Compare commits

...

3 commits

Author SHA1 Message Date
Benjamin Renard
db491f51e7
LSaddon::accesslog: add show/hide LdapSaisie modifications button 2023-03-28 12:30:34 +02:00
Benjamin Renard
2b52e863e6
LScli: Fix typo 2023-03-28 12:29:44 +02:00
Benjamin Renard
3bbf770e33
LSaddon::accesslog: fix hashing SSHA512 password (in hashPasswordForLogs()) 2023-03-28 12:28:45 +02:00
5 changed files with 53 additions and 13 deletions

View file

@ -137,12 +137,21 @@ function sortLogEntriesByDate(&$a, &$b) {
return ($astart === $bstart) ? 0 : ($astart < $bstart) ? -1 : 1; return ($astart === $bstart) ? 0 : ($astart < $bstart) ? -1 : 1;
} }
function getEntryAccessLog($dn, $start_date=null) { function getEntryAccessLog($dn, $start_date=null, $include_ldapsaisie=true) {
$filter = Net_LDAP2_Filter::create('reqDn', 'equals', $dn); $filter = Net_LDAP2_Filter::create('reqDn', 'equals', $dn);
if ($start_date) { if ($start_date) {
$date_filter = Net_LDAP2_Filter::create('reqStart', 'greaterOrEqual', $start_date); $date_filter = Net_LDAP2_Filter::create('reqStart', 'greaterOrEqual', $start_date);
$filter = Net_LDAP2_Filter::combine('and', array($filter, $date_filter)); $filter = Net_LDAP2_Filter::combine('and', array($filter, $date_filter));
} }
if (!$include_ldapsaisie) {
$not_ldapsaisie_filter = Net_LDAP2_Filter::combine('not', array(
Net_LDAP2_Filter::create(
'reqAuthzID', 'equals',
LSconfig::get('ldap_servers.'.LSsession::get('ldap_server_id').'.ldap_config.binddn')
)
));
$filter = Net_LDAP2_Filter::combine('and', array($filter, $not_ldapsaisie_filter));
}
$entries = LSldap::search( $entries = LSldap::search(
$filter, $filter,
LS_ACCESSLOG_BASEDN, LS_ACCESSLOG_BASEDN,
@ -179,19 +188,20 @@ function getEntryAccessLog($dn, $start_date=null) {
} }
} }
if ($new_dn) { if ($new_dn) {
$next_logs = getEntryAccessLog($new_dn, $rename_date); $next_logs = getEntryAccessLog($new_dn, $rename_date, $include_ldapsaisie);
if (is_array($next_logs)) if (is_array($next_logs))
$logs = array_merge($logs, $next_logs); $logs = array_merge($logs, $next_logs);
} }
return $start_date?$logs:array_reverse($logs); return $start_date?$logs:array_reverse($logs);
} }
function getEntryAccessLogPage($dn, $page = false, $nbByPage = 30) { function getEntryAccessLogPage($dn, $page = false, $refresh=false, $include_ldapsaisie=true, $nbByPage = null) {
$nbByPage = is_null($nbByPage)?30:intval($nbByPage);
if (!isset($_SESSION['entryAccessLogPages'])) { if (!isset($_SESSION['entryAccessLogPages'])) {
$_SESSION['entryAccessLogPages'] = array(); $_SESSION['entryAccessLogPages'] = array();
} }
if (!isset($_SESSION['entryAccessLogPages'][$dn]) || isset($_REQUEST['refresh'])) { if (!isset($_SESSION['entryAccessLogPages'][$dn]) || $refresh) {
$_SESSION['entryAccessLogPages'][$dn] = getEntryAccessLog($dn); $_SESSION['entryAccessLogPages'][$dn] = getEntryAccessLog($dn, null, $include_ldapsaisie);
} }
if (!is_int($page)) { if (!is_int($page)) {
$page = 1; $page = 1;
@ -208,14 +218,28 @@ function getEntryAccessLogPage($dn, $page = false, $nbByPage = 30) {
} }
function showObjectAccessLogs($obj) { function showObjectAccessLogs($obj) {
$refresh = isset($_REQUEST['refresh']);
$include_ldapsaisie = !LS_ACCESSLOG_LOG_WRITE_EVENTS;
if (isset($_REQUEST['include_ldapsaisie'])) {
$include_ldapsaisie = boolval($_REQUEST['include_ldapsaisie']);
$refresh = true;
}
elseif (isset($_SESSION['accesslog_include_ldapsaisie']))
$include_ldapsaisie = $_SESSION['accesslog_include_ldapsaisie'];
$_SESSION['accesslog_include_ldapsaisie'] = $include_ldapsaisie;
$pageNb = isset($_REQUEST['page']) ? intval($_REQUEST['page']) : 1; $pageNb = isset($_REQUEST['page']) ? intval($_REQUEST['page']) : 1;
$dn = $obj->getDn(); $dn = $obj->getDn();
$page = getEntryAccessLogPage($dn, $pageNb); $page = getEntryAccessLogPage($dn, $pageNb, $refresh, $include_ldapsaisie);
if (!is_array($page)) { if (!is_array($page)) {
return; return;
} }
LStemplate::assign('page', $page); LStemplate::assign('page', $page);
$LSview_actions = array(); $LSview_actions = array();
$LSview_actions['include_ldapsaisie'] = array (
'label' => $include_ldapsaisie?_('Hide LdapSaisie modifications'):_('Show LdapSaisie modifications'),
'url' => 'object/'.$obj->getType().'/'.urlencode($dn).'/customAction/showObjectAccessLogs?include_ldapsaisie='.intval(!$include_ldapsaisie),
'action' => $include_ldapsaisie?'hide':'view',
);
$LSview_actions['refresh'] = array ( $LSview_actions['refresh'] = array (
'label' => _('Refresh'), 'label' => _('Refresh'),
'url' => 'object/'.$obj->getType().'/'.urlencode($dn).'/customAction/showObjectAccessLogs?refresh', 'url' => 'object/'.$obj->getType().'/'.urlencode($dn).'/customAction/showObjectAccessLogs?refresh',
@ -353,7 +377,7 @@ function hashPasswordForLogs($password) {
if(defined('MHASH_SHA512') && function_exists('mhash') && function_exists('mhash_keygen_s2k')) { if(defined('MHASH_SHA512') && function_exists('mhash') && function_exists('mhash_keygen_s2k')) {
mt_srand( (double) microtime() * 1000000 ); mt_srand( (double) microtime() * 1000000 );
$salt = mhash_keygen_s2k(MHASH_SHA512, $password, substr( pack( "h*", md5( mt_rand() ) ), 0, 8 ), 4 ); $salt = mhash_keygen_s2k(MHASH_SHA512, $password, substr( pack( "h*", md5( mt_rand() ) ), 0, 8 ), 4 );
return "{SSHA512}".base64_encode(mhash($mhash_type, $password.$salt).$salt); return "{SSHA512}".base64_encode(mhash(MHASH_SHA512, $password.$salt).$salt);
} }
return '[not logged]'; return '[not logged]';
} }

