phorge-phorge/src/applications/people/controller/PhabricatorPeopleLogsController.php

<?php

final class PhabricatorPeopleLogsController
  extends PhabricatorPeopleController {

  private $queryKey;

  public function willProcessRequest(array $data) {
    $this->queryKey = idx($data, 'queryKey');
  }

  public function processRequest() {
    $controller = id(new PhabricatorApplicationSearchController())
      ->setQueryKey($this->queryKey)
      ->setSearchEngine(new PhabricatorPeopleLogSearchEngine())
      ->setNavigation($this->buildSideNavView());

    return $this->delegateToController($controller);
  }

  public function buildSideNavView() {
    $nav = new AphrontSideNavFilterView();
    $nav->setBaseURI(new PhutilURI($this->getApplicationURI()));

    $viewer = $this->getRequest()->getUser();

    id(new PhabricatorPeopleLogSearchEngine())
      ->setViewer($viewer)
      ->addNavigationItems($nav->getMenu());

    return $nav;
  }

}
Provide an activity log for login and administrative actions Summary: This isn't complete, but I figured I'd ship it for review while it's still smallish. Provide an activity log for high-level system actions (logins, admin actions). This basically allows two things to happen: - The log itself is useful if there are shenanigans. - Password login can check it and start CAPTCHA'ing users after a few failed attempts. I'm going to change how the admin stuff works a little bit too, since right now you can make someone an agent, grab their certificate, revert them back to a normal user, and then act on their behalf over Conduit. This is a little silly, I'm going to move "agent" to the create workflow instead. I'll also add a confirm/email step to the administrative password reset flow. Test Plan: Took various administrative and non-administrative actions, they appeared in the logs. Filtered the logs in a bunch of different ways. Reviewers: jungejason, tuomaspelkonen, aran CC: Differential Revision: 302 2011-05-18 03:42:21 +02:00			`<?php`

