PeerTube/server/helpers/audit-logger.ts
Florent 2a491182e4
Channel sync (#5135)
* Add external channel URL for channel update / creation (#754)

* Disallow synchronisation if user has no video quota (#754)

* More constraints serverside (#754)

* Disable sync if server configuration does not allow HTTP import (#754)

* Working version synchronizing videos with a job (#754)

TODO: refactoring, too much code duplication

* More logs and try/catch (#754)

* Fix eslint error (#754)

* WIP: support synchronization time change (#754)

* New frontend #754

* WIP: Create sync front (#754)

* Enhance UI, sync creation form (#754)

* Warning message when HTTP upload is disallowed

* More consistent names (#754)

* Binding Front with API (#754)

* Add a /me API (#754)

* Improve list UI (#754)

* Implement creation and deletion routes (#754)

* Lint (#754)

* Lint again (#754)

* WIP: UI for triggering import existing videos (#754)

* Implement jobs for syncing and importing channels

* Don't sync videos before sync creation + avoid concurrency issue (#754)

* Cleanup (#754)

* Cleanup: OpenAPI + API rework (#754)

* Remove dead code (#754)

* Eslint (#754)

* Revert the mess with whitespaces in constants.ts (#754)

* Some fixes after rebase (#754)

* Several fixes after PR remarks (#754)

* Front + API: Rename video-channels-sync to video-channel-syncs (#754)

* Allow enabling channel sync through UI (#754)

* getChannelInfo (#754)

* Minor fixes: openapi + model + sql (#754)

* Simplified API validators (#754)

* Rename MChannelSync to MChannelSyncChannel (#754)

* Add command for VideoChannelSync (#754)

* Use synchronization.enabled config (#754)

* Check parameters test + some fixes (#754)

* Fix conflict mistake (#754)

* Restrict access to video channel sync list API (#754)

* Start adding unit test for synchronization (#754)

* Continue testing (#754)

* Tests finished + convertion of job to scheduler (#754)

* Add lastSyncAt field (#754)

* Fix externalRemoteUrl sort + creation date not well formatted (#754)

* Small fix (#754)

* Factorize addYoutubeDLImport and buildVideo (#754)

* Check duplicates on channel not on users (#754)

* factorize thumbnail generation (#754)

* Fetch error should return status 400 (#754)

* Separate video-channel-import and video-channel-sync-latest (#754)

* Bump DB migration version after rebase (#754)

* Prettier states in UI table (#754)

* Add DefaultScope in VideoChannelSyncModel (#754)

* Fix audit logs (#754)

* Ensure user can upload when importing channel + minor fixes (#754)

* Mark synchronization as failed on exception + typos (#754)

* Change REST API for importing videos into channel (#754)

* Add option for fully synchronize a chnanel (#754)

* Return a whole sync object on creation to avoid tricks in Front (#754)

* Various remarks (#754)

* Single quotes by default (#754)

* Rename synchronization to video_channel_synchronization

* Add check.latest_videos_count and max_per_user options (#754)

* Better channel rendering in list #754

* Allow sorting with channel name and state (#754)

* Add missing tests for channel imports (#754)

