2012-04-30 07:53:53 -07:00
|
|
|
CREATE TABLE {$NAMESPACE}_user.user_log (
|
Provide an activity log for login and administrative actions
Summary: This isn't complete, but I figured I'd ship it for review while it's still smallish.
Provide an activity log for high-level system actions (logins, admin actions). This basically allows two things to happen:
- The log itself is useful if there are shenanigans.
- Password login can check it and start CAPTCHA'ing users after a few failed attempts.
I'm going to change how the admin stuff works a little bit too, since right now you can make someone an agent, grab their certificate, revert them back to a normal user, and then act on their behalf over Conduit. This is a little silly, I'm going to move "agent" to the create workflow instead. I'll also add a confirm/email step to the administrative password reset flow.
Test Plan: Took various administrative and non-administrative actions, they appeared in the logs. Filtered the logs in a bunch of different ways.
Reviewers: jungejason, tuomaspelkonen, aran
CC:
Differential Revision: 302
2011-05-17 18:42:21 -07:00
|
|
|
id INT UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY,
|
|
|
|
actorPHID varchar(64) BINARY,
|
|
|
|
key(actorPHID, dateCreated),
|
|
|
|
userPHID varchar(64) BINARY NOT NULL,
|
|
|
|
key(userPHID, dateCreated),
|
|
|
|
action varchar(64) NOT NULL,
|
|
|
|
key(action, dateCreated),
|
|
|
|
oldValue LONGBLOB NOT NULL,
|
|
|
|
newValue LONGBLOB NOT NULL,
|
|
|
|
details LONGBLOB NOT NULL,
|
|
|
|
dateCreated INT UNSIGNED NOT NULL,
|
|
|
|
dateModified INT UNSIGNED NOT NULL,
|
|
|
|
key(dateCreated)
|
|
|
|
);
|
|
|
|
|
2012-04-30 07:53:53 -07:00
|
|
|
ALTER TABLE {$NAMESPACE}_user.user_log
|
Provide an activity log for login and administrative actions
Summary: This isn't complete, but I figured I'd ship it for review while it's still smallish.
Provide an activity log for high-level system actions (logins, admin actions). This basically allows two things to happen:
- The log itself is useful if there are shenanigans.
- Password login can check it and start CAPTCHA'ing users after a few failed attempts.
I'm going to change how the admin stuff works a little bit too, since right now you can make someone an agent, grab their certificate, revert them back to a normal user, and then act on their behalf over Conduit. This is a little silly, I'm going to move "agent" to the create workflow instead. I'll also add a confirm/email step to the administrative password reset flow.
Test Plan: Took various administrative and non-administrative actions, they appeared in the logs. Filtered the logs in a bunch of different ways.
Reviewers: jungejason, tuomaspelkonen, aran
CC:
Differential Revision: 302
2011-05-17 18:42:21 -07:00
|
|
|
ADD remoteAddr varchar(16) NOT NULL;
|
|
|
|
|
2012-04-30 07:53:53 -07:00
|
|
|
ALTER TABLE {$NAMESPACE}_user.user_log
|
Provide an activity log for login and administrative actions
Summary: This isn't complete, but I figured I'd ship it for review while it's still smallish.
Provide an activity log for high-level system actions (logins, admin actions). This basically allows two things to happen:
- The log itself is useful if there are shenanigans.
- Password login can check it and start CAPTCHA'ing users after a few failed attempts.
I'm going to change how the admin stuff works a little bit too, since right now you can make someone an agent, grab their certificate, revert them back to a normal user, and then act on their behalf over Conduit. This is a little silly, I'm going to move "agent" to the create workflow instead. I'll also add a confirm/email step to the administrative password reset flow.
Test Plan: Took various administrative and non-administrative actions, they appeared in the logs. Filtered the logs in a bunch of different ways.
Reviewers: jungejason, tuomaspelkonen, aran
CC:
Differential Revision: 302
2011-05-17 18:42:21 -07:00
|
|
|
ADD KEY (remoteAddr, dateCreated);
|
|
|
|
|
2012-04-30 07:53:53 -07:00
|
|
|
ALTER TABLE {$NAMESPACE}_user.user_log
|
Provide an activity log for login and administrative actions
Summary: This isn't complete, but I figured I'd ship it for review while it's still smallish.
Provide an activity log for high-level system actions (logins, admin actions). This basically allows two things to happen:
- The log itself is useful if there are shenanigans.
- Password login can check it and start CAPTCHA'ing users after a few failed attempts.
I'm going to change how the admin stuff works a little bit too, since right now you can make someone an agent, grab their certificate, revert them back to a normal user, and then act on their behalf over Conduit. This is a little silly, I'm going to move "agent" to the create workflow instead. I'll also add a confirm/email step to the administrative password reset flow.
Test Plan: Took various administrative and non-administrative actions, they appeared in the logs. Filtered the logs in a bunch of different ways.
Reviewers: jungejason, tuomaspelkonen, aran
CC:
Differential Revision: 302
2011-05-17 18:42:21 -07:00
|
|
|
ADD session varchar(40);
|
|
|
|
|
2012-04-30 07:53:53 -07:00
|
|
|
ALTER TABLE {$NAMESPACE}_user.user_log
|
Provide an activity log for login and administrative actions
Summary: This isn't complete, but I figured I'd ship it for review while it's still smallish.
Provide an activity log for high-level system actions (logins, admin actions). This basically allows two things to happen:
- The log itself is useful if there are shenanigans.
- Password login can check it and start CAPTCHA'ing users after a few failed attempts.
I'm going to change how the admin stuff works a little bit too, since right now you can make someone an agent, grab their certificate, revert them back to a normal user, and then act on their behalf over Conduit. This is a little silly, I'm going to move "agent" to the create workflow instead. I'll also add a confirm/email step to the administrative password reset flow.
Test Plan: Took various administrative and non-administrative actions, they appeared in the logs. Filtered the logs in a bunch of different ways.
Reviewers: jungejason, tuomaspelkonen, aran
CC:
Differential Revision: 302
2011-05-17 18:42:21 -07:00
|
|
|
ADD KEY (session, dateCreated);
|