refactor(audit): extract audit domain into self-contained module
Move the entire audit subsystem (system audit, API audit, import audit, user lifecycle audit, frontend telemetry) from core into modules/audit/. Core decoupling via interface-based injection: - AuditRecorderInterface replaces SystemAuditService in 10+ core services - UserLifecycleAuditInterface / ImportAuditInterface for specialized flows - NullAuditRecorder fallback when audit module is disabled - ApiBootstrap/ApiResponse use null-safe callable resolvers Module structure (modules/audit/): - Manifest with routes, permissions, scheduler jobs, authorization policy - 9 services, 8 repositories, 6 domain enums, 4 job handlers - 33 page files, 4 JS files, 8 test files, migration scripts, i18n Core cleanup: - OperationsAuthorizationPolicy, UiCapabilityMap, PermissionService surgically cleaned of audit-specific constants - Sidebar template cleared of hardcoded audit navigation - AuditModuleIsolationContractTest ensures no future core→module coupling All quality gates pass: 1346 tests (19,276 assertions), PHPStan level 5 clean, architecture contracts verified. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
40
modules/audit/pages/admin/user-lifecycle-audit/data().php
Normal file
40
modules/audit/pages/admin/user-lifecycle-audit/data().php
Normal file
@@ -0,0 +1,40 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Module\Audit\AuditAuthorizationPolicy;
|
||||
use MintyPHP\Module\Audit\Domain\UserLifecycleAction;
|
||||
use MintyPHP\Module\Audit\Domain\UserLifecycleStatus;
|
||||
use MintyPHP\Module\Audit\Domain\UserLifecycleTriggerType;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
Guard::requireLogin();
|
||||
Guard::requireAbilityOrForbidden(AuditAuthorizationPolicy::ABILITY_USER_LIFECYCLE_VIEW);
|
||||
gridRequireGetRequest();
|
||||
|
||||
$filters = gridParseFiltersFromSchemaFile(__DIR__ . '/filter-schema.php');
|
||||
|
||||
$result = app(\MintyPHP\Module\Audit\Service\UserLifecycleAuditService::class)->listPaged($filters);
|
||||
|
||||
$rows = [];
|
||||
foreach ((array) ($result['rows'] ?? []) as $row) {
|
||||
$status = UserLifecycleStatus::normalizeOr((string) ($row['status'] ?? ''), UserLifecycleStatus::Failed);
|
||||
$action = UserLifecycleAction::normalizeOr((string) ($row['action'] ?? ''), UserLifecycleAction::Deactivate);
|
||||
$triggerType = UserLifecycleTriggerType::normalizeOr((string) ($row['trigger_type'] ?? ''), UserLifecycleTriggerType::System);
|
||||
|
||||
$rows[] = [
|
||||
'id' => (int) ($row['id'] ?? 0),
|
||||
'created_at' => dt((string) ($row['created_at'] ?? '')),
|
||||
'status' => $status->value,
|
||||
'status_badge' => $status->badgeVariant(),
|
||||
'status_label' => t($status->labelToken()),
|
||||
'action' => $action->value,
|
||||
'action_label' => t($action->labelToken()),
|
||||
'trigger_type' => $triggerType->value,
|
||||
'trigger_type_label' => t($triggerType->labelToken()),
|
||||
'reason_code' => (string) ($row['reason_code'] ?? ''),
|
||||
'target_user_uuid' => (string) ($row['target_user_uuid'] ?? ''),
|
||||
'target_user_email' => (string) ($row['target_user_email'] ?? ''),
|
||||
'restored_at' => dt((string) ($row['restored_at'] ?? '')),
|
||||
];
|
||||
}
|
||||
|
||||
gridJsonDataResult($rows, (int) ($result['total'] ?? 0));
|
||||
@@ -0,0 +1,96 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Module\Audit\Domain\UserLifecycleAction;
|
||||
use MintyPHP\Module\Audit\Domain\UserLifecycleStatus;
|
||||
use MintyPHP\Module\Audit\Domain\UserLifecycleTriggerType;
|
||||
|
||||
return gridFilterSchema([
|
||||
'query' => [
|
||||
'limit' => ['type' => 'int', 'default' => 20, 'min' => 1, 'max' => 200],
|
||||
'offset' => ['type' => 'int', 'default' => 0, 'min' => 0],
|
||||
'search' => ['type' => 'string'],
|
||||
'actions' => [
|
||||
'type' => 'csv_strings',
|
||||
'max' => 200,
|
||||
