From 24b72e3f8e14a414a7d1f10348c530a45f829555 Mon Sep 17 00:00:00 2001
From: Dennis Eichhorn <spl1nes.com@googlemail.com>
Date: Sun, 31 May 2020 22:49:58 +0200
Subject: [PATCH] add ip support for auditor

---
 Controller/ApiController.php        | 40 +++++++++++++++--------------
 Theme/Backend/accounts-list.tpl.php |  4 +--
 Theme/Backend/groups-list.tpl.php   |  4 +--
 3 files changed, 25 insertions(+), 23 deletions(-)

diff --git a/Controller/ApiController.php b/Controller/ApiController.php
index f05a2a9..db2b582 100644
--- a/Controller/ApiController.php
+++ b/Controller/ApiController.php
@@ -147,7 +147,8 @@ final class ApiController extends Controller
                         ],
                     ], true);
                 },
-                'settings'
+                'settings',
+                $request->getOrigin()
             );
         }
 
@@ -383,7 +384,7 @@ final class ApiController extends Controller
         /** @var Group $old */
         $old = clone GroupMapper::get((int) $request->getData('id'));
         $new = $this->updateGroupFromRequest($request);
-        $this->updateModel($request->getHeader()->getAccount(), $old, $new, GroupMapper::class, 'group');
+        $this->updateModel($request->getHeader()->getAccount(), $old, $new, GroupMapper::class, 'group', $request->getOrigin());
         $this->fillJsonResponse($request, $response, NotificationLevel::OK, 'Group', 'Group successfully updated', $new);
     }
 
@@ -450,7 +451,7 @@ final class ApiController extends Controller
         }
 
         $group = $this->createGroupFromRequest($request);
-        $this->createModel($request->getHeader()->getAccount(), $group, GroupMapper::class, 'group');
+        $this->createModel($request->getHeader()->getAccount(), $group, GroupMapper::class, 'group', $request->getOrigin());
         $this->fillJsonResponse($request, $response, NotificationLevel::OK, 'Group', 'Group successfully created', $group);
     }
 
@@ -491,7 +492,7 @@ final class ApiController extends Controller
     public function apiGroupDelete(RequestAbstract $request, ResponseAbstract $response, $data = null) : void
     {
         $group = GroupMapper::get((int) $request->getData('id'));
-        $this->deleteModel($request->getHeader()->getAccount(), $group, GroupMapper::class, 'group');
+        $this->deleteModel($request->getHeader()->getAccount(), $group, GroupMapper::class, 'group', $request->getOrigin());
         $this->fillJsonResponse($request, $response, NotificationLevel::OK, 'Group', 'Group successfully deleted', $group);
     }
 
@@ -653,7 +654,7 @@ final class ApiController extends Controller
 
         $account = $this->createAccountFromRequest($request);
 
-        $this->createModel($request->getHeader()->getAccount(), $account, AccountMapper::class, 'account');
+        $this->createModel($request->getHeader()->getAccount(), $account, AccountMapper::class, 'account', $request->getOrigin());
         $this->createProfileForAccount($account, $request);
 
         $collection = new Collection();
@@ -697,7 +698,7 @@ final class ApiController extends Controller
         $this->updateModel($request->getHeader()->getAccount(), $old, $account, function() use($account) : void {
             $account->setLoginTries((int) $this->app->appSettings->get(null, (string) Settings::LOGIN_TRIES));
             AccountMapper::update($account);
-        }, 'account');
+        }, 'account', $request->getOrigin());
     }
 
     /**
@@ -757,7 +758,7 @@ final class ApiController extends Controller
     {
         /** @var Account $account */
         $account = AccountMapper::get((int) ($request->getData('id')));
-        $this->deleteModel($request->getHeader()->getAccount(), $account, AccountMapper::class, 'account');
+        $this->deleteModel($request->getHeader()->getAccount(), $account, AccountMapper::class, 'account', $request->getOrigin());
         $this->fillJsonResponse($request, $response, NotificationLevel::OK, 'Account', 'Account successfully deleted', $account);
     }
 
