aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorrtz12 <koenig@fagott.pw>2016-10-11 18:53:22 (UTC)
committerrtz12 <koenig@fagott.pw>2016-10-11 18:53:22 (UTC)
commitfbd746aef8c78067593f901afb0f255574392499 (patch)
tree10b91eabfc5696d5e0fe27f1649bd72b9ed461e5
parentbf51b2e4a035a988b9e9cef737966846c619dace (diff)
NSA implementiert
-rw-r--r--.gitignore1
-rw-r--r--Makefile6
-rwxr-xr-xbin/generate-events38
-rw-r--r--eventlogging/eventlogger.go18
-rw-r--r--eventlogging/events.txt8
-rw-r--r--eventlogging/types.go52
-rw-r--r--grilist/grilist.go20
-rw-r--r--main.go12
-rw-r--r--modules/grils/grils.go5
-rw-r--r--modules/lists/lists.go72
10 files changed, 226 insertions, 6 deletions
diff --git a/.gitignore b/.gitignore
index 76e7090..5d77737 100644
--- a/.gitignore
+++ b/.gitignore
@@ -5,6 +5,7 @@ node_modules/
5package.json 5package.json
6.npm_update 6.npm_update
7*.d 7*.d
8eventlogging/events.go
8 9
9#Gebuildete Dateien 10#Gebuildete Dateien
10assets/js/* 11assets/js/*
diff --git a/Makefile b/Makefile
index fbef6fa..452e1d5 100644
--- a/Makefile
+++ b/Makefile
@@ -12,7 +12,7 @@ LESSC := ./node_modules/less/bin/lessc
12 12
13-include $(DEPFILES) 13-include $(DEPFILES)
14 14
15all: $(CSS_FILES) $(LESS_FILES) $(JS_FILES) 15all: $(CSS_FILES) $(LESS_FILES) $(JS_FILES) eventlogging/events.go
16 16
17print_info: 17print_info:
18 @echo $(CSS_FILES) 18 @echo $(CSS_FILES)
@@ -45,12 +45,16 @@ assets/js/%.js: assets_src/js/%.js assets_src/js/%.d .babelrc .npm_update
45 @echo browserify $< -o $@ 45 @echo browserify $< -o $@
46 @$(BROWSERIFY) --debug $< -o $@ -t babelify 46 @$(BROWSERIFY) --debug $< -o $@ -t babelify
47 47
48eventlogging/events.go: eventlogging/events.txt
49 @./bin/generate-events < $< > $@
50
48clean: 51clean:
49 -rm -- $(CSS_FILES) 52 -rm -- $(CSS_FILES)
50 -rm -- $(LESS_FILES) 53 -rm -- $(LESS_FILES)
51 -rm -- $(JS_FILES) 54 -rm -- $(JS_FILES)
52 -rm -- $(DEPFILES) 55 -rm -- $(DEPFILES)
53 -rm -- importer 56 -rm -- importer
57 -rm -- eventlogging/events.go
54 58
55superclean: clean 59superclean: clean
56 -rm -- .npm_update 60 -rm -- .npm_update
diff --git a/bin/generate-events b/bin/generate-events
new file mode 100755
index 0000000..c4a0c1c
--- /dev/null
+++ b/bin/generate-events
@@ -0,0 +1,38 @@
1#!/bin/bash
2events=$(cat)
3echo 'package eventlogging
4/*
5 * THIS FILE IS AUTOGENERATED
6 * DO NOT EDIT MANUALLY!!!
