Mirrors/dolibarr
1
0
Fork 0
mirror of https://github.com/Dolibarr/dolibarr.git synced 2025-02-20 13:46:52 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add more info on audit event password renew

Browse Source
This commit is contained in:
Laurent Destailleur 2024-11-07 13:52:40 +01:00
parent fd7a766862
commit 9034703045
2 changed files with 13 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
htdocs/core/triggers/interface_20_all_Logevents.class.php
View File

@ -32,7 +32,9 @@ require_once DOL_DOCUMENT_ROOT.'/core/triggers/dolibarrtriggers.class.php';
*/
class InterfaceLogevents extends DolibarrTriggers
{
const EVENT_ACTION_DICT = array( // TODO reduce number of events to CREATE, UPDATE & DELETE. Use object properties to pinpoint precise action.
// List of translation key to use for the description of each event.
// TODO reduce this list of of events to use keep USER_CREATE, USER_MODIFY & USER_DELETE and use $user->context['audit'] = 'text to add' to complete message of event.
const EVENT_ACTION_DICT = array(
'USER_LOGIN' => 'UserLogged',
'USER_LOGIN_FAILED' => 'UserLoginFailed',
'USER_LOGOUT' => 'UserLogoff',
@ -108,6 +110,7 @@ class InterfaceLogevents extends DolibarrTriggers
dol_syslog("Trigger '" . $this->name . "' for action '$action' launched by " . __FILE__ . ". id=" . $object->id);
// Set the label of event from the action code and the object properties
// Take the message code into EVENT_ACTION_DICT and complete with $object properties like $object->context['audit']
$this->initEventData(InterfaceLogevents::EVENT_ACTION_DICT[$action], $object);
// Add entry in event table

10
htdocs/user/class/user.class.php
View File

@ -2528,13 +2528,15 @@ class User extends CommonObject
$this->oldcopy = clone $this;
}
$now = dol_now();
$this->db->begin();
$sql = "UPDATE ".$this->db->prefix()."user";
$sql .= " SET pass_crypted = '".$this->db->escape($password_crypted)."',";
$sql .= " pass_temp = null";
if (!empty($flagdelsessionsbefore)) {
$sql .= ", flagdelsessionsbefore = '".$this->db->idate(dol_now() - 5, 'gmt')."'";
$sql .= ", flagdelsessionsbefore = '".$this->db->idate($now - 5, 'gmt')."'";
}
if (getDolGlobalString('DATABASE_PWD_ENCRYPTED')) {
$sql .= ", pass = null";
@ -2574,6 +2576,12 @@ class User extends CommonObject
dol_syslog(get_class($this)."::setPassword notrigger=".$notrigger." error=".$error, LOG_DEBUG);
// Call trigger for the "security events" log
$user->context['audit'] = 'login='.$user->login;
if (!empty($flagdelsessionsbefore)) {
$user->context['audit'] .= ' - flagdelsessionsbefore set to '.$this->db->idate($now - 5, 'gmt');
}
if (!$error && !$notrigger) {
// Call trigger
$result = $this->call_trigger('USER_NEW_PASSWORD', $user);