From e076158789dfb2e7a3e55a104f7b3871b4818444 Mon Sep 17 00:00:00 2001
From: Neil Lalonde <neillalonde@gmail.com>
Date: Thu, 25 Jul 2013 18:04:51 -0400
Subject: [PATCH] Add ip_address, email, and context to staff_action_logs
 table. Context should usually be the url from which the staff member
 performed the action, but could be any string that describes what the staff
 member was doing when the action was performed.

---
 app/assets/javascripts/admin/models/admin_user.js         | 6 +++++-
 app/controllers/admin/users_controller.rb                 | 2 +-
 app/services/staff_action_logger.rb                       | 7 +++++--
 db/migrate/20130725213613_add_more_to_staff_action_log.rb | 7 +++++++
 lib/user_destroyer.rb                                     | 2 +-
 spec/components/user_destroyer_spec.rb                    | 2 +-
 6 files changed, 20 insertions(+), 6 deletions(-)
 create mode 100644 db/migrate/20130725213613_add_more_to_staff_action_log.rb

diff --git a/app/assets/javascripts/admin/models/admin_user.js b/app/assets/javascripts/admin/models/admin_user.js
index 08be6134bf6..8f20c1a28f9 100644
--- a/app/assets/javascripts/admin/models/admin_user.js
+++ b/app/assets/javascripts/admin/models/admin_user.js
@@ -217,9 +217,13 @@ Discourse.AdminUser = Discourse.User.extend({
     var user = this;
 
     var performDestroy = function(block) {
+      var formData = { context: window.location.pathname };
+      if (block) {
+        formData["block_email"] = true;
+      }
       Discourse.ajax("/admin/users/" + user.get('id') + '.json', {
         type: 'DELETE',
-        data: block ? {block_email: true} : {}
+        data: formData
       }).then(function(data) {
         if (data.deleted) {
           bootbox.alert(I18n.t("admin.user.deleted"), function() {
diff --git a/app/controllers/admin/users_controller.rb b/app/controllers/admin/users_controller.rb
index df9aabc31f7..486700a6f6f 100644
--- a/app/controllers/admin/users_controller.rb
+++ b/app/controllers/admin/users_controller.rb
@@ -118,7 +118,7 @@ class Admin::UsersController < Admin::AdminController
     user = User.where(id: params[:id]).first
     guardian.ensure_can_delete_user!(user)
     begin
-      if UserDestroyer.new(current_user).destroy(user, params.slice(:delete_posts, :block_email))
+      if UserDestroyer.new(current_user).destroy(user, params.slice(:delete_posts, :block_email, :context))
         render json: {deleted: true}
       else
         render json: {deleted: false, user: AdminDetailedUserSerializer.new(user, root: false).as_json}
diff --git a/app/services/staff_action_logger.rb b/app/services/staff_action_logger.rb
index c46c0bdffc9..d4a8ba49bca 100644
--- a/app/services/staff_action_logger.rb
+++ b/app/services/staff_action_logger.rb
@@ -5,17 +5,20 @@ class StaffActionLogger
     raise Discourse::InvalidParameters.new('admin is nil') unless @admin and @admin.is_a?(User)
   end
 
-  def log_user_deletion(deleted_user)
+  def log_user_deletion(deleted_user, opts={})
     raise Discourse::InvalidParameters.new('user is nil') unless deleted_user and deleted_user.is_a?(User)
     StaffActionLog.create(
       action: StaffActionLog.actions[:delete_user],
+      context: opts[:context], # should be the url from where the staff member deleted the user
       staff_user_id: @admin.id,
       target_user_id: deleted_user.id,
+      email: deleted_user.email,
+      ip_address: deleted_user.ip_address,
       details: [:id, :username, :name, :created_at, :trust_level, :last_seen_at, :last_emailed_at].map { |x| "#{x}: #{deleted_user.send(x)}" }.join(', ')
     )
   end
 
-  def log_trust_level_change(user, new_trust_level)
+  def log_trust_level_change(user, new_trust_level, opts={})
     raise Discourse::InvalidParameters.new('user is nil') unless user and user.is_a?(User)
     raise Discourse::InvalidParameters.new('new trust level is invalid') unless TrustLevel.levels.values.include? new_trust_level
     StaffActionLog.create!(
diff --git a/db/migrate/20130725213613_add_more_to_staff_action_log.rb b/db/migrate/20130725213613_add_more_to_staff_action_log.rb
new file mode 100644
index 00000000000..c2385f6afca
--- /dev/null
+++ b/db/migrate/20130725213613_add_more_to_staff_action_log.rb
@@ -0,0 +1,7 @@
+class AddMoreToStaffActionLog < ActiveRecord::Migration
+  def change
+    add_column :staff_action_logs, :context, :string
+    add_column :staff_action_logs, :ip_address, :string
+    add_column :staff_action_logs, :email, :string
+  end
+end
diff --git a/lib/user_destroyer.rb b/lib/user_destroyer.rb
index 8b15e1dd6d7..85780d224ca 100644
--- a/lib/user_destroyer.rb
+++ b/lib/user_destroyer.rb
@@ -28,7 +28,7 @@ class UserDestroyer
             b.record_match! if b
           end
           Post.with_deleted.where(user_id: user.id).update_all("nuked_user = true")
-          StaffActionLogger.new(@admin).log_user_deletion(user)
+          StaffActionLogger.new(@admin).log_user_deletion(user, opts.slice(:context))
           DiscourseHub.unregister_nickname(user.username) if SiteSetting.call_discourse_hub?
           MessageBus.publish "/file-change", ["refresh"], user_ids: [user.id]
         end
diff --git a/spec/components/user_destroyer_spec.rb b/spec/components/user_destroyer_spec.rb
index 1b90c1c8ed4..ffcacdc229d 100644
--- a/spec/components/user_destroyer_spec.rb
+++ b/spec/components/user_destroyer_spec.rb
@@ -55,7 +55,7 @@ describe UserDestroyer do
       end
 
       it 'should log the action' do
-        StaffActionLogger.any_instance.expects(:log_user_deletion).with(@user).once
+        StaffActionLogger.any_instance.expects(:log_user_deletion).with(@user, anything).once
         destroy
       end