From 4aa163b76f6c873d66fe4da881085e7e2f55efda Mon Sep 17 00:00:00 2001
From: DaneEveritt <dane@daneeveritt.com>
Date: Mon, 27 Jun 2022 20:52:27 -0400
Subject: [PATCH] Hide IP addresses from activity logs not generated by the
user themselves
---
.../Api/Client/ActivityLogController.php | 5 +----
.../Api/Client/Servers/ActivityLogController.php | 5 +----
.../Api/Client/ActivityLogTransformer.php | 8 ++++++--
resources/scripts/api/definitions/user/models.d.ts | 2 +-
.../elements/activity/ActivityLogEntry.tsx | 13 ++++++-------
5 files changed, 15 insertions(+), 18 deletions(-)
diff --git a/app/Http/Controllers/Api/Client/ActivityLogController.php b/app/Http/Controllers/Api/Client/ActivityLogController.php
index 3fbfa11a..9e1fcc63 100644
--- a/app/Http/Controllers/Api/Client/ActivityLogController.php
+++ b/app/Http/Controllers/Api/Client/ActivityLogController.php
@@ -16,10 +16,7 @@ class ActivityLogController extends ClientApiController
{
$activity = QueryBuilder::for($request->user()->activity())
->with('actor')
- ->allowedFilters([
- AllowedFilter::exact('ip'),
- AllowedFilter::partial('event'),
- ])
+ ->allowedFilters([AllowedFilter::partial('event')])
->allowedSorts(['timestamp'])
->paginate(min($request->query('per_page', 25), 100))
->appends($request->query());
diff --git a/app/Http/Controllers/Api/Client/Servers/ActivityLogController.php b/app/Http/Controllers/Api/Client/Servers/ActivityLogController.php
index dabd9df7..adfb3ad7 100644
--- a/app/Http/Controllers/Api/Client/Servers/ActivityLogController.php
+++ b/app/Http/Controllers/Api/Client/Servers/ActivityLogController.php
@@ -25,10 +25,7 @@ class ActivityLogController extends ClientApiController
$activity = QueryBuilder::for($server->activity())
->with('actor')
->allowedSorts(['timestamp'])
- ->allowedFilters([
- AllowedFilter::exact('ip'),
- AllowedFilter::partial('event'),
- ])
+ ->allowedFilters([AllowedFilter::partial('event')])
->when(config('activity.hide_admin_activity'), function (Builder $builder) use ($server) {
// We could do this with a query and a lot of joins, but that gets pretty
// painful so for now we'll execute a simpler query.
diff --git a/app/Transformers/Api/Client/ActivityLogTransformer.php b/app/Transformers/Api/Client/ActivityLogTransformer.php
index b64a2376..8518b59d 100644
--- a/app/Transformers/Api/Client/ActivityLogTransformer.php
+++ b/app/Transformers/Api/Client/ActivityLogTransformer.php
@@ -21,7 +21,7 @@ class ActivityLogTransformer extends BaseClientTransformer
'batch' => $model->batch,
'event' => $model->event,
'is_api' => !is_null($model->api_key_id),
- 'ip' => $model->ip,
+ 'ip' => optional($model->actor)->is($this->request->user()) ? $model->ip : null,
'description' => $model->description,
'properties' => $this->properties($model),
'has_additional_metadata' => $this->hasAdditionalMetadata($model),
@@ -49,7 +49,11 @@ class ActivityLogTransformer extends BaseClientTransformer
}
$properties = $model->properties
- ->mapWithKeys(function ($value, $key) {
+ ->mapWithKeys(function ($value, $key) use ($model) {
+ if ($key === 'ip' && !optional($model->actor)->is($this->request->user())) {
+ return [$key => '[hidden]'];
+ }
+
if (!is_array($value)) {
return [$key => $value];
}
diff --git a/resources/scripts/api/definitions/user/models.d.ts b/resources/scripts/api/definitions/user/models.d.ts
index 944d1b81..f42697ee 100644
--- a/resources/scripts/api/definitions/user/models.d.ts
+++ b/resources/scripts/api/definitions/user/models.d.ts
@@ -22,7 +22,7 @@ interface SSHKey extends Model {
interface ActivityLog extends Model<'actor'> {
batch: UUID | null;
event: string;
- ip: string;
+ ip: string | null;
isApi: boolean;
description: string | null;
properties: Record<string, string | unknown>;
diff --git a/resources/scripts/components/elements/activity/ActivityLogEntry.tsx b/resources/scripts/components/elements/activity/ActivityLogEntry.tsx
index e724803a..87ac64f7 100644
--- a/resources/scripts/components/elements/activity/ActivityLogEntry.tsx
+++ b/resources/scripts/components/elements/activity/ActivityLogEntry.tsx
@@ -75,13 +75,12 @@ export default ({ activity, children }: Props) => {
<Translate ns={'activity'} values={properties} i18nKey={activity.event.replace(':', '.')} />
</p>
<div className={'mt-1 flex items-center text-sm'}>
- <Link
- to={`#${pathTo({ ip: activity.ip })}`}
- className={'transition-colors duration-75 active:text-cyan-400 hover:text-cyan-400'}
- >
- {activity.ip}
- </Link>
- <span className={'text-gray-400'}> | </span>
+ {activity.ip && (
+ <span>
+ {activity.ip}
+ <span className={'text-gray-400'}> | </span>
+ </span>
+ )}
<Tooltip placement={'right'} content={format(activity.timestamp, 'MMM do, yyyy H:mm:ss')}>
<span>{formatDistanceToNowStrict(activity.timestamp, { addSuffix: true })}</span>
</Tooltip>