7 */
8
9import (
10 "fagott.pw/charakterin"
11)
12
13'
14
15echo "var Events = []string{"
16while read event
17do
18 cat <<EOT
19 "$event",
20EOT
21done <<<"$events"
22echo '}
23'
24
25while read event
26do
27 funcName=$(sed -r 's/(^|_)(.)([^_]*)/\2\L\3/g' <<<$event)
28 cat <<EOT
29func (l *EventLogger) ${funcName}(user *charakterin.User, data ${funcName}Data) {
30 if user != nil {
31 data.User = user.Name
32 data.UserAgent = user.Agent
33 }
34 l.base.Log("$event", data)
35}
36
37EOT
38done <<<"$events"
diff --git a/eventlogging/eventlogger.go b/eventlogging/eventlogger.go
new file mode 100644
index 0000000..e5a1b2b
--- /dev/null
+++ b/eventlogging/eventlogger.go
@@ -0,0 +1,18 @@
1package eventlogging
2
3import "fagott.pw/nsa"
4
5type EventLoggerData struct {
6 User string `json:"user"`
7 UserAgent string `json:"userAgent"`
8}
9
10type EventLogger struct {
11 base *nsa.Logger
12}
13
14func NewEventLogger(ip string) *EventLogger {
15 return &EventLogger{
16 base: nsa.NewLogger(ip),
17 }
18}
diff --git a/eventlogging/events.txt b/eventlogging/events.txt
new file mode 100644
index 0000000..0e170dc
--- /dev/null
+++ b/eventlogging/events.txt
@@ -0,0 +1,8 @@
1VIEW_GRIL
2VIEW_LIST
3CREATE_LIST
4ADD_GRIL_TO_LIST
5DELETE_GRIL_FROM_LIST
6DELETE_LIST
7EDIT_LIST
8CHANGE_GRIL_ORDER
diff --git a/eventlogging/types.go b/eventlogging/types.go
new file mode 100644
index 0000000..96d0ce0
--- /dev/null
+++ b/eventlogging/types.go
@@ -0,0 +1,52 @@
1package eventlogging
2
3type ViewGrilData struct {
4 EventLoggerData
5 GrilID int
6}
7
8type ViewListData struct {
9 EventLoggerData
10 ListID int
11}
12
13type CreateListData struct {
14 EventLoggerData
15 ListID int
16 Name string
17 Description string
18}
19
20type AddGrilToListData struct {
21 EventLoggerData
22 GrilID int
23 ListID int
24}
25
26type DeleteGrilFromListData struct {
27 EventLoggerData
28 ListID int
29 GrilID int
30}
31
32type DeleteListData struct {
33 EventLoggerData
34 ListID int
35}
36
37type EditListData struct {
38 EventLoggerData
39 ListID int
40 OldName string
41 OldDescription string
42 NewName string
43 NewDescription string
44}
45
46type ChangeGrilOrderData struct {
47 EventLoggerData
48 ListID int
49 GrilID int
50 OldOrder int
51 NewOrder int
52}
diff --git a/grilist/grilist.go b/grilist/grilist.go
index f9a79b2..aebe45c 100644
--- a/grilist/grilist.go
+++ b/grilist/grilist.go
@@ -2,8 +2,13 @@ package grilist
2 2
3import ( 3import (
4 "database/sql" 4 "database/sql"
5 "log"
6 "net"
7 "net/http"
8 "strings"
5 9
6 "fagott.pw/charakterin" 10 "fagott.pw/charakterin"
11 "fagott.pw/grilist/eventlogging"
7 "fagott.pw/grilist/frontend" 12 "fagott.pw/grilist/frontend"
8 13
9 "github.com/julienschmidt/httprouter" 14 "github.com/julienschmidt/httprouter"
@@ -20,6 +25,21 @@ type Grilist struct {
20 Router *httprouter.Router 25 Router *httprouter.Router
21} 26}
22 27
28func (g *Grilist) EventLogger(r *http.Request) *eventlogging.EventLogger {
29 forwardedIPs := strings.Split(r.Header.Get("X-Forwarded-For"), ", ")
30 ip := r.RemoteAddr
31 if len(forwardedIPs) > 0 && forwardedIPs[0] != "" {
32 ip = forwardedIPs[0]
33 }
34 host, _, err := net.SplitHostPort(ip)
35 if err != nil {
36 log.Printf("Could not split IP %s\n", ip)
37 log.Println(err)
38 host = "0.0.0.0"
39 }
40 return eventlogging.NewEventLogger(host)
41}
42
23// Module ist ein Modul für Grilist. 43// Module ist ein Modul für Grilist.
