major update

This commit is contained in:
2026-03-04 15:56:58 +01:00
parent 16759a2732
commit 8f4dd5840d
478 changed files with 24313 additions and 8201 deletions

View File

@@ -1,44 +1,23 @@
<?php
use MintyPHP\Router;
use MintyPHP\Service\Access\OperationsAuthorizationPolicy;
use MintyPHP\Support\Guard;
use MintyPHP\Service\Access\PermissionService;
use MintyPHP\Service\Audit\AuditServicesFactory;
Guard::requireLogin();
Guard::requirePermissionOrForbidden(PermissionService::API_AUDIT_VIEW);
Guard::requireAbilityOrForbidden(OperationsAuthorizationPolicy::ABILITY_ADMIN_API_AUDIT_VIEW);
gridRequireGetRequest();
if (strtoupper((string) ($_SERVER['REQUEST_METHOD'] ?? 'GET')) !== 'GET') {
http_response_code(405);
Router::json(['error' => 'method_not_allowed']);
}
$filters = gridParseFiltersFromSchemaFile(__DIR__ . '/filter-schema.php');
$factory = new AuditServicesFactory();
$result = $factory->createApiAuditService()->listPaged([
'limit' => (int) ($_GET['limit'] ?? 20),
'offset' => (int) ($_GET['offset'] ?? 0),
'search' => trim((string) ($_GET['search'] ?? '')),
'status' => trim((string) ($_GET['status'] ?? '')),
'method' => trim((string) ($_GET['method'] ?? '')),
'created_from' => trim((string) ($_GET['created_from'] ?? '')),
'created_to' => trim((string) ($_GET['created_to'] ?? '')),
'tenant_id' => (int) ($_GET['tenant_id'] ?? 0),
'user_id' => (int) ($_GET['user_id'] ?? 0),
'order' => (string) ($_GET['order'] ?? 'created_at'),
'dir' => (string) ($_GET['dir'] ?? 'desc'),
]);
$result = app(\MintyPHP\Service\Audit\ApiAuditService::class)->listPaged($filters);
$rows = [];
foreach ($result['rows'] as $row) {
$statusCode = (int) ($row['status_code'] ?? 0);
$statusBadge = 'neutral';
if ($statusCode >= 200 && $statusCode < 300) {
$statusBadge = 'success';
} elseif ($statusCode >= 400 && $statusCode < 500) {
$statusBadge = 'warning';
} elseif ($statusCode >= 500) {
$statusBadge = 'danger';
}
$statusBadge = gridResolveBadgeVariant(
$statusCode >= 500 ? '5xx' : ($statusCode >= 400 ? '4xx' : ($statusCode >= 200 ? '2xx' : 'other')),
['2xx' => 'success', '4xx' => 'warning', '5xx' => 'danger']
);
$userLabel = trim((string) ($row['user_display_name'] ?? ''));
$userEmail = trim((string) ($row['user_email'] ?? ''));
@@ -66,7 +45,4 @@ foreach ($result['rows'] as $row) {
];
}
Router::json([
'data' => $rows,
'total' => (int) ($result['total'] ?? 0),
]);
gridJsonDataResult($rows, (int) ($result['total'] ?? 0));

