1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-11 16:16:14 +01:00
phorge-phorge/resources/sql/patches/039.userlog.sql
epriestley deb80b7652 Provide an activity log for login and administrative actions
Summary: This isn't complete, but I figured I'd ship it for review while it's still smallish.

Provide an activity log for high-level system actions (logins, admin actions). This basically allows two things to happen:

  - The log itself is useful if there are shenanigans.
  - Password login can check it and start CAPTCHA'ing users after a few failed attempts.

I'm going to change how the admin stuff works a little bit too, since right now you can make someone an agent, grab their certificate, revert them back to a normal user, and then act on their behalf over Conduit. This is a little silly, I'm going to move "agent" to the create workflow instead. I'll also add a confirm/email step to the administrative password reset flow.

Test Plan: Took various administrative and non-administrative actions, they appeared in the logs. Filtered the logs in a bunch of different ways.

Reviewers: jungejason, tuomaspelkonen, aran

CC:

Differential Revision: 302
2011-05-20 19:08:26 -07:00

27 lines
767 B
SQL

CREATE TABLE phabricator_user.user_log (
id INT UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY,
actorPHID varchar(64) BINARY,
key(actorPHID, dateCreated),
userPHID varchar(64) BINARY NOT NULL,
key(userPHID, dateCreated),
action varchar(64) NOT NULL,
key(action, dateCreated),
oldValue LONGBLOB NOT NULL,
newValue LONGBLOB NOT NULL,
details LONGBLOB NOT NULL,
dateCreated INT UNSIGNED NOT NULL,
dateModified INT UNSIGNED NOT NULL,
key(dateCreated)
);
ALTER TABLE phabricator_user.user_log
ADD remoteAddr varchar(16) NOT NULL;
ALTER TABLE phabricator_user.user_log
ADD KEY (remoteAddr, dateCreated);
ALTER TABLE phabricator_user.user_log
ADD session varchar(40);
ALTER TABLE phabricator_user.user_log
ADD KEY (session, dateCreated);