diff --git a/src/audit_api.go b/src/audit_api.go index 2b1b64d..d910a19 100644 --- a/src/audit_api.go +++ b/src/audit_api.go @@ -9,7 +9,7 @@ import ( func (e mainEnv) getAuditEvents(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { userTOKEN := ps.ByName("token") - event := audit("view audit events", userTOKEN) + event := audit("view audit events", userTOKEN, "token", userTOKEN) defer func() { event.submit(e.db) }() //fmt.Println("error code") if enforceUUID(w, userTOKEN, event) == false { diff --git a/src/audit_db.go b/src/audit_db.go index bf33f83..9c01108 100644 --- a/src/audit_db.go +++ b/src/audit_db.go @@ -9,22 +9,24 @@ import ( ) type auditEvent struct { - When int32 `json:"when"` - Who string `json:"who"` - Record string `json:"record"` - App string `json:"app"` - Title string `json:"title"` - Status string `json:"status"` - Msg string `json:"msg"` - Debug string `json:"debug"` - Before string `json:"before"` - After string `json:"after"` - Meta string `json:"meta"` + When int32 `json:"when"` + Who string `json:"who"` + Mode string `json:"mode"` + Identity string `json:"identity"` + Record string `json:"record"` + App string `json:"app"` + Title string `json:"title"` + Status string `json:"status"` + Msg string `json:"msg"` + Debug string `json:"debug"` + Before string `json:"before"` + After string `json:"after"` + Meta string `json:"meta"` } -func audit(title string, record string) *auditEvent { +func audit(title string, record string, mode string, address string) *auditEvent { fmt.Printf("/%s : %s\n", title, record) - return &auditEvent{Title: title, Record: record, Status: "ok", When: int32(time.Now().Unix())} + return &auditEvent{Title: title, Mode: mode, Who: address, Record: record, Status: "ok", When: int32(time.Now().Unix())} } func auditApp(title string, record string, app string) *auditEvent { diff --git a/src/consent_api.go b/src/consent_api.go index 36c0626..8dca0c5 100644 --- a/src/consent_api.go +++ b/src/consent_api.go @@ -12,7 +12,7 @@ func (e mainEnv) consentAccept(w http.ResponseWriter, r *http.Request, ps httpro address := ps.ByName("address") brief := ps.ByName("brief") mode := ps.ByName("mode") - event := audit("consent accept by "+mode, address) + event := audit("consent accept for "+brief, address, mode, address) defer func() { event.submit(e.db) }() brief = normalizeBrief(brief) @@ -42,6 +42,7 @@ func (e mainEnv) consentAccept(w http.ResponseWriter, r *http.Request, ps httpro userBson, _ := e.db.lookupUserRecordByIndex(mode, address, e.conf) if userBson != nil { userTOKEN = userBson["token"].(string) + event.Record = userTOKEN } } @@ -75,7 +76,7 @@ func (e mainEnv) consentCancel(w http.ResponseWriter, r *http.Request, ps httpro address := ps.ByName("address") brief := ps.ByName("brief") mode := ps.ByName("mode") - event := audit("consent cancel by "+mode, address) + event := audit("consent withdraw for "+brief, address, mode, address) defer func() { event.submit(e.db) }() userTOKEN := "" @@ -99,6 +100,7 @@ func (e mainEnv) consentCancel(w http.ResponseWriter, r *http.Request, ps httpro userBson, _ := e.db.lookupUserRecordByIndex(mode, address, e.conf) if userBson != nil { userTOKEN = userBson["token"].(string) + event.Record = userTOKEN } } // make sure that user is logged in here, unless he wants to cancel emails @@ -120,7 +122,7 @@ func (e mainEnv) consentCancel(w http.ResponseWriter, r *http.Request, ps httpro func (e mainEnv) consentAllUserRecords(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { address := ps.ByName("address") mode := ps.ByName("mode") - event := audit("consent list of events by "+mode, address) + event := audit("consent list of records for "+mode, address, mode, address) defer func() { event.submit(e.db) }() userTOKEN := "" if mode == "token" { @@ -138,6 +140,7 @@ func (e mainEnv) consentAllUserRecords(w http.ResponseWriter, r *http.Request, p userBson, _ := e.db.lookupUserRecordByIndex(mode, address, e.conf) if userBson != nil { userTOKEN = userBson["token"].