From bd6a1a66d14151ce50505a338a45a2c3be260bcf Mon Sep 17 00:00:00 2001
From: Dan Brown <ssddanbrown@googlemail.com>
Date: Fri, 20 Nov 2020 19:33:11 +0000
Subject: [PATCH] Implemented remainder of activity types

Also fixed audit log to work for non-entity items.
---
 app/Actions/Activity.php                        | 11 +++++++++++
 app/Actions/ActivityType.php                    |  9 ++++-----
 app/Auth/Access/RegistrationService.php         |  4 ++++
 app/Auth/Access/Saml2Service.php                |  3 +++
 app/Auth/Access/SocialAuthService.php           |  3 +++
 app/Auth/SocialAccount.php                      | 17 ++++++++++++++++-
 .../Auth/ForgotPasswordController.php           |  5 +++++
 app/Http/Controllers/Auth/LoginController.php   |  3 ++-
 .../Auth/ResetPasswordController.php            |  2 ++
 resources/lang/en/settings.php                  |  2 +-
 resources/views/settings/audit.blade.php        |  6 ++++--
 11 files changed, 55 insertions(+), 10 deletions(-)

diff --git a/app/Actions/Activity.php b/app/Actions/Activity.php
index 63eda5917..42cc95613 100644
--- a/app/Actions/Activity.php
+++ b/app/Actions/Activity.php
@@ -6,6 +6,7 @@ use BookStack\Auth\User;
 use BookStack\Entities\Entity;
 use BookStack\Model;
 use Illuminate\Database\Eloquent\Relations\BelongsTo;
+use Illuminate\Support\Str;
 
 /**
  * @property string $type
@@ -46,6 +47,16 @@ class Activity extends Model
         return trans('activities.' . $this->type);
     }
 
+    /**
+     * Check if this activity is intended to be for an entity.
+     */
+    public function isForEntity(): bool
+    {
+        return Str::startsWith($this->type, [
+            'page_', 'chapter_', 'book_', 'bookshelf_'
+        ]);
+    }
+
     /**
      * Checks if another Activity matches the general information of another.
      */
diff --git a/app/Actions/ActivityType.php b/app/Actions/ActivityType.php
index 376312cbb..216f61249 100644
--- a/app/Actions/ActivityType.php
+++ b/app/Actions/ActivityType.php
@@ -44,9 +44,8 @@ class ActivityType
     const ROLE_UPDATE = 'role_update';
     const ROLE_DELETE = 'role_delete';
 
-    // TODO - Implement all below
-    const ACCESS_PASSWORD_RESET = 'access_password_reset_request';
-    const ACCESS_PASSWORD_RESET_UPDATE = 'access_password_reset_update';
-    const ACCESS_LOGIN = 'access_login';
-    const ACCESS_FAILED_LOGIN = 'access_failed_login';
+    const AUTH_PASSWORD_RESET = 'auth_password_reset_request';
+    const AUTH_PASSWORD_RESET_UPDATE = 'auth_password_reset_update';
+    const AUTH_LOGIN = 'auth_login';
+    const AUTH_REGISTER = 'auth_register';
 }
\ No newline at end of file
diff --git a/app/Auth/Access/RegistrationService.php b/app/Auth/Access/RegistrationService.php
index ecc92c117..2aff6c37d 100644
--- a/app/Auth/Access/RegistrationService.php
+++ b/app/Auth/Access/RegistrationService.php
@@ -1,9 +1,11 @@
 <?php namespace BookStack\Auth\Access;
 
+use BookStack\Actions\ActivityType;
 use BookStack\Auth\SocialAccount;
 use BookStack\Auth\User;
 use BookStack\Auth\UserRepo;
 use BookStack\Exceptions\UserRegistrationException;
+use BookStack\Facades\Activity;
 use Exception;
 
 class RegistrationService
@@ -68,6 +70,8 @@ class RegistrationService
             $newUser->socialAccounts()->save($socialAccount);
         }
 
+        Activity::add(ActivityType::AUTH_REGISTER, $socialAccount ?? $newUser);
+
         // Start email confirmation flow if required
         if ($this->emailConfirmationService->confirmationRequired() && !$emailConfirmed) {
             $newUser->save();
diff --git a/app/Auth/Access/Saml2Service.php b/app/Auth/Access/Saml2Service.php
index 89ddd0011..0316ff976 100644
--- a/app/Auth/Access/Saml2Service.php
+++ b/app/Auth/Access/Saml2Service.php
@@ -1,9 +1,11 @@
 <?php namespace BookStack\Auth\Access;
 