@@ -779,7 +780,7 @@ final class ApiController extends Controller
         /** @var Account $old */
         $old = clone AccountMapper::get((int) $request->getData('id'));
         $new = $this->updateAccountFromRequest($request);
-        $this->updateModel($request->getHeader()->getAccount(), $old, $new, AccountMapper::class, 'account');
+        $this->updateModel($request->getHeader()->getAccount(), $old, $new, AccountMapper::class, 'account', $request->getOrigin());
 
         if (\Modules\Profile\Models\ProfileMapper::getFor($new->getId(), 'account') instanceof \Modules\Profile\Models\NullProfile) {
             $this->createProfileForAccount($new, $request);
@@ -935,7 +936,7 @@ final class ApiController extends Controller
     {
         /** @var GroupPermission $permission */
         $permission = GroupPermissionMapper::get((int) $request->getData('id'));
-        $this->deleteModel($request->getHeader()->getAccount(), $permission, GroupPermissionMapper::class, 'group-permission');
+        $this->deleteModel($request->getHeader()->getAccount(), $permission, GroupPermissionMapper::class, 'group-permission', $request->getOrigin());
         $this->fillJsonResponse($request, $response, NotificationLevel::OK, 'Permission', 'Permission successfully deleted', $permission);
     }
 
@@ -956,7 +957,7 @@ final class ApiController extends Controller
     {
         /** @var AccountPermission $permission */
         $permission = AccountPermissionMapper::get((int) $request->getData('id'));
-        $this->deleteModel($request->getHeader()->getAccount(), $permission, AccountPermissionMapper::class, 'user-permission');
+        $this->deleteModel($request->getHeader()->getAccount(), $permission, AccountPermissionMapper::class, 'user-permission', $request->getOrigin());
         $this->fillJsonResponse($request, $response, NotificationLevel::OK, 'Permission', 'Permission successfully deleted', $permission);
     }
 
@@ -977,7 +978,7 @@ final class ApiController extends Controller
     {
         /** @var AccountPermission $permission */
         $permission = AccountPermissionMapper::get((int) $request->getData('id'));
-        $this->deleteModel($request->getHeader()->getAccount(), $permission, AccountPermissionMapper::class, 'user-permission');
+        $this->deleteModel($request->getHeader()->getAccount(), $permission, AccountPermissionMapper::class, 'user-permission', $request->getOrigin());
         $this->fillJsonResponse($request, $response, NotificationLevel::OK, 'Permission', 'Permission successfully deleted', $permission);
     }
 
@@ -1010,7 +1011,7 @@ final class ApiController extends Controller
             return;
         }
 
-        $this->createModel($request->getHeader()->getAccount(), $permission, GroupPermissionMapper::class, 'group-permission');
+        $this->createModel($request->getHeader()->getAccount(), $permission, GroupPermissionMapper::class, 'group-permission', $request->getOrigin());
         $this->fillJsonResponse($request, $response, NotificationLevel::OK, 'Group', 'Group permission successfully created', $permission);
     }
 
@@ -1043,7 +1044,7 @@ final class ApiController extends Controller
             return;
         }
 
-        $this->createModel($request->getHeader()->getAccount(), $permission, AccountPermissionMapper::class, 'account-permission');
+        $this->createModel($request->getHeader()->getAccount(), $permission, AccountPermissionMapper::class, 'account-permission', $request->getOrigin());
         $this->fillJsonResponse($request, $response, NotificationLevel::OK, 'Account', 'Account permission successfully created', $permission);
     }
 
@@ -1052,6 +1053,7 @@ final class ApiController extends Controller
      *
      * @param PermissionAbstract $permission Permission to create for account-model combination
      * @param int                $account    Account creating this model
+     * @param string             $ip         Ip
      *
      * @return void
      *
@@ -1059,9 +1061,9 @@ final class ApiController extends Controller
      *
      * @since 1.0.0
      */
-    public function createAccountModelPermission(PermissionAbstract $permission, int $account) : void
+    public function createAccountModelPermission(PermissionAbstract $permission, int $account, string $ip) : void
     {
-        $this->createModel($account, $permission, AccountPermissionMapper::class, 'account-permission');
+        $this->createModel($account, $permission, AccountPermissionMapper::class, 'account-permission', $ip);
     }
 
     /**
@@ -1136,7 +1138,7 @@ final class ApiController extends Controller
         /** @var AccountPermission $new */
         $new = $this->updatePermissionFromRequest(AccountPermissionMapper::get((int) $request->getData('id')), $request);
 
