1use crate::{State, models::InsertQueryBuilder, prelude::*};
2use compact_str::ToCompactString;
3use garde::Validate;
4use serde::{Deserialize, Serialize};
5use sqlx::{Row, postgres::PgRow};
6use std::{
7 collections::BTreeMap,
8 sync::{Arc, LazyLock},
9};
10use utoipa::ToSchema;
11
12pub type GetAdminActivityLogger = crate::extract::ConsumingExtension<AdminActivityLogger>;
13
14#[derive(Clone)]
15pub struct AdminActivityLogger {
16 pub state: State,
17 pub user_uuid: uuid::Uuid,
18 pub impersonator_uuid: Option<uuid::Uuid>,
19 pub api_key_uuid: Option<uuid::Uuid>,
20 pub ip: std::net::IpAddr,
21}
22
23impl AdminActivityLogger {
24 pub async fn log(&self, event: impl Into<compact_str::CompactString>, data: serde_json::Value) {
25 let options = CreateAdminActivityOptions {
26 user_uuid: Some(self.user_uuid),
27 impersonator_uuid: self.impersonator_uuid,
28 api_key_uuid: self.api_key_uuid,
29 event: event.into(),
30 ip: Some(self.ip.into()),
31 data,
32 created: None,
33 };
34 if let Err(err) = AdminActivity::create(&self.state, options).await {
35 tracing::warn!(
36 user = %self.user_uuid,
37 "failed to log admin activity: {:#?}",
38 err
39 );
40 }
41 }
42}
43
44#[derive(Serialize, Deserialize)]
45pub struct AdminActivity {
46 pub user: Option<super::user::User>,
47 pub impersonator: Option<Fetchable<super::user::User>>,
48 pub api_key: Option<Fetchable<super::user_api_key::UserApiKey>>,
49
50 pub event: compact_str::CompactString,
51 pub ip: Option<sqlx::types::ipnetwork::IpNetwork>,
52 pub data: serde_json::Value,
53
54 pub created: chrono::NaiveDateTime,
55
56 extension_data: super::ModelExtensionData,
57}
58
59impl BaseModel for AdminActivity {
60 const NAME: &'static str = "admin_activity";
61
62 fn get_extension_list() -> &'static super::ModelExtensionList {
63 static EXTENSIONS: LazyLock<super::ModelExtensionList> =
64 LazyLock::new(|| std::sync::RwLock::new(Vec::new()));
65
66 &EXTENSIONS
67 }
68
69 fn get_extension_data(&self) -> &super::ModelExtensionData {
70 &self.extension_data
71 }
72
73 #[inline]
74 fn base_columns(prefix: Option<&str>) -> BTreeMap<&'static str, compact_str::CompactString> {
75 let prefix = prefix.unwrap_or_default();
76
77 let mut columns = BTreeMap::from([
78 (
79 "admin_activities.impersonator_uuid",
80 compact_str::format_compact!("{prefix}impersonator_uuid"),
81 ),
82 (
83 "admin_activities.api_key_uuid",
84 compact_str::format_compact!("{prefix}api_key_uuid"),
85 ),
86 (
87 "admin_activities.event",
88 compact_str::format_compact!("{prefix}event"),
89 ),
90 (
91 "admin_activities.ip",
92 compact_str::format_compact!("{prefix}ip"),
93 ),
94 (
95 "admin_activities.data",
96 compact_str::format_compact!("{prefix}data"),
97 ),
98 (
99 "admin_activities.created",
100 compact_str::format_compact!("{prefix}created"),
101 ),
102 ]);
103
104 columns.extend(super::user::User::base_columns(Some("user_")));
105
106 columns
107 }
108
109 #[inline]
110 fn map(prefix: Option<&str>, row: &PgRow) -> Result<Self, crate::database::DatabaseError> {
111 let prefix = prefix.unwrap_or_default();
112
113 Ok(Self {
114 user: if row
115 .try_get::<uuid::Uuid, _>("user_uuid".to_string().as_str())
116 .is_ok()