24type Module interface { 44type Module interface {
25 Init(*Grilist) 45 Init(*Grilist)
diff --git a/main.go b/main.go
index 68a9ede..e1c06e6 100644
--- a/main.go
+++ b/main.go
@@ -5,8 +5,10 @@ import (
5 "fmt" 5 "fmt"
6 "log" 6 "log"
7 "net/http" 7 "net/http"
8 "strings"
8 9
9 "fagott.pw/charakterin" 10 "fagott.pw/charakterin"
11 "fagott.pw/grilist/eventlogging"
10 "fagott.pw/grilist/frontend" 12 "fagott.pw/grilist/frontend"
11 "fagott.pw/grilist/grilist" 13 "fagott.pw/grilist/grilist"
12 "fagott.pw/grilist/modules/grils" 14 "fagott.pw/grilist/modules/grils"
@@ -14,8 +16,7 @@ import (
14 "fagott.pw/grilist/modules/search" 16 "fagott.pw/grilist/modules/search"
15 "fagott.pw/grilist/modules/tags" 17 "fagott.pw/grilist/modules/tags"
16 "fagott.pw/grilist/modules/user" 18 "fagott.pw/grilist/modules/user"
17 19 "fagott.pw/nsa"
18 "strings"
19 20
20 "github.com/julienschmidt/httprouter" 21 "github.com/julienschmidt/httprouter"
21 _ "github.com/lib/pq" 22 _ "github.com/lib/pq"
@@ -52,6 +53,13 @@ func main() {
52 53
53 log.Println("database connection established") 54 log.Println("database connection established")
54 55
56 if err := nsa.Init(db); err != nil {
57 panic(err)
58 }
59 if err := nsa.SetEvents(eventlogging.Events); err != nil {
60 panic(err)
61 }
62
55 renderer := frontend.New("views") 63 renderer := frontend.New("views")
56 login := charakterin.New(db) 64 login := charakterin.New(db)
57 login.UseRenderer(renderer) 65 login.UseRenderer(renderer)
diff --git a/modules/grils/grils.go b/modules/grils/grils.go
index 4913e11..debb77b 100644
--- a/modules/grils/grils.go
+++ b/modules/grils/grils.go
@@ -11,6 +11,7 @@ import (
11 11
12 "fagott.pw/charakterin" 12 "fagott.pw/charakterin"
13 "fagott.pw/grilist/cache" 13 "fagott.pw/grilist/cache"
14 "fagott.pw/grilist/eventlogging"
14 "fagott.pw/grilist/frontend" 15 "fagott.pw/grilist/frontend"
15 "fagott.pw/grilist/grilist" 16 "fagott.pw/grilist/grilist"
16 17
@@ -241,6 +242,7 @@ func (m *GrilsModule) FromIDs(ids []int) ([]*Gril, error) {
241 242
242func (m *GrilsModule) viewGril(w http.ResponseWriter, r *http.Request, p httprouter.Params) { 243func (m *GrilsModule) viewGril(w http.ResponseWriter, r *http.Request, p httprouter.Params) {
243 user, _ := m.g.Charakterin.GetUserFromRequest(r) 244 user, _ := m.g.Charakterin.GetUserFromRequest(r)
245 el := m.g.EventLogger(r)
244 sid := p.ByName("id") 246 sid := p.ByName("id")
245 247
246 id, err := strconv.Atoi(sid) 248 id, err := strconv.Atoi(sid)
@@ -292,6 +294,9 @@ func (m *GrilsModule) viewGril(w http.ResponseWriter, r *http.Request, p httprou
292 data["SimilarGrils"] = similar 294 data["SimilarGrils"] = similar
293 295
294 m.g.Renderer.RenderPage("gril", w, data) 296 m.g.Renderer.RenderPage("gril", w, data)
297 el.ViewGril(user, eventlogging.ViewGrilData{
298 GrilID: gril.ID,
299 })
295} 300}
296 301
297func pgArray(array []byte) []string { 302func pgArray(array []byte) []string {
diff --git a/modules/lists/lists.go b/modules/lists/lists.go
index d1913be..9c9eaf4 100644
--- a/modules/lists/lists.go
+++ b/modules/lists/lists.go
@@ -14,6 +14,7 @@ import (
