summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--api4/params.go4
-rw-r--r--api4/system.go17
-rw-r--r--api4/system_test.go38
-rw-r--r--api4/user.go4
-rw-r--r--api4/user_test.go10
-rw-r--r--model/client4.go17
6 files changed, 78 insertions, 12 deletions
diff --git a/api4/params.go b/api4/params.go
index 15f632195..8bb072742 100644
--- a/api4/params.go
+++ b/api4/params.go
@@ -101,13 +101,13 @@ func ApiParamsFromRequest(r *http.Request) *ApiParams {
params.PreferenceName = val
}
- if val, err := strconv.Atoi(r.URL.Query().Get("page")); err != nil {
+ if val, err := strconv.Atoi(r.URL.Query().Get("page")); err != nil || val < 0 {
params.Page = PAGE_DEFAULT
} else {
params.Page = val
}
- if val, err := strconv.Atoi(r.URL.Query().Get("per_page")); err != nil {
+ if val, err := strconv.Atoi(r.URL.Query().Get("per_page")); err != nil || val < 0 {
params.PerPage = PER_PAGE_DEFAULT
} else if val > PER_PAGE_MAXIMUM {
params.PerPage = PER_PAGE_MAXIMUM
diff --git a/api4/system.go b/api4/system.go
index 5058b0e2f..972d526da 100644
--- a/api4/system.go
+++ b/api4/system.go
@@ -19,6 +19,7 @@ func InitSystem() {
BaseRoutes.ApiRoot.Handle("/config", ApiSessionRequired(getConfig)).Methods("GET")
BaseRoutes.ApiRoot.Handle("/config/reload", ApiSessionRequired(configReload)).Methods("POST")
BaseRoutes.ApiRoot.Handle("/config", ApiSessionRequired(updateConfig)).Methods("PUT")
+ BaseRoutes.ApiRoot.Handle("/audits", ApiSessionRequired(getAudits)).Methods("GET")
BaseRoutes.ApiRoot.Handle("/email/test", ApiSessionRequired(testEmail)).Methods("POST")
BaseRoutes.ApiRoot.Handle("/database/recycle", ApiSessionRequired(databaseRecycle)).Methods("POST")
BaseRoutes.ApiRoot.Handle("/caches/invalidate", ApiSessionRequired(invalidateCaches)).Methods("POST")
@@ -96,6 +97,22 @@ func updateConfig(c *Context, w http.ResponseWriter, r *http.Request) {
w.Write([]byte(cfg.ToJson()))
}
+func getAudits(c *Context, w http.ResponseWriter, r *http.Request) {
+ if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) {
+ c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM)
+ return
+ }
+
+ audits, err := app.GetAuditsPage("", c.Params.Page, c.Params.PerPage)
+
+ if err != nil {
+ c.Err = err
+ return
+ }
+
+ w.Write([]byte(audits.ToJson()))
+}
+
func databaseRecycle(c *Context, w http.ResponseWriter, r *http.Request) {
if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) {
diff --git a/api4/system_test.go b/api4/system_test.go
index 658bb5881..289a41907 100644
--- a/api4/system_test.go
+++ b/api4/system_test.go
@@ -127,7 +127,43 @@ func TestUpdateConfig(t *testing.T) {
t.Fatal()
}
}
+}
+
+func TestGetAudits(t *testing.T) {
+ th := Setup().InitBasic().InitSystemAdmin()
+ defer TearDown()
+ Client := th.Client
+
+ audits, resp := th.SystemAdminClient.GetAudits(0, 100, "")
+ CheckNoError(t, resp)
+
+ if len(audits) == 0 {
+ t.Fatal("should not be empty")
+ }
+
+ audits, resp = th.SystemAdminClient.GetAudits(0, 1, "")
+ CheckNoError(t, resp)
+ if len(audits) != 1 {
+ t.Fatal("should only be 1")
+ }
+
+ audits, resp = th.SystemAdminClient.GetAudits(1, 1, "")
+ CheckNoError(t, resp)
+
+ if len(audits) != 1 {
+ t.Fatal("should only be 1")
+ }
+
+ _, resp = th.SystemAdminClient.GetAudits(-1, -1, "")
+ CheckNoError(t, resp)
+
+ _, resp = Client.GetAudits(0, 100, "")
+ CheckForbiddenStatus(t, resp)
+
+ Client.Logout()
+ _, resp = Client.GetAudits(0, 100, "")
+ CheckUnauthorizedStatus(t, resp)
}
func TestEmailTest(t *testing.T) {
@@ -217,7 +253,7 @@ func TestGetLogs(t *testing.T) {
logs, resp = th.SystemAdminClient.GetLogs(-1, -1)
CheckNoError(t, resp)
