StarMC/Astral-nook
StarMC/Astral-nook
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Update backup logic to use activity logs, not audit logs

Browse source
This commit is contained in:
DaneEveritt 2022-05-29 16:19:04 -04:00
parent cbecfff6da
commit 2fc5a734f9
No known key found for this signature in database
GPG key ID: EEA66103B3D71F53
12 changed files with 222 additions and 159 deletions
Download patch file Download diff file Expand all files Collapse all files

61
app/Http/Controllers/Api/Client/Servers/BackupController.php
View file

@ -5,8 +5,8 @@ namespace Pterodactyl\Http\Controllers\Api\Client\Servers;
use Illuminate\Http\Request;
use Pterodactyl\Models\Backup;
use Pterodactyl\Models\Server;
use Pterodactyl\Models\AuditLog;
use Illuminate\Http\JsonResponse;
use Pterodactyl\Facades\Activity;
use Pterodactyl\Models\Permission;
use Illuminate\Auth\Access\AuthorizationException;
use Pterodactyl\Services\Backups\DeleteBackupService;
@ -77,25 +77,23 @@ class BackupController extends ClientApiController
*/
public function store(StoreBackupRequest $request, Server $server): array
{
/** @var \Pterodactyl\Models\Backup $backup */
$backup = $server->audit(AuditLog::SERVER__BACKUP_STARTED, function (AuditLog $model, Server $server) use ($request) {
$action = $this->initiateBackupService
->setIgnoredFiles(explode(PHP_EOL, $request->input('ignored') ?? ''));
$action = $this->initiateBackupService
->setIgnoredFiles(explode(PHP_EOL, $request->input('ignored') ?? ''));
// Only set the lock status if the user even has permission to delete backups,
// otherwise ignore this status. This gets a little funky since it isn't clear
// how best to allow a user to create a backup that is locked without also preventing
// them from just filling up a server with backups that can never be deleted?
if ($request->user()->can(Permission::ACTION_BACKUP_DELETE, $server)) {
$action->setIsLocked((bool) $request->input('is_locked'));
}
// Only set the lock status if the user even has permission to delete backups,
// otherwise ignore this status. This gets a little funky since it isn't clear
// how best to allow a user to create a backup that is locked without also preventing
// them from just filling up a server with backups that can never be deleted?
if ($request->user()->can(Permission::ACTION_BACKUP_DELETE, $server)) {
$action->setIsLocked((bool) $request->input('is_locked'));
}
$backup = $action->handle($server, $request->input('name'));
$backup = $action->handle($server, $request->input('name'));
$model->metadata = ['backup_uuid' => $backup->uuid];
return $backup;
});
Activity::event('server:backup.start')
->subject($backup)
->property(['name' => $backup->name, 'locked' => (bool) $request->input('is_locked')])
->log();
return $this->fractal->item($backup)
->transformWith($this->getTransformer(BackupTransformer::class))
@ -114,14 +112,11 @@ class BackupController extends ClientApiController
throw new AuthorizationException();
}
$action = $backup->is_locked ? AuditLog::SERVER__BACKUP_UNLOCKED : AuditLog::SERVER__BACKUP_LOCKED;
$server->audit($action, function (AuditLog $audit) use ($backup) {
$audit->metadata = ['backup_uuid' => $backup->uuid];
$action = $backup->is_locked ? 'server:backup.unlock' : 'server:backup.lock';
$backup->update(['is_locked' => !$backup->is_locked]);
});
$backup->update(['is_locked' => !$backup->is_locked]);
$backup->refresh();
Activity::event($action)->subject($backup)->property('name', $backup->name)->log();
return $this->fractal->item($backup)
->transformWith($this->getTransformer(BackupTransformer::class))
@ -156,11 +151,12 @@ class BackupController extends ClientApiController
throw new AuthorizationException();
}
$server->audit(AuditLog::SERVER__BACKUP_DELETED, function (AuditLog $audit) use ($backup) {
$audit->metadata = ['backup_uuid' => $backup->uuid];
$this->deleteBackupService->handle($backup);
$this->deleteBackupService->handle($backup);
});
Activity::event('server:backup.delete')
->subject($backup)
->property(['name' => $backup->name, 'failed' => !$backup->is_successful])
->log();
return new JsonResponse([], JsonResponse::HTTP_NO_CONTENT);
}
@ -184,9 +180,8 @@ class BackupController extends ClientApiController
}
$url = $this->downloadLinkService->handle($backup, $request->user());
$server->audit(AuditLog::SERVER__BACKUP_DOWNLOADED, function (AuditLog $audit) use ($backup) {
$audit->metadata = ['backup_uuid' => $backup->uuid];
});
Activity::event('server:backup.download')->subject($backup)->property('name', $backup->name)->log();
return new JsonResponse([
'object' => 'signed_url',
@ -221,9 +216,11 @@ class BackupController extends ClientApiController
throw new BadRequestHttpException('This backup cannot be restored at this time: not completed or failed.');
}
$server->audit(AuditLog::SERVER__BACKUP_RESTORE_STARTED, function (AuditLog $audit, Server $server) use ($backup, $request) {
$audit->metadata = ['backup_uuid' => $backup->uuid];
$log = Activity::event('server:backup.restore')
->subject($backup)
->property(['name' => $backup->name, 'truncate' => $request->input('truncate')]);
$log->transaction(function () use ($backup, $server, $request) {
// If the backup is for an S3 file we need to generate a unique Download link for
// it that will allow Wings to actually access the file.
if ($backup->disk === Backup::ADAPTER_AWS_S3) {