14 14
15 "fagott.pw/charakterin" 15 "fagott.pw/charakterin"
16 "fagott.pw/grilist/cache" 16 "fagott.pw/grilist/cache"
17 "fagott.pw/grilist/eventlogging"
17 "fagott.pw/grilist/frontend" 18 "fagott.pw/grilist/frontend"
18 "fagott.pw/grilist/grilist" 19 "fagott.pw/grilist/grilist"
19 "fagott.pw/grilist/modules/grils" 20 "fagott.pw/grilist/modules/grils"
@@ -259,6 +260,7 @@ func (m *Module) ProvideDashboardData(user *charakterin.User) []grilist.Dashboar
259 260
260func (m *Module) viewList(w http.ResponseWriter, r *http.Request, p httprouter.Params) { 261func (m *Module) viewList(w http.ResponseWriter, r *http.Request, p httprouter.Params) {
261 user, _ := m.g.Charakterin.GetUserFromRequest(r) 262 user, _ := m.g.Charakterin.GetUserFromRequest(r)
263 el := m.g.EventLogger(r)
262 sid := p.ByName("id") 264 sid := p.ByName("id")
263 265
264 id, err := strconv.Atoi(sid) 266 id, err := strconv.Atoi(sid)
@@ -285,9 +287,13 @@ func (m *Module) viewList(w http.ResponseWriter, r *http.Request, p httprouter.P
285 } 287 }
286 288
287 m.g.Renderer.RenderPage("list", w, data) 289 m.g.Renderer.RenderPage("list", w, data)
290 el.ViewList(user, eventlogging.ViewListData{
291 ListID: list.ID,
292 })
288} 293}
289 294
290func (m *Module) deleteList(w http.ResponseWriter, r *http.Request, p httprouter.Params) { 295func (m *Module) deleteList(w http.ResponseWriter, r *http.Request, p httprouter.Params) {
296 el := m.g.EventLogger(r)
291 user, err := m.g.Charakterin.GetUserFromRequest(r) 297 user, err := m.g.Charakterin.GetUserFromRequest(r)
292 if err != nil { 298 if err != nil {
293 log.Println("invalid deleteList user") 299 log.Println("invalid deleteList user")
@@ -333,6 +339,9 @@ func (m *Module) deleteList(w http.ResponseWriter, r *http.Request, p httprouter
333 339
334 log.Printf("list %d has been deleted by the owner %d(%s)", list.ID, list.Owner.ID, list.Owner.GetName()) 340 log.Printf("list %d has been deleted by the owner %d(%s)", list.ID, list.Owner.ID, list.Owner.GetName())
335 http.Redirect(w, r, "/", 302) 341 http.Redirect(w, r, "/", 302)
342 el.DeleteList(user, eventlogging.DeleteListData{
343 ListID: list.ID,
344 })
336} 345}
337 346
338func (m *Module) viewListSettings(w http.ResponseWriter, r *http.Request, p httprouter.Params) { 347func (m *Module) viewListSettings(w http.ResponseWriter, r *http.Request, p httprouter.Params) {
@@ -371,6 +380,7 @@ func (m *Module) viewListSettings(w http.ResponseWriter, r *http.Request, p http
371} 380}
372 381
373func (m *Module) updateListSettings(w http.ResponseWriter, r *http.Request, p httprouter.Params) { 382func (m *Module) updateListSettings(w http.ResponseWriter, r *http.Request, p httprouter.Params) {
383 el := m.g.EventLogger(r)
374 user, err := m.g.Charakterin.GetUserFromRequest(r) 384 user, err := m.g.Charakterin.GetUserFromRequest(r)
375 if err != nil { 385 if err != nil {
376 log.Println("invalid updateListSettings user") 386 log.Println("invalid updateListSettings user")
@@ -435,6 +445,18 @@ func (m *Module) updateListSettings(w http.ResponseWriter, r *http.Request, p ht
435 return 445 return
