dolibarr  21.0.0-alpha
interface_20_all_Logevents.class.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (C) 2005-2009 Laurent Destailleur <eldy@users.sourceforge.net>
3  * Copyright (C) 2009-2017 Regis Houssin <regis.houssin@inodbox.com>
4  * Copyright (C) 2014 Marcos GarcĂ­a <marcosgdf@gmail.com>
5  * Copyright (C) 2023 Udo Tamm <dev@dolibit.de>
6  * Copyright (C) 2023 William Mead <william.mead@manchenumerique.fr>
7  *
8  * This program is free software; you can redistribute it and/or modify
9  * it under the terms of the GNU General Public License as published by
10  * the Free Software Foundation; either version 3 of the License, or
11  * (at your option) any later version.
12  *
13  * This program is distributed in the hope that it will be useful,
14  * but WITHOUT ANY WARRANTY; without even the implied warranty of
15  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16  * GNU General Public License for more details.
17  *
18  * You should have received a copy of the GNU General Public License
19  * along with this program. If not, see <https://www.gnu.org/licenses/>.
20  */
21 
28 require_once DOL_DOCUMENT_ROOT.'/core/triggers/dolibarrtriggers.class.php';
29 
34 {
35  const EVENT_ACTION_DICT = array( // TODO reduce number of events to CREATE, UPDATE & DELETE. Use object properties to pinpoint precise action.
36  'USER_LOGIN' => 'UserLogged',
37  'USER_LOGIN_FAILED' => 'UserLoginFailed',
38  'USER_LOGOUT' => 'UserLogoff',
39  'USER_CREATE' => 'NewUserCreated',
40  'USER_MODIFY' => 'EventUserModified',
41  'USER_NEW_PASSWORD' => 'NewUserPassword',
42  'USER_ENABLEDISABLE' => 'UserEnabledDisabled',
43  'USER_DELETE' => 'UserDeleted',
44  'USERGROUP_CREATE' => 'NewGroupCreated',
45  'USERGROUP_MODIFY' => 'GroupModified',
46  'USERGROUP_DELETE' => 'GroupDeleted'
47  );
51  private $event_label;
55  private $event_desc;
59  private $event_date;
60 
61 
66  public function __construct(DoliDB $db)
67  {
68  parent::__construct($db);
69 
70  $this->family = "core";
71  $this->description = "Triggers of this module allows to add security event records inside Dolibarr.";
72  $this->version = self::VERSIONS['prod'];
73  $this->picto = 'technic';
74  $this->event_label = '';
75  $this->event_desc = '';
76  $this->event_date = 0;
77  }
78 
91  public function runTrigger($action, $object, User $user, Translate $langs, Conf $conf)
92  {
93  if (getDolGlobalString('MAIN_LOGEVENTS_DISABLE_ALL')) {
94  return 0; // Log events is disabled (hidden features)
95  }
96 
97  $key = 'MAIN_LOGEVENTS_'.$action;
98  if (empty($conf->global->$key)) {
99  return 0; // Log events not enabled for this action
100  }
101 
102  if (empty($conf->entity)) {
103  global $entity;
104  $conf->entity = $entity; // forcing of the entity if it's not defined (ex: in login form)
105  }
106 
107  // Actions
108  dol_syslog("Trigger '" . $this->name . "' for action '$action' launched by " . __FILE__ . ". id=" . $object->id);
109  $this->initEventData(InterfaceLogevents::EVENT_ACTION_DICT[$action], $object);
110 
111  // Add entry in event table
112  include_once DOL_DOCUMENT_ROOT.'/core/class/events.class.php';
113 
114  $event = new Events($this->db);
115  $event->type = $action;
116  $event->dateevent = $this->event_date;
117  $event->label = $this->event_label;
118  $event->description = $this->event_desc;
119  $event->user_agent = (empty($_SERVER["HTTP_USER_AGENT"]) ? '' : $_SERVER["HTTP_USER_AGENT"]);
120  $event->authentication_method = (empty($object->context['authentication_method']) ? '' : $object->context['authentication_method']);
121 
122  $result = $event->create($user);
123  if ($result > 0) {
124  return 1;
125  } else {
126  $error = "Failed to insert security event: ".$event->error;
127  $this->errors[] = $error;
128  $this->error = $error;
129 
130  dol_syslog(get_class($this).": ".$error, LOG_ERR);
131  return -1;
132  }
133  }
134 
142  private function initEventData($key_text, $object)
143  {
144  $this->event_date = dol_now();
145 
146  $this->event_label = $this->event_desc = $key_text;
147  if (property_exists($object, 'login')) {
148  $this->event_label .= ' : ' . $object->login;
149  }
150  if ($key_text == InterfaceLogevents::EVENT_ACTION_DICT['USER_ENABLEDISABLE']) { // TODO should be refactored using an object property for event data.
151  $object->statut ? $this->event_desc .= ' - disabled' : $this->event_desc .= ' - enabled';
152  }
153  // Add more information into event description from the context property
154  if (!empty($object->context['audit'])) {
155  $this->event_desc .= (empty($this->event_desc) ? '' : ' - ').$object->context['audit'];
156  }
157  }
158 
165  public static function isEventActionTextKey($event_text)
166  {
167  foreach (InterfaceLogevents::EVENT_ACTION_DICT as $value) {
168  if (str_contains($event_text, $value)) {
169  return true;
170  }
171  }
172  return false;
173  }
174 }
if($user->socid > 0) if(! $user->hasRight('accounting', 'chartofaccount')) $object
Definition: card.php:58
Class to stock current configuration.
Definition: conf.class.php:34
Class to manage Dolibarr database access.
Class that all triggers must inherit.
Events class.
Class of triggers for security audit events.
static isEventActionTextKey($event_text)
Check if text contains an event action key.
initEventData($key_text, $object)
Method called by runTrigger to initialize date, label & description data for event.
runTrigger($action, $object, User $user, Translate $langs, Conf $conf)
Function called when a Dolibarr security audit event is done.
__construct(DoliDB $db)
Constructor.
Class to manage translations.
Class to manage Dolibarr users.
Definition: user.class.php:50
print *****$script_file(".$version.") pid cd cd cd description as description
Only used if Module[ID]Desc translation string is not found.
dol_now($mode='auto')
Return date for now.
getDolGlobalString($key, $default='')
Return dolibarr global constant string value.
dol_syslog($message, $level=LOG_INFO, $ident=0, $suffixinfilename='', $restricttologhandler='', $logcontext=null)
Write log message into outputs.
$conf db name
Only used if Module[ID]Name translation string is not found.
Definition: repair.php:142