'sanitizer' => gridEnumSanitizer(UserLifecycleAction::class),
|
||||
],
|
||||
'statuses' => [
|
||||
'type' => 'csv_strings',
|
||||
'max' => 200,
|
||||
'sanitizer' => gridEnumSanitizer(UserLifecycleStatus::class),
|
||||
],
|
||||
'trigger_types' => [
|
||||
'type' => 'csv_strings',
|
||||
'max' => 200,
|
||||
'sanitizer' => gridEnumSanitizer(UserLifecycleTriggerType::class),
|
||||
],
|
||||
'actor_user_ids' => ['type' => 'csv_ids', 'max' => 200],
|
||||
'created_from' => ['type' => 'date'],
|
||||
'created_to' => ['type' => 'date'],
|
||||
'order' => ['type' => 'order', 'allowed' => ['created_at', 'status', 'action', 'trigger_type', 'restored_at'], 'default' => 'created_at'],
|
||||
'dir' => ['type' => 'dir', 'default' => 'desc'],
|
||||
],
|
||||
'toolbar' => [
|
||||
[
|
||||
'key' => 'search',
|
||||
'type' => 'text',
|
||||
'label' => 'Search',
|
||||
'placeholder' => 'Search...',
|
||||
'input_id' => 'user-lifecycle-audit-search',
|
||||
'search' => true,
|
||||
'query' => ['type' => 'string'],
|
||||
],
|
||||
[
|
||||
'key' => 'actions',
|
||||
'type' => 'multi_csv',
|
||||
'label' => 'Action',
|
||||
'placeholder' => 'Select actions',
|
||||
'input_id' => 'user-lifecycle-audit-actions-filter',
|
||||
'options_key' => 'action_items',
|
||||
'default' => [],
|
||||
'query' => ['type' => 'csv_strings', 'max' => 200, 'return' => 'array'],
|
||||
],
|
||||
[
|
||||
'key' => 'statuses',
|
||||
'type' => 'multi_csv',
|
||||
'label' => 'Status',
|
||||
'placeholder' => 'Select statuses',
|
||||
'input_id' => 'user-lifecycle-audit-statuses-filter',
|
||||
'options_key' => 'status_items',
|
||||
'default' => [],
|
||||
'query' => ['type' => 'csv_strings', 'max' => 200, 'return' => 'array'],
|
||||
],
|
||||
[
|
||||
'key' => 'trigger_types',
|
||||
'type' => 'multi_csv',
|
||||
'label' => 'Trigger',
|
||||
'placeholder' => 'Select triggers',
|
||||
'input_id' => 'user-lifecycle-audit-trigger-types-filter',
|
||||
'options_key' => 'trigger_items',
|
||||
'default' => [],
|
||||
'query' => ['type' => 'csv_strings', 'max' => 200, 'return' => 'array'],
|
||||
],
|
||||
[
|
||||
'key' => 'actor_user_ids',
|
||||
'type' => 'multi_csv',
|
||||
'label' => 'Actor',
|
||||
'placeholder' => 'Select actor users',
|
||||
'input_id' => 'user-lifecycle-audit-actor-user-ids-filter',
|
||||
'options_key' => 'actor_items',
|
||||
'default' => [],
|
||||
'query' => ['type' => 'csv_ids', 'max' => 200, 'return' => 'array'],
|
||||
],
|
||||
[
|
||||
'key' => 'created_from',
|
||||
'type' => 'date',
|
||||
'label' => 'Created from',
|
||||
'input_id' => 'user-lifecycle-audit-created-from',
|
||||
],
|
||||
[
|
||||
'key' => 'created_to',
|
||||
'type' => 'date',
|
||||
'label' => 'Created to',
|
||||
'input_id' => 'user-lifecycle-audit-created-to',
|
||||
],
|
||||
],
|
||||
]);
|
||||
219
modules/audit/pages/admin/user-lifecycle-audit/index().php
Normal file
219
modules/audit/pages/admin/user-lifecycle-audit/index().php
Normal file
@@ -0,0 +1,219 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Buffer;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Module\Audit\AuditAuthorizationPolicy;
|
||||
use MintyPHP\Module\Audit\Domain\UserLifecycleAction;
|
||||
use MintyPHP\Module\Audit\Domain\UserLifecycleStatus;
|
||||
use MintyPHP\Module\Audit\Domain\UserLifecycleTriggerType;
|
||||
use MintyPHP\Module\Audit\Service\UserLifecycleAuditService;
|
||||
use MintyPHP\Service\Access\SettingsAuthorizationPolicy;
|
||||
use MintyPHP\Service\Access\UiAccessService;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
Guard::requireAbility(AuditAuthorizationPolicy::ABILITY_USER_LIFECYCLE_VIEW);
|
||||
$viewAuth['page'] = app(UiAccessService::class)->pageCapabilities(
|
||||
(int) ($session['user']['id'] ?? 0),
|
||||
['can_purge' => SettingsAuthorizationPolicy::ABILITY_ADMIN_SETTINGS_UPDATE]
|
||||
);
|
||||
|
||||
Buffer::set('title', t('User lifecycle logs'));
|
||||