436 } 446 }
437 447
448 rows, err := m.g.DB.Query("SELECT name, description FROM grilist.lists WHERE id = $1;", id)
449 if err != nil {
450 log.Println("could not get list info", id)
451 renderWithError("interner fehler", false, false)
452 return
453 }
454 defer rows.Close()
455
456 var oldName string
457 var oldDescription string
458 rows.Scan(&oldName, &oldDescription)
459
438 if list.Name != name && list.Description != description { 460 if list.Name != name && list.Description != description {
439 _, err = m.g.DB.Query(`UPDATE grilist.lists SET name = $2, description = $3 WHERE id = $1`, id, name, description) 461 _, err = m.g.DB.Query(`UPDATE grilist.lists SET name = $2, description = $3 WHERE id = $1`, id, name, description)
440 if err != nil { 462 if err != nil {
@@ -462,9 +484,17 @@ func (m *Module) updateListSettings(w http.ResponseWriter, r *http.Request, p ht
462 list.Description = description 484 list.Description = description
463 485
464 m.viewListSettings(w, r, p) 486 m.viewListSettings(w, r, p)
487 el.EditList(user, eventlogging.EditListData{
488 ListID: id,
489 OldName: oldName,
490 OldDescription: oldDescription,
491 NewName: name,
492 NewDescription: description,
493 })
465} 494}
466 495
467func (m *Module) addGrilToList(w http.ResponseWriter, r *http.Request, p httprouter.Params) { 496func (m *Module) addGrilToList(w http.ResponseWriter, r *http.Request, p httprouter.Params) {
497 el := m.g.EventLogger(r)
468 slistID := p.ByName("id") 498 slistID := p.ByName("id")
469 499
470 user, err := m.g.Charakterin.GetUserFromRequest(r) 500 user, err := m.g.Charakterin.GetUserFromRequest(r)
@@ -531,7 +561,10 @@ func (m *Module) addGrilToList(w http.ResponseWriter, r *http.Request, p httprou
531 data["Value"] = value 561 data["Value"] = value
532 list.Grils = append(list.Grils, lg) 562 list.Grils = append(list.Grils, lg)
533 m.g.Renderer.RenderPage("list_gril", w, data) 563 m.g.Renderer.RenderPage("list_gril", w, data)
534 return 564 el.AddGrilToList(user, eventlogging.AddGrilToListData{
565 ListID: list.ID,
566 GrilID: gril.ID,
567 })
535} 568}
536 569
537func (m *Module) displayCreateList(w http.ResponseWriter, r *http.Request, p httprouter.Params) { 570func (m *Module) displayCreateList(w http.ResponseWriter, r *http.Request, p httprouter.Params) {
@@ -548,6 +581,7 @@ func (m *Module) displayCreateList(w http.ResponseWriter, r *http.Request, p htt
548} 581}
549 582
550func (m *Module) createList(w http.ResponseWriter, r *http.Request, p httprouter.Params) { 583func (m *Module) createList(w http.ResponseWriter, r *http.Request, p httprouter.Params) {
584 el := m.g.EventLogger(r)
551 user, err := m.g.Charakterin.GetUserFromRequest(r) 585 user, err := m.g.Charakterin.GetUserFromRequest(r)
552 if err != nil { 586 if err != nil {
553 log.Println(err) 587 log.Println(err)
@@ -571,9 +605,15 @@ func (m *Module) createList(w http.ResponseWriter, r *http.Request, p httprouter
571 } 605 }
572 606
573 http.Redirect(w, r, fmt.Sprintf("/list/%d", id), 302) 607 http.Redirect(w, r, fmt.Sprintf("/list/%d", id), 302)
