadDetailsAndRelationsView', Yii::app()->request->getRequestUri(), $breadCrumbView); $view = new LeadsPageView(ZurmoDefaultViewUtil::makeStandardViewForCurrentUser($this, $detailsAndRelationsView)); echo $view->render(); } }
public static function logAuditEvent($moduleName, $eventName, $data = null, RedBeanModel $model = null, User $user = null) { assert('is_string($moduleName) && $moduleName != ""'); assert('is_string($eventName) && $eventName != ""'); if ($user === null) { $user = Yii::app()->user->userModel; if (!$user instanceof User) { throw new NoCurrentUserSecurityException(); } } if ($eventName == ZurmoModule::AUDIT_EVENT_ITEM_VIEWED) { AuditEventsRecentlyViewedUtil::resolveNewRecentlyViewedModel($data[1], $model, AuditEventsRecentlyViewedUtil::RECENTLY_VIEWED_COUNT + 1); } if ($eventName == ZurmoModule::AUDIT_EVENT_ITEM_DELETED) { $modelClassName = get_class($model); AuditEventsRecentlyViewedUtil::deleteModelFromRecentlyViewed($modelClassName::getModuleClassName(), $model); } if ($eventName != ZurmoModule::AUDIT_EVENT_ITEM_VIEWED) { if (!AuditEvent::$isTableOptimized && !AUDITING_OPTIMIZED) { $auditEvent = new AuditEvent(); $auditEvent->dateTime = DateTimeUtil::convertTimestampToDbFormatDateTime(time()); $auditEvent->moduleName = $moduleName; $auditEvent->eventName = $eventName; $auditEvent->user = $user; $auditEvent->modelClassName = $model !== null ? get_class($model) : null; $auditEvent->modelId = $model !== null ? $model->id : null; $auditEvent->serializedData = serialize($data); $saved = $auditEvent->save(); AuditEvent::$isTableOptimized = true; } else { $sql = "insert into auditevent (datetime,\n modulename,\n eventname,\n _user_id,\n modelclassname,\n modelid,\n serializeddata)\n values ('" . DateTimeUtil::convertTimestampToDbFormatDateTime(time()) . "',\n '{$moduleName}',\n '{$eventName}',\n {$user->id}, " . ($model !== null ? "'" . get_class($model) . "', " : 'null, ') . ($model !== null ? "{$model->id}, " : 'null, ') . ":data)"; ZurmoRedBean::exec($sql, array('data' => serialize($data))) !== null; $saved = true; } return $saved; } }
/** * Details view for project * @param int $id */ public function actionDetails($id) { $project = static::getModelAndCatchNotFoundAndDisplayError('Project', intval($id)); ControllerSecurityUtil::resolveAccessCanCurrentUserReadModel($project); AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_VIEWED, array(strval($project), 'ProjectsModule'), $project); $view = TasksUtil::resolveTaskKanbanViewForRelation($project, $this->getModule()->getId(), $this, 'TasksForProjectKanbanView', 'ProjectsPageView'); echo $view->render(); }
public function testLogAuditEventsForIsActive() { $user = new User(); $user->username = '******'; $user->title->value = 'Mr.'; $user->firstName = 'My'; $user->lastName = 'testlogauditforisactive'; $user->setPassword('testlogauditforisactive'); $this->assertTrue($user->save()); unset($user); $user = User::getByUsername('testlogauditforisactive'); $this->assertEquals(1, $user->isActive); unset($user); AuditEvent::deleteAll(); //Change the user's status to inactive and confirm new audit event is created $user = User::getByUsername('testlogauditforisactive'); $user->setRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB, RIGHT::DENY); $this->assertTrue($user->save()); $this->assertEquals(0, $user->isActive); $auditEvents = AuditEvent::getAll(); $this->assertCount(1, $auditEvents); $this->assertContains('Item Modified', strval($auditEvents[0])); unset($user); //Now change the user's status back to active and confirm new audit event is created $user = User::getByUsername('testlogauditforisactive'); $user->setRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB, RIGHT::ALLOW); $this->assertTrue($user->save()); $this->assertEquals(1, $user->isActive); $auditEvents = AuditEvent::getAll(); $this->assertCount(2, $auditEvents); $this->assertContains('Item Modified', strval($auditEvents[1])); unset($user); }
