mirrors/catstodon
1
0
Fork 0
mirror of https://git.kescher.at/CatCatNya/catstodon.git synced 2024-11-22 12:58:06 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add audit logging to Relays (#32819)

Browse source
This commit is contained in:
Emelia Smith 2024-11-12 09:35:08 +01:00 committed by GitHub
parent 88512220bb
commit a34edc211f
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
5 changed files with 22 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
app/controllers/admin/relays_controller.rb
View file

@ -21,6 +21,7 @@ module Admin
@relay = Relay.new(resource_params) @relay = Relay.new(resource_params)
if @relay.save if @relay.save
log_action :create, @relay
@relay.enable! @relay.enable!
redirect_to admin_relays_path redirect_to admin_relays_path
else else
@ -31,18 +32,21 @@ module Admin
def destroy def destroy
authorize :relay, :update? authorize :relay, :update?
@relay.destroy @relay.destroy
log_action :destroy, @relay
redirect_to admin_relays_path redirect_to admin_relays_path
end end
def enable def enable
authorize :relay, :update? authorize :relay, :update?
@relay.enable! @relay.enable!
log_action :enable, @relay
redirect_to admin_relays_path redirect_to admin_relays_path
end end
def disable def disable
authorize :relay, :update? authorize :relay, :update?
@relay.disable! @relay.disable!
log_action :disable, @relay
redirect_to admin_relays_path redirect_to admin_relays_path
end end

2
app/helpers/admin/action_logs_helper.rb
View file

@ -33,6 +33,8 @@ module Admin::ActionLogsHelper
else else
I18n.t('admin.action_logs.deleted_account') I18n.t('admin.action_logs.deleted_account')
end end
when 'Relay'
link_to log.human_identifier, admin_relays_path
end end
end end

4
app/models/admin/action_log_filter.rb
View file

@ -31,6 +31,7 @@ class Admin::ActionLogFilter
create_domain_block: { target_type: 'DomainBlock', action: 'create' }.freeze, create_domain_block: { target_type: 'DomainBlock', action: 'create' }.freeze,
create_email_domain_block: { target_type: 'EmailDomainBlock', action: 'create' }.freeze, create_email_domain_block: { target_type: 'EmailDomainBlock', action: 'create' }.freeze,
create_ip_block: { target_type: 'IpBlock', action: 'create' }.freeze, create_ip_block: { target_type: 'IpBlock', action: 'create' }.freeze,
create_relay: { target_type: 'Relay', action: 'create' }.freeze,
create_unavailable_domain: { target_type: 'UnavailableDomain', action: 'create' }.freeze, create_unavailable_domain: { target_type: 'UnavailableDomain', action: 'create' }.freeze,
create_user_role: { target_type: 'UserRole', action: 'create' }.freeze, create_user_role: { target_type: 'UserRole', action: 'create' }.freeze,
create_canonical_email_block: { target_type: 'CanonicalEmailBlock', action: 'create' }.freeze, create_canonical_email_block: { target_type: 'CanonicalEmailBlock', action: 'create' }.freeze,
@ -40,6 +41,7 @@ class Admin::ActionLogFilter
destroy_domain_allow: { target_type: 'DomainAllow', action: 'destroy' }.freeze, destroy_domain_allow: { target_type: 'DomainAllow', action: 'destroy' }.freeze,
destroy_domain_block: { target_type: 'DomainBlock', action: 'destroy' }.freeze, destroy_domain_block: { target_type: 'DomainBlock', action: 'destroy' }.freeze,
destroy_ip_block: { target_type: 'IpBlock', action: 'destroy' }.freeze, destroy_ip_block: { target_type: 'IpBlock', action: 'destroy' }.freeze,
destroy_relay: { target_type: 'Relay', action: 'destroy' }.freeze,
destroy_email_domain_block: { target_type: 'EmailDomainBlock', action: 'destroy' }.freeze, destroy_email_domain_block: { target_type: 'EmailDomainBlock', action: 'destroy' }.freeze,
destroy_instance: { target_type: 'Instance', action: 'destroy' }.freeze, destroy_instance: { target_type: 'Instance', action: 'destroy' }.freeze,
destroy_unavailable_domain: { target_type: 'UnavailableDomain', action: 'destroy' }.freeze, destroy_unavailable_domain: { target_type: 'UnavailableDomain', action: 'destroy' }.freeze,
@ -49,8 +51,10 @@ class Admin::ActionLogFilter
disable_2fa_user: { target_type: 'User', action: 'disable_2fa' }.freeze, disable_2fa_user: { target_type: 'User', action: 'disable_2fa' }.freeze,
disable_custom_emoji: { target_type: 'CustomEmoji', action: 'disable' }.freeze, disable_custom_emoji: { target_type: 'CustomEmoji', action: 'disable' }.freeze,
disable_user: { target_type: 'User', action: 'disable' }.freeze, disable_user: { target_type: 'User', action: 'disable' }.freeze,
disable_relay: { target_type: 'Relay', action: 'disable' }.freeze,
enable_custom_emoji: { target_type: 'CustomEmoji', action: 'enable' }.freeze, enable_custom_emoji: { target_type: 'CustomEmoji', action: 'enable' }.freeze,
enable_user: { target_type: 'User', action: 'enable' }.freeze, enable_user: { target_type: 'User', action: 'enable' }.freeze,
enable_relay: { target_type: 'Relay', action: 'enable' }.freeze,
memorialize_account: { target_type: 'Account', action: 'memorialize' }.freeze, memorialize_account: { target_type: 'Account', action: 'memorialize' }.freeze,
promote_user: { target_type: 'User', action: 'promote' }.freeze, promote_user: { target_type: 'User', action: 'promote' }.freeze,
remove_avatar_user: { target_type: 'User', action: 'remove_avatar' }.freeze, remove_avatar_user: { target_type: 'User', action: 'remove_avatar' }.freeze,

