diff options
author | Byron Jones <bjones@mozilla.com> | 2013-11-04 17:44:24 +0100 |
---|---|---|
committer | Byron Jones <bjones@mozilla.com> | 2013-11-04 17:44:24 +0100 |
commit | 1baa39515f11f1864a74bf995a87825b9182e8c2 (patch) | |
tree | 9b65138db4f889e26b1cd805123789ee7bb5dc94 | |
parent | a1990484b3aac09309739ee34d790e851107312c (diff) | |
download | bugzilla-1baa39515f11f1864a74bf995a87825b9182e8c2.tar.gz bugzilla-1baa39515f11f1864a74bf995a87825b9182e8c2.tar.xz |
Bug 917318: for auditing purposes, log the client's ip address when an account is created and when a bug is filed
-rw-r--r-- | extensions/BMO/Extension.pm | 27 |
1 files changed, 19 insertions, 8 deletions
diff --git a/extensions/BMO/Extension.pm b/extensions/BMO/Extension.pm index c32da77c5..6c12c4a08 100644 --- a/extensions/BMO/Extension.pm +++ b/extensions/BMO/Extension.pm @@ -37,7 +37,6 @@ use Bugzilla::Install::Filesystem; use Bugzilla::User; use Bugzilla::User::Setting; use Bugzilla::Util; -use Bugzilla::Util qw(html_quote trick_taint trim datetime_from detaint_natural); use Date::Parse; use DateTime; @@ -516,10 +515,16 @@ sub quicksearch_map { sub object_end_of_create { my ($self, $args) = @_; - if ($args->{class} eq 'Bugzilla::User') { + my $class = $args->{class}; + + if ($class eq 'Bugzilla::User') { + my $user = $args->{object}; + + # Log real IP addresses for auditing + _syslog(sprintf('[audit] <%s> created user %s', remote_ip(), $user->login)); + # Add default searches to new user's footer my $dbh = Bugzilla->dbh; - my $user = $args->{object}; my $sharer = Bugzilla::User->new({ name => 'nobody@mozilla.org' }) or return; @@ -534,6 +539,10 @@ sub object_end_of_create { $namedquery_id, $user->id ); } + + } elsif ($class eq 'Bugzilla::Bug') { + # Log real IP addresses for auditing + _syslog(sprintf('[audit] <%s> created bug %s', remote_ip(), $args->{object}->id)); } } @@ -880,8 +889,13 @@ sub _log_sent_email { $subject =~ s/[\[\(]Bug \d+[\]\)]\s*//; + _syslog("[bugmail] $recipient ($message_type) $bug_id $subject"); +} + +sub _syslog { + my $message = shift; openlog('apache', 'cons,pid', 'local4'); - syslog('notice', encode_utf8("[bugmail] $recipient ($message_type) $bug_id $subject")); + syslog('notice', encode_utf8($message)); closelog(); } @@ -1055,10 +1069,7 @@ sub query_database { } # log query - setlogsock('unix'); - openlog('apache', 'cons', 'pid', 'local4'); - syslog('notice', sprintf("[db_query] %s %s", $user->login, $query)); - closelog(); + _syslog(sprintf("[db_query] %s %s", $user->login, $query)); # connect to database and execute # switching to the shadow db gives us a read-only connection |