casdoor/object/record.go

// Copyright 2021 The Casdoor Authors. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//      http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

package object

import (
	"fmt"
	"strings"

	"github.com/beego/beego/context"
	"github.com/casdoor/casdoor/conf"
	"github.com/casdoor/casdoor/util"
	"github.com/casvisor/casvisor-go-sdk/casvisorsdk"
)

var logPostOnly bool

func init() {
	logPostOnly = conf.GetConfigBool("logPostOnly")
}

type Record struct {
	casvisorsdk.Record
}

func NewRecord(ctx *context.Context) *casvisorsdk.Record {
	ip := strings.Replace(util.GetIPFromRequest(ctx.Request), ": ", "", -1)
	action := strings.Replace(ctx.Request.URL.Path, "/api/", "", -1)
	requestUri := util.FilterQuery(ctx.Request.RequestURI, []string{"accessToken"})
	if len(requestUri) > 1000 {
		requestUri = requestUri[0:1000]
	}

	object := ""
	if ctx.Input.RequestBody != nil && len(ctx.Input.RequestBody) != 0 {
		object = string(ctx.Input.RequestBody)
	}

	record := casvisorsdk.Record{
		Name:        util.GenerateId(),
		CreatedTime: util.GetCurrentTime(),
		ClientIp:    ip,
		User:        "",
		Method:      ctx.Request.Method,
		RequestUri:  requestUri,
		Action:      action,
		Object:      object,
		IsTriggered: false,
	}
	return &record
}

func AddRecord(record *casvisorsdk.Record) bool {
	if logPostOnly {
		if record.Method == "GET" {
			return false
		}
	}

	if record.Organization == "app" {
		return false
	}

	record.Owner = record.Organization

	errWebhook := SendWebhooks(record)
	if errWebhook == nil {
		record.IsTriggered = true
	} else {
		fmt.Println(errWebhook)
	}

	if casvisorsdk.GetClient() == nil {
		return false
	}

	affected, err := casvisorsdk.AddRecord(record)
	if err != nil {
		panic(err)
	}

	return affected
}

func SendWebhooks(record *casvisorsdk.Record) error {
	webhooks, err := getWebhooksByOrganization(record.Organization)
	if err != nil {
		return err
	}

	for _, webhook := range webhooks {
		if !webhook.IsEnabled {
			continue
		}

		matched := false
		for _, event := range webhook.Events {
			if record.Action == event {
				matched = true
				break
			}
		}

		if matched {
			var user *User
			if webhook.IsUserExtended {
				user, err = getUser(record.Organization, record.User)
				user, err = GetMaskedUser(user, false, err)
				if err != nil {
					return err
				}
			}

			err = sendWebhook(webhook, record, user)
			if err != nil {
				return err
			}
		}
	}

	return nil
}
Update license headers. 2022-02-13 23:39:27 +08:00			`// Copyright 2021 The Casdoor Authors. All Rights Reserved.`
feat: add UI to view logs Signed-off-by: killer <1533063601@qq.com> 2021-07-07 14:59:03 +08:00			`//`
			`// Licensed under the Apache License, Version 2.0 (the "License");`
			`// you may not use this file except in compliance with the License.`
			`// You may obtain a copy of the License at`
			`//`
			`// http://www.apache.org/licenses/LICENSE-2.0`
			`//`
			`// Unless required by applicable law or agreed to in writing, software`
			`// distributed under the License is distributed on an "AS IS" BASIS,`
			`// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`// See the License for the specific language governing permissions and`
			`// limitations under the License.`

			`package object`

			`import (`
Don't panic for sendWebhook() error. 2021-11-27 21:12:13 +08:00			`"fmt"`
Refactor the record code. 2021-11-07 16:51:16 +08:00			`"strings"`

Update beego to v1.12.11 2022-09-29 19:44:08 +08:00			`"github.com/beego/beego/context"`
feat: support overriding configuration with env (#590) 2022-03-20 23:21:09 +08:00			`"github.com/casdoor/casdoor/conf"`
Update import path. 2022-01-20 14:11:46 +08:00			`"github.com/casdoor/casdoor/util"`
Use Casvisor for records 2023-08-19 23:15:02 +08:00			`"github.com/casvisor/casvisor-go-sdk/casvisorsdk"`
feat: add UI to view logs Signed-off-by: killer <1533063601@qq.com> 2021-07-07 14:59:03 +08:00			`)`