public function testDeleteModelFromRecentlyViewed() { Yii::app()->user->userModel = User::getByUsername('super'); ZurmoConfigurationUtil::setForCurrentUserByModuleName('ZurmoModule', 'recentlyViewed', null); $account1 = new Account(); $account1->name = 'Dooble1'; $this->assertTrue($account1->save()); $account2 = new Account(); $account2->name = 'Dooble2'; $this->assertTrue($account2->save()); $account3 = new Account(); $account3->name = 'Dooble3'; $account3->owner = User::getByUsername('jimmy'); $this->assertTrue($account3->save()); //Now create some audit entries for the Item Viewed event. AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_VIEWED, array(strval($account1), 'AccountsModule'), $account1); AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_VIEWED, array(strval($account2), 'AccountsModule'), $account2); AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_VIEWED, array(strval($account1), 'AccountsModule'), $account3); $content = AuditEventsRecentlyViewedUtil::getRecentlyViewedAjaxContentByUser(Yii::app()->user->userModel, 5); $this->assertContains('Dooble1', $content); $this->assertContains('Dooble2', $content); $this->assertContains('Dooble3', $content); AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_DELETED, strval($account1), $account1); $content = AuditEventsRecentlyViewedUtil::getRecentlyViewedAjaxContentByUser(Yii::app()->user->userModel, 5); $this->assertNotContains('Dooble1', $content); $this->assertContains('Dooble2', $content); $this->assertContains('Dooble3', $content); }
public function testChangingContactWithoutChangingRelatedAccountShouldNotAuditAccountChangeWhenDoneViaPost() { Yii::app()->user->userModel = User::getByUsername('super'); $contactStates = ContactState::getByName('Qualified'); $contact = new Contact(); $contact->owner = Yii::app()->user->userModel; $contact->title->value = 'Mr.'; $contact->firstName = 'Supero'; $contact->lastName = 'Mano'; $contact->state = $contactStates[0]; $this->assertTrue($contact->save()); $beforeCount = AuditEvent::getCount(); //Test that saving an existing contact without a related contact will not produce an audit event showing the //related account has changed. This is a test to show when the account is not populated but has a negative //id. $contactId = $contact->id; $contact->forget(); unset($contact); $contact = Contact::getById($contactId); $fakePostData = array('account' => array('id' => '')); $contact->setAttributes($fakePostData); $this->assertTrue($contact->save()); $this->assertEquals($beforeCount, AuditEvent::getCount()); }
protected function logAuditEventsListForCreatedAndModifed($newModel) { if ($newModel) { AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_CREATED, strval($this), $this); } else { AuditUtil::logAuditEventsListForChangedAttributeValues($this); } }
public function actionDetails($id) { $emailTemplate = static::getModelAndCatchNotFoundAndDisplayError('EmailTemplate', intval($id)); ControllerSecurityUtil::resolveAccessCanCurrentUserReadModel($emailTemplate); AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_VIEWED, array(strval($emailTemplate), 'EmailTemplatesModule'), $emailTemplate); $detailsView = new EmailTemplateDetailsView($this->getId(), $this->getModule()->getId(), $emailTemplate, strval($emailTemplate)); $viewUtil = static::getViewUtilByType($emailTemplate->type); $breadCrumbView = static::getBreadCrumbViewByType($emailTemplate->type); $breadCrumbLinks = static::getBreadCrumbLinksByType($emailTemplate->type); $breadCrumbLinks[] = StringUtil::getChoppedStringContent(strval($emailTemplate), 25); $view = new EmailTemplatesPageView($viewUtil::makeViewWithBreadcrumbsForCurrentUser($this, $detailsView, $breadCrumbLinks, $breadCrumbView)); echo $view->render(); }
/** * Given a user and a count, get a tail of recent audit events for that user limited by the count. * @param User $user */ protected static function getRecentlyViewedAuditEventsByUser(User $user, $count) { assert('is_int($count)'); return AuditEvent::getTailDistinctEventsByEventName('Item Viewed', $user, $count); }
