gitea/nas
1
0
Fork 2
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 3

Add logging of admin actions (#5757)

Browse source 
* Add logging of admin actions

* Update brakeman whitelist

* Log creates, updates and destroys with history of changes

* i18n: Update Polish translation (#5782)

Signed-off-by: Marcin Mikołajczak <me@m4sk.in>

* Split admin navigation into moderation and administration

* Redesign audit log page

* 🇵🇱 (#5795)

* Add color coding to audit log

* Change dismiss->resolve, log all outcomes of report as resolve

* Update terminology (e-mail blacklist) (#5796)

* Update terminology (e-mail blacklist)

imho looks better

* Update en.yml

* Fix code style issues

* i18n-tasks normalize
This commit is contained in:
Eugen Rochko 2017-11-24 02:05:53 +01:00 committed by GitHub
parent 801eee0ff3
commit e84fecb7e9
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
34 changed files with 490 additions and 43 deletions
Download patch file Download diff file Expand all files Collapse all files

55
config/brakeman.ignore
View file

@ -7,10 +7,10 @@
"check_name": "LinkToHref",
"message": "Potentially unsafe model attribute in link_to href",
"file": "app/views/admin/accounts/show.html.haml",
"line": 122,
"line": 143,
"link": "http://brakemanscanner.org/docs/warning_types/link_to_href",
"code": "link_to(Account.find(params[:id]).inbox_url, Account.find(params[:id]).inbox_url)",
"render_path": [{"type":"controller","class":"Admin::AccountsController","method":"show","line":15,"file":"app/controllers/admin/accounts_controller.rb"}],
"render_path": [{"type":"controller","class":"Admin::AccountsController","method":"show","line":18,"file":"app/controllers/admin/accounts_controller.rb"}],
"location": {
"type": "template",
"template": "admin/accounts/show"
@ -26,10 +26,10 @@
"check_name": "LinkToHref",
"message": "Potentially unsafe model attribute in link_to href",
"file": "app/views/admin/accounts/show.html.haml",
"line": 128,
"line": 149,
"link": "http://brakemanscanner.org/docs/warning_types/link_to_href",
"code": "link_to(Account.find(params[:id]).shared_inbox_url, Account.find(params[:id]).shared_inbox_url)",
"render_path": [{"type":"controller","class":"Admin::AccountsController","method":"show","line":15,"file":"app/controllers/admin/accounts_controller.rb"}],
"render_path": [{"type":"controller","class":"Admin::AccountsController","method":"show","line":18,"file":"app/controllers/admin/accounts_controller.rb"}],
"location": {
"type": "template",
"template": "admin/accounts/show"
@ -45,10 +45,10 @@
"check_name": "LinkToHref",
"message": "Potentially unsafe model attribute in link_to href",
"file": "app/views/admin/accounts/show.html.haml",
"line": 35,
"line": 54,
"link": "http://brakemanscanner.org/docs/warning_types/link_to_href",
"code": "link_to(Account.find(params[:id]).url, Account.find(params[:id]).url)",
"render_path": [{"type":"controller","class":"Admin::AccountsController","method":"show","line":15,"file":"app/controllers/admin/accounts_controller.rb"}],
"render_path": [{"type":"controller","class":"Admin::AccountsController","method":"show","line":18,"file":"app/controllers/admin/accounts_controller.rb"}],
"location": {
"type": "template",
"template": "admin/accounts/show"
@ -76,6 +76,25 @@
"confidence": "Weak",
"note": ""
},
{
"warning_type": "Dynamic Render Path",
"warning_code": 15,
"fingerprint": "4b6a895e2805578d03ceedbe1d469cc75a0c759eba093722523edb4b8683c873",
"check_name": "Render",
"message": "Render path contains parameter value",
"file": "app/views/admin/action_logs/index.html.haml",
"line": 5,
"link": "http://brakemanscanner.org/docs/warning_types/dynamic_render_path/",
"code": "render(action => Admin::ActionLog.page(params[:page]), {})",
"render_path": [{"type":"controller","class":"Admin::ActionLogsController","method":"index","line":7,"file":"app/controllers/admin/action_logs_controller.rb"}],
"location": {
"type": "template",
"template": "admin/action_logs/index"
},
"user_input": "params[:page]",
"confidence": "Weak",
"note": ""
},
{
"warning_type": "Cross-Site Scripting",
"warning_code": 4,
@ -83,10 +102,10 @@
"check_name": "LinkToHref",
"message": "Potentially unsafe model attribute in link_to href",
"file": "app/views/admin/accounts/show.html.haml",
"line": 131,
"line": 152,
"link": "http://brakemanscanner.org/docs/warning_types/link_to_href",
"code": "link_to(Account.find(params[:id]).followers_url, Account.find(params[:id]).followers_url)",
