pht('Login'), self::ACTION_LOGIN_FAILURE => pht('Login Failure'), self::ACTION_LOGOUT => pht('Logout'), self::ACTION_RESET_PASSWORD => pht('Reset Password'), self::ACTION_CREATE => pht('Create Account'), self::ACTION_EDIT => pht('Edit Account'), self::ACTION_ADMIN => pht('Add/Remove Administrator'), self::ACTION_SYSTEM_AGENT => pht('Add/Remove System Agent'), self::ACTION_DISABLE => pht('Enable/Disable'), self::ACTION_APPROVE => pht('Approve Registration'), self::ACTION_DELETE => pht('Delete User'), self::ACTION_CONDUIT_CERTIFICATE => pht('Conduit: Read Certificate'), self::ACTION_CONDUIT_CERTIFICATE_FAILURE => pht('Conduit: Read Certificate Failure'), self::ACTION_EMAIL_PRIMARY => pht('Email: Change Primary'), self::ACTION_EMAIL_ADD => pht('Email: Add Address'), self::ACTION_EMAIL_REMOVE => pht('Email: Remove Address'), self::ACTION_CHANGE_PASSWORD => pht('Change Password'), self::ACTION_CHANGE_USERNAME => pht('Change Username'), ); } public static function initializeNewLog( PhabricatorUser $actor = null, $object_phid, $action) { $log = new PhabricatorUserLog(); if ($actor) { $log->setActorPHID($actor->getPHID()); if ($actor->hasSession()) { $session = $actor->getSession(); // NOTE: This is a hash of the real session value, so it's safe to // store it directly in the logs. $log->setSession($session->getSessionKey()); } } $log->setUserPHID((string)$object_phid); $log->setAction($action); $log->remoteAddr = idx($_SERVER, 'REMOTE_ADDR', ''); return $log; } public static function loadRecentEventsFromThisIP($action, $timespan) { return id(new PhabricatorUserLog())->loadAllWhere( 'action = %s AND remoteAddr = %s AND dateCreated > %d ORDER BY dateCreated DESC', $action, idx($_SERVER, 'REMOTE_ADDR'), time() - $timespan); } public function save() { $this->details['host'] = php_uname('n'); $this->details['user_agent'] = AphrontRequest::getHTTPHeader('User-Agent'); return parent::save(); } public function getConfiguration() { return array( self::CONFIG_SERIALIZATION => array( 'oldValue' => self::SERIALIZATION_JSON, 'newValue' => self::SERIALIZATION_JSON, 'details' => self::SERIALIZATION_JSON, ), ) + parent::getConfiguration(); } /* -( PhabricatorPolicyInterface )----------------------------------------- */ public function getCapabilities() { return array( PhabricatorPolicyCapability::CAN_VIEW, ); } public function getPolicy($capability) { switch ($capability) { case PhabricatorPolicyCapability::CAN_VIEW: return PhabricatorPolicies::POLICY_NOONE; } } public function hasAutomaticCapability($capability, PhabricatorUser $viewer) { if ($viewer->getIsAdmin()) { return true; } $viewer_phid = $viewer->getPHID(); if ($viewer_phid) { $user_phid = $this->getUserPHID(); if ($viewer_phid == $user_phid) { return true; } $actor_phid = $this->getActorPHID(); if ($viewer_phid == $actor_phid) { return true; } } return false; } public function describeAutomaticCapability($capability) { return array( pht('Users can view their activity and activity that affects them.'), pht('Administrators can always view all activity.'), ); } }