-        $this->updateModel($request->getHeader()->getAccount(), $old, $new, AccountPermissionMapper::class, 'account-permission');
+        $this->updateModel($request->getHeader()->getAccount(), $old, $new, AccountPermissionMapper::class, 'account-permission', $request->getOrigin());
         $this->fillJsonResponse($request, $response, NotificationLevel::OK, 'Permission', 'Permission successfully updated', $new);
     }
 
@@ -1161,7 +1163,7 @@ final class ApiController extends Controller
         /** @var GroupPermission $new */
         $new = $this->updatePermissionFromRequest(GroupPermissionMapper::get((int) $request->getData('id')), $request);
 
-        $this->updateModel($request->getHeader()->getAccount(), $old, $new, GroupPermissionMapper::class, 'group-permission');
+        $this->updateModel($request->getHeader()->getAccount(), $old, $new, GroupPermissionMapper::class, 'group-permission', $request->getOrigin());
         $this->fillJsonResponse($request, $response, NotificationLevel::OK, 'Permission', 'Permission successfully updated', $new);
     }
 
@@ -1211,7 +1213,7 @@ final class ApiController extends Controller
         $account = (int) $request->getData('account');
         $groups  = \array_map('intval', $request->getDataList('igroup-idlist'));
 
-        $this->createModelRelation($request->getHeader()->getAccount(), $account, $groups, AccountMapper::class, 'groups', 'account-group');
+        $this->createModelRelation($request->getHeader()->getAccount(), $account, $groups, AccountMapper::class, 'groups', 'account-group', $request->getOrigin());
         $this->fillJsonResponse($request, $response, NotificationLevel::OK, 'Account', 'Relation added', []);
     }
 
@@ -1233,7 +1235,7 @@ final class ApiController extends Controller
         $group    = (int) $request->getData('group');
         $accounts = \array_map('intval', $request->getDataList('iaccount-idlist'));
 
-        $this->createModelRelation($request->getHeader()->getAccount(), $group, $accounts, GroupMapper::class, 'accounts', 'group-account');
+        $this->createModelRelation($request->getHeader()->getAccount(), $group, $accounts, GroupMapper::class, 'accounts', 'group-account', $request->getOrigin());
         $this->fillJsonResponse($request, $response, NotificationLevel::OK, 'Group', 'Relation added', []);
     }
 
diff --git a/Theme/Backend/accounts-list.tpl.php b/Theme/Backend/accounts-list.tpl.php
index 481e1aa..2925bca 100644
--- a/Theme/Backend/accounts-list.tpl.php
+++ b/Theme/Backend/accounts-list.tpl.php
@@ -60,8 +60,8 @@ echo $this->getData('nav')->render(); ?>
                         <?php endif; ?>
             </table>
             <div class="portlet-foot">
-                <a class="button" href="<?= UriFactory::build($previous); ?>"><?= $this->getHtml('Previous', '0', '0'); ?></a>
-                <a class="button" href="<?= UriFactory::build($next); ?>"><?= $this->getHtml('Next', '0', '0'); ?></a>
+                <a tabindex="0" class="button" href="<?= UriFactory::build($previous); ?>"><?= $this->getHtml('Previous', '0', '0'); ?></a>
+                <a tabindex="0" class="button" href="<?= UriFactory::build($next); ?>"><?= $this->getHtml('Next', '0', '0'); ?></a>
             </div>
         </div>
     </div>
diff --git a/Theme/Backend/groups-list.tpl.php b/Theme/Backend/groups-list.tpl.php
index 1981d17..6db5eb3 100644
--- a/Theme/Backend/groups-list.tpl.php
+++ b/Theme/Backend/groups-list.tpl.php
@@ -54,8 +54,8 @@ echo $this->getData('nav')->render(); ?>
                     <?php endif; ?>
             </table>
             <div class="portlet-foot">
-                <a class="button" href="<?= UriFactory::build($previous); ?>"><?= $this->getHtml('Previous', '0', '0'); ?></a>
-                <a class="button" href="<?= UriFactory::build($next); ?>"><?= $this->getHtml('Next', '0', '0'); ?></a>
+                <a tabindex="0" class="button" href="<?= UriFactory::build($previous); ?>"><?= $this->getHtml('Previous', '0', '0'); ?></a>
+                <a tabindex="0" class="button" href="<?= UriFactory::build($next); ?>"><?= $this->getHtml('Next', '0', '0'); ?></a>
             </div>
         </div>
     </div>