(string) + event.Record = userTOKEN } } // make sure that user is logged in here, unless he wants to cancel emails @@ -163,7 +166,7 @@ func (e mainEnv) consentUserRecord(w http.ResponseWriter, r *http.Request, ps ht address := ps.ByName("address") brief := ps.ByName("brief") mode := ps.ByName("mode") - event := audit("consent event by "+mode, address) + event := audit("consent record for "+brief, address, mode, address) defer func() { event.submit(e.db) }() brief = normalizeBrief(brief) @@ -187,6 +190,7 @@ func (e mainEnv) consentUserRecord(w http.ResponseWriter, r *http.Request, ps ht userBson, _ := e.db.lookupUserRecordByIndex(mode, address, e.conf) if userBson != nil { userTOKEN = userBson["token"].(string) + event.Record = userTOKEN } } @@ -209,7 +213,7 @@ func (e mainEnv) consentUserRecord(w http.ResponseWriter, r *http.Request, ps ht func (e mainEnv) consentFilterRecords(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { brief := ps.ByName("brief") - event := audit("consent filter by "+brief, "") + event := audit("consent get all for "+brief, brief, "brief", brief) defer func() { event.submit(e.db) }() if e.enforceAuth(w, r, event) == false { return diff --git a/src/sessions_api.go b/src/sessions_api.go index 0b3edc9..3761ecc 100644 --- a/src/sessions_api.go +++ b/src/sessions_api.go @@ -7,7 +7,7 @@ import ( ) func (e mainEnv) newSession(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { - uuidCode := ps.ByName("uuidcode") - event := audit("create new session", uuidCode) + token := ps.ByName("token") + event := audit("create new session", token) defer func() { event.submit(e.db) }() } diff --git a/src/userapps_api.go b/src/userapps_api.go index 4266861..0f09f57 100644 --- a/src/userapps_api.go +++ b/src/userapps_api.go @@ -86,7 +86,7 @@ func (e mainEnv) userappChange(w http.ResponseWriter, r *http.Request, ps httpro func (e mainEnv) userappList(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { userTOKEN := ps.ByName("token") - event := audit("get user app list", userTOKEN) + event := audit("get user app list", userTOKEN, "token", userTOKEN) defer func() { event.submit(e.db) }() if enforceUUID(w, userTOKEN, event) == false { diff --git a/src/users_api.go b/src/users_api.go index 5d78daa..de5d0f9 100644 --- a/src/users_api.go +++ b/src/users_api.go @@ -8,7 +8,7 @@ import ( ) func (e mainEnv) userNew(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { - event := audit("create user record", "") + event := audit("create user record", "", "", "") defer func() { event.submit(e.db) }() if e.conf.Generic.Create_user_without_token == false { @@ -62,6 +62,7 @@ func (e mainEnv) userNew(w http.ResponseWriter, r *http.Request, ps httprouter.P returnError(w, r, "internal error", 405, err, event) return } + event.Record = userTOKEN returnUUID(w, userTOKEN) return } @@ -71,7 +72,7 @@ func (e mainEnv) userGet(w http.ResponseWriter, r *http.Request, ps httprouter.P var resultJSON []byte address := ps.ByName("address") mode := ps.ByName("mode") - event := audit("get user record by "+mode, address) + event := audit("get user record by "+mode, address, mode, address) defer func() { event.submit(e.db) }() if e.enforceAuth(w, r, event) == false { return @@ -88,6 +89,7 @@ func (e mainEnv) userGet(w http.ResponseWriter, r *http.Request, ps httprouter.P resultJSON, err = e.db.getUser(address) } else { resultJSON, userTOKEN, err = e.db.getUserIndex(address, mode, e.conf) + event.Record = userTOKEN } if err != nil { returnError(w, r, "internal error", 405, nil, event) @@ -108,7 +110,7 @@ func (e mainEnv) userGet(w http.ResponseWriter, r *http.Request, ps httprouter.P func (e mainEnv) userChange(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { address := ps.ByName("address") mode := ps.ByName("mode") - event := audit("change user record by "+mode, address) + event := audit("change user record by "+mode, address, mode, address) defer func() { event.submit(e.db) }() if e.enforceAuth(w, r, event) == false { @@ -138,6 +140,7 @@ func (e mainEnv) userChange(w http.ResponseWriter, r *http.Request, ps httproute return } userTOKEN = userBson["token"].