StarMC/Astral-nook
StarMC/Astral-nook
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Add basic auditing for filesystem actions

Browse source 
Specifically skipping read actions since there isn't much to say there, and it generally wouldn't be very helpful (plus, likely to generate lots of logs).
This commit is contained in:
Dane Everitt 2021-01-17 11:46:08 -08:00
parent b15679d3bb
commit ccecaa6694
No known key found for this signature in database
GPG key ID: EEA66103B3D71F53
5 changed files with 164 additions and 64 deletions
Download patch file Download diff file Expand all files Collapse all files

25
app/Http/Controllers/Api/Client/Servers/BackupController.php
View file

@ -4,6 +4,7 @@ namespace Pterodactyl\Http\Controllers\Api\Client\Servers;
use Pterodactyl\Models\Backup;
use Pterodactyl\Models\Server;
use Pterodactyl\Models\AuditLog;
use Illuminate\Http\JsonResponse;
use Pterodactyl\Services\Backups\DeleteBackupService;
use Pterodactyl\Repositories\Eloquent\BackupRepository;
@ -61,6 +62,7 @@ class BackupController extends ClientApiController
public function index(GetBackupsRequest $request, Server $server)
{
$limit = min($request->query('per_page') ?? 20, 50);
return $this->fractal->collection($server->backups()->paginate($limit))
->transformWith($this->getTransformer(BackupTransformer::class))
->toArray();
@ -77,11 +79,18 @@ class BackupController extends ClientApiController
*/
public function store(StoreBackupRequest $request, Server $server)
{
$backup = $this->initiateBackupService
->setIgnoredFiles(
explode(PHP_EOL, $request->input('ignored') ?? '')
)
->handle($server, $request->input('name'));
/** @var \Pterodactyl\Models\Backup $backup */
$backup = $server->audit(AuditLog::ACTION_SERVER_BACKUP_STARTED, function (AuditLog $model, Server $server) use ($request) {
$backup = $this->initiateBackupService
->setIgnoredFiles(
explode(PHP_EOL, $request->input('ignored') ?? '')
)
->handle($server, $request->input('name'));
$model->metadata = ['backup_uuid' => $backup->uuid];
return $backup;
});
return $this->fractal->item($backup)
->transformWith($this->getTransformer(BackupTransformer::class))
@ -116,8 +125,10 @@ class BackupController extends ClientApiController
*/
public function delete(DeleteBackupRequest $request, Server $server, Backup $backup)
{
$this->deleteBackupService->handle($backup);
$server->audit(AuditLog::ACTION_SERVER_BACKUP_DELETED, function () use ($backup) {
$this->deleteBackupService->handle($backup);
});
return JsonResponse::create([], JsonResponse::HTTP_NO_CONTENT);
return new JsonResponse([], JsonResponse::HTTP_NO_CONTENT);
}
}