"render_path": [{"type":"controller","class":"Admin::AccountsController","method":"show","line":15,"file":"app/controllers/admin/accounts_controller.rb"}],
"render_path": [{"type":"controller","class":"Admin::AccountsController","method":"show","line":18,"file":"app/controllers/admin/accounts_controller.rb"}],
"location": {
"type": "template",
"template": "admin/accounts/show"
@ -102,10 +121,10 @@
"check_name": "LinkToHref",
"message": "Potentially unsafe model attribute in link_to href",
"file": "app/views/admin/accounts/show.html.haml",
"line": 106,
"line": 127,
"link": "http://brakemanscanner.org/docs/warning_types/link_to_href",
"code": "link_to(Account.find(params[:id]).salmon_url, Account.find(params[:id]).salmon_url)",
"render_path": [{"type":"controller","class":"Admin::AccountsController","method":"show","line":15,"file":"app/controllers/admin/accounts_controller.rb"}],
"render_path": [{"type":"controller","class":"Admin::AccountsController","method":"show","line":18,"file":"app/controllers/admin/accounts_controller.rb"}],
"location": {
"type": "template",
"template": "admin/accounts/show"
@ -124,7 +143,7 @@
"line": 31,
"link": "http://brakemanscanner.org/docs/warning_types/dynamic_render_path/",
"code": "render(action => filtered_custom_emojis.eager_load(:local_counterpart).page(params[:page]), {})",
"render_path": [{"type":"controller","class":"Admin::CustomEmojisController","method":"index","line":9,"file":"app/controllers/admin/custom_emojis_controller.rb"}],
"render_path": [{"type":"controller","class":"Admin::CustomEmojisController","method":"index","line":10,"file":"app/controllers/admin/custom_emojis_controller.rb"}],
"location": {
"type": "template",
"template": "admin/custom_emojis/index"
@ -163,7 +182,7 @@
"line": 64,
"link": "http://brakemanscanner.org/docs/warning_types/dynamic_render_path/",
"code": "render(action => filtered_accounts.page(params[:page]), {})",
"render_path": [{"type":"controller","class":"Admin::AccountsController","method":"index","line":10,"file":"app/controllers/admin/accounts_controller.rb"}],
"render_path": [{"type":"controller","class":"Admin::AccountsController","method":"index","line":12,"file":"app/controllers/admin/accounts_controller.rb"}],
"location": {
"type": "template",
"template": "admin/accounts/index"
@ -179,10 +198,10 @@
"check_name": "LinkToHref",
"message": "Potentially unsafe model attribute in link_to href",
"file": "app/views/admin/accounts/show.html.haml",
"line": 95,
"line": 116,
"link": "http://brakemanscanner.org/docs/warning_types/link_to_href",
"code": "link_to(Account.find(params[:id]).remote_url, Account.find(params[:id]).remote_url)",
"render_path": [{"type":"controller","class":"Admin::AccountsController","method":"show","line":15,"file":"app/controllers/admin/accounts_controller.rb"}],
"render_path": [{"type":"controller","class":"Admin::AccountsController","method":"show","line":18,"file":"app/controllers/admin/accounts_controller.rb"}],
"location": {
"type": "template",
"template": "admin/accounts/show"
@ -221,7 +240,7 @@
"line": 25,
"link": "http://brakemanscanner.org/docs/warning_types/dynamic_render_path/",
"code": "render(action => filtered_reports.page(params[:page]), {})",
"render_path": [{"type":"controller","class":"Admin::ReportsController","method":"index","line":9,"file":"app/controllers/admin/reports_controller.rb"}],
"render_path": [{"type":"controller","class":"Admin::ReportsController","method":"index","line":10,"file":"app/controllers/admin/reports_controller.rb"}],
"location": {
"type": "template",
"template": "admin/reports/index"
@ -237,10 +256,10 @@
"check_name": "LinkToHref",
"message": "Potentially unsafe model attribute in link_to href",
"file": "app/views/admin/accounts/show.html.haml",
"line": 125,
"line": 146,
"link": "http://brakemanscanner.org/docs/warning_types/link_to_href",
"code": "link_to(Account.find(params[:id]).outbox_url, Account.find(params[:id]).outbox_url)",
"render_path": [{"type":"controller","class":"Admin::AccountsController","method":"show","line":15,"file":"app/controllers/admin/accounts_controller.rb"}],
"render_path": [{"type":"controller","class":"Admin::AccountsController","method":"show","line":18,"file":"app/controllers/admin/accounts_controller.rb"}],
"location": {
"type": "template",
"template": "admin/accounts/show"
@ -269,6 +288,6 @@
"note": ""
}
],
"updated": "2017-10-20 00:00:54 +0900",
"updated": "2017-11-19 20:34:18 +0100",
"brakeman_version": "4.0.1"
}

