Update backup logic to use activity logs, not audit logs

2022-05-29 16:19:04 -04:00 · 2022-05-29 16:19:04 -04:00 · 2fc5a734f9
commit 2fc5a734f9
parent cbecfff6da
12 changed files with 222 additions and 159 deletions
--- a/app/Http/Controllers/Api/Client/Servers/BackupController.php
+++ b/app/Http/Controllers/Api/Client/Servers/BackupController.php
@ -5,8 +5,8 @@ namespace Pterodactyl\Http\Controllers\Api\Client\Servers;
 use Illuminate\Http\Request;
 use Pterodactyl\Models\Backup;
 use Pterodactyl\Models\Server;
-use Pterodactyl\Models\AuditLog;
 use Illuminate\Http\JsonResponse;
+use Pterodactyl\Facades\Activity;
 use Pterodactyl\Models\Permission;
 use Illuminate\Auth\Access\AuthorizationException;
 use Pterodactyl\Services\Backups\DeleteBackupService;
@ -77,25 +77,23 @@ class BackupController extends ClientApiController
     */
    public function store(StoreBackupRequest $request, Server $server): array
    {
-        /** @var \Pterodactyl\Models\Backup $backup */
-        $backup = $server->audit(AuditLog::SERVER__BACKUP_STARTED, function (AuditLog $model, Server $server) use ($request) {
-            $action = $this->initiateBackupService
-                ->setIgnoredFiles(explode(PHP_EOL, $request->input('ignored') ?? ''));
+        $action = $this->initiateBackupService
+            ->setIgnoredFiles(explode(PHP_EOL, $request->input('ignored') ?? ''));

-            // Only set the lock status if the user even has permission to delete backups,
-            // otherwise ignore this status. This gets a little funky since it isn't clear
-            // how best to allow a user to create a backup that is locked without also preventing
-            // them from just filling up a server with backups that can never be deleted?
-            if ($request->user()->can(Permission::ACTION_BACKUP_DELETE, $server)) {
-                $action->setIsLocked((bool) $request->input('is_locked'));
-            }
+        // Only set the lock status if the user even has permission to delete backups,
+        // otherwise ignore this status. This gets a little funky since it isn't clear
+        // how best to allow a user to create a backup that is locked without also preventing
+        // them from just filling up a server with backups that can never be deleted?
+        if ($request->user()->can(Permission::ACTION_BACKUP_DELETE, $server)) {
+            $action->setIsLocked((bool) $request->input('is_locked'));
+        }

-            $backup = $action->handle($server, $request->input('name'));
+        $backup = $action->handle($server, $request->input('name'));

-            $model->metadata = ['backup_uuid' => $backup->uuid];
-
-            return $backup;
-        });
+        Activity::event('server:backup.start')
+            ->subject($backup)
+            ->property(['name' => $backup->name, 'locked' => (bool) $request->input('is_locked')])
+            ->log();

        return $this->fractal->item($backup)
            ->transformWith($this->getTransformer(BackupTransformer::class))
@ -114,14 +112,11 @@ class BackupController extends ClientApiController
            throw new AuthorizationException();
        }

-        $action = $backup->is_locked ? AuditLog::SERVER__BACKUP_UNLOCKED : AuditLog::SERVER__BACKUP_LOCKED;
-        $server->audit($action, function (AuditLog $audit) use ($backup) {
-            $audit->metadata = ['backup_uuid' => $backup->uuid];
+        $action = $backup->is_locked ? 'server:backup.unlock' : 'server:backup.lock';

-            $backup->update(['is_locked' => !$backup->is_locked]);
-        });
+        $backup->update(['is_locked' => !$backup->is_locked]);

-        $backup->refresh();
+        Activity::event($action)->subject($backup)->property('name', $backup->name)->log();

        return $this->fractal->item($backup)
            ->transformWith($this->getTransformer(BackupTransformer::class))
@ -156,11 +151,12 @@ class BackupController extends ClientApiController
            throw new AuthorizationException();
        }

-        $server->audit(AuditLog::SERVER__BACKUP_DELETED, function (AuditLog $audit) use ($backup) {
-            $audit->metadata = ['backup_uuid' => $backup->uuid];
+        $this->deleteBackupService->handle($backup);

-            $this->deleteBackupService->handle($backup);
-        });
+        Activity::event('server:backup.delete')
+            ->subject($backup)
+            ->property(['name' => $backup->name, 'failed' => !$backup->is_successful])
+            ->log();

        return new JsonResponse([], JsonResponse::HTTP_NO_CONTENT);
    }
@ -184,9 +180,8 @@ class BackupController extends ClientApiController
        }

        $url = $this->downloadLinkService->handle($backup, $request->user());
-        $server->audit(AuditLog::SERVER__BACKUP_DOWNLOADED, function (AuditLog $audit) use ($backup) {
-            $audit->metadata = ['backup_uuid' => $backup->uuid];
-        });
+
+        Activity::event('server:backup.download')->subject($backup)->property('name', $backup->name)->log();

        return new JsonResponse([
            'object' => 'signed_url',
@ -221,9 +216,11 @@ class BackupController extends ClientApiController
            throw new BadRequestHttpException('This backup cannot be restored at this time: not completed or failed.');
        }

-        $server->audit(AuditLog::SERVER__BACKUP_RESTORE_STARTED, function (AuditLog $audit, Server $server) use ($backup, $request) {
-            $audit->metadata = ['backup_uuid' => $backup->uuid];
+        $log = Activity::event('server:backup.restore')
+            ->subject($backup)
+            ->property(['name' => $backup->name, 'truncate' => $request->input('truncate')]);

+        $log->transaction(function () use ($backup, $server, $request) {
            // If the backup is for an S3 file we need to generate a unique Download link for
            // it that will allow Wings to actually access the file.
            if ($backup->disk === Backup::ADAPTER_AWS_S3) {