d4/d61/interface__20__all___logevents_8class_8php_source.html

<?php

/* Copyright (C) 2005-2009  Laurent Destailleur <eldy@users.sourceforge.net>

 * Copyright (C) 2009-2017  Regis Houssin   <regis.houssin@inodbox.com>

 * Copyright (C) 2014   Marcos García   <marcosgdf@gmail.com>

 * Copyright (C) 2023   Udo Tamm      <dev@dolibit.de>

 * Copyright (C) 2023   William Mead    <william.mead@manchenumerique.fr>

 *

 * This program is free software; you can redistribute it and/or modify

 * it under the terms of the GNU General Public License as published by

 * the Free Software Foundation; either version 3 of the License, or

 * (at your option) any later version.

 *

 * This program is distributed in the hope that it will be useful,

 * but WITHOUT ANY WARRANTY; without even the implied warranty of

 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

 * GNU General Public License for more details.

 *

 * You should have received a copy of the GNU General Public License

 * along with this program. If not, see <https://www.gnu.org/licenses/>.

 */


require_once DOL_DOCUMENT_ROOT.'/core/triggers/dolibarrtriggers.class.php';


class InterfaceLogevents extends DolibarrTriggers

{

  const EVENT_ACTION_DICT = array( // TODO reduce number of events to CREATE, UPDATE & DELETE. Use object properties to pinpoint precise action.

    'USER_LOGIN' => 'UserLogged',

    'USER_LOGIN_FAILED' => 'UserLoginFailed',

    'USER_LOGOUT' => 'UserLogoff',

    'USER_CREATE' => 'NewUserCreated',

    'USER_MODIFY' => 'EventUserModified',

    'USER_NEW_PASSWORD' => 'NewUserPassword',

    'USER_ENABLEDISABLE' => 'UserEnabledDisabled',

    'USER_DELETE' => 'UserDeleted',

    'USERGROUP_CREATE' => 'NewGroupCreated',

    'USERGROUP_MODIFY' => 'GroupModified',

    'USERGROUP_DELETE' => 'GroupDeleted'

  );

  private $event_label;

  private $event_desc;

  private $event_date;


  public function __construct(DoliDB $db)

  {

    parent::__construct($db);


    $this->family     = "core";

    $this->description  = "Triggers of this module allows to add security event records inside Dolibarr.";

    $this->version    = self::VERSION_DOLIBARR;  // VERSION_ 'DEVELOPMENT' or 'EXPERIMENTAL' or 'DOLIBARR'

    $this->picto    = 'technic';

    $this->event_label  = '';

    $this->event_desc   = '';

    $this->event_date   = 0;

  }


  public function runTrigger($action, $object, User $user, Translate $langs, Conf $conf)

  {

    if (getDolGlobalString('MAIN_LOGEVENTS_DISABLE_ALL')) {

      return 0; // Log events is disabled (hidden features)

    }


    $key = 'MAIN_LOGEVENTS_'.$action;

    if (empty($conf->global->$key)) {

      return 0; // Log events not enabled for this action

    }


    if (empty($conf->entity)) {

      global $entity;

      $conf->entity = $entity; // forcing of the entity if it's not defined (ex: in login form)

    }


    // Actions

    dol_syslog("Trigger '" . $this->name . "' for action '$action' launched by " . __FILE__ . ". id=" . $object->id);

    $this->initEventData(InterfaceLogevents::EVENT_ACTION_DICT[$action], $object);


    // Add entry in event table

    include_once DOL_DOCUMENT_ROOT.'/core/class/events.class.php';


    $event = new Events($this->db);

    $event->type = $action;

    $event->dateevent = $this->event_date;

    $event->label = $this->event_label;

    $event->description = $this->event_desc;

    $event->user_agent = (empty($_SERVER["HTTP_USER_AGENT"]) ? '' : $_SERVER["HTTP_USER_AGENT"]);

    $event->authentication_method = (empty($object->context['authentication_method']) ? '' : $object->context['authentication_method']);


    $result = $event->create($user);

    if ($result > 0) {

      return 1;

    } else {

      $error = "Failed to insert security event: ".$event->error;

      $this->errors[] = $error;

      $this->error = $error;


      dol_syslog(get_class($this).": ".$error, LOG_ERR);

      return -1;

    }

  }


  private function initEventData($key_text, $object)

  {

    $this->event_date = dol_now();


    $this->event_label = $this->event_desc = $key_text;

    if (property_exists($object, 'login')) {

      $this->event_label .= ' : ' . $object->login;

    }

    if ($key_text == InterfaceLogevents::EVENT_ACTION_DICT['USER_ENABLEDISABLE']) { // TODO should be refactored using an object property for event data.

      $object->statut ? $this->event_desc .= ' - disabled' : $this->event_desc .= ' - enabled';

    }

    // Add more information into event description from the context property

    if (!empty($object->context['audit'])) {

      $this->event_desc .= (empty($this->event_desc) ? '' : ' - ').$object->context['audit'];

    }

  }


  public static function isEventActionTextKey($event_text)

  {

    foreach (InterfaceLogevents::EVENT_ACTION_DICT as $value) {

      if (str_contains($event_text, $value)) {

        return true;

      }

    }

    return false;

  }


}


Conf
Class to stock current configuration.
Definition conf.class.php:33

DoliDB
Class to manage Dolibarr database access.
Definition DoliDB.class.php:31

DolibarrTriggers
Class that all the triggers must extend.
Definition dolibarrtriggers.class.php:22

Events
Events class.
Definition events.class.php:31

InterfaceLogevents
Class of triggers for security audit events.
Definition interface_20_all_Logevents.class.php:34

InterfaceLogevents\isEventActionTextKey
static isEventActionTextKey($event_text)
Check if text contains an event action key.
Definition interface_20_all_Logevents.class.php:165

InterfaceLogevents\initEventData
initEventData($key_text, $object)
Method called by runTrigger to initialize date, label & description data for event.
Definition interface_20_all_Logevents.class.php:142

InterfaceLogevents\runTrigger
runTrigger($action, $object, User $user, Translate $langs, Conf $conf)
Function called when a Dolibarr security audit event is done.
Definition interface_20_all_Logevents.class.php:91

InterfaceLogevents\__construct
__construct(DoliDB $db)
Constructor.
Definition interface_20_all_Logevents.class.php:66

Translate
Class to manage translations.
Definition translate.class.php:31

User
Class to manage Dolibarr users.
Definition user.class.php:48

description
print $script_file $mode $langs defaultlang(is_numeric($duration_value) ? " delay=". $duration_value :"").(is_numeric($duration_value2) ? " after cd cd cd description as description
Only used if Module[ID]Desc translation string is not found.
Definition email_expire_services_to_customers.php:83

dol_now
dol_now($mode='auto')
Return date for now.
Definition functions.lib.php:3210

getDolGlobalString
getDolGlobalString($key, $default='')
Return dolibarr global constant string value.
Definition functions.lib.php:151

dol_syslog
dol_syslog($message, $level=LOG_INFO, $ident=0, $suffixinfilename='', $restricttologhandler='', $logcontext=null)
Write log message into outputs.
Definition functions.lib.php:1873

name
$conf db name
Only used if Module[ID]Name translation string is not found.
Definition repair.php:124