- if len(logs) != 0 {
+ if len(logs) == 0 {
t.Fatal("should not be empty")
}
diff --git a/api4/user.go b/api4/user.go
index 1668f9c2c..383bb2f59 100644
--- a/api4/user.go
+++ b/api4/user.go
@@ -44,7 +44,7 @@ func InitUser() {
BaseRoutes.User.Handle("/sessions", ApiSessionRequired(getSessions)).Methods("GET")
BaseRoutes.User.Handle("/sessions/revoke", ApiSessionRequired(revokeSession)).Methods("POST")
- BaseRoutes.User.Handle("/audits", ApiSessionRequired(getAudits)).Methods("GET")
+ BaseRoutes.User.Handle("/audits", ApiSessionRequired(getUserAudits)).Methods("GET")
}
func createUser(c *Context, w http.ResponseWriter, r *http.Request) {
@@ -720,7 +720,7 @@ func revokeSession(c *Context, w http.ResponseWriter, r *http.Request) {
ReturnStatusOK(w)
}
-func getAudits(c *Context, w http.ResponseWriter, r *http.Request) {
+func getUserAudits(c *Context, w http.ResponseWriter, r *http.Request) {
c.RequireUserId()
if c.Err != nil {
return
diff --git a/api4/user_test.go b/api4/user_test.go
index 4805a1a51..2e1a0adc2 100644
--- a/api4/user_test.go
+++ b/api4/user_test.go
@@ -1114,13 +1114,13 @@ func TestRevokeSessions(t *testing.T) {
}
-func TestGetAudits(t *testing.T) {
+func TestGetUserAudits(t *testing.T) {
th := Setup().InitBasic().InitSystemAdmin()
defer TearDown()
Client := th.Client
user := th.BasicUser
- audits, resp := Client.GetAudits(user.Id, 0, 100, "")
+ audits, resp := Client.GetUserAudits(user.Id, 0, 100, "")
for _, audit := range audits {
if audit.UserId != user.Id {
t.Fatal("user id does not match audit user id")
@@ -1128,14 +1128,14 @@ func TestGetAudits(t *testing.T) {
}
CheckNoError(t, resp)
- _, resp = Client.GetAudits(th.BasicUser2.Id, 0, 100, "")
+ _, resp = Client.GetUserAudits(th.BasicUser2.Id, 0, 100, "")
CheckForbiddenStatus(t, resp)
Client.Logout()
- _, resp = Client.GetAudits(user.Id, 0, 100, "")
+ _, resp = Client.GetUserAudits(user.Id, 0, 100, "")
CheckUnauthorizedStatus(t, resp)
- _, resp = th.SystemAdminClient.GetAudits(user.Id, 0, 100, "")
+ _, resp = th.SystemAdminClient.GetUserAudits(user.Id, 0, 100, "")
CheckNoError(t, resp)
}
diff --git a/model/client4.go b/model/client4.go
index 7af2a0b39..b94412706 100644
--- a/model/client4.go
+++ b/model/client4.go
@@ -606,8 +606,8 @@ func (c *Client4) GetTeamsUnreadForUser(userId, teamIdToExclude string) ([]*Team
}
}
-// GetAudits returns a list of audit based on the provided user id string.
-func (c *Client4) GetAudits(userId string, page int, perPage int, etag string) (Audits, *Response) {
+// GetUserAudits returns a list of audit based on the provided user id string.
+func (c *Client4) GetUserAudits(userId string, page int, perPage int, etag string) (Audits, *Response) {
query := fmt.Sprintf("?page=%v&per_page=%v", page, perPage)
if r, err := c.DoApiGet(c.GetUserRoute(userId)+"/audits"+query, etag); err != nil {
return nil, &Response{StatusCode: r.StatusCode, Error: err}
@@ -1605,6 +1605,19 @@ func (c *Client4) TestLdap() (bool, *Response) {
}
}
+// Audits Section
+
+// GetAudits returns a list of audits for the whole system.
+func (c *Client4) GetAudits(page int, perPage int, etag string) (Audits, *Response) {
+ query := fmt.Sprintf("?page=%v&per_page=%v", page, perPage)
+ if r, err := c.DoApiGet("/audits"+query, etag); err != nil {
+ return nil, &Response{StatusCode: r.StatusCode, Error: err}
+ } else {
+ defer closeBody(r)
+ return AuditsFromJson(r.Body), BuildResponse(r)
+ }
+}
+
// Brand Section
// GetBrandImage retrieves the previously uploaded brand image.
generated by cgit v1.2.3-1-g7c22 (git 2.25.1) at 2024-05-20 10:19:51 +0000