Buffer::set('grid_lang', json_encode(gridLang(), JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES));
|
||||
|
||||
$filterSchema = require __DIR__ . '/filter-schema.php';
|
||||
$filterState = gridParseFilters(requestInput()->queryAll(), [
|
||||
...gridSchemaQuery($filterSchema),
|
||||
'actions' => [
|
||||
'type' => 'csv_strings',
|
||||
'max' => 200,
|
||||
'return' => 'array',
|
||||
'sanitizer' => gridEnumSanitizer(UserLifecycleAction::class),
|
||||
],
|
||||
'statuses' => [
|
||||
'type' => 'csv_strings',
|
||||
'max' => 200,
|
||||
'return' => 'array',
|
||||
'sanitizer' => gridEnumSanitizer(UserLifecycleStatus::class),
|
||||
],
|
||||
'trigger_types' => [
|
||||
'type' => 'csv_strings',
|
||||
'max' => 200,
|
||||
'return' => 'array',
|
||||
'sanitizer' => gridEnumSanitizer(UserLifecycleTriggerType::class),
|
||||
],
|
||||
'actor_user_ids' => ['type' => 'csv_ids', 'max' => 200, 'return' => 'array'],
|
||||
]);
|
||||
$filterOptions = app(UserLifecycleAuditService::class)->filterOptions(200);
|
||||
|
||||
$activeActions = is_array($filterState['actions'] ?? null) ? $filterState['actions'] : [];
|
||||
$activeStatuses = is_array($filterState['statuses'] ?? null) ? $filterState['statuses'] : [];
|
||||
$activeTriggerTypes = is_array($filterState['trigger_types'] ?? null) ? $filterState['trigger_types'] : [];
|
||||
$activeActorUserIds = array_map('strval', is_array($filterState['actor_user_ids'] ?? null) ? $filterState['actor_user_ids'] : []);
|
||||
|
||||
$actionLabelMap = [];
|
||||
foreach (UserLifecycleAction::cases() as $actionCase) {
|
||||
$actionLabelMap[$actionCase->value] = t($actionCase->labelToken());
|
||||
}
|
||||
$statusLabelMap = [];
|
||||
foreach (UserLifecycleStatus::cases() as $statusCase) {
|
||||
$statusLabelMap[$statusCase->value] = t($statusCase->labelToken());
|
||||
}
|
||||
$triggerLabelMap = [];
|
||||
foreach (UserLifecycleTriggerType::cases() as $triggerCase) {
|
||||
$triggerLabelMap[$triggerCase->value] = t($triggerCase->labelToken());
|
||||
}
|
||||
|
||||
$lifecycleActionItems = [];
|
||||
foreach (UserLifecycleAction::values() as $action) {
|
||||
$lifecycleActionItems[$action] = [
|
||||
'id' => $action,
|
||||
'description' => $actionLabelMap[$action] ?? $action,
|
||||
];
|
||||
}
|
||||
foreach ((array) ($filterOptions['actions'] ?? []) as $action) {
|
||||
$action = strtolower(trim((string) $action));
|
||||
if ($action === '') {
|
||||
continue;
|
||||
}
|
||||
$lifecycleActionItems[$action] = [
|
||||
'id' => $action,
|
||||
'description' => $actionLabelMap[$action] ?? $action,
|
||||
];
|
||||
}
|
||||
$lifecycleActionItems = array_values($lifecycleActionItems);
|
||||
|
||||
$lifecycleStatusItems = [];
|
||||
foreach (UserLifecycleStatus::values() as $status) {
|
||||
$lifecycleStatusItems[$status] = [
|
||||
'id' => $status,
|
||||
'description' => $statusLabelMap[$status] ?? $status,
|
||||
];
|
||||
}
|
||||
foreach ((array) ($filterOptions['statuses'] ?? []) as $status) {
|
||||
$status = strtolower(trim((string) $status));
|
||||
if ($status === '') {
|
||||
continue;
|
||||
}
|
||||
$lifecycleStatusItems[$status] = [
|
||||
'id' => $status,
|
||||
'description' => $statusLabelMap[$status] ?? $status,
|
||||
];
|
||||
}
|
||||
$lifecycleStatusItems = array_values($lifecycleStatusItems);
|
||||
|
||||
$lifecycleTriggerItems = [];
|
||||
foreach (UserLifecycleTriggerType::values() as $triggerType) {
|
||||
$lifecycleTriggerItems[$triggerType] = [
|
||||
'id' => $triggerType,
|
||||
'description' => $triggerLabelMap[$triggerType] ?? $triggerType,
|
||||
];
|
||||
}
|
||||
foreach ((array) ($filterOptions['trigger_types'] ?? []) as $triggerType) {
|
||||
$triggerType = strtolower(trim((string) $triggerType));
|
||||
if ($triggerType === '') {
|
||||
continue;
|
||||
}
|
||||
$lifecycleTriggerItems[$triggerType] = [
|
||||
'id' => $triggerType,
|
||||
'description' => $triggerLabelMap[$triggerType] ?? $triggerType,
