Enhance audit logging: add new audit types for password reset and prospect image actions, and update related services to log these events
Co-authored-by: Copilot <copilot@github.com>
This commit is contained in:
a.beging@eas-solutions.de
@@ -62,7 +62,32 @@ namespace FoodsharingSiegen.Contracts.Enums
|
||||
/// <summary>
|
||||
/// The remove interaction audit type
|
||||
/// </summary>
|
||||
RemoveInteraction = 100
|
||||
RemoveInteraction = 100,
|
||||
|
||||
/// <summary>
|
||||
/// The delete prospect images audit type
|
||||
/// </summary>
|
||||
DeleteProspectImages = 110,
|
||||
|
||||
/// <summary>
|
||||
/// The view prospect images audit type
|
||||
/// </summary>
|
||||
ViewProspectImages = 120,
|
||||
|
||||
/// <summary>
|
||||
/// The upload prospect image audit type
|
||||
/// </summary>
|
||||
UploadProspectImage = 130,
|
||||
|
||||
/// <summary>
|
||||
/// The request password reset audit type
|
||||
/// </summary>
|
||||
RequestPasswordReset = 140,
|
||||
|
||||
/// <summary>
|
||||
/// The change own password audit type
|
||||
/// </summary>
|
||||
ChangeOwnPassword = 150
|
||||
|
||||
#endregion Prospects
|
||||
}
|
||||
|
||||
@@ -251,6 +251,14 @@ namespace FoodsharingSiegen.Server.Auth
|
||||
user.ResetToken = resetToken;
|
||||
user.ResetTokenExpiry = DateTime.UtcNow.AddMinutes(30);
|
||||
|
||||
Context.Audits?.Add(new Audit
|
||||
{
|
||||
Created = DateTime.Now,
|
||||
Type = AuditType.RequestPasswordReset,
|
||||
UserID = user.Id,
|
||||
Data1 = user.Mail
|
||||
});
|
||||
|
||||
await Context.SaveChangesAsync();
|
||||
|
||||
var resetLink = $"{baseUri.TrimEnd('/')}/reset-password/{resetToken}";
|
||||
|
||||
@@ -37,6 +37,16 @@ namespace FoodsharingSiegen.Server.Data
|
||||
return $"hat dem Neuling {audit.Data1} folgendes hinzugefügt: {audit.Data2}";
|
||||
case AuditType.RemoveInteraction:
|
||||
return $"hat eine Interaktion bei {audit.Data1} gelöscht.";
|
||||
case AuditType.DeleteProspectImages:
|
||||
return $"hat die Bilder von {audit.Data1} gelöscht.";
|
||||
case AuditType.ViewProspectImages:
|
||||
return $"hat die Bilder von {audit.Data1} angesehen.";
|
||||
case AuditType.UploadProspectImage:
|
||||
return $"hat ein Bild für {audit.Data1} hochgeladen.";
|
||||
case AuditType.RequestPasswordReset:
|
||||
return $"hat ein Passwort-Reset für {audit.Data1} angefordert.";
|
||||
case AuditType.ChangeOwnPassword:
|
||||
return $"hat das eigene Passwort geändert.";
|
||||
case AuditType.None:
|
||||
default:
|
||||
return $"{audit.Data1}, {audit.Data2}";
|
||||
|
||||
@@ -290,6 +290,8 @@ namespace FoodsharingSiegen.Server.Data.Service
|
||||
await Context.ProspectImages!.AddAsync(image);
|
||||
await Context.SaveChangesAsync();
|
||||
|
||||
await AuditService.Insert(AuditType.UploadProspectImage, prospect.Name);
|
||||
|
||||
return new();
|
||||
}
|
||||
catch (Exception e)
|
||||
@@ -308,6 +310,16 @@ namespace FoodsharingSiegen.Server.Data.Service
|
||||
.OrderBy(x => x.Created)
|
||||
.ToListAsync();
|
||||
|
||||
var prospectName = await Context.Prospects!
|
||||
.Where(x => x.Id == prospectId)
|
||||
.Select(x => x.Name)
|
||||
.FirstOrDefaultAsync();
|
||||
|
||||
if (!string.IsNullOrEmpty(prospectName))
|
||||
{
|
||||
await AuditService.Insert(AuditType.ViewProspectImages, prospectName);
|
||||
}
|
||||
|
||||
return new(images);
|
||||
}
|
||||
catch (Exception e)
|
||||
@@ -329,6 +341,7 @@ namespace FoodsharingSiegen.Server.Data.Service
|
||||
if (prospect != null)
|
||||
{
|
||||
prospect.VerificationToken = null; // Clear token when images are deleted
|
||||
await AuditService.Insert(AuditType.DeleteProspectImages, prospect.Name);
|
||||
}
|
||||
|
||||
await Context.SaveChangesAsync();
|
||||
|
||||
@@ -151,8 +151,14 @@ namespace FoodsharingSiegen.Server.Data.Service
|
||||
|
||||
if (saveR < 1) return new(new Exception("Fehler beim Speichern"));
|
||||
|
||||
var auditData = CurrentUser?.Id == user.Id ? "sich selbst" : user.Mail;
|
||||
await AuditService.Insert(AuditType.SetUserPassword, auditData);
|
||||
if (CurrentUser?.Id == user.Id)
|
||||
{
|
||||
await AuditService.Insert(AuditType.ChangeOwnPassword);
|
||||
}
|
||||
else
|
||||
{
|
||||
await AuditService.Insert(AuditType.SetUserPassword, user.Mail);
|
||||
}
|
||||
|
||||
return new();
|
||||
}
|
||||
|
||||
@@ -20,6 +20,8 @@
|
||||
{
|
||||
<div class="alert alert-success text-center">
|
||||
Wenn ein Benutzerkonto mit dieser E-Mail-Adresse existiert, wurde eine E-Mail mit weiteren Anweisungen versendet.
|
||||
<br><br>
|
||||
<small><b>Hinweis:</b> Bitte überprüfe auch deinen Spam-Ordner, falls du künftige E-Mails nicht im regulären Posteingang findest.</small>
|
||||
</div>
|
||||
<div class="text-center mt-4">
|
||||
<a href="/login" class="btn btn-outline-primary"><i class="fas fa-arrow-left mr-2"></i> Zurück zum Login</a>
|
||||
|
||||
@@ -126,6 +126,10 @@ namespace FoodsharingSiegen.Server.Pages
|
||||
await ConfirmDialog.ShowAsync(ModalService, "Bestätigen", $"Soll eine E-Mail zum Festlegen des Passworts an {user.Mail} gesendet werden?", async () =>
|
||||
{
|
||||
await AuthService.InitiateInitialPasswordSetup(user.Mail, NavigationManager.BaseUri);
|
||||
if (Notification != null)
|
||||
{
|
||||
await Notification.Success("E-Mail gesendet. Bitte weise den Benutzer darauf hin, auch den Spam-Ordner zu prüfen.");
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user