View File

@@ -0,0 +1,93 @@
<?php
return gridFilterSchema([
'query' => [
'limit' => ['type' => 'int', 'default' => 20, 'min' => 1, 'max' => 200],
'offset' => ['type' => 'int', 'default' => 0, 'min' => 0],
'search' => ['type' => 'string'],
'status' => ['type' => 'string'],
'method' => ['type' => 'enum', 'allowed' => ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'HEAD', 'OPTIONS'], 'default' => ''],
'created_from' => ['type' => 'date'],
'created_to' => ['type' => 'date'],
'tenant_ids' => ['type' => 'csv_ids', 'max' => 200],
'user_ids' => ['type' => 'csv_ids', 'max' => 200],
'order' => ['type' => 'order', 'allowed' => ['created_at', 'status_code', 'method', 'path', 'duration_ms'], 'default' => 'created_at'],
'dir' => ['type' => 'dir', 'default' => 'desc'],
],
'toolbar' => [
[
'key' => 'search',
'type' => 'text',
'label' => 'Search',
'placeholder' => 'Search...',
'input_id' => 'api-audit-search',
'search' => true,
'query' => ['type' => 'string'],
],
[
'key' => 'status',
'type' => 'select',
'label' => 'Status',
'input_id' => 'api-audit-status-filter',
'default' => '',
'allowed' => [
['id' => '', 'description' => 'All statuses'],
['id' => '2xx', 'description' => '2xx', 'translate' => false],
['id' => '4xx', 'description' => '4xx', 'translate' => false],
['id' => '5xx', 'description' => '5xx', 'translate' => false],
['id' => '401', 'description' => '401', 'translate' => false],
['id' => '403', 'description' => '403', 'translate' => false],
['id' => '404', 'description' => '404', 'translate' => false],
['id' => '422', 'description' => '422', 'translate' => false],
['id' => '500', 'description' => '500', 'translate' => false],
],
],
[
'key' => 'method',
'type' => 'select',
'label' => 'Method',
'input_id' => 'api-audit-method-filter',
'default' => '',
'allowed' => [
['id' => '', 'description' => 'All methods'],
['id' => 'GET', 'description' => 'GET', 'translate' => false],
['id' => 'POST', 'description' => 'POST', 'translate' => false],
['id' => 'PUT', 'description' => 'PUT', 'translate' => false],
['id' => 'PATCH', 'description' => 'PATCH', 'translate' => false],
['id' => 'DELETE', 'description' => 'DELETE', 'translate' => false],
],
],
[
'key' => 'created_from',
'type' => 'date',
'label' => 'Created from',
'input_id' => 'api-audit-created-from',
],
[
'key' => 'created_to',
'type' => 'date',
'label' => 'Created to',
'input_id' => 'api-audit-created-to',
],
[
'key' => 'tenant_ids',
'type' => 'multi_csv',
'label' => 'Tenants',
'placeholder' => 'Select tenants',
'input_id' => 'api-audit-tenant-ids-filter',
'options_key' => 'tenant_items',
'default' => [],
'query' => ['type' => 'csv_ids', 'max' => 200, 'return' => 'array'],
],
[
'key' => 'user_ids',
'type' => 'multi_csv',
'label' => 'Users',
'placeholder' => 'Select users',
'input_id' => 'api-audit-user-ids-filter',
'options_key' => 'user_items',
'default' => [],
'query' => ['type' => 'csv_ids', 'max' => 200, 'return' => 'array'],
],
],
]);

