diff --git a/communityadmin.go b/communityadmin.go index a1e1a9f..df3a43f 100644 --- a/communityadmin.go +++ b/communityadmin.go @@ -219,7 +219,8 @@ func EditCommunityProfile(ctxt ui.AmContext) (string, any) { err = comm.SetProfileData(ctxt.Ctx(), dlg.Field("name").Value, dlg.Field("alias").Value, dlg.Field("synopsis").ValPtr(), dlg.Field("rules").ValPtr(), dlg.Field("language").ValPtr(), joinkey, dlg.Field("membersonly").IsChecked(), hidedir, hidesearch, dlg.Field("read_lvl").GetLevel(), dlg.Field("write_lvl").GetLevel(), - dlg.Field("create_lvl").GetLevel(), dlg.Field("delete_lvl").GetLevel(), dlg.Field("join_lvl").GetLevel()) + dlg.Field("create_lvl").GetLevel(), dlg.Field("delete_lvl").GetLevel(), dlg.Field("join_lvl").GetLevel(), + ctxt.CurrentUser(), ctxt.RemoteIP()) } if err == nil { flags.Set(database.CommunityFlagPicturesInPosts, dlg.Field("pic_in_post").IsChecked()) diff --git a/conferenceadmin.go b/conferenceadmin.go index f535d64..809d3f5 100644 --- a/conferenceadmin.go +++ b/conferenceadmin.go @@ -108,7 +108,7 @@ func EditConference(ctxt ui.AmContext) (string, any) { if err = dlg.Validate(); err == nil { if err = conf.SetInfo(ctxt.Ctx(), dlg.Field("name").Value, dlg.Field("descr").Value, dlg.Field("read_lvl").GetLevel(), dlg.Field("post_lvl").GetLevel(), dlg.Field("create_lvl").GetLevel(), dlg.Field("hide_lvl").GetLevel(), dlg.Field("nuke_lvl").GetLevel(), dlg.Field("change_lvl").GetLevel(), - dlg.Field("delete_lvl").GetLevel()); err == nil { + dlg.Field("delete_lvl").GetLevel(), ctxt.CurrentUser(), comm, ctxt.RemoteIP()); err == nil { if err = conf.SetHiddenInList(ctxt.Ctx(), comm, dlg.Field("hide").IsChecked()); err == nil { var flags *util.OptionSet flags, err = conf.Flags(ctxt.Ctx()) diff --git a/database/community.go b/database/community.go index e7444a5..9a40f6b 100644 --- a/database/community.go +++ b/database/community.go @@ -464,7 +464,7 @@ func (c *Community) SaveFlags(ctx context.Context, f *util.OptionSet) error { // SetProfileData sets all the "settable" profile data func (c *Community) SetProfileData(ctx context.Context, name string, alias string, synopsis *string, rules *string, language *string, joinkey *string, membersonly bool, hideDirectory bool, hideSearch bool, read_lvl uint16, write_lvl uint16, - create_lvl uint16, delete_lvl uint16, join_lvl uint16) error { + create_lvl uint16, delete_lvl uint16, join_lvl uint16, u *User, ipaddr string) error { c.Mutex.Lock() defer c.Mutex.Unlock() _, err := amdb.ExecContext(ctx, `UPDATE communities SET commname = ?, alias = ?, synopsis = ?, rules = ?, language = ?, @@ -473,6 +473,24 @@ func (c *Community) SetProfileData(ctx context.Context, name string, alias strin name, alias, synopsis, rules, language, joinkey, membersonly, hideDirectory, hideSearch, read_lvl, write_lvl, create_lvl, delete_lvl, join_lvl, c.Id) if err == nil { + if name != c.Name { + AmStoreAudit(AmNewCommAudit(AuditCommunityName, u.Uid, c.Id, ipaddr, fmt.Sprintf("name=%s", name))) + } + if alias != c.Alias { + AmStoreAudit(AmNewCommAudit(AuditCommunityAlias, u.Uid, c.Id, ipaddr, fmt.Sprintf("alias=%s", alias))) + } + if (hideDirectory != c.HideFromDirectory) || (hideSearch != c.HideFromSearch) { + AmStoreAudit(AmNewCommAudit(AuditCommunityHideInfo, u.Uid, c.Id, ipaddr, fmt.Sprintf("directory=%t, search=%t", hideDirectory, hideSearch))) + } + if membersonly != c.MembersOnly { + AmStoreAudit(AmNewCommAudit(AuditCommunityMembersOnly, u.Uid, c.Id, ipaddr, fmt.Sprintf("flag=%t", membersonly))) + } + if joinkey != c.JoinKey { + AmStoreAudit(AmNewCommAudit(AuditCommunityJoinKey, u.Uid, c.Id, ipaddr)) + } + if (read_lvl != c.ReadLevel) || (write_lvl != c.WriteLevel) || (create_lvl != c.CreateLevel) || (delete_lvl != c.DeleteLevel) || (join_lvl != c.JoinLevel) { + AmStoreAudit(AmNewCommAudit(AuditCommunitySecurity, u.Uid, c.Id, ipaddr)) + } c.Name = name c.Alias = alias c.Synopsis = synopsis diff --git a/database/conference.go b/database/conference.go index 1f9cb1e..9c78824 100644 --- a/database/conference.go +++ b/database/conference.go @@ -457,7 +457,8 @@ func (c *Conference) Link(ctx context.Context, scope string) (string, error) { } // SetInfo sets the name, pseud, and security levels on a conference. -func (c *Conference) SetInfo(ctx context.Context, name, descr string, read_lvl, post_lvl, create_lvl, hide_lvl, nuke_lvl, change_lvl, delete_lvl uint16) error { +func (c *Conference) SetInfo(ctx context.Context, name, descr string, read_lvl, post_lvl, create_lvl, hide_lvl, nuke_lvl, change_lvl, delete_lvl uint16, + u *User, comm *Community, ipaddr string) error { c.Mutex.Lock() defer c.Mutex.Unlock() _, err := amdb.ExecContext(ctx, `UPDATE confs SET name = ?, descr = ?, read_lvl = ?, post_lvl = ?, create_lvl = ?, @@ -470,6 +471,19 @@ func (c *Conference) SetInfo(ctx context.Context, name, descr string, read_lvl, if len(tmp) != 1 { err = errors.New("internal error rereading conference") } else { + if c.Name != tmp[0].Name { + AmStoreAudit(AmNewCommAudit(AuditConferenceName, u.Uid, comm.Id, ipaddr, fmt.Sprintf("confid=%d", c.ConfId), fmt.Sprintf("name='%s'", tmp[0].Name))) + } + deltaSecurity := false + if (c.ReadLevel != tmp[0].ReadLevel) || (c.PostLevel != tmp[0].PostLevel) || (c.CreateLevel != tmp[0].CreateLevel) || (c.HideLevel != tmp[0].HideLevel) { + deltaSecurity = true + } + if (c.NukeLevel != tmp[0].NukeLevel) || (c.ChangeLevel != tmp[0].ChangeLevel) || (c.DeleteLevel != tmp[0].DeleteLevel) { + deltaSecurity = true + } + if deltaSecurity { + AmStoreAudit(AmNewCommAudit(AuditConferenceSecurity, u.Uid, comm.Id, ipaddr, fmt.Sprintf("confid=%d", c.ConfId))) + } c.Name = tmp[0].Name c.Description = tmp[0].Description c.ReadLevel = tmp[0].ReadLevel diff --git a/database/contactinfo.go b/database/contactinfo.go index 0f0fa63..f6da0d2 100644 --- a/database/contactinfo.go +++ b/database/contactinfo.go @@ -194,6 +194,8 @@ func (ci *ContactInfo) Save(ctx context.Context, changer *User, ipaddr string) ( if changer.Uid != ci.OwnerUid { AmStoreAudit(AmNewAudit(AuditAdminSetUserContactInfo, changer.Uid, ipaddr, fmt.Sprintf("uid=%d", ci.OwnerUid), fmt.Sprintf("contactid=%d", ci.ContactId))) } + } else { + AmStoreAudit(AmNewCommAudit(AuditCommunityContactInfo, changer.Uid, ci.OwnerCommId, ipaddr, fmt.Sprintf("contactid=%d", ci.ContactId))) } return emailChange, err }