Move activity log rendering to a dashboard panel Summary: Ref T4986. Swap this in. Two minor notes: - I adjusted the SearchEngine to add an additional constraint when the viewer isn't an admin. This mostly stops us from doing a bunch of unnecessary work. - I fixed the settings panel to paginate (currently loads all results, slow in production). Test Plan: Viewed logs; viewed settings panel; created a dashboard panel. Reviewers: btrahan Reviewed By: btrahan Subscribers: epriestley Maniphest Tasks: T4986 Differential Revision: https://secure.phabricator.com/D9136 2014-05-16 04:17:02 +02:00			`final class PhabricatorPeopleLogsController`
			`extends PhabricatorPeopleController {`
Provide an activity log for login and administrative actions Summary: This isn't complete, but I figured I'd ship it for review while it's still smallish. Provide an activity log for high-level system actions (logins, admin actions). This basically allows two things to happen: - The log itself is useful if there are shenanigans. - Password login can check it and start CAPTCHA'ing users after a few failed attempts. I'm going to change how the admin stuff works a little bit too, since right now you can make someone an agent, grab their certificate, revert them back to a normal user, and then act on their behalf over Conduit. This is a little silly, I'm going to move "agent" to the create workflow instead. I'll also add a confirm/email step to the administrative password reset flow. Test Plan: Took various administrative and non-administrative actions, they appeared in the logs. Filtered the logs in a bunch of different ways. Reviewers: jungejason, tuomaspelkonen, aran CC: Differential Revision: 302 2011-05-18 03:42:21 +02:00
Modernize user activity logs (ApplicationSearch, policies) Summary: Ref T4398. Ref T4842. I want to let users review their own account activity, partly as a general security measure and partly to make some of the multi-factor stuff easier to build and debug. To support this, implement modern policies and application search. I also removed the "old" and "new" columns from this output, since they had limited utility and revealed email addresses to administrators for some actions. We don't let administrators access email addresses from other UIs, and the value of doing so here seems very small. Test Plan: Used interface to issue a bunch of queries against user logs, got reasonable/expected results. Reviewers: btrahan Reviewed By: btrahan Subscribers: keir, epriestley Maniphest Tasks: T4842, T4398 Differential Revision: https://secure.phabricator.com/D8856 2014-04-28 02:31:35 +02:00			`private $queryKey;`
Provide an activity log for login and administrative actions Summary: This isn't complete, but I figured I'd ship it for review while it's still smallish. Provide an activity log for high-level system actions (logins, admin actions). This basically allows two things to happen: - The log itself is useful if there are shenanigans. - Password login can check it and start CAPTCHA'ing users after a few failed attempts. I'm going to change how the admin stuff works a little bit too, since right now you can make someone an agent, grab their certificate, revert them back to a normal user, and then act on their behalf over Conduit. This is a little silly, I'm going to move "agent" to the create workflow instead. I'll also add a confirm/email step to the administrative password reset flow. Test Plan: Took various administrative and non-administrative actions, they appeared in the logs. Filtered the logs in a bunch of different ways. Reviewers: jungejason, tuomaspelkonen, aran CC: Differential Revision: 302 2011-05-18 03:42:21 +02:00
Modernize user activity logs (ApplicationSearch, policies) Summary: Ref T4398. Ref T4842. I want to let users review their own account activity, partly as a general security measure and partly to make some of the multi-factor stuff easier to build and debug. To support this, implement modern policies and application search. I also removed the "old" and "new" columns from this output, since they had limited utility and revealed email addresses to administrators for some actions. We don't let administrators access email addresses from other UIs, and the value of doing so here seems very small. Test Plan: Used interface to issue a bunch of queries against user logs, got reasonable/expected results. Reviewers: btrahan Reviewed By: btrahan Subscribers: keir, epriestley Maniphest Tasks: T4842, T4398 Differential Revision: https://secure.phabricator.com/D8856 2014-04-28 02:31:35 +02:00			`public function willProcessRequest(array $data) {`
			`$this->queryKey = idx($data, 'queryKey');`
			`}`
Provide an activity log for login and administrative actions Summary: This isn't complete, but I figured I'd ship it for review while it's still smallish. Provide an activity log for high-level system actions (logins, admin actions). This basically allows two things to happen: - The log itself is useful if there are shenanigans. - Password login can check it and start CAPTCHA'ing users after a few failed attempts. I'm going to change how the admin stuff works a little bit too, since right now you can make someone an agent, grab their certificate, revert them back to a normal user, and then act on their behalf over Conduit. This is a little silly, I'm going to move "agent" to the create workflow instead. I'll also add a confirm/email step to the administrative password reset flow. Test Plan: Took various administrative and non-administrative actions, they appeared in the logs. Filtered the logs in a bunch of different ways. Reviewers: jungejason, tuomaspelkonen, aran CC: Differential Revision: 302 2011-05-18 03:42:21 +02:00
Modernize user activity logs (ApplicationSearch, policies) Summary: Ref T4398. Ref T4842. I want to let users review their own account activity, partly as a general security measure and partly to make some of the multi-factor stuff easier to build and debug. To support this, implement modern policies and application search. I also removed the "old" and "new" columns from this output, since they had limited utility and revealed email addresses to administrators for some actions. We don't let administrators access email addresses from other UIs, and the value of doing so here seems very small. Test Plan: Used interface to issue a bunch of queries against user logs, got reasonable/expected results. Reviewers: btrahan Reviewed By: btrahan Subscribers: keir, epriestley Maniphest Tasks: T4842, T4398 Differential Revision: https://secure.phabricator.com/D8856 2014-04-28 02:31:35 +02:00			`public function processRequest() {`