View File

@@ -1,12 +1,158 @@
<?php
use MintyPHP\Buffer;
use MintyPHP\Service\Access\UiCapabilityMap;
use MintyPHP\Service\Access\UiAccessService;
use MintyPHP\Service\Audit\ApiAuditService;
use MintyPHP\Support\Guard;
use MintyPHP\Service\Access\PermissionService;
Guard::requireLogin();
Guard::requirePermission(PermissionService::API_AUDIT_VIEW);
Guard::requireAbility(\MintyPHP\Service\Access\OperationsAuthorizationPolicy::ABILITY_ADMIN_API_AUDIT_VIEW);
$viewAuth['page'] = app(UiAccessService::class)->pageCapabilities(
(int) ($_SESSION['user']['id'] ?? 0),
UiCapabilityMap::PAGE_AUDIT_PURGE
);
Buffer::set('title', t('API audit logs'));
Buffer::set('grid_lang', json_encode(gridLang(), JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES));
$filterSchema = require __DIR__ . '/filter-schema.php';
$filterState = gridParseFilters(requestInput()->queryAll(), [
...gridSchemaQuery($filterSchema),
'tenant_ids' => ['type' => 'csv_ids', 'max' => 200, 'return' => 'array'],
'user_ids' => ['type' => 'csv_ids', 'max' => 200, 'return' => 'array'],
]);
$filterOptions = app(ApiAuditService::class)->filterOptions(200);
$activeTenantIds = array_map('strval', is_array($filterState['tenant_ids'] ?? null) ? $filterState['tenant_ids'] : []);
$activeUserIds = array_map('strval', is_array($filterState['user_ids'] ?? null) ? $filterState['user_ids'] : []);
$apiAuditTenantItems = [];
foreach ((array) ($filterOptions['tenants'] ?? []) as $tenantOption) {
if (!is_array($tenantOption)) {
continue;
}
$tenantId = (int) ($tenantOption['id'] ?? 0);
if ($tenantId <= 0) {
continue;
}
$tenantLabel = trim((string) ($tenantOption['description'] ?? ''));
$tenantExists = (bool) ($tenantOption['exists'] ?? false);
if ($tenantLabel === '') {
$tenantLabel = $tenantExists
? sprintf(t('Tenant #%d'), $tenantId)
: sprintf(t('Tenant #%d (deleted)'), $tenantId);
}
$id = (string) $tenantId;
$apiAuditTenantItems[$id] = [
'id' => $id,
'description' => $tenantLabel,
];
}
foreach ($activeTenantIds as $tenantId) {
if (!isset($apiAuditTenantItems[$tenantId])) {
$apiAuditTenantItems[$tenantId] = [
'id' => $tenantId,
'description' => sprintf(t('Tenant #%d (deleted)'), (int) $tenantId),
];
}
}
$apiAuditTenantItems = array_values($apiAuditTenantItems);
$apiAuditUserItems = [];
foreach ((array) ($filterOptions['users'] ?? []) as $userOption) {
if (!is_array($userOption)) {
continue;
}
$userId = (int) ($userOption['id'] ?? 0);
if ($userId <= 0) {
continue;
}
$userDisplayName = trim((string) ($userOption['display_name'] ?? ''));
$userEmail = trim((string) ($userOption['email'] ?? ''));
$userExists = (bool) ($userOption['exists'] ?? false);
$userLabel = $userDisplayName !== '' ? $userDisplayName : $userEmail;
if ($userLabel === '') {
$userLabel = $userExists
? sprintf(t('User #%d'), $userId)
: sprintf(t('User #%d (deleted)'), $userId);
}
$id = (string) $userId;
$apiAuditUserItems[$id] = [
'id' => $id,
'description' => $userLabel,
];
}
foreach ($activeUserIds as $userId) {
if (!isset($apiAuditUserItems[$userId])) {
$apiAuditUserItems[$userId] = [
'id' => $userId,
'description' => sprintf(t('User #%d (deleted)'), (int) $userId),
];
}
}
$apiAuditUserItems = array_values($apiAuditUserItems);
$toolbarFilterState = [
'search' => (string) ($filterState['search'] ?? ''),
'status' => (string) ($filterState['status'] ?? ''),
'method' => (string) ($filterState['method'] ?? ''),
'created_from' => (string) ($filterState['created_from'] ?? ''),
'created_to' => (string) ($filterState['created_to'] ?? ''),
'tenant_ids' => $activeTenantIds,
'user_ids' => $activeUserIds,
];
$toolbarOptionSets = [
'tenant_items' => $apiAuditTenantItems,
'user_items' => $apiAuditUserItems,
];
$listFilterContext = gridBuildListFilterContext($filterSchema, [
'filter_state' => $filterState,
'search_keys' => ['search'],
'toolbar_state_overrides' => $toolbarFilterState,
'toolbar_option_sets' => $toolbarOptionSets,
]);
$toolbarFilterSchema = $listFilterContext['toolbarFilterSchema'];
$toolbarFilterState = $listFilterContext['toolbarFilterState'];
$searchToolbarFilterSchema = $listFilterContext['searchToolbarFilterSchema'];
$drawerToolbarFilterSchema = $listFilterContext['drawerToolbarFilterSchema'];
$schemaByKey = $listFilterContext['schemaByKey'];
$toolbarOptionSets = $listFilterContext['toolbarOptionSets'];
$filterChipMeta = [
'search' => [
'label' => t('Search'),
'type' => 'text',
],
'status' => [
'label' => t('Status'),
'type' => 'select',
'default' => (string) (($schemaByKey['status']['default'] ?? '')),
'options' => gridOptionMapFromAllowed((array) ($schemaByKey['status'] ?? [])),
],
'method' => [
'label' => t('Method'),
'type' => 'select',
'default' => (string) (($schemaByKey['method']['default'] ?? '')),
'options' => gridOptionMapFromAllowed((array) ($schemaByKey['method'] ?? [])),
],
'tenant_ids' => [
'label' => t('Tenants'),
'type' => 'multi_csv',
'options' => gridOptionMapFromItems($apiAuditTenantItems),
],
'user_ids' => [
'label' => t('Users'),
'type' => 'multi_csv',
'options' => gridOptionMapFromItems($apiAuditUserItems),
],
'created_range' => [
'label' => t('Created'),
'type' => 'date_range',
'from_param' => 'created_from',
'to_param' => 'created_to',
],
];
$clientFilterSchema = $listFilterContext['clientFilterSchema'];
$searchConfig = $listFilterContext['searchConfig'];