30
app/Http/Controllers/Api/Remote/Backups/BackupStatusController.php
View file

@ -5,9 +5,8 @@ namespace Pterodactyl\Http\Controllers\Api\Remote\Backups;
use Carbon\CarbonImmutable;
use Illuminate\Http\Request;
use Pterodactyl\Models\Backup;
use Pterodactyl\Models\Server;
use Pterodactyl\Models\AuditLog;
use Illuminate\Http\JsonResponse;
use Pterodactyl\Facades\Activity;
use League\Flysystem\AwsS3v3\AwsS3Adapter;
use Pterodactyl\Exceptions\DisplayException;
use Pterodactyl\Http\Controllers\Controller;
@ -46,15 +45,12 @@ class BackupStatusController extends Controller
throw new BadRequestHttpException('Cannot update the status of a backup that is already marked as completed.');
}
$action = $request->input('successful')
? AuditLog::SERVER__BACKUP_COMPELTED
: AuditLog::SERVER__BACKUP_FAILED;
$model->server->audit($action, function (AuditLog $audit) use ($model, $request) {
$audit->is_system = true;
$audit->metadata = ['backup_uuid' => $model->uuid];
$action = $request->boolean('successful') ? 'server:backup.complete' : 'server:backup.failed';
$log = Activity::event($action)->subject($model, $model->server)->property('name', $model->name);
$log->transaction(function () use ($model, $request) {
$successful = $request->boolean('successful');
$model->fill([
'is_successful' => $successful,
// Change the lock state to unlocked if this was a failed backup so that it can be
@ -93,17 +89,13 @@ class BackupStatusController extends Controller
{
/** @var \Pterodactyl\Models\Backup $model */
$model = Backup::query()->where('uuid', $backup)->firstOrFail();
$action = $request->get('successful')
? AuditLog::SERVER__BACKUP_RESTORE_COMPLETED
: AuditLog::SERVER__BACKUP_RESTORE_FAILED;
// Just create a new audit entry for this event and update the server state
// so that power actions, file management, and backups can resume as normal.
$model->server->audit($action, function (AuditLog $audit, Server $server) use ($backup) {
$audit->is_system = true;
$audit->metadata = ['backup_uuid' => $backup];
$server->update(['status' => null]);
});
$model->server->update(['status' => null]);
Activity::event($request->boolean('successful') ? 'server:backup.restore-complete' : 'server.backup.restore-failed')
->subject($model, $model->server)
->property('name', $model->name)
->log();
return new JsonResponse([], JsonResponse::HTTP_NO_CONTENT);
}

20
app/Http/Controllers/Api/Remote/Servers/ServerDetailsController.php
View file

@ -4,8 +4,10 @@ namespace Pterodactyl\Http\Controllers\Api\Remote\Servers;
use Illuminate\Http\Request;
use Pterodactyl\Models\Server;
use Pterodactyl\Models\Backup;
use Pterodactyl\Models\AuditLog;
use Illuminate\Http\JsonResponse;
use Pterodactyl\Facades\Activity;
use Illuminate\Database\Query\Builder;
use Illuminate\Database\Query\JoinClause;
use Pterodactyl\Http\Controllers\Controller;
@ -107,7 +109,6 @@ class ServerDetailsController extends Controller
//
// For each of those servers we'll track a new audit log entry to mark them as
// failed and then update them all to be in a valid state.
/** @var \Pterodactyl\Models\Server[] $servers */
$servers = Server::query()
->select('servers.*')
->selectRaw('JSON_UNQUOTE(JSON_EXTRACT(started.metadata, "$.backup_uuid")) as backup_uuid')
@ -130,14 +131,17 @@ class ServerDetailsController extends Controller
->where('servers.status', Server::STATUS_RESTORING_BACKUP)
->get();
$backups = Backup::query()->whereIn('uuid', $servers->pluck('backup_uuid'))->get();
/** @var \Pterodactyl\Models\Server $server */
foreach ($servers as $server) {
// Just create a new audit entry for this event and update the server state
// so that power actions, file management, and backups can resume as normal.
$server->audit(AuditLog::SERVER__BACKUP_RESTORE_FAILED, function (AuditLog $audit, Server $server) {
$audit->is_system = true;
$audit->metadata = ['backup_uuid' => $server->getAttribute('backup_uuid')];
$server->update(['status' => null]);
});
$server->update(['status' => null]);
if ($backup = $backups->where('uuid', $server->getAttribute('backup_uuid'))->first()) {
// Just create a new audit entry for this event and update the server state
// so that power actions, file management, and backups can resume as normal.
Activity::event('server:backup.restore-failed')->subject($server, $backup)->log();
}
}
// Update any server marked as installing or restoring as being in a normal state