|
||||
];
|
||||
}
|
||||
$lifecycleTriggerItems = array_values($lifecycleTriggerItems);
|
||||
|
||||
$lifecycleActorItems = [];
|
||||
foreach ((array) ($filterOptions['actors'] ?? []) as $actorOption) {
|
||||
if (!is_array($actorOption)) {
|
||||
continue;
|
||||
}
|
||||
$actorId = (int) ($actorOption['id'] ?? 0);
|
||||
if ($actorId <= 0) {
|
||||
continue;
|
||||
}
|
||||
$actorDisplayName = trim((string) ($actorOption['display_name'] ?? ''));
|
||||
$actorEmail = trim((string) ($actorOption['email'] ?? ''));
|
||||
$actorExists = (bool) ($actorOption['exists'] ?? false);
|
||||
$label = $actorDisplayName !== '' ? $actorDisplayName : $actorEmail;
|
||||
if ($label === '') {
|
||||
$label = $actorExists
|
||||
? sprintf(t('User #%d'), $actorId)
|
||||
: sprintf(t('User #%d (deleted)'), $actorId);
|
||||
}
|
||||
|
||||
$id = (string) $actorId;
|
||||
$lifecycleActorItems[$id] = [
|
||||
'id' => $id,
|
||||
'description' => $label,
|
||||
];
|
||||
}
|
||||
foreach ($activeActorUserIds as $actorId) {
|
||||
if (!isset($lifecycleActorItems[$actorId])) {
|
||||
$lifecycleActorItems[$actorId] = [
|
||||
'id' => $actorId,
|
||||
'description' => sprintf(t('User #%d (deleted)'), (int) $actorId),
|
||||
];
|
||||
}
|
||||
}
|
||||
$lifecycleActorItems = array_values($lifecycleActorItems);
|
||||
|
||||
$toolbarFilterState = [
|
||||
'search' => (string) ($filterState['search'] ?? ''),
|
||||
'actions' => $activeActions,
|
||||
'statuses' => $activeStatuses,
|
||||
'trigger_types' => $activeTriggerTypes,
|
||||
'actor_user_ids' => $activeActorUserIds,
|
||||
'created_from' => (string) ($filterState['created_from'] ?? ''),
|
||||
'created_to' => (string) ($filterState['created_to'] ?? ''),
|
||||
];
|
||||
$toolbarOptionSets = [
|
||||
'action_items' => $lifecycleActionItems,
|
||||
'status_items' => $lifecycleStatusItems,
|
||||
'trigger_items' => $lifecycleTriggerItems,
|
||||
'actor_items' => $lifecycleActorItems,
|
||||
];
|
||||
$listFilterContext = gridBuildListFilterContext($filterSchema, [
|
||||
'filter_state' => $filterState,
|
||||
'search_keys' => ['search'],
|
||||
'toolbar_state_overrides' => $toolbarFilterState,
|
||||
'toolbar_option_sets' => $toolbarOptionSets,
|
||||
]);
|
||||
$toolbarFilterSchema = $listFilterContext['toolbarFilterSchema'];
|
||||
$toolbarFilterState = $listFilterContext['toolbarFilterState'];
|
||||
$searchToolbarFilterSchema = $listFilterContext['searchToolbarFilterSchema'];
|
||||
$drawerToolbarFilterSchema = $listFilterContext['drawerToolbarFilterSchema'];
|
||||
$toolbarOptionSets = $listFilterContext['toolbarOptionSets'];
|
||||
$filterChipMeta = [
|
||||
'search' => [
|
||||
'label' => t('Search'),
|
||||
'type' => 'text',
|
||||
],
|
||||
'actions' => [
|
||||
'label' => t('Action'),
|
||||
'type' => 'multi_csv',
|
||||
'options' => gridOptionMapFromItems($lifecycleActionItems),
|
||||
],
|
||||
'statuses' => [
|
||||
'label' => t('Status'),
|
||||
'type' => 'multi_csv',
|
||||
'options' => gridOptionMapFromItems($lifecycleStatusItems),
|
||||
],
|
||||
'trigger_types' => [
|
||||
'label' => t('Trigger'),
|
||||
'type' => 'multi_csv',
|
||||
'options' => gridOptionMapFromItems($lifecycleTriggerItems),
|
||||
],
|
||||
'actor_user_ids' => [
|
||||
'label' => t('Actor'),
|
||||
'type' => 'multi_csv',
|
||||
'options' => gridOptionMapFromItems($lifecycleActorItems),
|
||||
],
|
||||
'created_range' => [
|
||||
'label' => t('Created'),
|
||||
'type' => 'date_range',
|
||||
'from_param' => 'created_from',
|
||||
'to_param' => 'created_to',
|
||||
],
|
||||
];
|
||||
$clientFilterSchema = $listFilterContext['clientFilterSchema'];
|
||||
$searchConfig = $listFilterContext['searchConfig'];
|
||||
@@ -0,0 +1,73 @@
|
||||
<?php
|
||||
$pageAuth = is_array($viewAuth['page'] ?? null) ? $viewAuth['page'] : [];
|
||||
$canPurge = (bool) ($pageAuth['can_purge'] ?? false);
|
||||
