prosody-modules
75dee6127829
mod_audit/mod_audit.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody-modules

Diff

mod_audit/mod_audit.lua @ 5856:75dee6127829 draft

Merge upstream
author Trần H. Trung <xmpp:trần.h.trung@trung.fun>
date Tue, 06 Feb 2024 18:32:01 +0700
parent 5786:6c0570a8b866
line wrap: on
line diff
--- a/mod_audit/mod_audit.lua	Tue Aug 29 23:51:17 2023 +0700
+++ b/mod_audit/mod_audit.lua	Tue Feb 06 18:32:01 2024 +0700
@@ -1,19 +1,13 @@
 module:set_global();
 
 local time_now = os.time;
-local parse_duration = require "util.human.io".parse_duration;
 local ip = require "util.ip";
 local st = require "util.stanza";
 local moduleapi = require "core.moduleapi";
 
 local host_wide_user = "@";
 
-local cleanup_after = module:get_option_string("audit_log_expires_after", "28d");
-if cleanup_after == "never" then
-	cleanup_after = nil;
-else
-	cleanup_after = parse_duration(cleanup_after);
-end
+local cleanup_after = module:get_option_period("audit_log_expires_after", "28d");
 
 local attach_ips = module:get_option_boolean("audit_log_ips", true);
 local attach_ipv4_prefix = module:get_option_number("audit_log_ipv4_prefix", nil);
@@ -61,13 +55,12 @@
 end
 
 local function get_ip_network(ip_addr)
-	local _ip = ip.new_ip(ip_addr);
-	local proto = _ip.proto;
+	local proto = ip_addr.proto;
 	local network;
 	if proto == "IPv4" and attach_ipv4_prefix then
-		network = ip.truncate(_ip, attach_ipv4_prefix).normal.."/"..attach_ipv4_prefix;
+		network = ip.truncate(ip_addr, attach_ipv4_prefix).normal.."/"..attach_ipv4_prefix;
 	elseif proto == "IPv6" and attach_ipv6_prefix then
-		network = ip.truncate(_ip, attach_ipv6_prefix).normal.."/"..attach_ipv6_prefix;
+		network = ip.truncate(ip_addr, attach_ipv6_prefix).normal.."/"..attach_ipv6_prefix;
 	end
 	return network;
 end
@@ -83,18 +76,19 @@
 		attr.type = session.type;
 	end
 	local stanza = st.stanza("session", attr);
-	if attach_ips and session.ip then
-		local remote_ip, network = session.ip;
+	local remote_ip = session.ip and ip.new_ip(session.ip);
+	if attach_ips and remote_ip then
+		local network;
 		if attach_ipv4_prefix or attach_ipv6_prefix then
 			network = get_ip_network(remote_ip);
 		end
-		stanza:text_tag("remote-ip", network or remote_ip);
+		stanza:text_tag("remote-ip", network or remote_ip.normal);
 	end
-	if attach_location and session.ip then
-		local remote_ip = ip.new(session.ip);
-		local geoip_country = ip.proto == "IPv6" and geoip6_country or geoip4_country;
-		stanza:tag("location", {
-			country = geoip_country:query_by_addr(remote_ip.normal);
+	if attach_location and remote_ip then
+		local geoip_info = remote_ip.proto == "IPv6" and geoip6_country:query_by_addr6(remote_ip.normal) or geoip4_country:query_by_addr(remote_ip.normal);
+		stanza:text_tag("location", geoip_info.name, {
+			country = geoip_info.code;
+			continent = geoip_info.continent;
 		}):up();
 	end
 	if session.client_id then
@@ -140,7 +134,7 @@
 		if err == "quota-limit" then
 			local limit = store.caps and store.caps.quota or 1000;
 			local truncate_to = math.floor(limit * 0.99);
-			if type(cleanup_after) == "number" then
+			if cleanup_after ~= math.huge then
 				module:log("debug", "Audit log has reached quota - forcing prune");
 				if prune_audit_log(host) then
 					-- Retry append
@@ -177,8 +171,9 @@
 		value_params = { "limit" };
 	 });
 
-	for k, v in pairs(arg) do print("U", k, v) end
-	local query_user, host = jid.prepped_split(arg[1]);
+	module:log("debug", "arg = %q", arg);
+	local query_jid = jid.prep(arg[1]);
+	local host = jid.host(query_jid);
 
 	if arg.prune then
 		local sm = require "core.storagemanager";
@@ -207,14 +202,16 @@
 	local c = 0;
 
 	if arg.global then
-		if query_user then
+		if jid.node(query_jid) then
 			print("WW: Specifying a user account is incompatible with --global. Showing only global events.");
 		end
-		query_user = "@";
+		query_jid = "@";
+	elseif host == query_jid then
+		query_jid = nil;
 	end
 
 	local results, err = store:find(nil, {
-		with = query_user;
+		with = query_jid;
 		limit = arg.limit and tonumber(arg.limit) or nil;
 		reverse = true;
 	})
@@ -224,12 +221,12 @@
 	end
 
 	local colspec = {
-		{ title = "Date", key = "when", width = 19, mapper = function (when) return os.date("%Y-%m-%d %R:%S", when); end };
+		{ title = "Date", key = "when", width = 19, mapper = function (when) return os.date("%Y-%m-%d %R:%S", math.floor(when)); end };
 		{ title = "Source", key = "source", width = "2p" };
 		{ title = "Event", key = "event_type", width = "2p" };
 	};
 
-	if arg.show_user ~= false and (not arg.global and not query_user) or arg.show_user then
+	if arg.show_user ~= false and (not arg.global and not query_jid) or arg.show_user then
 		table.insert(colspec, {
 			title = "User", key = "username", width = "2p",
 			mapper = function (user)
@@ -270,8 +267,8 @@
 				source = entry.attr.source;
 				event_type = entry.attr.type:gsub("%-", " ");
 				username = user;
-				ip = entry:get_child_text("remote-ip");
-				location = entry:find("location@country");
+				ip = entry:find("{xmpp:prosody.im/audit}session/remote-ip#");
+				country = entry:find("{xmpp:prosody.im/audit}session/location@country");
 				note = entry:get_child_text("note");
 			}));
 		end