View File

@@ -1,9 +1,14 @@
<?php
use MintyPHP\Session;
$canPurgeApiAudit = can('settings.update');
$pageAuth = is_array($viewAuth['page'] ?? null) ? $viewAuth['page'] : [];
$canPurgeApiAudit = (bool) ($pageAuth['can_purge'] ?? false);
$toolbarFilterSchema = is_array($toolbarFilterSchema ?? null) ? $toolbarFilterSchema : [];
$searchToolbarFilterSchema = is_array($searchToolbarFilterSchema ?? null) ? $searchToolbarFilterSchema : [];
$drawerToolbarFilterSchema = is_array($drawerToolbarFilterSchema ?? null) ? $drawerToolbarFilterSchema : [];
$toolbarFilterState = is_array($toolbarFilterState ?? null) ? $toolbarFilterState : [];
$toolbarOptionSets = is_array($toolbarOptionSets ?? null) ? $toolbarOptionSets : [];
$filterChipMeta = is_array($filterChipMeta ?? null) ? $filterChipMeta : [];
$clientFilterSchema = is_array($clientFilterSchema ?? null) ? $clientFilterSchema : [];
$searchConfig = is_array($searchConfig ?? null) ? $searchConfig : null;
?>
<?php
$breadcrumbs = [
@@ -12,94 +17,42 @@ $breadcrumbs = [
];
require templatePath('partials/app-breadcrumb.phtml');
?>
<div class="app-list-titlebar">
<h1><?php e(t('API audit logs')); ?></h1>
<div class="app-list-titlebar-actions">
<?php if ($canPurgeApiAudit): ?>
<form id="api-audit-purge-form" method="post" action="admin/api-audit/purge">
<?php Session::getCsrfInput(); ?>
</form>
<button
type="submit"
form="api-audit-purge-form"
class="outline secondary"
onclick="return confirm('<?php e(t('Purge entries older than 90 days?')); ?>');"
>
<i class="bi bi-trash"></i> <?php e(t('Purge API audit logs')); ?>
</button>
<?php endif; ?>
<button
class="outline secondary"
type="button"
data-toolbar-toggle
data-toolbar-target="#api-audit-toolbar"
data-toolbar-text-show="<?php e(t('Show filters')); ?>"
data-toolbar-text-hide="<?php e(t('Hide filters')); ?>"
>
<i class="bi bi-funnel-fill"></i> <span data-toolbar-label><?php e(t('Hide filters')); ?></span>
</button>
</div>
</div>
<div class="app-list-toolbar" id="api-audit-toolbar">
<label class="app-field">
<span><?php e(t('Search')); ?></span>
<input type="search" id="api-audit-search" placeholder="<?php e(t('Search...')); ?>">
</label>
<label class="app-field">
<span><?php e(t('Status')); ?></span>
<select id="api-audit-status-filter">
<option value=""><?php e(t('All statuses')); ?></option>
<option value="2xx">2xx</option>
<option value="4xx">4xx</option>
<option value="5xx">5xx</option>
<option value="401">401</option>
<option value="403">403</option>
<option value="404">404</option>
<option value="422">422</option>
<option value="500">500</option>
</select>
</label>
<label class="app-field">
<span><?php e(t('Method')); ?></span>
<select id="api-audit-method-filter">
<option value=""><?php e(t('All methods')); ?></option>
<option value="GET">GET</option>
<option value="POST">POST</option>
<option value="PUT">PUT</option>
<option value="PATCH">PATCH</option>
<option value="DELETE">DELETE</option>
</select>
</label>
<label class="app-field">
<span><?php e(t('Created from')); ?></span>
<input type="date" id="api-audit-created-from">
</label>
<label class="app-field">