1
config/i18n-tasks.yml
View file

@ -60,3 +60,4 @@ ignore_unused:
- 'activerecord.errors.models.doorkeeper/*'
- 'errors.429'
- 'admin.accounts.roles.*'
- 'admin.action_logs.actions.*'

44
config/locales/en.yml
View file

@ -133,6 +133,32 @@ en:
unsubscribe: Unsubscribe
username: Username
web: Web
action_logs:
actions:
confirm_user: "%{name} confirmed e-mail address of user %{target}"
create_custom_emoji: "%{name} uploaded new emoji %{target}"
create_domain_block: "%{name} blocked domain %{target}"
create_email_domain_block: "%{name} blacklisted e-mail domain %{target}"
demote_user: "%{name} demoted user %{target}"
destroy_domain_block: "%{name} unblocked domain %{target}"
destroy_email_domain_block: "%{name} whitelisted e-mail domain %{target}"
destroy_status: "%{name} removed status by %{target}"
disable_2fa_user: "%{name} disabled two factor requirement for user %{target}"
disable_custom_emoji: "%{name} disabled emoji %{target}"
disable_user: "%{name} disabled login for user %{target}"
enable_custom_emoji: "%{name} enabled emoji %{target}"
enable_user: "%{name} enabled login for user %{target}"
memorialize_account: "%{name} turned %{target}'s account into a memoriam page"
promote_user: "%{name} promoted user %{target}"
reset_password_user: "%{name} reset password of user %{target}"
resolve_report: "%{name} dismissed report %{target}"
silence_account: "%{name} silenced %{target}'s account"
suspend_account: "%{name} suspended %{target}'s account"
unsilence_account: "%{name} unsilenced %{target}'s account"
unsuspend_account: "%{name} unsuspended %{target}'s account"
update_custom_emoji: "%{name} updated emoji %{target}"
update_status: "%{name} updated status by %{target}"
title: Audit log
custom_emojis:
copied_msg: Successfully created local copy of the emoji
copy: Copy
@ -187,24 +213,24 @@ en:
suspend: Unsuspend all existing accounts from this domain
title: Undo domain block for %{domain}
undo: Undo
title: Domain Blocks
title: Domain blocks
undo: Undo
email_domain_blocks:
add_new: Add new
created_msg: Email domain block successfully created
created_msg: Successfully added e-mail domain to blacklist
delete: Delete
destroyed_msg: Email domain block successfully deleted
destroyed_msg: Successfully deleted e-mail domain from blacklist
domain: Domain
new:
create: Create block
title: New email domain block
title: Email Domain Block
create: Add domain
title: New e-mail blacklist entry
title: E-mail blacklist
instances:
account_count: Known accounts
domain_name: Domain
reset: Reset
search: Search
title: Known Instances
title: Known instances
reports:
action_taken_by: Action taken by
are_you_sure: Are you sure?
@ -265,7 +291,7 @@ en:
timeline_preview:
desc_html: Display public timeline on landing page
title: Timeline preview
title: Site Settings
title: Site settings
statuses:
back_to_account: Back to account page
batch:
@ -404,6 +430,8 @@ en:
validations:
images_and_video: Cannot attach a video to a status that already contains images
too_many: Cannot attach more than 4 files
moderation:
title: Moderation
notification_mailer:
digest:
body: 'Here is a brief summary of what you missed on %{instance} since your last visit on %{since}:'