4
app/models/relay.rb
View file

@ -25,6 +25,10 @@ class Relay < ApplicationRecord
alias enabled? accepted? alias enabled? accepted?
def to_log_human_identifier
inbox_url
end
def enable! def enable!
activity_id = ActivityPub::TagManager.instance.generate_uri_for(nil) activity_id = ActivityPub::TagManager.instance.generate_uri_for(nil)
payload = Oj.dump(follow_activity(activity_id)) payload = Oj.dump(follow_activity(activity_id))

8
config/locales/en.yml
View file

@ -187,6 +187,7 @@ en:
create_domain_block: Create Domain Block create_domain_block: Create Domain Block
create_email_domain_block: Create Email Domain Block create_email_domain_block: Create Email Domain Block
create_ip_block: Create IP rule create_ip_block: Create IP rule
create_relay: Create Relay
create_unavailable_domain: Create Unavailable Domain create_unavailable_domain: Create Unavailable Domain
create_user_role: Create Role create_user_role: Create Role
demote_user: Demote User demote_user: Demote User
@ -198,14 +199,17 @@ en:
destroy_email_domain_block: Delete Email Domain Block destroy_email_domain_block: Delete Email Domain Block
destroy_instance: Purge Domain destroy_instance: Purge Domain
destroy_ip_block: Delete IP rule destroy_ip_block: Delete IP rule
destroy_relay: Delete Relay
destroy_status: Delete Post destroy_status: Delete Post
destroy_unavailable_domain: Delete Unavailable Domain destroy_unavailable_domain: Delete Unavailable Domain
destroy_user_role: Destroy Role destroy_user_role: Destroy Role
disable_2fa_user: Disable 2FA disable_2fa_user: Disable 2FA
disable_custom_emoji: Disable Custom Emoji disable_custom_emoji: Disable Custom Emoji
disable_relay: Disable Relay
disable_sign_in_token_auth_user: Disable Email Token Authentication for User disable_sign_in_token_auth_user: Disable Email Token Authentication for User
disable_user: Disable User disable_user: Disable User
enable_custom_emoji: Enable Custom Emoji enable_custom_emoji: Enable Custom Emoji
enable_relay: Enable Relay
enable_sign_in_token_auth_user: Enable Email Token Authentication for User enable_sign_in_token_auth_user: Enable Email Token Authentication for User
enable_user: Enable User enable_user: Enable User
memorialize_account: Memorialize Account memorialize_account: Memorialize Account
@ -247,6 +251,7 @@ en:
create_domain_block_html: "%{name} blocked domain %{target}" create_domain_block_html: "%{name} blocked domain %{target}"
create_email_domain_block_html: "%{name} blocked email domain %{target}" create_email_domain_block_html: "%{name} blocked email domain %{target}"
create_ip_block_html: "%{name} created rule for IP %{target}" create_ip_block_html: "%{name} created rule for IP %{target}"
create_relay_html: "%{name} created a relay %{target}"
create_unavailable_domain_html: "%{name} stopped delivery to domain %{target}" create_unavailable_domain_html: "%{name} stopped delivery to domain %{target}"
create_user_role_html: "%{name} created %{target} role" create_user_role_html: "%{name} created %{target} role"
demote_user_html: "%{name} demoted user %{target}" demote_user_html: "%{name} demoted user %{target}"
@ -258,14 +263,17 @@ en:
destroy_email_domain_block_html: "%{name} unblocked email domain %{target}" destroy_email_domain_block_html: "%{name} unblocked email domain %{target}"
destroy_instance_html: "%{name} purged domain %{target}" destroy_instance_html: "%{name} purged domain %{target}"
destroy_ip_block_html: "%{name} deleted rule for IP %{target}" destroy_ip_block_html: "%{name} deleted rule for IP %{target}"
destroy_relay_html: "%{name} deleted the relay %{target}"
destroy_status_html: "%{name} removed post by %{target}" destroy_status_html: "%{name} removed post by %{target}"
destroy_unavailable_domain_html: "%{name} resumed delivery to domain %{target}" destroy_unavailable_domain_html: "%{name} resumed delivery to domain %{target}"
destroy_user_role_html: "%{name} deleted %{target} role" destroy_user_role_html: "%{name} deleted %{target} role"
disable_2fa_user_html: "%{name} disabled two factor requirement for user %{target}" disable_2fa_user_html: "%{name} disabled two factor requirement for user %{target}"
disable_custom_emoji_html: "%{name} disabled emoji %{target}" disable_custom_emoji_html: "%{name} disabled emoji %{target}"
disable_relay_html: "%{name} disabled the relay %{target}"
disable_sign_in_token_auth_user_html: "%{name} disabled email token authentication for %{target}" disable_sign_in_token_auth_user_html: "%{name} disabled email token authentication for %{target}"
disable_user_html: "%{name} disabled login for user %{target}" disable_user_html: "%{name} disabled login for user %{target}"
enable_custom_emoji_html: "%{name} enabled emoji %{target}" enable_custom_emoji_html: "%{name} enabled emoji %{target}"
enable_relay_html: "%{name} enabled the relay %{target}"
enable_sign_in_token_auth_user_html: "%{name} enabled email token authentication for %{target}" enable_sign_in_token_auth_user_html: "%{name} enabled email token authentication for %{target}"
enable_user_html: "%{name} enabled login for user %{target}" enable_user_html: "%{name} enabled login for user %{target}"
memorialize_account_html: "%{name} turned %{target}'s account into a memoriam page" memorialize_account_html: "%{name} turned %{target}'s account into a memoriam page"