RTECH/UBS
3
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Add audit logs; Fix Create/edit usernames

Browse source
This commit is contained in:
Christopher Cookman 2024-12-21 11:05:34 -07:00
parent 9d9e8ad334
commit 1065e9b8c5
4 changed files with 27 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
migrations.js
View file

@ -59,7 +59,7 @@ function runMigrations(pool) {
resolve();
})
.catch(err => {
console.errorr('Error running migrations:', err);
console.error('Error running migrations:', err);
reject(err);
})
.finally(() => {

7
migrations/006_init_audit_logs.sql Normal file
View file

@ -0,0 +1,7 @@
CREATE TABLE audit_logs (
id INT AUTO_INCREMENT PRIMARY KEY,
timestamp TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
user VARCHAR(255) NOT NULL,
action VARCHAR(255) NOT NULL,
data JSON NOT NULL
);

3
migrations/007_fix_ids Normal file
View file

@ -0,0 +1,3 @@
ALTER TABLE bans
MODIFY COLUMN robloxId VARCHAR(255),
MODIFY COLUMN discordId VARCHAR(255);

21
routes/admin.js
View file

@ -46,6 +46,12 @@ const authenticate = (req, res, next) => {
next();
}
const auditLog = async (action, data, user) => {
const conn = await pool.getConnection();
await conn.query('INSERT INTO audit_logs (action, data, user) VALUES (?, ?, ?)', [action, data, user]);
conn.end();
}
// MAIN PAGES
router.get('/', authenticate, (req, res) => {
@ -85,11 +91,13 @@ router.post('/create', authenticate, async (req, res) => {
const expiresTimestamp = data.expiresTimestamp || null;
const robloxId = data.robloxId || null;
const discordId = data.discordId || null;
const disordUsername = data.discordUsername || null;
const robloxUsername = data.robloxUsername || null;
await conn.query('INSERT INTO bans (reasonShort, reasonLong, reasonsFlag, moderator, expiresTimestamp, robloxId, discordId) VALUES (?, ?, ?, ?, ?, ?, ?)',
[reasonShort, reasonLong, reasonsFlag, moderator, expiresTimestamp, robloxId, discordId]);
conn.end();
auditLog('ban_create', { robloxId, discordId, moderator, reasonShort, reasonLong, reasonsFlag, expiresTimestamp }, req.session.user.username);
res.json({ success: true, message: 'User banned successfully', redirect: '/admin' });
});
@ -99,6 +107,8 @@ router.post('/edit/:id', authenticate, async (req, res) => {
const id = req.params.id;
const data = req.body;
const originalData = await conn.query('SELECT * FROM bans WHERE id = ?', [id]);
if (!data.robloxId && !data.discordId) {
res.json({ success: false, message: 'Please enter a Roblox ID or Discord ID.' });
return;
@ -106,15 +116,16 @@ router.post('/edit/:id', authenticate, async (req, res) => {
const reasonShort = data.reasonShort || 'No reason provided';
const reasonLong = data.reasonLong || 'No reason provided';
const reasonsFlag = data.reasonsFlag || 0;
const moderator = req.session.user.username || 'Unknown';
const expiresTimestamp = data.expiresTimestamp || null;
const robloxId = data.robloxId || null;
const discordId = data.discordId || null;
const disordUsername = data.discordUsername || null;
const robloxUsername = data.robloxUsername || null;
await conn.query('UPDATE bans SET reasonShort = ?, reasonLong = ?, reasonsFlag = ?, moderator = ?, expiresTimestamp = ?, robloxId = ?, discordId = ? WHERE id = ?',
[reasonShort, reasonLong, reasonsFlag, moderator, expiresTimestamp, robloxId, discordId, id]);
await conn.query('UPDATE bans SET reasonShort = ?, reasonLong = ?, reasonsFlag = ?, expiresTimestamp = ?, robloxId = ?, discordId = ? WHERE id = ?',
[reasonShort, reasonLong, reasonsFlag, expiresTimestamp, robloxId, discordId, id]);
conn.end();
auditLog('ban_edit', {old: originalData, new: { robloxId, discordId, reasonShort, reasonLong, reasonsFlag, expiresTimestamp }}, req.session.user.username);
res.json({ success: true, message: 'User updated successfully', redirect: '/admin' });
});