<span><?php e(t('Created to')); ?></span>
<input type="date" id="api-audit-created-to">
</label>
<label class="app-field">
<span><?php e(t('Tenant ID')); ?></span>
<input type="number" id="api-audit-tenant-id" min="1" step="1">
</label>
<label class="app-field">
<span><?php e(t('User ID')); ?></span>
<input type="number" id="api-audit-user-id" min="1" step="1">
</label>
</div>
<?php
$listTitle = t('API audit logs');
ob_start();
?>
<?php
$listPurgeEnabled = $canPurgeApiAudit;
$listPurgeFormId = 'api-audit-purge-form';
$listPurgeAction = 'admin/api-audit/purge';
$listPurgeConfirmMessage = t('Purge entries older than 90 days?');
$listPurgeButtonLabel = t('Purge API audit logs');
require templatePath('partials/app-list-purge-action.phtml');
?>
<?php
$listTitleActionsHtml = ob_get_clean();
require templatePath('partials/app-list-titlebar.phtml');
?>
<?php
$filterUiNamespace = 'api-audit';
require templatePath('partials/app-list-filters.phtml');
?>
<div class="app-list-table">
<div id="api-audit-grid"></div>
</div>
<script src="<?php e(asset('vendor/gridjs/gridjs.umd.js')); ?>"></script>
<script type="module">
import { createServerGrid } from "<?php e(assetVersion('js/core/app-grid-factory.js')); ?>";
import { getAppBase } from "<?php e(asset('js/pages/app-list-utils.js')); ?>";
import { initStandardListPage } from "<?php e(assetVersion('js/core/app-grid-factory.js')); ?>";
import { getAppBase } from "<?php e(assetVersion('js/pages/app-list-utils.js')); ?>";
const appBase = getAppBase();
const gridSearch = <?php gridJsonForJs($searchConfig); ?>;
const filterSchema = <?php gridJsonForJs($clientFilterSchema); ?>;
const filterChipMeta = <?php gridJsonForJs($filterChipMeta); ?>;
const initApiAuditGrid = () => {
const gridConfig = createServerGrid({
const gridOptions = {
gridjs: window.gridjs,
container: '#api-audit-grid',
dataUrl: 'admin/api-audit/data',
@@ -207,45 +160,8 @@ require templatePath('partials/app-breadcrumb.phtml');
actions: {
enabled: false
},
search: {
input: '#api-audit-search',
param: 'search',
debounce: 250
},
filters: [
{
input: '#api-audit-status-filter',
param: 'status'
},
{
input: '#api-audit-method-filter',
param: 'method'
},
{
input: '#api-audit-created-from',
param: 'created_from'
},
{
input: '#api-audit-created-to',
param: 'created_to'
},
{
input: '#api-audit-tenant-id',
param: 'tenant_id',
normalize: (value) => {
const n = Number(value);
return Number.isInteger(n) && n > 0 ? String(n) : '';
}
},
{
input: '#api-audit-user-id',
param: 'user_id',
normalize: (value) => {
const n = Number(value);
return Number.isInteger(n) && n > 0 ? String(n) : '';
}
}
],
search: gridSearch,
filterSchema,
urlSync: true,
rowDblClick: {
getUrl: (rowData) => {
@@ -253,13 +169,19 @@ require templatePath('partials/app-breadcrumb.phtml');
return id ? new URL(`admin/api-audit/view/${id}`, appBase).toString() : '';
}
}
};
const { gridConfig } = initStandardListPage({
grid: gridOptions,
filters: {
mode: 'drawer',
chipMeta: filterChipMeta,
watchInputs: ['#api-audit-search']
}
});
if (!gridConfig || !gridConfig.grid) {
console.warn('API audit grid init failed');
return null;
}
return gridConfig;
};