+use BookStack\Actions\ActivityType;
 use BookStack\Auth\User;
 use BookStack\Exceptions\JsonDebugException;
 use BookStack\Exceptions\SamlException;
 use BookStack\Exceptions\UserRegistrationException;
+use BookStack\Facades\Activity;
 use Exception;
 use Illuminate\Support\Str;
 use OneLogin\Saml2\Auth;
@@ -372,6 +374,7 @@ class Saml2Service extends ExternalAuthService
         }
 
         auth()->login($user);
+        Activity::add(ActivityType::AUTH_LOGIN, "saml2; {$user->logDescriptor()}");
         return $user;
     }
 }
diff --git a/app/Auth/Access/SocialAuthService.php b/app/Auth/Access/SocialAuthService.php
index 657aae3f3..b0383a938 100644
--- a/app/Auth/Access/SocialAuthService.php
+++ b/app/Auth/Access/SocialAuthService.php
@@ -1,10 +1,12 @@
 <?php namespace BookStack\Auth\Access;
 
+use BookStack\Actions\ActivityType;
 use BookStack\Auth\SocialAccount;
 use BookStack\Auth\UserRepo;
 use BookStack\Exceptions\SocialDriverNotConfigured;
 use BookStack\Exceptions\SocialSignInAccountNotUsed;
 use BookStack\Exceptions\UserRegistrationException;
+use BookStack\Facades\Activity;
 use Illuminate\Support\Str;
 use Laravel\Socialite\Contracts\Factory as Socialite;
 use Laravel\Socialite\Contracts\Provider;
@@ -98,6 +100,7 @@ class SocialAuthService
         // Simply log the user into the application.
         if (!$isLoggedIn && $socialAccount !== null) {
             auth()->login($socialAccount->user);
+            Activity::add(ActivityType::AUTH_LOGIN, $socialAccount);
             return redirect()->intended('/');
         }
 
diff --git a/app/Auth/SocialAccount.php b/app/Auth/SocialAccount.php
index 804dbe629..1c83980cb 100644
--- a/app/Auth/SocialAccount.php
+++ b/app/Auth/SocialAccount.php
@@ -1,8 +1,15 @@
 <?php namespace BookStack\Auth;
 
+use BookStack\Interfaces\Loggable;
 use BookStack\Model;
 
-class SocialAccount extends Model
+/**
+ * Class SocialAccount
+ * @property string $driver
+ * @property User $user
+ * @package BookStack\Auth
+ */
+class SocialAccount extends Model implements Loggable
 {
 
     protected $fillable = ['user_id', 'driver', 'driver_id', 'timestamps'];
@@ -11,4 +18,12 @@ class SocialAccount extends Model
     {
         return $this->belongsTo(User::class);
     }
+
+    /**
+     * @inheritDoc
+     */
+    public function logDescriptor(): string
+    {
+        return "{$this->driver}; {$this->user->logDescriptor()}";
+    }
 }
diff --git a/app/Http/Controllers/Auth/ForgotPasswordController.php b/app/Http/Controllers/Auth/ForgotPasswordController.php
index fadac641e..31e6d848b 100644
--- a/app/Http/Controllers/Auth/ForgotPasswordController.php
+++ b/app/Http/Controllers/Auth/ForgotPasswordController.php
@@ -2,6 +2,7 @@
 
 namespace BookStack\Http\Controllers\Auth;
 
+use BookStack\Actions\ActivityType;
 use BookStack\Http\Controllers\Controller;
 use Illuminate\Foundation\Auth\SendsPasswordResetEmails;
 use Illuminate\Http\Request;
@@ -52,6 +53,10 @@ class ForgotPasswordController extends Controller
             $request->only('email')
         );
 
