Correct handling of audit logs

2025-04-21 23:42:10 +02:00 · 2024-02-20 15:48:58 +01:00 · 2024-02-20 15:48:58 +01:00 · 8d289307fe
commit 8d289307fe
parent fb50468ea2
6 changed files with 40 additions and 16 deletions
--- a/app/Audits/Modifiers/DisplayModeSettingModifier.php
+++ b/app/Audits/Modifiers/DisplayModeSettingModifier.php
@ -7,10 +7,9 @@ class DisplayModeSettingModifier implements ModifierInterface
    public function modify($value): string
    {
        return match ((int)$value) {
-            0 => trans('settings.display_mode_list_detailed'),
-            1 => trans('settings.display_mode_cards'),
+            0, 1 => trans('settings.display_mode_cards'),
            2 => trans('settings.display_mode_list_simple'),
-            3 => trans('settings.display_mode_cards_detailed'),
+            3 => trans('settings.display_mode_list_detailed'),
        };
    }
 }
--- a/app/Audits/Modifiers/RedactedModifier.php
+++ b/app/Audits/Modifiers/RedactedModifier.php
@ -0,0 +1,19 @@
+<?php
+
+namespace App\Audits\Modifiers;
+
+use App\Enums\ModelAttribute;
+
+class RedactedModifier implements ModifierInterface
+{
+    public function modify($value): string
+    {
+        $total = strlen($value);
+        $leftOver = ceil($total / 5);
+
+        // Make sure single character strings get redacted
+        $length = ($total > $leftOver) ? ($total - $leftOver) : 1;
+
+        return str_pad(substr($value, $length), $total, '#', STR_PAD_LEFT);
+    }
+}
--- a/app/Http/Controllers/Admin/AuditController.php
+++ b/app/Http/Controllers/Admin/AuditController.php
@ -1,6 +1,6 @@
 <?php

-namespace App\Http\Controllers\App;
+namespace App\Http\Controllers\Admin;

 use App\Http\Controllers\Controller;
 use App\Models\User;
@ -12,15 +12,15 @@ class AuditController extends Controller
 {
    public function __invoke()
    {
-        $activities = Activity::query()->with('causer')->latest()->paginate(pageName: 'activities_page');
+        $activities = Activity::query()->with('causer')->latest()->paginate(25, pageName: 'activities_page');

        $settingsHistory = Audit::where('auditable_type', SettingsAudit::class)->with('auditable')
-            ->latest()->paginate(pageName: 'settings_page');
+            ->latest()->paginate(25, pageName: 'settings_page');

        $userHistory = Audit::where('auditable_type', User::class)->with('auditable')
-            ->latest()->paginate(pageName: 'user_page');
+            ->latest()->paginate(25, pageName: 'user_page');

-        return view('app.audit-logs', [
+        return view('admin.audit-logs', [
            'activities' => $activities,
            'settings_history' => $settingsHistory,
            'user_history' => $userHistory,
--- a/app/Settings/SettingsAudit.php
+++ b/app/Settings/SettingsAudit.php
@ -6,9 +6,12 @@ use App\Audits\Modifiers\BooleanModifier;
 use App\Audits\Modifiers\DarkmodeSettingModifier;
 use App\Audits\Modifiers\DisplayModeSettingModifier;
 use App\Audits\Modifiers\LocaleSettingModifier;
+use App\Audits\Modifiers\RedactedModifier;
+use App\Audits\Modifiers\VisibilityModifier;
 use Illuminate\Database\Eloquent\Model;
 use OwenIt\Auditing\Auditable as AuditableTrait;
 use OwenIt\Auditing\Contracts\Auditable;
+use OwenIt\Auditing\Redactors\LeftRedactor;

 /**
 * Class AuditModel
@ -38,20 +41,24 @@ class SettingsAudit extends Model implements Auditable
    ];

    public array $auditModifiers = [
+        // User & guest settings
        'archive_backups_enabled' => BooleanModifier::class,
        'archive_private_backups_enabled' => BooleanModifier::class,
        'darkmode_setting' => DarkmodeSettingModifier::class,
        'link_display_mode' => DisplayModeSettingModifier::class,
        'links_new_tab' => BooleanModifier::class,
-        'links_private_default' => BooleanModifier::class,
-        'lists_private_default' => BooleanModifier::class,
+        'links_default_visibility' => VisibilityModifier::class,
+        'lists_default_visibility' => VisibilityModifier::class,
+        'tags_default_visibility' => VisibilityModifier::class,
+        'notes_default_visibility' => VisibilityModifier::class,
        'locale' => LocaleSettingModifier::class,
        'markdown_for_text' => BooleanModifier::class,
-        'notes_private_default' => BooleanModifier::class,
-        'private_default' => BooleanModifier::class,
+        'profile_is_public' => BooleanModifier::class,
        'share_service' => BooleanModifier::class,
-        'system_guest_access' => BooleanModifier::class,
-        'tags_private_default' => BooleanModifier::class,
+
+        // System settings
+        'guest_access_enabled' => BooleanModifier::class,
+        'cron_token' => RedactedModifier::class,
    ];

    /**
--- a/resources/views/admin/audit-logs.blade.php
+++ b/resources/views/admin/audit-logs.blade.php
@ -29,7 +29,6 @@
            <div class="history mb-4">
                @forelse($settings_history as $entry)
                    <x-history.settings-entry :entry="$entry"/>
-
                @empty
                    <div class="text-muted">@lang('audit.no_logs_found')</div>
                @endforelse
--- a/routes/web.php
+++ b/routes/web.php
@ -1,10 +1,10 @@
 <?php

 use App\Http\Controllers\Admin\ApiTokenController as AdminApiTokenController;
+use App\Http\Controllers\Admin\AuditController;
 use App\Http\Controllers\Admin\SystemSettingsController;
 use App\Http\Controllers\Admin\UserManagementController;
 use App\Http\Controllers\App\ApiTokenController;
-use App\Http\Controllers\App\AuditController;
 use App\Http\Controllers\App\BookmarkletController;
 use App\Http\Controllers\App\DashboardController;
 use App\Http\Controllers\App\ExportController;