117 {
118 Some(super::user::User::map(Some("user_"), row)?)
119 } else {
120 None
121 },
122 impersonator: super::user::User::get_fetchable_from_row(
123 row,
124 compact_str::format_compact!("{prefix}impersonator_uuid"),
125 ),
126 api_key: super::user_api_key::UserApiKey::get_fetchable_from_row(
127 row,
128 compact_str::format_compact!("{prefix}api_key_uuid").as_str(),
129 ),
130 event: row.try_get(compact_str::format_compact!("{prefix}event").as_str())?,
131 ip: row.try_get(compact_str::format_compact!("{prefix}ip").as_str())?,
132 data: row.try_get(compact_str::format_compact!("{prefix}data").as_str())?,
133 created: row.try_get(compact_str::format_compact!("{prefix}created").as_str())?,
134 extension_data: Self::map_extensions(prefix, row)?,
135 })
136 }
137}
138
139impl AdminActivity {
140 pub async fn all_with_pagination(
141 database: &crate::database::Database,
142 page: i64,
143 per_page: i64,
144 search: Option<&str>,
145 ) -> Result<super::Pagination<Self>, crate::database::DatabaseError> {
146 let offset = (page - 1) * per_page;
147
148 let rows = sqlx::query(&format!(
149 r#"
150 SELECT {}, COUNT(*) OVER() AS total_count
151 FROM admin_activities
152 LEFT JOIN users ON users.uuid = admin_activities.user_uuid
153 LEFT JOIN roles ON roles.uuid = users.role_uuid
154 WHERE ($1 IS NULL OR admin_activities.event ILIKE '%' || $1 || '%' OR users.username ILIKE '%' || $1 || '%')
155 ORDER BY admin_activities.created DESC
156 LIMIT $2 OFFSET $3
157 "#,
158 Self::columns_sql(None)
159 ))
160 .bind(search)
161 .bind(per_page)
162 .bind(offset)
163 .fetch_all(database.read())
164 .await?;
165
166 Ok(super::Pagination {
167 total: rows
168 .first()
169 .map_or(Ok(0), |row| row.try_get("total_count"))?,
170 per_page,
171 page,
172 data: rows
173 .into_iter()
174 .map(|row| Self::map(None, &row))
175 .try_collect_vec()?,
176 })
177 }
178
179 pub async fn delete_older_than(
180 database: &crate::database::Database,
181 cutoff: chrono::DateTime<chrono::Utc>,
182 ) -> Result<u64, crate::database::DatabaseError> {
183 let result = sqlx::query(
184 r#"
185 DELETE FROM admin_activities
186 WHERE admin_activities.created < $1
187 "#,
188 )
189 .bind(cutoff.naive_utc())
190 .execute(database.write())
191 .await?;
192
193 Ok(result.rows_affected())
194 }
195
196 pub async fn retain_latest_logs(
197 database: &crate::database::Database,
198 keep_count: i64,
199 ) -> Result<u64, crate::database::DatabaseError> {
200 let result = sqlx::query(
201 r#"
202 DELETE FROM admin_activities
203 WHERE ctid IN (
204 SELECT ctid
205 FROM admin_activities
206 ORDER BY admin_activities.created DESC
207 OFFSET $1
208 )
209 "#,
210 )
211 .bind(keep_count)
212 .execute(database.write())
213 .await?;
214
215 Ok(result.rows_affected())
216 }
217}
218
219#[async_trait::async_trait]
220impl IntoAdminApiObject for AdminActivity {
221 type AdminApiObject = AdminApiAdminActivity;
222 type ExtraArgs<'a> = &'a crate::storage::StorageUrlRetriever<'a>;
223
224 async fn into_admin_api_object<'a>(
225 self,
226 state: &crate::State,
227 storage_url_retriever: Self::ExtraArgs<'a>,
228 ) -> Result<Self::AdminApiObject, crate::database::DatabaseError> {
229 let api_object = AdminApiAdminActivity::init_hooks(&self, state).await?;
230
231 let user = if let Some(user) = self.user {
232 Some(user.into_api_object(state, storage_url_retriever).await?)
233 } else {
234 None
235 };
236
237 let impersonator = if let Some(impersonator) = self.impersonator {
238 Some(
239 impersonator
240 .fetch_cached(&state.database)
241 .await?