$toolbarFilterSchema = is_array($toolbarFilterSchema ?? null) ? $toolbarFilterSchema : [];
|
||||
$searchToolbarFilterSchema = is_array($searchToolbarFilterSchema ?? null) ? $searchToolbarFilterSchema : [];
|
||||
$drawerToolbarFilterSchema = is_array($drawerToolbarFilterSchema ?? null) ? $drawerToolbarFilterSchema : [];
|
||||
$toolbarFilterState = is_array($toolbarFilterState ?? null) ? $toolbarFilterState : [];
|
||||
$toolbarOptionSets = is_array($toolbarOptionSets ?? null) ? $toolbarOptionSets : [];
|
||||
$filterChipMeta = is_array($filterChipMeta ?? null) ? $filterChipMeta : [];
|
||||
$clientFilterSchema = is_array($clientFilterSchema ?? null) ? $clientFilterSchema : [];
|
||||
$searchConfig = is_array($searchConfig ?? null) ? $searchConfig : null;
|
||||
?>
|
||||
<?php
|
||||
$breadcrumbs = [
|
||||
['label' => t('Home'), 'path' => 'admin'],
|
||||
['label' => t('User lifecycle logs')],
|
||||
];
|
||||
require templatePath('partials/app-breadcrumb.phtml');
|
||||
?>
|
||||
<?php
|
||||
$listTitle = t('User lifecycle logs');
|
||||
ob_start();
|
||||
?>
|
||||
<?php
|
||||
$listPurgeEnabled = $canPurge;
|
||||
$listPurgeFormId = 'user-lifecycle-audit-purge-form';
|
||||
$listPurgeAction = 'admin/user-lifecycle-audit/purge';
|
||||
$listPurgeConfirmMessage = t('Purge entries older than 365 days?');
|
||||
$listPurgeButtonLabel = t('Purge user lifecycle logs');
|
||||
require templatePath('partials/app-list-purge-action.phtml');
|
||||
?>
|
||||
<?php
|
||||
$listTitleActionsHtml = ob_get_clean();
|
||||
require templatePath('partials/app-list-titlebar.phtml');
|
||||
?>
|
||||
|
||||
<?php
|
||||
$filterUiNamespace = 'user-lifecycle';
|
||||
$filterToolbarId = 'user-lifecycle-audit-toolbar';
|
||||
$filterDrawerToolbarId = 'user-lifecycle-drawer-toolbar';
|
||||
$filterDrawerTitleId = 'user-lifecycle-filter-drawer-title';
|
||||
require templatePath('partials/app-list-filters.phtml');
|
||||
?>
|
||||
|
||||
<div class="app-list-table">
|
||||
<div id="user-lifecycle-audit-grid"></div>
|
||||
</div>
|
||||
|
||||
<?php
|
||||
$gridLang = json_decode(appBufferValue('grid_lang'), true);
|
||||
if (!is_array($gridLang)) {
|
||||
$gridLang = [];
|
||||
}
|
||||
$pageConfig = [
|
||||
'gridSearch' => $searchConfig,
|
||||
'filterSchema' => $clientFilterSchema,
|
||||
'filterChipMeta' => $filterChipMeta,
|
||||
'gridLang' => $gridLang,
|
||||
'labels' => [
|
||||
'created' => t('Created'),
|
||||
'status' => t('Status'),
|
||||
'action' => t('Action'),
|
||||
'trigger' => t('Trigger'),
|
||||
'targetEmail' => t('Target email'),
|
||||
'targetUuid' => t('Target UUID'),
|
||||
'reasonCode' => t('Reason code'),
|
||||
'restoredAt' => t('Restored at'),
|
||||
],
|
||||
];
|
||||
?>
|
||||
<script src="<?php e(assetVersion('vendor/gridjs/gridjs.umd.js')); ?>"></script>
|
||||
<script type="application/json" id="page-config-admin-user-lifecycle-audit-index"><?php gridJsonForJs($pageConfig); ?></script>
|
||||
<script type="module" src="<?php e(assetVersion('modules/audit/js/pages/admin-user-lifecycle-audit-index.js')); ?>"></script>
|
||||
27
modules/audit/pages/admin/user-lifecycle-audit/purge().php
Normal file
27
modules/audit/pages/admin/user-lifecycle-audit/purge().php
Normal file
@@ -0,0 +1,27 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
Guard::requireLogin();
|
||||
Guard::requireAbility(\MintyPHP\Service\Access\SettingsAuthorizationPolicy::ABILITY_ADMIN_SETTINGS_UPDATE);
|
||||
|
||||
if (strtoupper((string) (requestInput()->method())) !== 'POST') {
|
||||
Router::redirect('admin/user-lifecycle-audit');
|
||||
}
|
||||
$errorBag = formErrors();
|
||||
if (!Session::checkCsrfToken()) {
|
||||
$errorBag->addGlobal(t('Form expired, please try again'));
|
||||
flashFormErrors($errorBag, 'admin/user-lifecycle-audit', 'user_lifecycle_audit');
|
||||
Router::redirect('admin/user-lifecycle-audit');
|
||||
}
|
||||
|
||||