* Prefer using a parent job for channel sync

* Styling

* Client styling

Co-authored-by: Chocobozzz <me@florianbigard.com>
2022-08-10 09:53:39 +02:00

288 lines
6.7 KiB
TypeScript

import { diff } from 'deep-object-diff'
import express from 'express'
import flatten from 'flat'
import { chain } from 'lodash'
import { join } from 'path'
import { addColors, config, createLogger, format, transports } from 'winston'
import { AUDIT_LOG_FILENAME } from '@server/initializers/constants'
import { AdminAbuse, CustomConfig, User, VideoChannel, VideoChannelSync, VideoComment, VideoDetails, VideoImport } from '@shared/models'
import { CONFIG } from '../initializers/config'
import { jsonLoggerFormat, labelFormatter } from './logger'
function getAuditIdFromRes (res: express.Response) {
return res.locals.oauth.token.User.username
}
enum AUDIT_TYPE {
CREATE = 'create',
UPDATE = 'update',
DELETE = 'delete'
}
const colors = config.npm.colors
colors.audit = config.npm.colors.info
addColors(colors)
const auditLogger = createLogger({
levels: { audit: 0 },
transports: [
new transports.File({
filename: join(CONFIG.STORAGE.LOG_DIR, AUDIT_LOG_FILENAME),
level: 'audit',
maxsize: 5242880,
maxFiles: 5,
format: format.combine(
format.timestamp(),
labelFormatter(),
format.splat(),
jsonLoggerFormat
)
})
],
exitOnError: true
})
function auditLoggerWrapper (domain: string, user: string, action: AUDIT_TYPE, entity: EntityAuditView, oldEntity: EntityAuditView = null) {
let entityInfos: object
if (action === AUDIT_TYPE.UPDATE && oldEntity) {
const oldEntityKeys = oldEntity.toLogKeys()
const diffObject = diff(oldEntityKeys, entity.toLogKeys())
const diffKeys = Object.entries(diffObject).reduce((newKeys, entry) => {
newKeys[`new-${entry[0]}`] = entry[1]
return newKeys
}, {})
entityInfos = { ...oldEntityKeys, ...diffKeys }
} else {
entityInfos = { ...entity.toLogKeys() }
}
auditLogger.log('audit', JSON.stringify({
user,
domain,
action,
...entityInfos
}))
}
function auditLoggerFactory (domain: string) {
return {
create (user: string, entity: EntityAuditView) {
auditLoggerWrapper(domain, user, AUDIT_TYPE.CREATE, entity)
},
update (user: string, entity: EntityAuditView, oldEntity: EntityAuditView) {
auditLoggerWrapper(domain, user, AUDIT_TYPE.UPDATE, entity, oldEntity)
},
delete (user: string, entity: EntityAuditView) {
auditLoggerWrapper(domain, user, AUDIT_TYPE.DELETE, entity)
}
}
}
abstract class EntityAuditView {
constructor (private readonly keysToKeep: string[], private readonly prefix: string, private readonly entityInfos: object) { }
toLogKeys (): object {
return chain(flatten<object, any>(this.entityInfos, { delimiter: '-', safe: true }))
.pick(this.keysToKeep)
.mapKeys((_value, key) => `${this.prefix}-${key}`)
.value()
}
}
const videoKeysToKeep = [
'tags',
'uuid',
'id',
'uuid',
'createdAt',
'updatedAt',
'publishedAt',
'category',
'licence',
'language',
'privacy',
'description',
'duration',
'isLocal',
'name',
'thumbnailPath',
'previewPath',
'nsfw',
'waitTranscoding',
'account-id',
'account-uuid',
'account-name',
'channel-id',
'channel-uuid',
'channel-name',
'support',
'commentsEnabled',
'downloadEnabled'
]
class VideoAuditView extends EntityAuditView {
constructor (video: VideoDetails) {
super(videoKeysToKeep, 'video', video)
}
}
const videoImportKeysToKeep = [
'id',
'targetUrl',
'video-name'
]
class VideoImportAuditView extends EntityAuditView {
constructor (videoImport: VideoImport) {
super(videoImportKeysToKeep, 'video-import', videoImport)
}
}
const commentKeysToKeep = [
'id',
'text',
'threadId',
'inReplyToCommentId',
'videoId',
'createdAt',
'updatedAt',
'totalReplies',
'account-id',
'account-uuid',
'account-name'
]
class CommentAuditView extends EntityAuditView {
constructor (comment: VideoComment) {
super(commentKeysToKeep, 'comment', comment)
}
}
const userKeysToKeep = [
'id',
'username',
'email',
'nsfwPolicy',
'autoPlayVideo',
'role',
'videoQuota',
'createdAt',
'account-id',
'account-uuid',
'account-name',
'account-followingCount',
'account-followersCount',
'account-createdAt',
'account-updatedAt',
'account-avatar-path',
'account-avatar-createdAt',
'account-avatar-updatedAt',
'account-displayName',
'account-description',
'videoChannels'
]
class UserAuditView extends EntityAuditView {
constructor (user: User) {
super(userKeysToKeep, 'user', user)
}
}
const channelKeysToKeep = [
'id',
'uuid',
'name',
'followingCount',
'followersCount',
'createdAt',
'updatedAt',
'avatar-path',
'avatar-createdAt',
'avatar-updatedAt',
'displayName',
'description',
'support',
'isLocal',
'ownerAccount-id',
'ownerAccount-uuid',
'ownerAccount-name',
'ownerAccount-displayedName'
]
class VideoChannelAuditView extends EntityAuditView {
constructor (channel: VideoChannel) {
super(channelKeysToKeep, 'channel', channel)
}
}
const abuseKeysToKeep = [
'id',
'reason',
'reporterAccount',
'createdAt'
]
class AbuseAuditView extends EntityAuditView {
constructor (abuse: AdminAbuse) {
super(abuseKeysToKeep, 'abuse', abuse)
}
}
const customConfigKeysToKeep = [
'instance-name',
'instance-shortDescription',
'instance-description',
'instance-terms',
'instance-defaultClientRoute',
'instance-defaultNSFWPolicy',
'instance-customizations-javascript',
'instance-customizations-css',
'services-twitter-username',
'services-twitter-whitelisted',
'cache-previews-size',
'cache-captions-size',
'signup-enabled',
'signup-limit',
'signup-requiresEmailVerification',
'admin-email',
'user-videoQuota',
'transcoding-enabled',
'transcoding-threads',
'transcoding-resolutions'
]
class CustomConfigAuditView extends EntityAuditView {
constructor (customConfig: CustomConfig) {
const infos: any = customConfig
const resolutionsDict = infos.transcoding.resolutions
const resolutionsArray = []
Object.entries(resolutionsDict)
.forEach(([ resolution, isEnabled ]) => {
if (isEnabled) resolutionsArray.push(resolution)
})
Object.assign({}, infos, { transcoding: { resolutions: resolutionsArray } })
super(customConfigKeysToKeep, 'config', infos)
}
}
const channelSyncKeysToKeep = [
'id',
'externalChannelUrl',
'channel-id',
'channel-name'
]
class VideoChannelSyncAuditView extends EntityAuditView {
constructor (channelSync: VideoChannelSync) {
super(channelSyncKeysToKeep, 'channelSync', channelSync)
}
}
export {
getAuditIdFromRes,
auditLoggerFactory,
VideoImportAuditView,
VideoChannelAuditView,
CommentAuditView,
UserAuditView,
VideoAuditView,
AbuseAuditView,
CustomConfigAuditView,
VideoChannelSyncAuditView
}