242 .into_api_object(state, storage_url_retriever)
243 .await?,
244 )
245 } else {
246 None
247 };
248
249 let api_object = finish_extendible!(
250 AdminApiAdminActivity {
251 user,
252 impersonator,
253 event: self.event,
254 ip: self.ip.map(|ip| ip.ip().to_compact_string()),
255 data: self.data,
256 is_api: self.api_key.is_some(),
257 created: self.created.and_utc(),
258 },
259 api_object,
260 state
261 )?;
262
263 Ok(api_object)
264 }
265}
266
267#[derive(ToSchema, Deserialize, Validate)]
268pub struct CreateAdminActivityOptions {
269 #[garde(skip)]
270 pub user_uuid: Option<uuid::Uuid>,
271 #[garde(skip)]
272 pub impersonator_uuid: Option<uuid::Uuid>,
273 #[garde(skip)]
274 pub api_key_uuid: Option<uuid::Uuid>,
275 #[garde(length(chars, min = 1, max = 255))]
276 #[schema(min_length = 1, max_length = 255)]
277 pub event: compact_str::CompactString,
278 #[garde(skip)]
279 #[schema(value_type = Option<String>)]
280 pub ip: Option<sqlx::types::ipnetwork::IpNetwork>,
281 #[garde(skip)]
282 pub data: serde_json::Value,
283 #[garde(skip)]
284 pub created: Option<chrono::NaiveDateTime>,
285}
286
287#[async_trait::async_trait]
288impl CreatableModel for AdminActivity {
289 type CreateOptions<'a> = CreateAdminActivityOptions;
290 type CreateResult = ();
291
292 fn get_create_handlers() -> &'static LazyLock<CreateListenerList<Self>> {
293 static CREATE_LISTENERS: LazyLock<CreateListenerList<AdminActivity>> =
294 LazyLock::new(|| Arc::new(ModelHandlerList::default()));
295
296 &CREATE_LISTENERS
297 }
298
299 async fn create_with_transaction(
300 state: &crate::State,
301 mut options: Self::CreateOptions<'_>,
302 transaction: &mut sqlx::Transaction<'_, sqlx::Postgres>,
303 ) -> Result<Self::CreateResult, crate::database::DatabaseError> {
304 options.validate()?;
305
306 let mut query_builder = InsertQueryBuilder::new("admin_activities");
307
308 Self::run_create_handlers(&mut options, &mut query_builder, state, transaction).await?;
309
310 query_builder
311 .set("user_uuid", options.user_uuid)
312 .set("impersonator_uuid", options.impersonator_uuid)
313 .set("api_key_uuid", options.api_key_uuid)
314 .set("event", &options.event)
315 .set("ip", options.ip)
316 .set("data", &options.data);
317
318 if let Some(created) = options.created {
319 query_builder.set("created", created);
320 }
321
322 query_builder.execute(&mut **transaction).await?;
323
324 let mut result = ();
325
326 Self::run_after_create_handlers(&mut result, &options, state, transaction).await?;
327
328 Ok(result)
329 }
330}
331
332#[schema_extension_derive::extendible]
333#[init_args(AdminActivity, crate::State)]
334#[hook_args(crate::State)]
335#[derive(ToSchema, Serialize)]
336#[schema(title = "AdminAdminActivity")]
337pub struct AdminApiAdminActivity {
338 pub user: Option<super::user::ApiUser>,
339 pub impersonator: Option<super::user::ApiUser>,
340
341 pub event: compact_str::CompactString,
342 pub ip: Option<compact_str::CompactString>,
343 pub data: serde_json::Value,
344
345 pub is_api: bool,
346
347 pub created: chrono::DateTime<chrono::Utc>,
348}