Add logPostOnly. 2021-11-09 23:32:53 +08:00			`var logPostOnly bool`

			`func init() {`
feat: return most backend API errors to frontend (#1836) * feat: return most backend API errros to frontend Signed-off-by: yehong <239859435@qq.com> * refactor: reduce int type change Signed-off-by: yehong <239859435@qq.com> * feat: return err backend in token.go Signed-off-by: yehong <239859435@qq.com> --------- Signed-off-by: yehong <239859435@qq.com> 2023-05-30 15:49:39 +08:00			`logPostOnly = conf.GetConfigBool("logPostOnly")`
Add logPostOnly. 2021-11-09 23:32:53 +08:00			`}`

Refactor the record code. 2021-11-07 16:51:16 +08:00			`type Record struct {`
Use Casvisor for records 2023-08-19 23:15:02 +08:00			`casvisorsdk.Record`
feat: add UI to view logs Signed-off-by: killer <1533063601@qq.com> 2021-07-07 14:59:03 +08:00			`}`

Use Casvisor for records 2023-08-19 23:15:02 +08:00			`func NewRecord(ctx context.Context) casvisorsdk.Record {`
Refactor the record code. 2021-11-07 16:51:16 +08:00			`ip := strings.Replace(util.GetIPFromRequest(ctx.Request), ": ", "", -1)`
			`action := strings.Replace(ctx.Request.URL.Path, "/api/", "", -1)`
refactor: move from io/ioutil to io and os packages (#366) * chore: format code by running `go fmt ./...` Signed-off-by: Eng Zer Jun <engzerjun@gmail.com> * refactor: move from io/ioutil to io and os packages The io/ioutil package has been deprecated as of Go 1.16, see https://golang.org/doc/go1.16#ioutil. This commit replaces the existing io/ioutil functions with their new definitions in io and os packages. Signed-off-by: Eng Zer Jun <engzerjun@gmail.com> 2021-12-13 09:49:43 +08:00			`requestUri := util.FilterQuery(ctx.Request.RequestURI, []string{"accessToken"})`
fix: panic while insert record when request uri too long (#325) Signed-off-by: Lex Lim <hyperzlink@outlook.com> 2021-11-12 00:01:37 +08:00			`if len(requestUri) > 1000 {`
			`requestUri = requestUri[0:1000]`
			`}`
Refactor the record code. 2021-11-07 16:51:16 +08:00
Add object to webhook 2023-05-17 23:57:14 +08:00			`object := ""`
			`if ctx.Input.RequestBody != nil && len(ctx.Input.RequestBody) != 0 {`
			`object = string(ctx.Input.RequestBody)`
			`}`

Use Casvisor for records 2023-08-19 23:15:02 +08:00			`record := casvisorsdk.Record{`
Add missing fields for record. 2021-11-07 17:36:52 +08:00			`Name: util.GenerateId(),`
			`CreatedTime: util.GetCurrentTime(),`
			`ClientIp: ip,`
			`User: "",`
Add method to record. 2021-11-09 23:24:13 +08:00			`Method: ctx.Request.Method,`
fix: panic while insert record when request uri too long (#325) Signed-off-by: Lex Lim <hyperzlink@outlook.com> 2021-11-12 00:01:37 +08:00			`RequestUri: requestUri,`
Add missing fields for record. 2021-11-07 17:36:52 +08:00			`Action: action,`
Add object to webhook 2023-05-17 23:57:14 +08:00			`Object: object,`
Make webhook work. 2021-11-07 23:53:17 +08:00			`IsTriggered: false,`
Refactor the record code. 2021-11-07 16:51:16 +08:00			`}`
			`return &record`
			`}`
feat: add UI to view logs Signed-off-by: killer <1533063601@qq.com> 2021-07-07 14:59:03 +08:00
Use Casvisor for records 2023-08-19 23:15:02 +08:00			`func AddRecord(record *casvisorsdk.Record) bool {`
Add logPostOnly. 2021-11-09 23:32:53 +08:00			`if logPostOnly {`
			`if record.Method == "GET" {`
			`return false`
			`}`
			`}`

