GSoC: Recording Actions Logs, Accessible by Super Admin (Status Update)

Written by | 02 August 2016 | Published in 2016 August
Imagine if the Super User could record the actions of users: who did what, where and when. This is the extension that I am developing in my Joomla! Google Summer of Code Project.

The project

The project Recording Actions Logs, Accessible by Super Admin is separated in two parts: a plugin that records the actions of the users and a component that makes it available to view, delete and export the users’ actions logs.

Features list

The following list is what I and my mentors thought of to be the features implemented in the final product of this project

  • Global setting to activate or disable logging (some websites looking for performance or with 1 admin do not require logging)
  • Settings to self-clean logs after specific time period, e.g.: rolling log for past 90 days.
  • Settings to notify administrators (via email) of specific actions (e.g.: a successful admin login generates a notification mail to a super admin, new content creation generates an email... etc.).
  • View all logs via an admin screen, with a filter for date, the extension type, user account.
  • View specific user action logs under the User Manager page
  • General logging to include User IP, Username, User ID, Event Action, Event Location, Time/date.
  • System will utilize Joomla permissions system to allow super admin to choose what groups could view this extension?
  • Button to export Logs to CSV file
  • If IP logging is activated, a notice should show to inform the admin that this is happening (perhaps a notice to agree to the once?)
  • The super user can undo users actions from the component's dashboard

You can find more details in my last article Recording Actions Logs, Accessible by Super Admin.

The Plugin

Overview

I started working with the plugin as I need logs to be retrieved by the component. I chose the events in this list to be logged as they are the events related to the actions of the users.

  • onContentAfterSave
  • onContentAfterDelete
  • onContentChangeState
  • onExtensionAfterInstall
  • onExtensionAfterUninstall
  • onExtensionAfterUpdate
  • onUserAfterSave
  • onUserAfterDelete
  • onUserAfterDeleteGroup

Plugin’s Configurations

When you go to the plugin’s configurations as in this image

Capture.PNG

You will find two options “so far” the first is to specify how many days you want to make the logs last in the database (Delete all logs which are created before this amount of days). The second is to choose if you want to log the ip addresses of the users or not.

Capture.PNG

There will be one more option that will be implemented which is what events to be logged.

You can watch the code of the plugin at the github repository for the project from this link https://github.com/joomla-projects/gsoc16_recording-action-logs/tree/staging/plugins/system/userlogs

The Component

Overview

The component is for showing the logs to the super-user. As it’s for the super-users, it’s has only a back-end.

To view the logs just go to the component as shown in this image

Capture.PNG

In this page you can view list of users actions logs as shown in the following image

The super-user has the ability to view, sort, search the logs by user, extension and date range.

Extensions names

When the users’ actions are logged, the extension’s name is stored like this “com_content.article” if it was the article component which may not be user friendly, so I used the way the installer plugin shows the names of the extensions. When I display the extension name I put it through a function called translateExtensionName which gets the translated name of the extension. You can view it from this link https://github.com/joomla-projects/gsoc16_recording-action-logs/blob/staging/administrator/components/com_userlogs/views/userlogs/view.html.php#L81

Translating the Messages

As I mentioned earlier, every event has its own log message, so I logged the message as JSON format. When displaying the logs, an event called onLogMessagePrepare is triggered to change the message from JSON format to human readable text. In the plugin side, I wrote an observer function to write the human readable text. You can find it here https://github.com/joomla-projects/gsoc16_recording-action-logs/blob/staging/plugins/system/userlogs/userlogs.php#L245

You can view the component from this link on github https://github.com/joomla-projects/gsoc16_recording-action-logs/tree/staging/administrator/components/com_userlogs

Final Words

At the end of this article, I want to thank my mentors Allan Walker and Llewellyn van der Merwe for their great help during my developing work. I also want to thank the whole Joomla GSoC team for their help in discussions about some issues I encountered during my development journey.

Read 4925 times Tagged under Google Summer of Code, English