diff --git a/src/apps.js b/src/apps.js index ba0871452..2cc3cc967 100644 --- a/src/apps.js +++ b/src/apps.js @@ -424,7 +424,7 @@ function install(appId, appStoreId, manifest, location, portBindings, accessRest taskmanager.restartAppTask(appId); - eventlog.add(eventlog.ACTION_APP_INSTALL, auditSource, { appId: appId, location: location, appStoreId: appStoreId, version: manifest.version }); + eventlog.add(eventlog.ACTION_APP_INSTALL, auditSource, { appId: appId, location: location, manifest: manifest }); callback(null); }); @@ -498,7 +498,7 @@ function configure(appId, location, portBindings, accessRestriction, cert, key, taskmanager.restartAppTask(appId); - eventlog.add(eventlog.ACTION_APP_CONFIGURE, auditSource, { appId: appId, oldLocation: app.location }); + eventlog.add(eventlog.ACTION_APP_CONFIGURE, auditSource, { appId: appId }); callback(null); }); @@ -572,7 +572,7 @@ function update(appId, force, manifest, portBindings, icon, auditSource, callbac taskmanager.restartAppTask(appId); - eventlog.add(eventlog.ACTION_APP_UPDATE, auditSource, { appId: appId, appStoreId: manifest.id, toVersion: manifest.version, fromVersion: app.manifest.version }); + eventlog.add(eventlog.ACTION_APP_UPDATE, auditSource, { appId: appId, toManifest: manifest, fromManifest: app.manifest }); callback(null); }); diff --git a/src/certificates.js b/src/certificates.js index 5f8cd8b19..aca14d792 100644 --- a/src/certificates.js +++ b/src/certificates.js @@ -161,7 +161,7 @@ function autoRenew(callback) { var keyFilePath = path.join(paths.APP_CERTS_DIR, domain + '.key'); var errorMessage = error ? error.message : ''; - eventlog.add(eventlog.ACTION_CERTIFICATE_RENEWAL, { userId: null, username: 'cron' }, { domain: domain, error: errorMessage }); + eventlog.add(eventlog.ACTION_CERTIFICATE_RENEWAL, { userId: null, username: 'cron' }, { domain: domain, errorMessage: errorMessage }); mailer.certificateRenewed(domain, errorMessage); if (error) { diff --git a/src/ldap.js b/src/ldap.js index 323ef9eea..6fe3a8b49 100644 --- a/src/ldap.js +++ b/src/ldap.js @@ -178,7 +178,7 @@ function start(callback) { // we return no such object, to avoid leakage of a users existence if (!result) return next(new ldap.NoSuchObjectError(req.dn.toString())); - eventlog.add(eventlog.ACTION_USER_LOGIN, { authType: 'ldap',appId: app.id, location: app.location }, { userId: userObject.id, username: userObject.username, appId: app.id }); + eventlog.add(eventlog.ACTION_USER_LOGIN, { authType: 'ldap', appId: app.id }, { userId: userObject.id }); res.end(); }); diff --git a/src/routes/oauth2.js b/src/routes/oauth2.js index 4656d20e7..f0022486d 100644 --- a/src/routes/oauth2.js +++ b/src/routes/oauth2.js @@ -23,9 +23,9 @@ var appdb = require('../appdb'), UserError = user.UserError, util = require('util'); -function auditSource(req) { +function auditSource(req, appId) { var ip = req.headers['x-forwarded-for'] || req.connection.remoteAddress || null; - return { authType: 'oauth', ip: ip, username: req.user ? req.user.username : null, userId: req.user ? req.user.id : null }; + return { authType: 'oauth', ip: ip, appId: appId }; } // create OAuth 2.0 server @@ -415,7 +415,7 @@ var authorization = [ var type = req.oauth2.client.type; if (type === clientdb.TYPE_ADMIN) { - eventlog.add(eventlog.ACTION_USER_LOGIN, auditSource(req), { userId: req.oauth2.user.id, username: req.oauth2.user.username, appId: 'admin' }); + eventlog.add(eventlog.ACTION_USER_LOGIN, auditSource(req, 'admin'), { userId: req.oauth2.user.id }); return next(); } if (type === clientdb.TYPE_EXTERNAL) return next(); @@ -428,7 +428,7 @@ var authorization = [ if (error) return sendError(req, res, 'Internal error'); if (!access) return sendErrorPageOrRedirect(req, res, 'No access to this app.'); - eventlog.add(eventlog.ACTION_USER_LOGIN, auditSource(req), { userId: req.oauth2.user.id, username: req.oauth2.user.username, appId: appObject.id, appLocation: appObject.location }); + eventlog.add(eventlog.ACTION_USER_LOGIN, auditSource(req, appObject.id), { userId: req.oauth2.user.id }); next(); }); diff --git a/src/simpleauth.js b/src/simpleauth.js index 6624bd624..d9016e43e 100644 --- a/src/simpleauth.js +++ b/src/simpleauth.js @@ -95,7 +95,7 @@ function login(req, res, next) { if (error && error.reason === AppsError.ACCESS_DENIED) return next(new HttpError(401, 