$deleted = app(\MintyPHP\Module\Audit\Service\UserLifecycleAuditService::class)->purgeExpired();
|
||||
Flash::success(
|
||||
sprintf(t('%d user lifecycle audit entries purged'), $deleted),
|
||||
'admin/user-lifecycle-audit',
|
||||
'user_lifecycle_audit_purged'
|
||||
);
|
||||
Router::redirect('admin/user-lifecycle-audit');
|
||||
@@ -0,0 +1,48 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
Guard::requireAbility(\MintyPHP\Module\Audit\AuditAuthorizationPolicy::ABILITY_USER_LIFECYCLE_RESTORE);
|
||||
|
||||
$auditId = (int) ($id ?? 0);
|
||||
$errorBag = formErrors();
|
||||
|
||||
if (strtoupper((string) (requestInput()->method())) !== 'POST') {
|
||||
Router::redirect('admin/user-lifecycle-audit');
|
||||
}
|
||||
if (!Session::checkCsrfToken()) {
|
||||
$errorBag->addGlobal(t('Form expired, please try again'));
|
||||
flashFormErrors($errorBag, 'admin/user-lifecycle-audit', 'user_lifecycle_restore');
|
||||
Router::redirect('admin/user-lifecycle-audit');
|
||||
}
|
||||
|
||||
$result = app(\MintyPHP\Service\User\UserLifecycleRestoreService::class)->restoreFromLifecycleAudit(
|
||||
$auditId,
|
||||
(int) ($session['user']['id'] ?? 0)
|
||||
);
|
||||
|
||||
if (!($result['ok'] ?? false)) {
|
||||
$error = (string) ($result['error'] ?? 'restore_unexpected_error');
|
||||
if ($error === 'restore_email_exists') {
|
||||
$errorBag->addGlobal(t('Restore not possible: email already exists'));
|
||||
} elseif ($error === 'restore_uuid_exists') {
|
||||
$errorBag->addGlobal(t('Restore not possible: uuid already exists'));
|
||||
} elseif ($error === 'snapshot_unavailable') {
|
||||
$errorBag->addGlobal(t('Lifecycle snapshot unavailable'));
|
||||
} elseif ($error === 'audit_event_already_restored') {
|
||||
$errorBag->addGlobal(t('Lifecycle event was already restored'));
|
||||
} else {
|
||||
$errorBag->addGlobal(t('User restore failed'));
|
||||
}
|
||||
flashFormErrors($errorBag, "admin/user-lifecycle-audit/view/$auditId", 'user_lifecycle_restore');
|
||||
Router::redirect("admin/user-lifecycle-audit/view/$auditId");
|
||||
}
|
||||
|
||||
Flash::success(t('User restored'), "admin/user-lifecycle-audit/view/$auditId", 'user_restored');
|
||||
Router::redirect("admin/user-lifecycle-audit/view/$auditId");
|
||||
33
modules/audit/pages/admin/user-lifecycle-audit/view($id).php
Normal file
33
modules/audit/pages/admin/user-lifecycle-audit/view($id).php
Normal file
@@ -0,0 +1,33 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Buffer;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Module\Audit\AuditAuthorizationPolicy;
|
||||
use MintyPHP\Module\Audit\Domain\UserLifecycleAction;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\UiAccessService;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
Guard::requireAbility(AuditAuthorizationPolicy::ABILITY_USER_LIFECYCLE_VIEW);
|
||||
|
||||
$auditId = (int) ($id ?? 0);
|
||||
$auditService = app(\MintyPHP\Module\Audit\Service\UserLifecycleAuditService::class);
|
||||
$auditLog = $auditId > 0 ? $auditService->find($auditId) : null;
|
||||
if (!$auditLog) {
|
||||
Flash::error(t('Lifecycle audit entry not found'), 'admin/user-lifecycle-audit', 'user_lifecycle_audit_not_found');
|
||||
Router::redirect('admin/user-lifecycle-audit');
|
||||
}
|
||||
|
||||
$snapshot = null;
|
||||
if ((string) ($auditLog['action'] ?? '') === UserLifecycleAction::Delete->value) {
|
||||
$snapshot = $auditService->decryptSnapshot($auditLog);
|
||||
}
|
||||
$viewAuth['page'] = app(UiAccessService::class)->pageCapabilities(
|
||||
(int) ($session['user']['id'] ?? 0),
|
||||
['can_restore' => AuditAuthorizationPolicy::ABILITY_USER_LIFECYCLE_RESTORE]
|
||||
);
|
||||
|
||||
Buffer::set('title', t('View user lifecycle audit entry'));
|
||||
@@ -0,0 +1,213 @@
|
||||
<?php
|
||||
use MintyPHP\Domain\Taxonomy\UserLifecycleAction;
|
||||
use MintyPHP\Domain\Taxonomy\UserLifecycleStatus;
|
||||
use MintyPHP\Domain\Taxonomy\UserLifecycleTriggerType;