View file

@ -485,7 +485,7 @@ class LScli extends LSlog_staticLoggerClass {
self :: unquote_word($ldap_server_subDn); self :: unquote_word($ldap_server_subDn);
self :: need_ldap_con(); self :: need_ldap_con();
if(!LSsession :: setSubDn($ldap_server_subDn)) if(!LSsession :: setSubDn($ldap_server_subDn))
self :: usage(_("Fail to select sub DN '%s'.", $ldap_server_subDn)); self :: usage(_("Fail to select sub DN '%s'."), $ldap_server_subDn);
break; break;
case '-L': case '-L':
case '--load-class': case '--load-class':

View file

@ -8,7 +8,7 @@ msgstr ""
"Project-Id-Version: LdapSaisie\n" "Project-Id-Version: LdapSaisie\n"
"Report-Msgid-Bugs-To: \n" "Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: \n" "POT-Creation-Date: \n"
"PO-Revision-Date: 2023-03-21 12:59+0100\n" "PO-Revision-Date: 2023-03-28 12:20+0200\n"
"Last-Translator: Benjamin Renard <brenard@easter-eggs.com>\n" "Last-Translator: Benjamin Renard <brenard@easter-eggs.com>\n"
"Language-Team: LdapSaisie <ldapsaisie-users@lists.labs.libre-entreprise." "Language-Team: LdapSaisie <ldapsaisie-users@lists.labs.libre-entreprise."
"org>\n" "org>\n"
@ -278,7 +278,7 @@ msgid "Download"
msgstr "Télécharger" msgstr "Télécharger"
#: includes/addons/LSaddons.showSupportInfo.php:78 #: includes/addons/LSaddons.showSupportInfo.php:78
#: includes/addons/LSaddons.accesslog.php:225 #: includes/addons/LSaddons.accesslog.php:249
#: includes/addons/LSaddons.showTechInfo.php:117 #: includes/addons/LSaddons.showTechInfo.php:117
msgid "Go back" msgid "Go back"
msgstr "Retour" msgstr "Retour"
@ -426,7 +426,15 @@ msgstr "Remplacer"
msgid "Increment" msgid "Increment"
msgstr "Incrémenter" msgstr "Incrémenter"
#: includes/addons/LSaddons.accesslog.php:220 #: includes/addons/LSaddons.accesslog.php:239
msgid "Hide LdapSaisie modifications"
msgstr "Cacher les modifications d'LdapSaisie"
#: includes/addons/LSaddons.accesslog.php:239
msgid "Show LdapSaisie modifications"
msgstr "Voir les modifications d'LdapSaisie"
#: includes/addons/LSaddons.accesslog.php:244
#: includes/class/class.LSsession.php:1855 includes/routes.php:157 #: includes/class/class.LSsession.php:1855 includes/routes.php:157
#: includes/routes.php:470 templates/default/select.tpl:29 #: includes/routes.php:470 templates/default/select.tpl:29
msgid "Refresh" msgid "Refresh"

View file

@ -217,7 +217,7 @@ msgid "Download"
msgstr "" msgstr ""
#: includes/addons/LSaddons.showSupportInfo.php:78 #: includes/addons/LSaddons.showSupportInfo.php:78
#: includes/addons/LSaddons.accesslog.php:225 #: includes/addons/LSaddons.accesslog.php:249
#: includes/addons/LSaddons.showTechInfo.php:117 #: includes/addons/LSaddons.showTechInfo.php:117
msgid "Go back" msgid "Go back"
msgstr "" msgstr ""
@ -350,7 +350,15 @@ msgstr ""
msgid "Increment" msgid "Increment"
msgstr "" msgstr ""
#: includes/addons/LSaddons.accesslog.php:220 #: includes/addons/LSaddons.accesslog.php:239
msgid "Hide LdapSaisie modifications"
msgstr ""
#: includes/addons/LSaddons.accesslog.php:239
msgid "Show LdapSaisie modifications"
msgstr ""
#: includes/addons/LSaddons.accesslog.php:244
#: includes/class/class.LSsession.php:1855 includes/routes.php:157 #: includes/class/class.LSsession.php:1855 includes/routes.php:157
#: includes/routes.php:470 templates/default/select.tpl:29 #: includes/routes.php:470 templates/default/select.tpl:29
msgid "Refresh" msgid "Refresh"