Decouple some aspects of request routing and construction Summary: Ref T5702. This is a forward-looking change which provides some very broad API improvements but does not implement them. In particular: - Controllers no longer require `$request` to construct. This is mostly for T5702, directly, but simplifies things in general. Instead, we call `setRequest()` before using a controller. Only a small number of sites activate controllers, so this is less code overall, and more consistent with most constructors not having any parameters or effects. - `$request` now offers `getURIData($key, ...)`. This is an alternate way of accessing `$data` which is currently only available on `willProcessRequest(array $data)`. Almost all controllers which implement this method do so in order to read one or two things out of the URI data. Instead, let them just read this data directly when processing the request. - Introduce `handleRequest(AphrontRequest $request)` and deprecate (very softly) `processRequest()`. The majority of `processRequest()` calls begin `$request = $this->getRequest()`, which is avoided with the more practical signature. - Provide `getViewer()` on `$request`, and a convenience `getViewer()` on `$controller`. This fixes `$viewer = $request->getUser();` into `$viewer = $request->getViewer();`, and converts the `$request + $viewer` two-liner into a single `$this->getViewer()`. Test Plan: - Browsed around in general. - Hit special controllers (redirect, 404). - Hit AuditList controller (uses new style). Reviewers: btrahan Reviewed By: btrahan Subscribers: epriestley Maniphest Tasks: T5702 Differential Revision: https://secure.phabricator.com/D10698 2014-10-17 14:01:40 +02:00			`$controller = id(new PhabricatorApplicationSearchController())`
Modernize user activity logs (ApplicationSearch, policies) Summary: Ref T4398. Ref T4842. I want to let users review their own account activity, partly as a general security measure and partly to make some of the multi-factor stuff easier to build and debug. To support this, implement modern policies and application search. I also removed the "old" and "new" columns from this output, since they had limited utility and revealed email addresses to administrators for some actions. We don't let administrators access email addresses from other UIs, and the value of doing so here seems very small. Test Plan: Used interface to issue a bunch of queries against user logs, got reasonable/expected results. Reviewers: btrahan Reviewed By: btrahan Subscribers: keir, epriestley Maniphest Tasks: T4842, T4398 Differential Revision: https://secure.phabricator.com/D8856 2014-04-28 02:31:35 +02:00			`->setQueryKey($this->queryKey)`
			`->setSearchEngine(new PhabricatorPeopleLogSearchEngine())`
			`->setNavigation($this->buildSideNavView());`
Provide an activity log for login and administrative actions Summary: This isn't complete, but I figured I'd ship it for review while it's still smallish. Provide an activity log for high-level system actions (logins, admin actions). This basically allows two things to happen: - The log itself is useful if there are shenanigans. - Password login can check it and start CAPTCHA'ing users after a few failed attempts. I'm going to change how the admin stuff works a little bit too, since right now you can make someone an agent, grab their certificate, revert them back to a normal user, and then act on their behalf over Conduit. This is a little silly, I'm going to move "agent" to the create workflow instead. I'll also add a confirm/email step to the administrative password reset flow. Test Plan: Took various administrative and non-administrative actions, they appeared in the logs. Filtered the logs in a bunch of different ways. Reviewers: jungejason, tuomaspelkonen, aran CC: Differential Revision: 302 2011-05-18 03:42:21 +02:00
Modernize user activity logs (ApplicationSearch, policies) Summary: Ref T4398. Ref T4842. I want to let users review their own account activity, partly as a general security measure and partly to make some of the multi-factor stuff easier to build and debug. To support this, implement modern policies and application search. I also removed the "old" and "new" columns from this output, since they had limited utility and revealed email addresses to administrators for some actions. We don't let administrators access email addresses from other UIs, and the value of doing so here seems very small. Test Plan: Used interface to issue a bunch of queries against user logs, got reasonable/expected results. Reviewers: btrahan Reviewed By: btrahan Subscribers: keir, epriestley Maniphest Tasks: T4842, T4398 Differential Revision: https://secure.phabricator.com/D8856 2014-04-28 02:31:35 +02:00			`return $this->delegateToController($controller);`
			`}`
Provide an activity log for login and administrative actions Summary: This isn't complete, but I figured I'd ship it for review while it's still smallish. Provide an activity log for high-level system actions (logins, admin actions). This basically allows two things to happen: - The log itself is useful if there are shenanigans. - Password login can check it and start CAPTCHA'ing users after a few failed attempts. I'm going to change how the admin stuff works a little bit too, since right now you can make someone an agent, grab their certificate, revert them back to a normal user, and then act on their behalf over Conduit. This is a little silly, I'm going to move "agent" to the create workflow instead. I'll also add a confirm/email step to the administrative password reset flow. Test Plan: Took various administrative and non-administrative actions, they appeared in the logs. Filtered the logs in a bunch of different ways. Reviewers: jungejason, tuomaspelkonen, aran CC: Differential Revision: 302 2011-05-18 03:42:21 +02:00
Modernize user activity logs (ApplicationSearch, policies) Summary: Ref T4398. Ref T4842. I want to let users review their own account activity, partly as a general security measure and partly to make some of the multi-factor stuff easier to build and debug. To support this, implement modern policies and application search. I also removed the "old" and "new" columns from this output, since they had limited utility and revealed email addresses to administrators for some actions. We don't let administrators access email addresses from other UIs, and the value of doing so here seems very small. Test Plan: Used interface to issue a bunch of queries against user logs, got reasonable/expected results. Reviewers: btrahan Reviewed By: btrahan Subscribers: keir, epriestley Maniphest Tasks: T4842, T4398 Differential Revision: https://secure.phabricator.com/D8856 2014-04-28 02:31:35 +02:00			`public function buildSideNavView() {`
			`$nav = new AphrontSideNavFilterView();`
			`$nav->setBaseURI(new PhutilURI($this->getApplicationURI()));`
Modernize People application Summary: Move to application navigation, make it possible to get to /logs/ from the navigation. Test Plan: Hit all interfaces, verified email. Reviewers: btrahan, vrana Reviewed By: btrahan CC: aran Maniphest Tasks: T1569, T631 Differential Revision: https://secure.phabricator.com/D3261 2012-08-14 00:27:21 +02:00
Modernize user activity logs (ApplicationSearch, policies) Summary: Ref T4398. Ref T4842. I want to let users review their own account activity, partly as a general security measure and partly to make some of the multi-factor stuff easier to build and debug. To support this, implement modern policies and application search. I also removed the "old" and "new" columns from this output, since they had limited utility and revealed email addresses to administrators for some actions. We don't let administrators access email addresses from other UIs, and the value of doing so here seems very small. Test Plan: Used interface to issue a bunch of queries against user logs, got reasonable/expected results. Reviewers: btrahan Reviewed By: btrahan Subscribers: keir, epriestley Maniphest Tasks: T4842, T4398 Differential Revision: https://secure.phabricator.com/D8856 2014-04-28 02:31:35 +02:00			`$viewer = $this->getRequest()->getUser();`