|
||||
|
||||
/**
|
||||
* @var array $auditLog
|
||||
* @var ?array $snapshot
|
||||
*/
|
||||
|
||||
use MintyPHP\Session;
|
||||
|
||||
$auditLog = $auditLog ?? [];
|
||||
$snapshot = is_array($snapshot ?? null) ? $snapshot : null;
|
||||
$status = UserLifecycleStatus::normalizeOr((string) ($auditLog['status'] ?? ''), UserLifecycleStatus::Failed);
|
||||
$statusVariant = $status->badgeVariant();
|
||||
|
||||
$action = UserLifecycleAction::normalizeOr((string) ($auditLog['action'] ?? ''), UserLifecycleAction::Deactivate);
|
||||
$triggerType = UserLifecycleTriggerType::normalizeOr((string) ($auditLog['trigger_type'] ?? ''), UserLifecycleTriggerType::System);
|
||||
$pageAuth = is_array($viewAuth['page'] ?? null) ? $viewAuth['page'] : [];
|
||||
$canRestore = (bool) ($pageAuth['can_restore'] ?? false);
|
||||
$isRestorable = $canRestore
|
||||
&& $action === UserLifecycleAction::Delete
|
||||
&& $status === UserLifecycleStatus::Success
|
||||
&& empty($auditLog['restored_at'])
|
||||
&& !empty($auditLog['snapshot_enc']);
|
||||
?>
|
||||
|
||||
<div class="app-details-container">
|
||||
<section>
|
||||
<?php
|
||||
$breadcrumbs = [
|
||||
['label' => t('Home'), 'path' => 'admin'],
|
||||
['label' => t('User lifecycle logs'), 'path' => 'admin/user-lifecycle-audit'],
|
||||
['label' => t('View')],
|
||||
];
|
||||
require templatePath('partials/app-breadcrumb.phtml');
|
||||
|
||||
$titlebar = [
|
||||
'title' => t('View user lifecycle audit entry'),
|
||||
'backHref' => 'admin/user-lifecycle-audit',
|
||||
'backTitle' => t('Back'),
|
||||
];
|
||||
require templatePath('partials/app-details-titlebar.phtml');
|
||||
?>
|
||||
|
||||
<div class="app-details-content">
|
||||
<details open>
|
||||
<summary><?php e(t('Lifecycle event')); ?></summary>
|
||||
<hr>
|
||||
<div class="grid">
|
||||
<div>
|
||||
<small><?php e(t('Created')); ?></small>
|
||||
<p><?php e(dt((string) ($auditLog['created_at'] ?? '')) ?: '-'); ?></p>
|
||||
</div>
|
||||
<div>
|
||||
<small><?php e(t('Status')); ?></small>
|
||||
<p><span class="badge" data-variant="<?php e($statusVariant); ?>"><?php e(t($status->labelToken())); ?></span></p>
|
||||
</div>
|
||||
</div>
|
||||
<div class="grid">
|
||||
<div>
|
||||
<small><?php e(t('Action')); ?></small>
|
||||
<p><?php e(t($action->labelToken())); ?></p>
|
||||
</div>
|
||||
<div>
|
||||
<small><?php e(t('Trigger')); ?></small>
|
||||
<p><?php e(t($triggerType->labelToken())); ?></p>
|
||||
</div>
|
||||
</div>
|
||||
<div class="grid">
|
||||
<div>
|
||||
<small><?php e(t('Reason code')); ?></small>
|
||||
<p><?php e((string) ($auditLog['reason_code'] ?? '') !== '' ? (string) $auditLog['reason_code'] : '-'); ?></p>
|
||||
</div>
|
||||
<div>
|
||||
<small><?php e(t('Run UUID')); ?></small>
|
||||
<p><?php e((string) ($auditLog['run_uuid'] ?? '') !== '' ? (string) $auditLog['run_uuid'] : '-'); ?></p>
|
||||
</div>
|
||||
</div>
|
||||
</details>
|
||||
|
||||
<hr>
|
||||
<details open>
|
||||
<summary><?php e(t('Target')); ?></summary>
|
||||
<hr>
|
||||
<div class="grid">
|
||||
<div>
|
||||
<small><?php e(t('Target UUID')); ?></small>
|
||||
<p><?php e((string) ($auditLog['target_user_uuid'] ?? '') !== '' ? (string) $auditLog['target_user_uuid'] : '-'); ?></p>
|
||||
</div>
|
||||
<div>
|
||||
<small><?php e(t('Target email')); ?></small>
|
||||
<p><?php e((string) ($auditLog['target_user_email'] ?? '') !== '' ? (string) $auditLog['target_user_email'] : '-'); ?></p>
|
||||
</div>
|
||||
</div>
|
||||
</details>
|
||||
|
||||
<hr>
|
||||
<details>
|
||||
<summary><?php e(t('Policy')); ?></summary>
|
||||
<hr>
|
||||
<div class="grid">
|
||||
<div>
|
||||
<small><?php e(t('Deactivate users after inactivity (days)')); ?></small>
|
||||
<p><?php e((string) ((int) ($auditLog['policy_deactivate_days'] ?? 0))); ?></p>
|
||||
</div>
|
||||
<div>
|
||||
<small><?php e(t('Delete inactive users after (days)')); ?></small>