/** * to change isActive attribute properly during save */ protected function setIsActive() { if (Right::DENY == $this->getExplicitActualRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB) || Right::DENY == $this->getExplicitActualRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_MOBILE) || Right::DENY == $this->getExplicitActualRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API)) { $isActive = false; } else { $isActive = true; } if ($this->isActive != $isActive) { $data = array(strval($this), array('isActive'), BooleanUtil::boolToString((bool) $this->isActive), BooleanUtil::boolToString((bool) $isActive)); AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_MODIFIED, $data, $this); $this->unrestrictedSet('isActive', $isActive); $this->save(); } }
public function testMakeDataProviderBySearchAttributeData() { $account = new Account(); $user = UserTestHelper::createBasicUser('Andy'); $account->name = 'aNewDawn Inc 2'; $account->owner = $user; $this->assertTrue($account->save()); $account->name = 'aNewDawn Inc 3'; $this->assertTrue($account->save()); $searchAttributeData = AuditEventsListControllerUtil::makeModalSearchAttributeDataByAuditedModel($account); $dataProvider = AuditEventsListControllerUtil::makeDataProviderBySearchAttributeData($searchAttributeData); $this->assertTrue($dataProvider instanceof RedBeanModelDataProvider); $data = $dataProvider->getData(); $this->assertEquals(1, count($data)); $firstAuditEvent = current($data); $accountInfo = unserialize($firstAuditEvent->serializedData); $this->assertEquals(strval($account), $accountInfo[0]); $this->assertEquals('name', $accountInfo[1][0]); $this->assertEquals('aNewDawn Inc 2', $accountInfo[2]); $this->assertEquals($account->name, $accountInfo[3]); //For login/logout events $searchAttributeData = AuditEventsListControllerUtil::makeModalSearchAttributeDataByAuditedModel($user); $dataProvider = AuditEventsListControllerUtil::makeDataProviderBySearchAttributeData($searchAttributeData); $this->assertTrue($dataProvider instanceof RedBeanModelDataProvider); $data = $dataProvider->getData(); $count = count($data); AuditEvent::logAuditEvent('UsersModule', UsersModule::AUDIT_EVENT_USER_PASSWORD_CHANGED, $user->username, $user); $searchAttributeData = AuditEventsListControllerUtil::makeModalSearchAttributeDataByAuditedModel($user); $dataProvider = AuditEventsListControllerUtil::makeDataProviderBySearchAttributeData($searchAttributeData); $this->assertTrue($dataProvider instanceof RedBeanModelDataProvider); $data = $dataProvider->getData(); $this->assertEquals($count + 1, count($data)); }
/** * @param Item $item * @param array $attributeNames * @param RedBeanModel $ownedModel */ public static function logAuditEventsListForChangedAttributeValues(Item $item, array $attributeNames = array(), RedBeanModel $ownedModel = null) { assert('$item->id > 0'); $attributeModel = $ownedModel === null ? $item : $ownedModel; $noAuditAttributeNames = self::getNoAuditAttributeNames($attributeModel); foreach ($attributeModel->originalAttributeValues as $attributeName => $oldValue) { if (!in_array($attributeName, $noAuditAttributeNames)) { $processAuditEvent = true; if (!$attributeModel::isRelation($attributeName)) { $newValue = $attributeModel->{$attributeName}; } elseif ($attributeModel->{$attributeName} instanceof RedBeanOneToManyRelatedModels) { $newValue = $attributeModel->{$attributeName}->getStringifiedData(); assert('$oldValue != $newValue'); } else { assert('$attributeModel->$attributeName instanceof RedBeanModel'); $relatedModel = $attributeModel->{$attributeName}; if ($relatedModel->id < 0 && $oldValue[1] < 0) { $processAuditEvent = false; } else { $newValue = array(get_class($relatedModel), $relatedModel->id, strval($relatedModel)); assert('$oldValue != $newValue'); } } if ($processAuditEvent) { $tempAttributeNames = $attributeNames; $tempAttributeNames[] = $attributeName; $data = array(strval($item), $tempAttributeNames, $oldValue, $newValue); AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_MODIFIED, $data, $item); } } } foreach ($attributeModel->attributeNames() as $attributeName) { if (!in_array($attributeName, $noAuditAttributeNames) && $attributeModel::isOwnedRelation($attributeName)) { try { $ownedModel = $attributeModel->{$attributeName}; } catch (AccessDeniedSecurityException $e) { continue; // If someone doesn't have access they // they can't have modified the attributes. } catch (NotSupportedException $e) { continue; // Certain attributes can't be modified, like // rights on the super administrators group // so we can safely ignore them. } if ($ownedModel instanceof OwnedModel || $ownedModel instanceof OwnedCustomField || $ownedModel instanceof OwnedMultipleValuesCustomField) { $ownedModels = array($ownedModel); } else { assert('$ownedModel instanceof RedBeanModels'); $ownedModels = array(); } foreach ($ownedModels as $ownedModel) { $tempAttributeNames = $attributeNames; $tempAttributeNames[] = $attributeName; self::logAuditEventsListForChangedAttributeValues($item, $tempAttributeNames, $ownedModel); } } } }
