From 3142e0ce84b4d0bc9889f572f7c31fe7bc23c1db Mon Sep 17 00:00:00 2001 From: Noah Petherbridge Date: Sun, 25 Feb 2024 17:28:40 -0800 Subject: [PATCH] Change Log Updates * Delete all change logs AboutUserID on account deletion, and export them in the data export zip. * Log admin changes to ban/admin status of other users. * Log user deactivations/reactivations and deletions (self serve or admin deletion). --- pkg/controller/account/deactivate.go | 6 ++++++ pkg/controller/account/delete.go | 5 +++++ pkg/controller/admin/user_actions.go | 10 ++++++++++ pkg/models/deletion/delete_user.go | 11 +++++++++++ pkg/models/exporting/models.go | 16 ++++++++++++++++ 5 files changed, 48 insertions(+) diff --git a/pkg/controller/account/deactivate.go b/pkg/controller/account/deactivate.go index cfefa8c..e9327cf 100644 --- a/pkg/controller/account/deactivate.go +++ b/pkg/controller/account/deactivate.go @@ -41,6 +41,9 @@ func Deactivate() http.HandlerFunc { session.LogoutUser(w, r) session.Flash(w, r, "Your account has been deactivated and you are now logged out. If you wish to re-activate your account, sign in again with your username and password.") templates.Redirect(w, "/") + + // Log the change. + models.LogUpdated(currentUser, nil, "users", currentUser.ID, "Deactivated their account.", nil) return } @@ -78,5 +81,8 @@ func Reactivate() http.HandlerFunc { session.Flash(w, r, "Welcome back! Your account has been reactivated.") templates.Redirect(w, "/") + + // Log the change. + models.LogUpdated(currentUser, nil, "users", currentUser.ID, "Reactivated their account.", nil) }) } diff --git a/pkg/controller/account/delete.go b/pkg/controller/account/delete.go index f46f796..f65ddc4 100644 --- a/pkg/controller/account/delete.go +++ b/pkg/controller/account/delete.go @@ -1,9 +1,11 @@ package account import ( + "fmt" "net/http" "strings" + "code.nonshy.com/nonshy/website/pkg/models" "code.nonshy.com/nonshy/website/pkg/models/deletion" "code.nonshy.com/nonshy/website/pkg/session" "code.nonshy.com/nonshy/website/pkg/templates" @@ -40,6 +42,9 @@ func Delete() http.HandlerFunc { session.LogoutUser(w, r) session.Flash(w, r, "Your account has been deleted.") templates.Redirect(w, "/") + + // Log the change. + models.LogDeleted(nil, nil, "users", currentUser.ID, fmt.Sprintf("Username %s has deleted their account.", currentUser.Username), nil) return } diff --git a/pkg/controller/admin/user_actions.go b/pkg/controller/admin/user_actions.go index ae1f8c4..9baf7f3 100644 --- a/pkg/controller/admin/user_actions.go +++ b/pkg/controller/admin/user_actions.go @@ -1,6 +1,7 @@ package admin import ( + "fmt" "net/http" "strconv" "strings" @@ -155,6 +156,9 @@ func UserActions() http.HandlerFunc { user.Save() session.Flash(w, r, "User ban status updated!") templates.Redirect(w, "/u/"+user.Username) + + // Log the change. + models.LogUpdated(user, currentUser, "users", currentUser.ID, fmt.Sprintf("User ban status updated to: %s", status), nil) return } case "promote": @@ -171,6 +175,9 @@ func UserActions() http.HandlerFunc { user.Save() session.Flash(w, r, "User admin status updated!") templates.Redirect(w, "/u/"+user.Username) + + // Log the change. + models.LogUpdated(user, currentUser, "users", currentUser.ID, fmt.Sprintf("User admin status updated to: %s", action), nil) return } case "delete": @@ -188,6 +195,9 @@ func UserActions() http.HandlerFunc { session.Flash(w, r, "User has been deleted!") } templates.Redirect(w, "/admin") + + // Log the change. + models.LogDeleted(nil, currentUser, "users", user.ID, fmt.Sprintf("Username %s has been deleted by an admin.", user.Username), nil) return } default: diff --git a/pkg/models/deletion/delete_user.go b/pkg/models/deletion/delete_user.go index 18b469f..3a8e08f 100644 --- a/pkg/models/deletion/delete_user.go +++ b/pkg/models/deletion/delete_user.go @@ -41,6 +41,7 @@ func DeleteUser(user *models.User) error { {"Two Factor", DeleteTwoFactor}, {"Profile Fields", DeleteProfile}, {"User Notes", DeleteUserNotes}, + {"Change Logs", DeleteChangeLogs}, } for _, item := range todo { if err := item.Fn(user.ID); err != nil { @@ -327,3 +328,13 @@ func DeleteUserNotes(userID uint64) error { ).Delete(&models.UserNote{}) return result.Error } + +// DeleteChangeLogs scrubs data for deleting a user. +func DeleteChangeLogs(userID uint64) error { + log.Error("DeleteUser: DeleteChangeLogs(%d)", userID) + result := models.DB.Where( + "about_user_id = ?", + userID, + ).Delete(&models.ChangeLog{}) + return result.Error +} diff --git a/pkg/models/exporting/models.go b/pkg/models/exporting/models.go index fc751fb..c80389a 100644 --- a/pkg/models/exporting/models.go +++ b/pkg/models/exporting/models.go @@ -40,6 +40,7 @@ func ExportModels(zw *zip.Writer, user *models.User) error { // Note: AdminGroup info is eager-loaded in User export {"UserLocation", ExportUserLocationTable}, {"UserNote", ExportUserNoteTable}, + {"ChangeLog", ExportChangeLogTable}, {"TwoFactor", ExportTwoFactorTable}, } for _, item := range todo { @@ -383,6 +384,21 @@ func ExportUserNoteTable(zw *zip.Writer, user *models.User) error { return ZipJson(zw, "user_notes.json", items) } +func ExportChangeLogTable(zw *zip.Writer, user *models.User) error { + var ( + items = []*models.ChangeLog{} + query = models.DB.Model(&models.ChangeLog{}).Where( + "about_user_id = ? OR admin_user_id = ?", + user.ID, user.ID, + ).Find(&items) + ) + if query.Error != nil { + return query.Error + } + + return ZipJson(zw, "change_logs.json", items) +} + func ExportUserLocationTable(zw *zip.Writer, user *models.User) error { var ( items = []*models.UserLocation{}