|
||||
<p><?php e((string) ((int) ($auditLog['policy_delete_days'] ?? 0))); ?></p>
|
||||
</div>
|
||||
</div>
|
||||
</details>
|
||||
|
||||
<?php if ($snapshot !== null): ?>
|
||||
<hr>
|
||||
<details>
|
||||
<summary><?php e(t('Snapshot summary')); ?></summary>
|
||||
<hr>
|
||||
<div class="grid">
|
||||
<div>
|
||||
<small><?php e(t('First name')); ?></small>
|
||||
<p><?php e((string) ($snapshot['first_name'] ?? '') !== '' ? (string) $snapshot['first_name'] : '-'); ?></p>
|
||||
</div>
|
||||
<div>
|
||||
<small><?php e(t('Last name')); ?></small>
|
||||
<p><?php e((string) ($snapshot['last_name'] ?? '') !== '' ? (string) $snapshot['last_name'] : '-'); ?></p>
|
||||
</div>
|
||||
</div>
|
||||
<div class="grid">
|
||||
<div>
|
||||
<small><?php e(t('Email')); ?></small>
|
||||
<p><?php e((string) ($snapshot['email'] ?? '') !== '' ? (string) $snapshot['email'] : '-'); ?></p>
|
||||
</div>
|
||||
<div>
|
||||
<small><?php e(t('Locale')); ?></small>
|
||||
<p><?php e((string) ($snapshot['locale'] ?? '') !== '' ? (string) $snapshot['locale'] : '-'); ?></p>
|
||||
</div>
|
||||
</div>
|
||||
<div class="grid">
|
||||
<div>
|
||||
<small><?php e(t('Theme')); ?></small>
|
||||
<p><?php e((string) ($snapshot['theme'] ?? '') !== '' ? (string) $snapshot['theme'] : '-'); ?></p>
|
||||
</div>
|
||||
<div>
|
||||
<small><?php e(t('Snapshot version')); ?></small>
|
||||
<p><?php e((string) ((int) ($auditLog['snapshot_version'] ?? 1))); ?></p>
|
||||
</div>
|
||||
</div>
|
||||
</details>
|
||||
<?php endif; ?>
|
||||
|
||||
<hr>
|
||||
<details open>
|
||||
<summary><?php e(t('Restore status')); ?></summary>
|
||||
<hr>
|
||||
<div class="grid">
|
||||
<div>
|
||||
<small><?php e(t('Restored at')); ?></small>
|
||||
<p><?php e(dt((string) ($auditLog['restored_at'] ?? '')) ?: '-'); ?></p>
|
||||
</div>
|
||||
<div>
|
||||
<small><?php e(t('Restored by')); ?></small>
|
||||
<p><?php e((string) ($auditLog['restored_by_user_display_name'] ?? '') !== '' ? (string) $auditLog['restored_by_user_display_name'] : '-'); ?></p>
|
||||
</div>
|
||||
</div>
|
||||
<div>
|
||||
<small><?php e(t('Restored user')); ?></small>
|
||||
<p>
|
||||
<?php if (!empty($auditLog['restored_user_uuid'])): ?>
|
||||
<a href="admin/users/edit/<?php e((string) $auditLog['restored_user_uuid']); ?>">
|
||||
<?php e((string) ($auditLog['restored_user_display_name'] ?? $auditLog['restored_user_uuid'])); ?>
|
||||
</a>
|
||||
<?php else: ?>
|
||||
-
|
||||
<?php endif; ?>
|
||||
</p>
|
||||
</div>
|
||||
<?php if ($isRestorable): ?>
|
||||
<hr>
|
||||
<form method="post" action="admin/user-lifecycle-audit/restore/<?php e((string) ($auditLog['id'] ?? 0)); ?>">
|
||||
<?php Session::getCsrfInput(); ?>
|
||||
<button type="submit" class="warning" data-confirm-message="<?php e(t('Restore this user from lifecycle snapshot?')); ?>">
|
||||
<?php e(t('Restore user')); ?>
|
||||
</button>
|
||||
</form>
|
||||
<?php endif; ?>
|
||||
</details>
|
||||
</div>
|
||||
</section>
|
||||
|
||||
<aside id="app-details-aside-section">
|
||||
<div class="app-details-aside-section">
|
||||
<hgroup>
|
||||
<strong><?php e(t('User lifecycle logs')); ?></strong>
|
||||
<p><small><?php e((string) ($auditLog['run_uuid'] ?? '') !== '' ? (string) $auditLog['run_uuid'] : '-'); ?></small></p>
|
||||
</hgroup>
|
||||
<hr>
|
||||
<div>
|
||||
<small><?php e(t('ID')); ?></small>
|
||||
<p><span class="badge" data-variant="neutral"><?php e((string) ($auditLog['id'] ?? '-')); ?></span></p>
|
||||
</div>
|
||||
<div>
|
||||
<small><?php e(t('Status')); ?></small>
|
||||
<p><span class="badge" data-variant="<?php e($statusVariant); ?>"><?php e(t($status->labelToken())); ?></span></p>
|
||||
</div>
|
||||
<div>
|
||||
<small><?php e(t('Action')); ?></small>
|
||||
<p><?php e(t($action->labelToken())); ?></p>
|
||||
</div>
|
||||
</div>
|
||||
</aside>
|
||||
</div>
|
||||
Reference in New Issue
Block a user