protected function logAuditEventsListForCreatedAndModifed($newModel) { if ($newModel) { // When the first user is created there can be no // current user. Log the first user as creating themselves. if (Yii::app()->user->userModel == null || !Yii::app()->user->userModel->id > 0) { Yii::app()->user->userModel = $this; } AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_CREATED, strval($this), $this); } else { AuditUtil::logAuditEventsListForChangedAttributeValues($this); } }
public function testGetTailDistinctEventsByEventName() { Yii::app()->user->userModel = User::getByUsername('super'); $account1 = new Account(); $account1->name = 'Dooble1'; $this->assertTrue($account1->save()); $account2 = new Account(); $account2->name = 'Dooble2'; $this->assertTrue($account2->save()); $account3 = new Account(); $account3->name = 'Dooble3'; $account3->owner = User::getByUsername('jimmy'); $this->assertTrue($account3->save()); $auditEvents = AuditEvent::getTailDistinctEventsByEventName('Item Viewed', Yii::app()->user->userModel, 5); $this->assertEquals(0, count($auditEvents)); //Now create some audit entries for the Item Viewed event. AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_VIEWED, array(strval($account1), 'AccountsModule'), $account1); AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_VIEWED, array(strval($account2), 'AccountsModule'), $account2); AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_VIEWED, array(strval($account1), 'AccountsModule'), $account1); //Switch users to add an audit event. Yii::app()->user->userModel = User::getByUsername('jimmy'); AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_VIEWED, array(strval($account3), 'AccountsModule'), $account3); Yii::app()->user->userModel = User::getByUsername('super'); $auditEvents = AuditEvent::getTailDistinctEventsByEventName('Item Viewed', Yii::app()->user->userModel, 5); $this->assertEquals(2, count($auditEvents)); }
public function testAuditEventsModalList() { $super = $this->logoutCurrentUserLoginNewUserAndGetByUsername('super'); AuditEvent::logAuditEvent('UsersModule', UsersModule::AUDIT_EVENT_USER_PASSWORD_CHANGED, $super->username, $super); $this->setGetArray(array('id' => $super->id)); $this->resetPostArray(); $content = $this->runControllerWithNoExceptionsAndGetContent('users/default/auditEventsModalList'); $this->assertContains('User Password Changed', $content); }
public function actionDetails($id, $renderJson = false, $includeFilesInJson = false) { $emailTemplate = static::getModelAndCatchNotFoundAndDisplayError('EmailTemplate', intval($id)); ControllerSecurityUtil::resolveAccessCanCurrentUserReadModel($emailTemplate); if ($renderJson) { header('Content-type: application/json'); echo $this->resolveEmailTemplateAsJson($emailTemplate, $includeFilesInJson); Yii::app()->end(0, false); } AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_VIEWED, array(strval($emailTemplate), 'EmailTemplatesModule'), $emailTemplate); $detailsView = new EmailTemplateEditAndDetailsView('Details', $this->getId(), $this->getModule()->getId(), $emailTemplate); if ($emailTemplate->type == EmailTemplate::TYPE_WORKFLOW) { $breadcrumbLinks = static::getDetailsAndEditForWorkflowBreadcrumbLinks(); $breadcrumbLinks[] = StringUtil::getChoppedStringContent(strval($emailTemplate), 25); $view = new EmailTemplatesPageView(WorkflowDefaultAdminViewUtil::makeViewWithBreadcrumbsForCurrentUser($this, $detailsView, $breadcrumbLinks, 'WorkflowBreadCrumbView')); } elseif ($emailTemplate->type == EmailTemplate::TYPE_CONTACT) { $breadcrumbLinks = static::getDetailsAndEditForMarketingBreadcrumbLinks(); $breadcrumbLinks[] = StringUtil::getChoppedStringContent(strval($emailTemplate), 25); $view = new EmailTemplatesPageView(MarketingDefaultViewUtil::makeViewWithBreadcrumbsForCurrentUser($this, $detailsView, $breadcrumbLinks, 'MarketingBreadCrumbView')); } else { throw new NotSupportedException(); } echo $view->render(); }
