CodeMirror/appwrite
1
0
Fork 0
mirror of synced 2024-06-02 19:04:49 +12:00
Code Issues Projects Releases Wiki Activity

update audit resource

Browse source
This commit is contained in:
Damodar Lohani 2021-08-29 17:51:33 +05:45
parent bb666810d9
commit 6524d00b08
5 changed files with 37 additions and 37 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

32
app/controllers/api/account.php
View file

@ -117,7 +117,7 @@ App::post('/v1/account')
$audits
->setParam('userId', $user->getId())
->setParam('event', 'account.create')
->setParam('resource', 'users/' . $user->getId())
->setParam('resource', 'user/' . $user->getId())
;
$response->setStatusCode(Response::STATUS_CODE_CREATED);
@ -164,7 +164,7 @@ App::post('/v1/account/sessions')
$audits
//->setParam('userId', $profile->getId())
->setParam('event', 'account.sessions.failed')
->setParam('resource', 'users/'.($profile ? $profile->getId() : ''))
->setParam('resource', 'user/'.($profile ? $profile->getId() : ''))
;
throw new Exception('Invalid credentials', 401); // Wrong password or username
@ -205,7 +205,7 @@ App::post('/v1/account/sessions')
$audits
->setParam('userId', $profile->getId())
->setParam('event', 'account.sessions.create')
->setParam('resource', 'users/' . $profile->getId())
->setParam('resource', 'user/' . $profile->getId())
;
if (!Config::getParam('domainVerification')) {
@ -539,7 +539,7 @@ App::get('/v1/account/sessions/oauth2/:provider/redirect')
$audits
->setParam('userId', $user->getId())
->setParam('event', 'account.sessions.create')
->setParam('resource', 'users/' . $user->getId())
->setParam('resource', 'user/' . $user->getId())
->setParam('data', ['provider' => $provider])
;
@ -683,7 +683,7 @@ App::post('/v1/account/sessions/anonymous')
$audits
->setParam('userId', $user->getId())
->setParam('event', 'account.sessions.create')
->setParam('resource', 'users/' . $user->getId())
->setParam('resource', 'user/' . $user->getId())
;
if (!Config::getParam('domainVerification')) {
@ -983,7 +983,7 @@ App::patch('/v1/account/name')
$audits
->setParam('userId', $user->getId())
->setParam('event', 'account.update.name')
->setParam('resource', 'users/' . $user->getId())
->setParam('resource', 'user/' . $user->getId())
;
$response->dynamic($user, Response::MODEL_USER);
@ -1026,7 +1026,7 @@ App::patch('/v1/account/password')
$audits
->setParam('userId', $user->getId())
->setParam('event', 'account.update.password')
->setParam('resource', 'users/' . $user->getId())
->setParam('resource', 'user/' . $user->getId())
;
$response->dynamic($user, Response::MODEL_USER);
@ -1079,7 +1079,7 @@ App::patch('/v1/account/email')
$audits
->setParam('userId', $user->getId())
->setParam('event', 'account.update.email')
->setParam('resource', 'users/' . $user->getId())
->setParam('resource', 'user/' . $user->getId())
;
$response->dynamic($user, Response::MODEL_USER);
@ -1112,7 +1112,7 @@ App::patch('/v1/account/prefs')
$audits
->setParam('event', 'account.update.prefs')
->setParam('resource', 'users/' . $user->getId())
->setParam('resource', 'user/' . $user->getId())
;
$response->dynamic($user, Response::MODEL_USER);
@ -1157,7 +1157,7 @@ App::delete('/v1/account')
$audits
->setParam('userId', $user->getId())
->setParam('event', 'account.delete')
->setParam('resource', 'users/' . $user->getId())
->setParam('resource', 'user/' . $user->getId())
->setParam('data', $user->getArrayCopy())
;
@ -1223,7 +1223,7 @@ App::delete('/v1/account/sessions/:sessionId')
$audits
->setParam('userId', $user->getId())
->setParam('event', 'account.sessions.delete')
->setParam('resource', '/user/' . $user->getId())
->setParam('resource', 'user/' . $user->getId())
;
$session->setAttribute('current', false);
@ -1296,7 +1296,7 @@ App::delete('/v1/account/sessions')
$audits
->setParam('userId', $user->getId())
->setParam('event', 'account.sessions.delete')
->setParam('resource', '/user/' . $user->getId())
->setParam('resource', 'user/' . $user->getId())
;
if (!Config::getParam('domainVerification')) {
@ -1428,7 +1428,7 @@ App::post('/v1/account/recovery')
$audits
->setParam('userId', $profile->getId())
->setParam('event', 'account.recovery.create')
->setParam('resource', 'users/' . $profile->getId())
->setParam('resource', 'user/' . $profile->getId())
;
$response->setStatusCode(Response::STATUS_CODE_CREATED);
@ -1503,7 +1503,7 @@ App::put('/v1/account/recovery')
$audits
->setParam('userId', $profile->getId())
->setParam('event', 'account.recovery.update')
->setParam('resource', 'users/' . $profile->getId())
->setParam('resource', 'user/' . $profile->getId())
;
$response->dynamic($recovery, Response::MODEL_TOKEN);
@ -1597,7 +1597,7 @@ App::post('/v1/account/verification')
$audits
->setParam('userId', $user->getId())
->setParam('event', 'account.verification.create')
->setParam('resource', 'users/' . $user->getId())
->setParam('resource', 'user/' . $user->getId())
;
$response->setStatusCode(Response::STATUS_CODE_CREATED);
@ -1663,7 +1663,7 @@ App::put('/v1/account/verification')
$audits
->setParam('userId', $profile->getId())
->setParam('event', 'account.verification.update')
->setParam('resource', 'users/' . $user->getId())
->setParam('resource', 'user/' . $user->getId())
;
$response->dynamic($verification, Response::MODEL_TOKEN);