(string) + event.Record = userTOKEN } err = e.db.updateUserRecord(parsedData, userTOKEN, event, e.conf) if err != nil { @@ -151,7 +154,7 @@ func (e mainEnv) userChange(w http.ResponseWriter, r *http.Request, ps httproute func (e mainEnv) userDelete(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { address := ps.ByName("address") mode := ps.ByName("mode") - event := audit("delete user record by "+mode, address) + event := audit("delete user record by "+mode, address, mode, address) defer func() { event.submit(e.db) }() if e.enforceAuth(w, r, event) == false { @@ -176,6 +179,7 @@ func (e mainEnv) userDelete(w http.ResponseWriter, r *http.Request, ps httproute return } userTOKEN = userBson["token"].(string) + event.Record = userTOKEN } fmt.Printf("deleting user %s", userTOKEN) result, err := e.db.deleteUserRecord(userTOKEN) @@ -196,7 +200,7 @@ func (e mainEnv) userDelete(w http.ResponseWriter, r *http.Request, ps httproute func (e mainEnv) userLogin(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { address := ps.ByName("address") mode := ps.ByName("mode") - event := audit("user login by "+mode, address) + event := audit("user login by "+mode, address, mode, address) defer func() { event.submit(e.db) }() if mode != "phone" && mode != "email" { @@ -210,6 +214,7 @@ func (e mainEnv) userLogin(w http.ResponseWriter, r *http.Request, ps httprouter } if userBson != nil { userTOKEN := userBson["token"].(string) + event.Record = userTOKEN if address == "4444" || address == "test@paranoidguy.com" { // check if it is demo account. // the address is always 4444 @@ -235,7 +240,7 @@ func (e mainEnv) userLoginEnter(w http.ResponseWriter, r *http.Request, ps httpr tmp := ps.ByName("tmp") address := ps.ByName("address") mode := ps.ByName("mode") - event := audit("user login by "+mode, address) + event := audit("user login by "+mode, address, mode, address) defer func() { event.submit(e.db) }() if mode != "phone" && mode != "email" { @@ -251,6 +256,7 @@ func (e mainEnv) userLoginEnter(w http.ResponseWriter, r *http.Request, ps httpr if userBson != nil { userTOKEN := userBson["token"].(string) + event.Record = userTOKEN fmt.Printf("Found user record: %s\n", userTOKEN) tmpCode := userBson["tempcode"].(string) if tmp == tmpCode { diff --git a/src/utils.go b/src/utils.go index c5d5ced..2724d0a 100644 --- a/src/utils.go +++ b/src/utils.go @@ -186,7 +186,7 @@ func (e mainEnv) enforceAuth(w http.ResponseWriter, r *http.Request, event *audi //fmt.Printf("error in auth? error %s - %s\n", err, token[0]) if err == nil { if event != nil { - event.Who = authResult.name + event.Identity = authResult.name } if authResult.ttype == "login" { if authResult.token == event.Record { @@ -200,7 +200,7 @@ func (e mainEnv) enforceAuth(w http.ResponseWriter, r *http.Request, event *audi /* if e.db.checkToken(token[0]) == true { if event != nil { - event.Who = "admin" + event.Identity = "admin" } return true } diff --git a/src/xtokens_api.go b/src/xtokens_api.go index 5853b28..5d7342e 100644 --- a/src/xtokens_api.go +++ b/src/xtokens_api.go @@ -13,7 +13,7 @@ import ( func (e mainEnv) userNewToken(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { userTOKEN := ps.ByName("token") - event := audit("create user temp access xtoken", userTOKEN) + event := audit("create user temp access by token", userTOKEN, "token", userTOKEN) defer func() { event.submit(e.db) }() if enforceUUID(w, userTOKEN, event) == false { @@ -64,6 +64,7 @@ func (e mainEnv) userNewToken(w http.ResponseWriter, r *http.Request, ps httprou returnError(w, r, err.Error(), 405, err, event) return } + event.Record = xtokenUUID event.Msg = "Generated " + xtokenUUID w.Header().Set("Content-Type", "application/json; charset=utf-8") w.WriteHeader(200) @@ -71,10 +72,10 @@ func (e mainEnv) userNewToken(w http.ResponseWriter, r *http.Request, ps httprou } func (e mainEnv) userCheckToken(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { - event := audit("get record by user temp access token", "") + xtoken := ps.ByName("xtoken") + event := audit("get record by user temp access token", xtoken, "xtoken", xtoken) defer func() { event.submit(e.db) }() - xtoken := ps.ByName("xtoken") if enforceUUID(w, xtoken, event) == false { return }