/** * Auto building of models (and therefore the database) involves... * * - Creating each model. * - Setting its members to made up values that conform to the rules specified for the member. * - Setting or adding to its relations while avoiding making new objects of the same types * as have already been made. * - Saving it so that the tables and columns are created. * - Deleting it so that it doesn't leave rows behind. * - (The database is now ready for freezing.) * * The aim of the auto build is to populate models in a 'valid enough way' to save them * such that RedBean creates the tables and columns it needs with the right column types. * This means it does not necessarily make models that are valid, for example it will set * a model's parent to itself if model and the parent are of the same type. These kinds of * inconsistencies do not matter for the purpose of auto building the database, and are * semantic information that is not available and not needed for this process. The idea is * to create as few models as possible. * * Call this an empty unfrozen database with all the models required for certain tests, or * all the models required for the production database. Then freeze the database. * * If a model references a non-leaf model in the hierarchy an example of a model subclassed * from that type must be included in the $modelClassNames. eg: 'Opportunity' references * Permitable via its permissions and an abstract 'Permitable' cannot be created, so 'User' * needs be created at the same time since it is concrete and can be used to create an * Opportunity. * ie: $modelClassNames = array('Opportunity', 'User'). */ public static function autoBuildModels(array $modelClassNames, &$messageLogger) { assert('AssertUtil::all($modelClassNames, "is_string")'); assert('$messageLogger instanceof MessageLogger'); if (!self::isAutoBuildStateValid()) { self::deleteAllSampleModelsFromStatePersisterAndDatabase($messageLogger); } self::setAutoBuildStateInStatePersister(self::AUTO_BUILD_STATE_INVALID); AuditEvent::$isTableOptimized = false; self::$modelClassNamesToSampleModels = array(); foreach ($modelClassNames as $modelClassName) { $messages[] = array('info' => "Auto building {$modelClassName}."); self::autoBuildSampleModel($modelClassName, $modelClassNames, $messageLogger); $messageLogger->addInfoMessage("Auto build of {$modelClassName} done."); } foreach (self::$modelClassNamesToSampleModels as $modelClassName => $model) { if (!$model instanceof OwnedModel && !$model instanceof OwnedCustomField && !$model instanceof OwnedMultipleValuesCustomField) { try { $model->setScenario('autoBuildDatabase'); $saved = $model->save(); if ($saved) { self::setSampleModelInStatePersister(get_class($model), $model->id); $metadata = $model->getMetadata(); foreach ($metadata as $unused => $classMetadata) { if (!empty($classMetadata['relations'])) { foreach ($classMetadata['relations'] as $relationName => $relationTypeModelClassNameAndOwns) { $relationType = $relationTypeModelClassNameAndOwns[0]; $relatedModelClassName = $relationTypeModelClassNameAndOwns[1]; $owned = isset($relationTypeModelClassNameAndOwns[2]) && $relationTypeModelClassNameAndOwns[2] == RedBeanModel::OWNED; if (get_class($model) == get_class($model->{$relationName}) && $model->id == $model->{$relationName}->id) { $messageLogger->addInfoMessage("Unset {$modelClassName}->{$relationName} to avoid recursion and thread stack overrun."); $model->{$relationName} = null; $model->save(); } } } } } else { $messageLogger->addErrorMessage("*** Saving the sample {$modelClassName} failed."); $errors = $model->getErrors(); if (count($errors) > 0) { $messageLogger->addErrorMessage('The attributes that did not validate probably need more rules, or are not deletable types.'); $messageLogger->addErrorMessage(print_r($errors, true)); } else { $messageLogger->addErrorMessage('No attributes