nathan/smt
1
0
Fork 0
Code Issues 4 Pull Requests Packages Projects Releases 2 Wiki Activity

more audit logs
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse Source
This commit is contained in:
Nathan Coad
2024-01-22 19:05:26 +11:00
parent 9f0dafd4fd
commit b5c9b5ce19
3 changed files with 65 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
controllers/controlPermissions.go
View File

@@ -35,6 +35,7 @@ func GetPermissionsHandler(c *gin.Context) {
func AddPermissionHandler(c *gin.Context) {
var input PermissionInput
var RequestingUserId int
if err := c.ShouldBindJSON(&input); err != nil {
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
@@ -55,6 +56,13 @@ func AddPermissionHandler(c *gin.Context) {
return
}
if val, ok := c.Get("user-id"); !ok {
c.JSON(http.StatusBadRequest, gin.H{"error": "error determining user"})
return
} else {
RequestingUserId = val.(int)
}
p := models.Permission{
PermissionId: input.PermissionId,
Description: input.Description,
@@ -82,6 +90,14 @@ func AddPermissionHandler(c *gin.Context) {
_, err := p.PermissionAdd()
// Create audit record
a := models.Audit{
UserId: RequestingUserId,
IpAddress: c.ClientIP(),
EventText: fmt.Sprintf("Created Permission '%s' with id %d on safe id %d for group id %d or user id %d", p.Description, p.PermissionId, p.SafeId, p.GroupId, p.UserId),
}
a.AuditLogAdd()
if err != nil {
errString := fmt.Sprintf("error creating permission : '%s'", err)
log.Printf("AddPermissionHandler %s\n", errString)
@@ -94,6 +110,7 @@ func AddPermissionHandler(c *gin.Context) {
func DeletePermissionHandler(c *gin.Context) {
var input PermissionInput
var RequestingUserId int
if err := c.ShouldBindJSON(&input); err != nil {
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
@@ -108,6 +125,13 @@ func DeletePermissionHandler(c *gin.Context) {
return
}
if val, ok := c.Get("user-id"); !ok {
c.JSON(http.StatusBadRequest, gin.H{"error": "error determining user"})
return
} else {
RequestingUserId = val.(int)
}
p := models.Permission{
PermissionId: input.PermissionId,
Description: input.Description,
@@ -131,6 +155,14 @@ func DeletePermissionHandler(c *gin.Context) {
} else {
err := p.PermissionDelete()
// Create audit record
a := models.Audit{
UserId: RequestingUserId,
IpAddress: c.ClientIP(),
EventText: fmt.Sprintf("Deleted Permission '%s' with id %d", p.Description, p.PermissionId),
}
a.AuditLogAdd()
if err != nil {
errString := fmt.Sprintf("error deleting permission : '%s'", err)
log.Printf("DeletePermissionHandler %s\n", errString)