View File

@@ -4,21 +4,20 @@ use MintyPHP\Router;
use MintyPHP\Session;
use MintyPHP\Support\Flash;
use MintyPHP\Support\Guard;
use MintyPHP\Service\Access\PermissionService;
use MintyPHP\Service\Audit\AuditServicesFactory;
Guard::requireLogin();
Guard::requirePermission(PermissionService::SETTINGS_UPDATE);
Guard::requireAbility(\MintyPHP\Service\Access\SettingsAuthorizationPolicy::ABILITY_ADMIN_SETTINGS_UPDATE);
if (strtoupper((string) ($_SERVER['REQUEST_METHOD'] ?? 'GET')) !== 'POST') {
if (strtoupper((string) (requestInput()->method())) !== 'POST') {
Router::redirect('admin/api-audit');
}
$errorBag = formErrors();
if (!Session::checkCsrfToken()) {
Flash::error(t('Form expired, please try again'), 'admin/api-audit', 'api_audit_csrf');
$errorBag->addGlobal(t('Form expired, please try again'));
flashFormErrors($errorBag, 'admin/api-audit', 'api_audit');
Router::redirect('admin/api-audit');
}
$factory = new AuditServicesFactory();
$deleted = $factory->createApiAuditService()->purgeExpired();
$deleted = app(\MintyPHP\Service\Audit\ApiAuditService::class)->purgeExpired();
Flash::success(sprintf(t('%d API audit entries purged'), $deleted), 'admin/api-audit', 'api_audit_purged');
Router::redirect('admin/api-audit');

View File

@@ -4,15 +4,12 @@ use MintyPHP\Buffer;
use MintyPHP\Router;
use MintyPHP\Support\Flash;
use MintyPHP\Support\Guard;
use MintyPHP\Service\Access\PermissionService;
use MintyPHP\Service\Audit\AuditServicesFactory;
Guard::requireLogin();
Guard::requirePermission(PermissionService::API_AUDIT_VIEW);
Guard::requireAbility(\MintyPHP\Service\Access\OperationsAuthorizationPolicy::ABILITY_ADMIN_API_AUDIT_VIEW);
$auditId = (int) ($id ?? 0);
$factory = new AuditServicesFactory();
$auditLog = $auditId > 0 ? $factory->createApiAuditService()->find($auditId) : null;
$auditLog = $auditId > 0 ? app(\MintyPHP\Service\Audit\ApiAuditService::class)->find($auditId) : null;
if (!$auditLog) {
Flash::error('API audit entry not found', 'admin/api-audit', 'api_audit_not_found');
Router::redirect('admin/api-audit');