failed to validate!'); } } $messageLogger->addInfoMessage("Auto built {$modelClassName} saved."); } catch (NotSupportedException $e) { $messageLogger->addErrorMessage("*** Saving the sample {$modelClassName} failed."); if (is_subclass_of($modelClassName, 'OwnedCustomField') || is_subclass_of($modelClassName, 'OwnedMultipleValuesCustomField') || is_subclass_of($modelClassName, 'OwnedModel')) { $messageLogger->addErrorMessage('It is OWNED and was probably not saved via its owner, making it not a root model.'); } else { $messageLogger->addErrorMessage('The save failed but there were no validation errors.'); } } } } foreach (self::$modelClassNamesToSampleModels as $modelClassName => $model) { try { if (!$model->isDeleted()) { if (!$model->delete()) { if ($model->id < 0) { $messageLogger->addInfoMessage(get_class($model) . " Not Deleted but never saved so this is ok. (Most likely it is a - Has Many Owned)"); } else { $messageLogger->addErrorMessage("*** Deleting the sample " . get_class($model) . " failed. It would not delete."); } } else { $messageLogger->addInfoMessage(get_class($model) . " Deleted (Not Owned)."); } } else { $messageLogger->addInfoMessage(get_class($model) . " Deleted Already (Owned)."); } AuditEvent::deleteAllByModel($model); unset(self::$modelClassNamesToSampleModels[$modelClassName]); } catch (NotSupportedException $e) { $messageLogger->addErrorMessage("*** Deleting the sample {$modelClassName} failed. It is marked not deletable."); } } if (count(self::$modelClassNamesToSampleModels)) { $messageLogger->addErrorMessage('*** Deleting of the sample(s) ' . join(', ', array_keys(self::$modelClassNamesToSampleModels)) . " didn't happen."); } AuditEvent::$isTableOptimized = false; self::deleteAllSampleModelsFromStatePersister(); self::setAutoBuildStateInStatePersister(self::AUTO_BUILD_STATE_VALID); }
public function actionDetails($id) { $user = User::getById(intval($id)); UserAccessUtil::resolveAccessingASystemUser($user); $title = Zurmo::t('UsersModule', 'Profile'); $breadCrumbLinks = array(strval($user) => array('default/details', 'id' => $id), $title); AuditEvent::logAuditEvent('ZurmoModule', ZurmoModule::AUDIT_EVENT_ITEM_VIEWED, array(strval($user), 'UsersModule'), $user); $params = array('controllerId' => $this->getId(), 'relationModuleId' => $this->getModule()->getId(), 'relationModel' => $user); $detailsAndRelationsView = new UserDetailsAndRelationsView($this->getId(), $this->getModule()->getId(), $params); $view = new UsersPageView($this->resolveZurmoDefaultOrAdminView($detailsAndRelationsView, $breadCrumbLinks, 'UserBreadCrumbView')); echo $view->render(); }
protected function beforeLogout() { AuditEvent::logAuditEvent('UsersModule', UsersModule::AUDIT_EVENT_USER_LOGGED_OUT); return true; }
* In accordance with Section 7(b) of the GNU Affero General Public License version 3, * these Appropriate Legal Notices must retain the display of the Zurmo * logo and Zurmo copyright notice. If the display of the logo is not reasonably * feasible for technical reasons, the Appropriate Legal Notices must display the words * "Copyright Zurmo Inc. 2014. All rights reserved". ********************************************************************************/ require_once '../../config/debug.php'; require_once '../common/bootstrap.php'; if (!($argc == 1 || $argc == 3 && $argv[1] == '-n' && is_numeric($argv[2]))) { echo "\nAuditLog - Displays the audit log.\nUsage: php AuditLog.php [-n #]\nOptions: -n # Displays the tail of the log up to # entries.\n"; exit; } $count = $argc == 3 ? intval($argv[2]) : null; try { RedBeanDatabase::setup(Yii::app()->db->connectionString, Yii::app()->db->username, Yii::app()->db->password); } catch (Exception $e) { echo "Could not open the database.\n"; exit; } try { Yii::app()->user->userModel = User::getByUsername('super'); } catch (Exception $e) { echo "Super user does not exist.\n"; exit; } $AuditEventsList = $count === null ? AuditEvent::getAll() : AuditEvent::getTailEvents($count); foreach ($AuditEventsList as $auditEvent) { $moduleName = $auditEvent->moduleName; echo $moduleName::stringifyAuditEvent($auditEvent) . "\n"; } echo '(' . count($AuditEventsList) . " events)\n";