From ed9b97d6c7dddb153b2e0178fd0bd0e8d6bf4f16 Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Thu, 7 Aug 2025 17:51:54 +0200
Subject: [syslog] Improve POSTs for audit logging
---
modules-available/syslog/api.inc.php | 1 +
modules-available/syslog/page.inc.php | 46 ++++++++++++----------
modules-available/syslog/templates/heading.html | 4 +-
.../syslog/templates/page-syslog.html | 2 +-
4 files changed, 29 insertions(+), 24 deletions(-)
(limited to 'modules-available')
diff --git a/modules-available/syslog/api.inc.php b/modules-available/syslog/api.inc.php
index d2fa4a85..c810feb7 100644
--- a/modules-available/syslog/api.inc.php
+++ b/modules-available/syslog/api.inc.php
@@ -21,6 +21,7 @@ if (($user = Request::post('export-user', false, 'string')) !== false) {
ORDER BY dateline ASC", ['user' => $user])];
}
echo "# Begin log\n";
+ // Interleave by dateline
for (;;) {
unset($best);
foreach ($srcs as &$src) {
diff --git a/modules-available/syslog/page.inc.php b/modules-available/syslog/page.inc.php
index bbc12e92..632e5e3f 100644
--- a/modules-available/syslog/page.inc.php
+++ b/modules-available/syslog/page.inc.php
@@ -14,31 +14,35 @@ class Page_SysLog extends Page
Message::addError('main.no-permission');
Util::redirect('?do=Main');
}
-
- if (($days = Request::post('anondays', false, 'int')) !== false) {
- User::assertPermission('configure-anonymization', NULL,'?do=syslog');
- if ($days < 0 || $days > 366) {
- Audit::overrideResponseCode(400);
- Message::addError('anon-days-out-of-range', $days);
- } else {
- Property::set(self::PROP_ANON_DAYS, $days);
- Message::addSuccess('anon-days-saved');
+ $action = Request::post('action', null, 'string');
+ if ($action !== null) {
+ if ($action === 'anondays') {
+ User::assertPermission('configure-anonymization', NULL,'?do=syslog');
+ $days = Request::post('anondays', 0, 'int');
+ if ($days < 0 || $days > 366) {
+ Audit::overrideResponseCode(400);
+ Message::addError('anon-days-out-of-range', $days);
+ } else {
+ Property::set(self::PROP_ANON_DAYS, $days);
+ Message::addSuccess('anon-days-saved');
+ }
+ Util::redirect('?do=syslog', 200);
}
- Util::redirect('?do=syslog');
- }
- if (Request::isPost()) {
- $pairs = [];
- foreach (['search', 'filter', 'not', 'machineuuid'] as $key) {
- $val = Request::any($key, false, 'string');
- if (!empty($val)) {
- if ($key === 'not') {
- $val = (bool)$val;
+
+ if ($action === 'filter') {
+ $pairs = [];
+ foreach (['search', 'filter', 'not', 'machineuuid'] as $key) {
+ $val = Request::any($key, false, 'string');
+ if (!empty($val)) {
+ if ($key === 'not') {
+ $val = (bool)$val;
+ }
+ $pairs[$key] = $val;
}
- $pairs[$key] = $val;
+ Session::set('log_' . $key, $pairs[$key] ?? false, false);
}
- Session::set('log_' . $key, $pairs[$key] ?? false, false);
+ Util::redirect('?do=syslog&' . http_build_query($pairs), 200);
}
- Util::redirect('?do=syslog&' . http_build_query($pairs));
}
User::assertPermission('*');
}
diff --git a/modules-available/syslog/templates/heading.html b/modules-available/syslog/templates/heading.html
index 8dd3d440..45e09a32 100644
--- a/modules-available/syslog/templates/heading.html
+++ b/modules-available/syslog/templates/heading.html
@@ -26,7 +26,7 @@
-
+
--
cgit v1.2.3-55-g7522