22
app/controllers/api/database.php
View file

@ -101,7 +101,7 @@ $attributesCallback = function ($collectionId, $attribute, $response, $dbForInte
$audits
->setParam('event', 'database.attributes.create')
->setParam('resource', 'database/collection/'.$collection->getId())
->setParam('resource', 'collection/'.$collection->getId())
->setParam('data', $attribute)
;
@ -156,7 +156,7 @@ App::post('/v1/database/collections')
$audits
->setParam('event', 'database.collections.create')
->setParam('resource', 'database/collection/'.$collection->getId())
->setParam('resource', 'collection/'.$collection->getId())
->setParam('data', $collection->getArrayCopy())
;
@ -266,7 +266,7 @@ App::get('/v1/database/collections/:collectionId/logs')
$audit = new Audit($dbForInternal);
$logs = $audit->getLogsByResource('database/collection/'.$collection->getId());
$logs = $audit->getLogsByResource('collection/'.$collection->getId());
$output = [];
@ -382,7 +382,7 @@ App::put('/v1/database/collections/:collectionId')
$audits
->setParam('event', 'database.collections.update')
->setParam('resource', 'database/collection/'.$collection->getId())
->setParam('resource', 'collection/'.$collection->getId())
->setParam('data', $collection->getArrayCopy())
;
@ -432,7 +432,7 @@ App::delete('/v1/database/collections/:collectionId')
$audits
->setParam('event', 'database.collections.delete')
->setParam('resource', 'database/collection/'.$collection->getId())
->setParam('resource', 'collection/'.$collection->getId())
->setParam('data', $collection->getArrayCopy())
;
@ -848,7 +848,7 @@ App::delete('/v1/database/collections/:collectionId/attributes/:attributeId')
$audits
->setParam('event', 'database.attributes.delete')
->setParam('resource', 'database/collection/'.$collection->getId())
->setParam('resource', 'collection/'.$collection->getId())
->setParam('data', $attribute->getArrayCopy())
;
@ -947,7 +947,7 @@ App::post('/v1/database/collections/:collectionId/indexes')
$audits
->setParam('event', 'database.indexes.create')
->setParam('resource', 'database/collection/'.$collection->getId())
->setParam('resource', 'collection/'.$collection->getId())
->setParam('data', $index->getArrayCopy())
;
@ -1086,7 +1086,7 @@ App::delete('/v1/database/collections/:collectionId/indexes/:indexId')
$audits
->setParam('event', 'database.indexes.delete')
->setParam('resource', 'database/collection/'.$collection->getId())
->setParam('resource', 'collection/'.$collection->getId())
->setParam('data', $index->getArrayCopy())
;
@ -1155,7 +1155,7 @@ App::post('/v1/database/collections/:collectionId/documents')
$audits
->setParam('event', 'database.documents.create')
->setParam('resource', 'database/document/'.$document->getId())
->setParam('resource', 'document/'.$document->getId())
->setParam('data', $document->getArrayCopy())
;
@ -1327,7 +1327,7 @@ App::patch('/v1/database/collections/:collectionId/documents/:documentId')
$audits
->setParam('event', 'database.documents.update')
->setParam('resource', 'database/document/'.$document->getId())
->setParam('resource', 'document/'.$document->getId())
->setParam('data', $document->getArrayCopy())
;
@ -1378,7 +1378,7 @@ App::delete('/v1/database/collections/:collectionId/documents/:documentId')
$audits
->setParam('event', 'database.documents.delete')
->setParam('resource', 'database/document/'.$document->getId())
->setParam('resource', 'document/'.$document->getId())
->setParam('data', $document->getArrayCopy()) // Audit document in case of malicious or disastrous action
;

