Path: blob/1.0-develop/app/Transformers/Api/Client/ActivityLogTransformer.php
10284 views
<?php12namespace Pterodactyl\Transformers\Api\Client;34use Illuminate\Support\Str;5use Pterodactyl\Models\User;6use Pterodactyl\Models\ActivityLog;7use Illuminate\Database\Eloquent\Model;89class ActivityLogTransformer extends BaseClientTransformer10{11protected array $availableIncludes = ['actor'];1213public function getResourceName(): string14{15return ActivityLog::RESOURCE_NAME;16}1718public function transform(ActivityLog $model): array19{20return [21// This is not for security, it is only to provide a unique identifier to22// the front-end for each entry to improve rendering performance since there23// is nothing else sufficiently unique to key off at this point.24'id' => sha1($model->id),25'batch' => $model->batch,26'event' => $model->event,27'is_api' => !is_null($model->api_key_id),28'ip' => $this->canViewIP($model->actor) ? $model->ip : null,29'description' => $model->description,30'properties' => $this->properties($model),31'has_additional_metadata' => $this->hasAdditionalMetadata($model),32'timestamp' => $model->timestamp->toAtomString(),33];34}3536public function includeActor(ActivityLog $model)37{38if (!$model->actor instanceof User) {39return $this->null();40}4142return $this->item($model->actor, $this->makeTransformer(UserTransformer::class), User::RESOURCE_NAME);43}4445/**46* Transforms any array values in the properties into a countable field for easier47* use within the translation outputs.48*/49protected function properties(ActivityLog $model): object50{51if (!$model->properties || $model->properties->isEmpty()) {52return (object) [];53}5455$properties = $model->properties56->mapWithKeys(function ($value, $key) use ($model) {57if ($key === 'ip' && !optional($model->actor)->is($this->request->user())) {58return [$key => '[hidden]'];59}6061if (!is_array($value)) {62// Perform some directory normalization at this point.63if ($key === 'directory') {64$value = str_replace('//', '/', '/' . trim($value, '/') . '/');65}6667return [$key => $value];68}6970return [$key => $value, "{$key}_count" => count($value)];71});7273$keys = $properties->keys()->filter(fn ($key) => Str::endsWith($key, '_count'))->values();74if ($keys->containsOneItem()) {75$properties = $properties->merge(['count' => $properties->get($keys[0])])->except($keys[0]);76}7778return (object) $properties->toArray();79}8081/**82* Determines if there are any log properties that we've not already exposed83* in the response language string and that are not just the IP address or84* the browser useragent.85*86* This is used by the front-end to selectively display an "additional metadata"87* button that is pointless if there is nothing the user can't already see from88* the event description.89*/90protected function hasAdditionalMetadata(ActivityLog $model): bool91{92if (is_null($model->properties) || $model->properties->isEmpty()) {93return false;94}9596$str = trans('activity.' . str_replace(':', '.', $model->event));97preg_match_all('/:(?<key>[\w.-]+\w)(?:[^\w:]?|$)/', $str, $matches);9899$exclude = array_merge($matches['key'], ['ip', 'useragent', 'using_sftp']);100foreach ($model->properties->keys() as $key) {101if (!in_array($key, $exclude, true)) {102return true;103}104}105106return false;107}108109/**110* Determines if the user can view the IP address in the output either because they are the111* actor that performed the action, or because they are an administrator on the Panel.112*/113protected function canViewIP(?Model $actor = null): bool114{115return optional($actor)->is($this->request->user()) || $this->request->user()->root_admin;116}117}118119120