			`id(new PhabricatorPeopleLogSearchEngine())`
			`->setViewer($viewer)`
			`->addNavigationItems($nav->getMenu());`

			`return $nav;`
Provide an activity log for login and administrative actions Summary: This isn't complete, but I figured I'd ship it for review while it's still smallish. Provide an activity log for high-level system actions (logins, admin actions). This basically allows two things to happen: - The log itself is useful if there are shenanigans. - Password login can check it and start CAPTCHA'ing users after a few failed attempts. I'm going to change how the admin stuff works a little bit too, since right now you can make someone an agent, grab their certificate, revert them back to a normal user, and then act on their behalf over Conduit. This is a little silly, I'm going to move "agent" to the create workflow instead. I'll also add a confirm/email step to the administrative password reset flow. Test Plan: Took various administrative and non-administrative actions, they appeared in the logs. Filtered the logs in a bunch of different ways. Reviewers: jungejason, tuomaspelkonen, aran CC: Differential Revision: 302 2011-05-18 03:42:21 +02:00			`}`
Modernize user activity logs (ApplicationSearch, policies) Summary: Ref T4398. Ref T4842. I want to let users review their own account activity, partly as a general security measure and partly to make some of the multi-factor stuff easier to build and debug. To support this, implement modern policies and application search. I also removed the "old" and "new" columns from this output, since they had limited utility and revealed email addresses to administrators for some actions. We don't let administrators access email addresses from other UIs, and the value of doing so here seems very small. Test Plan: Used interface to issue a bunch of queries against user logs, got reasonable/expected results. Reviewers: btrahan Reviewed By: btrahan Subscribers: keir, epriestley Maniphest Tasks: T4842, T4398 Differential Revision: https://secure.phabricator.com/D8856 2014-04-28 02:31:35 +02:00
Provide an activity log for login and administrative actions Summary: This isn't complete, but I figured I'd ship it for review while it's still smallish. Provide an activity log for high-level system actions (logins, admin actions). This basically allows two things to happen: - The log itself is useful if there are shenanigans. - Password login can check it and start CAPTCHA'ing users after a few failed attempts. I'm going to change how the admin stuff works a little bit too, since right now you can make someone an agent, grab their certificate, revert them back to a normal user, and then act on their behalf over Conduit. This is a little silly, I'm going to move "agent" to the create workflow instead. I'll also add a confirm/email step to the administrative password reset flow. Test Plan: Took various administrative and non-administrative actions, they appeared in the logs. Filtered the logs in a bunch of different ways. Reviewers: jungejason, tuomaspelkonen, aran CC: Differential Revision: 302 2011-05-18 03:42:21 +02:00			`}`