608 el.CreateList(user, eventlogging.CreateListData{
609 ListID: id,
610 Name: values.Get("name"),
611 Description: values.Get("description"),
612 })
574} 613}
575 614
576func (m *Module) updateGrilOrder(w http.ResponseWriter, r *http.Request, p httprouter.Params) { 615func (m *Module) updateGrilOrder(w http.ResponseWriter, r *http.Request, p httprouter.Params) {
616 el := m.g.EventLogger(r)
577 slistID := p.ByName("id") 617 slistID := p.ByName("id")
578 618
579 user, err := m.g.Charakterin.GetUserFromRequest(r) 619 user, err := m.g.Charakterin.GetUserFromRequest(r)
@@ -606,6 +646,16 @@ func (m *Module) updateGrilOrder(w http.ResponseWriter, r *http.Request, p httpr
606 return 646 return
607 } 647 }
608 648
649 var oldOrder int
650 err = m.g.DB.QueryRow(
651 `SELECT "order" FROM grilist.lists_grils WHERE list_id = $1 AND gril_id = $2;`,
652 listID, grilID).Scan(&oldOrder)
653 if err != nil {
654 log.Println(err)
655 http.Error(w, "Internal Server Error", 500)
656 return
657 }
658
609 // rein in die DB damit 659 // rein in die DB damit
610 _, err = m.g.DB.Exec(`SELECT grilist.set_gril_order($1, $2, $3, $4)`, user.ID, listID, grilID, pos) 660 _, err = m.g.DB.Exec(`SELECT grilist.set_gril_order($1, $2, $3, $4)`, user.ID, listID, grilID, pos)
611 if err != nil { 661 if err != nil {
@@ -622,17 +672,30 @@ func (m *Module) updateGrilOrder(w http.ResponseWriter, r *http.Request, p httpr
622 672
623 w.WriteHeader(200) 673 w.WriteHeader(200)
624 w.Write([]byte("ok")) 674 w.Write([]byte("ok"))
625 return 675 el.ChangeGrilOrder(user, eventlogging.ChangeGrilOrderData{
676 ListID: listID,
677 GrilID: grilID,
678 OldOrder: oldOrder,
679 NewOrder: pos,
680 })
626} 681}
627 682
628func (m *Module) removeGrilFromList(w http.ResponseWriter, r *http.Request, p httprouter.Params) { 683func (m *Module) removeGrilFromList(w http.ResponseWriter, r *http.Request, p httprouter.Params) {
684 el := m.g.EventLogger(r)
629 slistID := p.ByName("id") 685 slistID := p.ByName("id")
630 686
687 user, err := m.g.Charakterin.GetUserFromRequest(r)
688 if err != nil {
689 http.Error(w, "Unauthorized", 401)
690 return
691 }
692
631 listID, err := strconv.Atoi(slistID) 693 listID, err := strconv.Atoi(slistID)
632 if err != nil { 694 if err != nil {
633 http.Error(w, "invalid list ID (type mismatch)", 400) 695 http.Error(w, "invalid list ID (type mismatch)", 400)
634 return 696 return
635 } 697 }
698 //TODO: noch mal gucken ob der User Rechte hat
636 699
637 values, err := readBody(r) 700 values, err := readBody(r)
638 if err != nil { 701 if err != nil {
@@ -666,7 +729,10 @@ func (m *Module) removeGrilFromList(w http.ResponseWriter, r *http.Request, p ht
666 729
667 w.WriteHeader(200) 730 w.WriteHeader(200)
668 w.Write([]byte("ok")) 731 w.Write([]byte("ok"))
669 return 732 el.DeleteGrilFromList(user, eventlogging.DeleteGrilFromListData{
733 ListID: listID,
734 GrilID: grilID,
735 })
670} 736}
671 737
672func (m *Module) APIgetUserLists(w http.ResponseWriter, r *http.Request, p httprouter.Params) { 738func (m *Module) APIgetUserLists(w http.ResponseWriter, r *http.Request, p httprouter.Params) {