6
app/controllers/api/storage.php
View file

@ -145,7 +145,7 @@ App::post('/v1/storage/files')
$audits
->setParam('event', 'storage.files.create')
->setParam('resource', 'storage/files/'.$file->getId())
->setParam('resource', 'file/'.$file->getId())
;
$usage
@ -539,7 +539,7 @@ App::put('/v1/storage/files/:fileId')
$audits
->setParam('event', 'storage.files.update')
->setParam('resource', 'storage/files/'.$file->getId())
->setParam('resource', 'file/'.$file->getId())
;
$response->dynamic($file, Response::MODEL_FILE);
@ -585,7 +585,7 @@ App::delete('/v1/storage/files/:fileId')
$audits
->setParam('event', 'storage.files.delete')
->setParam('resource', 'storage/files/'.$file->getId())
->setParam('resource', 'file/'.$file->getId())
;
$usage

8
app/controllers/api/teams.php
View file

@ -399,7 +399,7 @@ App::post('/v1/teams/:teamId/memberships')
$audits
->setParam('userId', $invitee->getId())
->setParam('event', 'teams.memberships.create')
->setParam('resource', 'teams/'.$teamId)
->setParam('resource', 'team/'.$teamId)
;
$response->setStatusCode(Response::STATUS_CODE_CREATED);
@ -561,7 +561,7 @@ App::patch('/v1/teams/:teamId/memberships/:membershipId')
$audits
->setParam('userId', $user->getId())
->setParam('event', 'teams.memberships.update')
->setParam('resource', 'teams/'.$teamId)
->setParam('resource', 'team/'.$teamId)
;
$response->dynamic($membership, Response::MODEL_MEMBERSHIP);
@ -686,7 +686,7 @@ App::patch('/v1/teams/:teamId/memberships/:membershipId/status')
$audits
->setParam('userId', $user->getId())
->setParam('event', 'teams.memberships.update.status')
->setParam('resource', 'teams/'.$teamId)
->setParam('resource', 'team/'.$teamId)
;
if (!Config::getParam('domainVerification')) {
@ -779,7 +779,7 @@ App::delete('/v1/teams/:teamId/memberships/:membershipId')
$audits
->setParam('userId', $membership->getAttribute('userId'))
->setParam('event', 'teams.memberships.delete')
->setParam('resource', 'teams/'.$teamId)
->setParam('resource', 'team/'.$teamId)
;
$events

6
app/controllers/api/users.php
View file

@ -410,7 +410,7 @@ App::patch('/v1/users/:userId/name')
$audits
->setParam('userId', $user->getId())
->setParam('event', 'users.update.name')
->setParam('resource', 'users/'.$user->getId())
->setParam('resource', 'user/'.$user->getId())
;
$response->dynamic($user, Response::MODEL_USER);
@ -450,7 +450,7 @@ App::patch('/v1/users/:userId/password')
$audits
->setParam('userId', $user->getId())
->setParam('event', 'users.update.password')
->setParam('resource', 'users/'.$user->getId())
->setParam('resource', 'user/'.$user->getId())
;
$response->dynamic($user, Response::MODEL_USER);
@ -494,7 +494,7 @@ App::patch('/v1/users/:userId/email')
$audits
->setParam('userId', $user->getId())
->setParam('event', 'account.update.email')
->setParam('resource', 'users/'.$user->getId())
->setParam('resource', 'user/'.$user->getId())
;
$response->dynamic($user, Response::MODEL_USER);