'Forbidden')); if (error) return next(new HttpError(500, error)); - eventlog.add(eventlog.ACTION_USER_LOGIN, { authType: 'simpleauth', clientId: req.body.clientId }, { userId: result.user.id, username: result.user.username }); + eventlog.add(eventlog.ACTION_USER_LOGIN, { authType: 'simpleauth', clientId: req.body.clientId }, { userId: result.user.id }); var tmp = { accessToken: result.accessToken, diff --git a/src/user.js b/src/user.js index 5b91e7604..cc9346a62 100644 --- a/src/user.js +++ b/src/user.js @@ -328,7 +328,7 @@ function updateUser(userId, username, email, displayName, auditSource, callback) if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new UserError(UserError.NOT_FOUND, error)); if (error) return callback(new UserError(UserError.INTERNAL_ERROR, error)); - eventlog.add(eventlog.ACTION_USER_UPDATE, auditSource, { userId: userId, username: username }); + eventlog.add(eventlog.ACTION_USER_UPDATE, auditSource, { userId: userId }); callback(null); }); diff --git a/webadmin/src/js/index.js b/webadmin/src/js/index.js index 96d3bba60..31e7f3c1a 100644 --- a/webadmin/src/js/index.js +++ b/webadmin/src/js/index.js @@ -232,23 +232,24 @@ app.filter('eventLogDetails', function() { return function(eventLog) { var source = eventLog.source; var data = eventLog.data; + var errorMessage = data.errorMessage; switch (eventLog.action) { - case ACTION_ACTIVATE: return 'Cloudron activated by ' + source.username; - case ACTION_APP_CONFIGURE: return 'App at location ' + data.location + ' was re-configured'; - case ACTION_APP_INSTALL: return 'App ' + data.appStoreId + '@' + data.version + ' installed at ' + data.location + ' with id ' + data.id; + case ACTION_ACTIVATE: return 'Cloudron activated'; + case ACTION_APP_CONFIGURE: return 'App ' + data.appId + ' was configured'; + case ACTION_APP_INSTALL: return 'App ' + data.manifest.appStoreId + '@' + data.manifest.version + ' installed at ' + data.location + ' with id ' + data.appId; case ACTION_APP_RESTORE: return 'App ' + data.id + ' restored'; case ACTION_APP_UNINSTALL: return 'App ' + data.id + ' uninstalled'; - case ACTION_APP_UPDATE: return 'App ' + data.id + ' updated to version ' + data.appStoreId + '@' + data.toVersion; - case ACTION_BACKUP_START: return 'Backup started by ' + source.username; - case ACTION_BACKUP_FINISH: return 'Backup finished. ' + (('error:' + data.errorMessage) || ('id:' + data.filename)); - case ACTION_CERTIFICATE_RENEWAL: return 'Certificate renewal for ' + data.domain + (data.error ? 'succeeded' : 'failed'); + case ACTION_APP_UPDATE: return 'App ' + data.id + ' updated to version ' + data.toManifest.appStoreId + '@' + data.toManifest.version; + case ACTION_BACKUP_START: return 'Backup started'; + case ACTION_BACKUP_FINISH: return 'Backup finished. ' + (('error:' + errorMessage) || ('id:' + data.filename)); + case ACTION_CERTIFICATE_RENEWAL: return 'Certificate renewal for ' + data.domain + (errorMessage ? ' failed' : 'succeeded'); case ACTION_CLI_MODE: return 'CLI mode was ' + (data.enabled ? 'enabled' : 'disabled'); - case ACTION_UPDATE: return 'Update initiated by ' + source.username + ' to version ' + data.boxUpdateInfo.version; + case ACTION_UPDATE: return 'Updating to version ' + data.boxUpdateInfo.version; case ACTION_USER_ADD: return 'User ' + data.email + ' added'; - case ACTION_USER_LOGIN: return 'User ' + data.username + ' logged in using ' + source.authType + ' at ' + data.appId; - case ACTION_USER_REMOVE: return 'User ' + (data.username || data.id) + ' removed'; - case ACTION_USER_UPDATE: return 'User ' + (data.username || data.id) + ' updated'; + case ACTION_USER_LOGIN: return 'User ' + data.username + ' logged in'; + case ACTION_USER_REMOVE: return 'User ' + data.userId + ' removed'; + case ACTION_USER_UPDATE: return 'User ' + data.userId + ' updated'; default: return eventLog.action; } }; diff --git a/webadmin/src/views/activity.html b/webadmin/src/views/activity.html index 3839d96fe..8f91e52f8 100644 --- a/webadmin/src/views/activity.html +++ b/webadmin/src/views/activity.html @@ -23,7 +23,7 @@ {{ eventLog.creationTime | prettyDate }} - {{ eventLog.source.username }} ({{ eventLog.source.ip }}) + {{ eventLog.source.username || eventLog.source.userId || eventLog.source.authType }} ({{ eventLog.source.ip || eventLog.source.appId }}) {{ eventLog | eventLogDetails }}