30
config/locales/pl.yml
View file

@ -49,6 +49,7 @@ pl:
reserved_username: Ta nazwa użytkownika jest zarezerwowana.
roles:
admin: Administrator
moderator: Moderator
unfollow: Przestań śledzić
admin:
account_moderation_notes:
@ -132,6 +133,32 @@ pl:
unsubscribe: Przestań subskrybować
username: Nazwa użytkownika
web: Sieć
action_logs:
actions:
confirm_user: "%{name} potwierdził adres e-mail użytkownika %{target}"
create_custom_emoji: "%{name} dodał nowe emoji %{target}"
create_domain_block: "%{name} zablokował domenę %{target}"
create_email_domain_block: "%{name} dodał domenę e-mail %{target} na czarną listę"
demote_user: "%{name} zdegradował użytkownika %{target}"
destroy_domain_block: "%{name} odblokował domenę %{target}"
destroy_email_domain_block: "%{name} usunął domenę e-mail %{target} z czarnej listy"
destroy_status: "%{name} usunął wpis użytkownika %{target}"
disable_2fa_user: "%{name} wyłączył uwierzytelnianie dwustopniowe użytkownikowi %{target}"
disable_custom_emoji: "%{name} wyłączył emoji %{target}"
disable_user: "%{name} zablokował możliwość logowania użytkownikowi %{target}"
enable_custom_emoji: "%{name} włączył emoji %{target}"
enable_user: "%{name} przywrócił możliwość logowania użytkownikowi %{target}"
memorialize_account: "%{name} nadał kontu %{target} status in memoriam"
promote_user: "%{name} podniósł uprawnienia użytkownikowi %{target}"
reset_password_user: "%{name} przywrócił hasło użytkownikowi %{target}"
resolve_report: "%{name} odrzucił zgłoszenie %{target}"
silence_account: "%{name} wyciszył konto %{target}"
suspend_account: "%{name} zawiesił konto %{target}"
unsilence_account: "%{name} cofnął wyciszenie konta %{target}"
unsuspend_account: "%{name} cofnął zawieszenie konta %{target}"
update_custom_emoji: "%{name} zaktualizował emoji %{target}"
update_status: "%{name} zaktualizował wpis użytkownika %{target}"
title: Dziennik działań administracyjnych
custom_emojis:
copied_msg: Pomyślnie utworzono lokalną kopię emoji
copy: Kopiuj
@ -148,6 +175,7 @@ pl:
listed: Widoczne
new:
title: Dodaj nowe niestandardowe emoji
overwrite: Zastąp
shortcode: Shortcode
shortcode_hint: Co najmniej 2 znaki, tylko znaki alfanumeryczne i podkreślniki
title: Niestandardowe emoji
@ -403,6 +431,8 @@ pl:
validations:
images_and_video: Nie możesz załączyć pliku wideo do wpisu, który zawiera już zdjęcia
too_many: Nie możesz załączyć więcej niż 4 plików
moderation:
title: Moderacja
notification_mailer:
digest:
body: 'Oto krótkie podsumowanie co Cię ominęło na %{instance} od Twojej ostatniej wizyty (%{since}):'