Add UploadFileSafe(). 2021-11-20 16:21:15 +08:00			`if record.Organization == "app" {`
			`return false`
			`}`

Add missing fields for record. 2021-11-07 17:36:52 +08:00			`record.Owner = record.Organization`

Make webhook work. 2021-11-07 23:53:17 +08:00			`errWebhook := SendWebhooks(record)`
			`if errWebhook == nil {`
			`record.IsTriggered = true`
Don't panic for sendWebhook() error. 2021-11-27 21:12:13 +08:00			`} else {`
			`fmt.Println(errWebhook)`
Make webhook work. 2021-11-07 23:53:17 +08:00			`}`

Use Casvisor for records 2023-08-19 23:15:02 +08:00			`if casvisorsdk.GetClient() == nil {`
			`return false`
feat: add server-side pagination (#312) Signed-off-by: “seriouszyx” <seriouszyx@foxmail.com> 2021-11-06 11:32:22 +08:00			`}`

Use Casvisor for records 2023-08-19 23:15:02 +08:00			`affected, err := casvisorsdk.AddRecord(record)`
feat: add UI to view logs Signed-off-by: killer <1533063601@qq.com> 2021-07-07 14:59:03 +08:00			`if err != nil {`
Use Casvisor for records 2023-08-19 23:15:02 +08:00			`panic(err)`
feat: add UI to view logs Signed-off-by: killer <1533063601@qq.com> 2021-07-07 14:59:03 +08:00			`}`

Use Casvisor for records 2023-08-19 23:15:02 +08:00			`return affected`
feat: add UI to view logs Signed-off-by: killer <1533063601@qq.com> 2021-07-07 14:59:03 +08:00			`}`
Make webhook work. 2021-11-07 23:53:17 +08:00
Use Casvisor for records 2023-08-19 23:15:02 +08:00			`func SendWebhooks(record *casvisorsdk.Record) error {`
feat: return most backend API errors to frontend (#1836) * feat: return most backend API errros to frontend Signed-off-by: yehong <239859435@qq.com> * refactor: reduce int type change Signed-off-by: yehong <239859435@qq.com> * feat: return err backend in token.go Signed-off-by: yehong <239859435@qq.com> --------- Signed-off-by: yehong <239859435@qq.com> 2023-05-30 15:49:39 +08:00			`webhooks, err := getWebhooksByOrganization(record.Organization)`
			`if err != nil {`
			`return err`
			`}`

Make webhook work. 2021-11-07 23:53:17 +08:00			`for _, webhook := range webhooks {`
Add isEnabled to webhook. 2021-12-26 21:02:56 +08:00			`if !webhook.IsEnabled {`
			`continue`
			`}`

Make webhook work. 2021-11-07 23:53:17 +08:00			`matched := false`
			`for _, event := range webhook.Events {`
			`if record.Action == event {`
			`matched = true`
			`break`
			`}`
			`}`

			`if matched {`
Use Casvisor for records 2023-08-19 23:15:02 +08:00			`var user *User`
Add isUserExtended to webhook. 2022-01-01 11:15:04 +08:00			`if webhook.IsUserExtended {`
Use Casvisor for records 2023-08-19 23:15:02 +08:00			`user, err = getUser(record.Organization, record.User)`
Show access secret if isAdminOrSelf is true in get-user and get-account APIs 2023-07-19 19:14:53 +08:00			`user, err = GetMaskedUser(user, false, err)`
feat: return most backend API errors to frontend (#1836) * feat: return most backend API errros to frontend Signed-off-by: yehong <239859435@qq.com> * refactor: reduce int type change Signed-off-by: yehong <239859435@qq.com> * feat: return err backend in token.go Signed-off-by: yehong <239859435@qq.com> --------- Signed-off-by: yehong <239859435@qq.com> 2023-05-30 15:49:39 +08:00			`if err != nil {`
			`return err`
			`}`
Add isUserExtended to webhook. 2022-01-01 11:15:04 +08:00			`}`

Use Casvisor for records 2023-08-19 23:15:02 +08:00			`err = sendWebhook(webhook, record, user)`
Make webhook work. 2021-11-07 23:53:17 +08:00			`if err != nil {`
			`return err`
			`}`
			`}`
			`}`

			`return nil`
			`}`