+        if ($response === Password::RESET_LINK_SENT) {
+            $this->logActivity(ActivityType::AUTH_PASSWORD_RESET, $request->get('email'));
+        }
+
         if ($response === Password::RESET_LINK_SENT || $response === Password::INVALID_USER) {
             $message = trans('auth.reset_password_sent', ['email' => $request->get('email')]);
             $this->showSuccessNotification($message);
diff --git a/app/Http/Controllers/Auth/LoginController.php b/app/Http/Controllers/Auth/LoginController.php
index 8084ce1a5..3890da4b0 100644
--- a/app/Http/Controllers/Auth/LoginController.php
+++ b/app/Http/Controllers/Auth/LoginController.php
@@ -3,10 +3,10 @@
 namespace BookStack\Http\Controllers\Auth;
 
 use Activity;
+use BookStack\Actions\ActivityType;
 use BookStack\Auth\Access\SocialAuthService;
 use BookStack\Exceptions\LoginAttemptEmailNeededException;
 use BookStack\Exceptions\LoginAttemptException;
-use BookStack\Exceptions\UserRegistrationException;
 use BookStack\Http\Controllers\Controller;
 use Illuminate\Foundation\Auth\AuthenticatesUsers;
 use Illuminate\Http\Request;
@@ -151,6 +151,7 @@ class LoginController extends Controller
             }
         }
 
+        $this->logActivity(ActivityType::AUTH_LOGIN, $user);
         return redirect()->intended($this->redirectPath());
     }
 
diff --git a/app/Http/Controllers/Auth/ResetPasswordController.php b/app/Http/Controllers/Auth/ResetPasswordController.php
index efdf00159..96f05db26 100644
--- a/app/Http/Controllers/Auth/ResetPasswordController.php
+++ b/app/Http/Controllers/Auth/ResetPasswordController.php
@@ -2,6 +2,7 @@
 
 namespace BookStack\Http\Controllers\Auth;
 
+use BookStack\Actions\ActivityType;
 use BookStack\Http\Controllers\Controller;
 use Illuminate\Foundation\Auth\ResetsPasswords;
 use Illuminate\Http\Request;
@@ -47,6 +48,7 @@ class ResetPasswordController extends Controller
     {
         $message = trans('auth.reset_password_success');
         $this->showSuccessNotification($message);
+        $this->logActivity(ActivityType::AUTH_PASSWORD_RESET_UPDATE, user());
         return redirect($this->redirectPath())
             ->with('status', trans($response));
     }
diff --git a/resources/lang/en/settings.php b/resources/lang/en/settings.php
index 269c775ba..52919d44d 100755
--- a/resources/lang/en/settings.php
+++ b/resources/lang/en/settings.php
@@ -111,7 +111,7 @@ return [
     'audit_deleted_item_name' => 'Name: :name',
     'audit_table_user' => 'User',
     'audit_table_event' => 'Event',
-    'audit_table_item' => 'Related Item',
+    'audit_table_related' => 'Related Item or Detail',
     'audit_table_date' => 'Activity Date',
     'audit_date_from' => 'Date Range From',
     'audit_date_to' => 'Date Range To',
diff --git a/resources/views/settings/audit.blade.php b/resources/views/settings/audit.blade.php
index 7bbf0ed1a..1996e1c21 100644
--- a/resources/views/settings/audit.blade.php
+++ b/resources/views/settings/audit.blade.php
@@ -53,7 +53,7 @@
                 <th>
                     <a href="{{ sortUrl('/settings/audit', $listDetails, ['sort' => 'key']) }}">{{ trans('settings.audit_table_event') }}</a>
                 </th>
-                <th>{{ trans('settings.audit_table_item') }}</th>
+                <th>{{ trans('settings.audit_table_related') }}</th>
                 <th>
                     <a href="{{ sortUrl('/settings/audit', $listDetails, ['sort' => 'created_at']) }}">{{ trans('settings.audit_table_date') }}</a></th>
             </tr>
@@ -71,11 +71,13 @@
                                     {{ $activity->entity->name }}
                                 </div>
                             </a>
-                        @elseif($activity->detail)
+                        @elseif($activity->detail && $activity->isForEntity())
                             <div class="px-m">
                                 {{ trans('settings.audit_deleted_item') }} <br>
                                 {{ trans('settings.audit_deleted_item_name', ['name' => $activity->detail]) }}
                             </div>
+                        @elseif($activity->detail)
+                            <div class="px-m">{{ $activity->detail }}</div>
                         @endif
                     </td>
                     <td>{{ $activity->created_at }}</td>