12
config/navigation.rb
View file

@ -20,17 +20,21 @@ SimpleNavigation::Configuration.run do |navigation|
development.item :your_apps, safe_join([fa_icon('list fw'), t('settings.your_apps')]), settings_applications_url, highlights_on: %r{/settings/applications}
end
primary.item :admin, safe_join([fa_icon('cogs fw'), t('admin.title')]), admin_reports_url, if: proc { current_user.staff? } do |admin|
primary.item :moderation, safe_join([fa_icon('gavel fw'), t('moderation.title')]), admin_reports_url, if: proc { current_user.staff? } do |admin|
admin.item :action_logs, safe_join([fa_icon('bars fw'), t('admin.action_logs.title')]), admin_action_logs_url
admin.item :reports, safe_join([fa_icon('flag fw'), t('admin.reports.title')]), admin_reports_url, highlights_on: %r{/admin/reports}
admin.item :accounts, safe_join([fa_icon('users fw'), t('admin.accounts.title')]), admin_accounts_url, highlights_on: %r{/admin/accounts}
admin.item :instances, safe_join([fa_icon('cloud fw'), t('admin.instances.title')]), admin_instances_url, highlights_on: %r{/admin/instances}, if: -> { current_user.admin? }
admin.item :subscriptions, safe_join([fa_icon('paper-plane-o fw'), t('admin.subscriptions.title')]), admin_subscriptions_url, if: -> { current_user.admin? }
admin.item :domain_blocks, safe_join([fa_icon('lock fw'), t('admin.domain_blocks.title')]), admin_domain_blocks_url, highlights_on: %r{/admin/domain_blocks}, if: -> { current_user.admin? }
admin.item :email_domain_blocks, safe_join([fa_icon('envelope fw'), t('admin.email_domain_blocks.title')]), admin_email_domain_blocks_url, highlights_on: %r{/admin/email_domain_blocks}, if: -> { current_user.admin? }
admin.item :sidekiq, safe_join([fa_icon('diamond fw'), 'Sidekiq']), sidekiq_url, link_html: { target: 'sidekiq' }, if: -> { current_user.admin? }
admin.item :pghero, safe_join([fa_icon('database fw'), 'PgHero']), pghero_url, link_html: { target: 'pghero' }, if: -> { current_user.admin? }
end
primary.item :admin, safe_join([fa_icon('cogs fw'), t('admin.title')]), edit_admin_settings_url, if: proc { current_user.staff? } do |admin|
admin.item :settings, safe_join([fa_icon('cogs fw'), t('admin.settings.title')]), edit_admin_settings_url, if: -> { current_user.admin? }
admin.item :custom_emojis, safe_join([fa_icon('smile-o fw'), t('admin.custom_emojis.title')]), admin_custom_emojis_url, highlights_on: %r{/admin/custom_emojis}
admin.item :subscriptions, safe_join([fa_icon('paper-plane-o fw'), t('admin.subscriptions.title')]), admin_subscriptions_url, if: -> { current_user.admin? }
admin.item :sidekiq, safe_join([fa_icon('diamond fw'), 'Sidekiq']), sidekiq_url, link_html: { target: 'sidekiq' }, if: -> { current_user.admin? }
admin.item :pghero, safe_join([fa_icon('database fw'), 'PgHero']), pghero_url, link_html: { target: 'pghero' }, if: -> { current_user.admin? }
end
primary.item :logout, safe_join([fa_icon('sign-out fw'), t('auth.logout')]), destroy_user_session_url, link_html: { 'data-method' => 'delete' }

1
config/routes.rb
View file

@ -110,6 +110,7 @@ Rails.application.routes.draw do
resources :subscriptions, only: [:index]
resources :domain_blocks, only: [:index, :new, :create, :show, :destroy]
resources :email_domain_blocks, only: [:index, :new, :create, :destroy]
resources :action_logs, only: [:index]
resource :settings, only: [:edit, :update]
resources :instances, only: [:index] do