immich/server/src/domain/audit/audit.service.ts

import { DatabaseAction } from '@app/infra/entities';
import { Inject, Injectable } from '@nestjs/common';
import { DateTime } from 'luxon';
import { AccessCore, IAccessRepository, Permission } from '../access';
import { AuthUserDto } from '../auth';
import { AUDIT_LOG_MAX_DURATION } from '../domain.constant';
import { AuditDeletesDto, AuditDeletesResponseDto } from './audit.dto';
import { IAuditRepository } from './audit.repository';

@Injectable()
export class AuditService {
  private access: AccessCore;

  constructor(
    @Inject(IAccessRepository) accessRepository: IAccessRepository,
    @Inject(IAuditRepository) private repository: IAuditRepository,
  ) {
    this.access = new AccessCore(accessRepository);
  }

  async handleCleanup(): Promise<boolean> {
    await this.repository.removeBefore(DateTime.now().minus(AUDIT_LOG_MAX_DURATION).toJSDate());
    return true;
  }

  async getDeletes(authUser: AuthUserDto, dto: AuditDeletesDto): Promise<AuditDeletesResponseDto> {
    const userId = dto.userId || authUser.id;
    await this.access.requirePermission(authUser, Permission.LIBRARY_READ, userId);

    const audits = await this.repository.getAfter(dto.after, {
      ownerId: userId,
      entityType: dto.entityType,
      action: DatabaseAction.DELETE,
    });

    const duration = DateTime.now().diff(DateTime.fromJSDate(dto.after));

    return {
      needsFullSync: duration > AUDIT_LOG_MAX_DURATION,
      ids: audits.map(({ entityId }) => entityId),
    };
  }
}
feat(server): asset entity audit (#3824) * feat(server): audit log * feedback * Insert to database * migration * test * controller/repository/service * test * module * feat(server): implement audit endpoint * directly return changed assets * add daily cleanup of audit table * fix tests * review feedback * ci * refactor(server): audit implementation * chore: open api --------- Co-authored-by: Alex Tran <alex.tran1502@gmail.com> Co-authored-by: Fynn Petersen-Frey <zoodyy@users.noreply.github.com> Co-authored-by: Jason Rasmussen <jrasm91@gmail.com> 2023-08-24 21:28:50 +02:00			`import { DatabaseAction } from '@app/infra/entities';`
			`import { Inject, Injectable } from '@nestjs/common';`
			`import { DateTime } from 'luxon';`
			`import { AccessCore, IAccessRepository, Permission } from '../access';`
			`import { AuthUserDto } from '../auth';`
			`import { AUDIT_LOG_MAX_DURATION } from '../domain.constant';`
			`import { AuditDeletesDto, AuditDeletesResponseDto } from './audit.dto';`
			`import { IAuditRepository } from './audit.repository';`

			`@Injectable()`
			`export class AuditService {`
			`private access: AccessCore;`

			`constructor(`
			`@Inject(IAccessRepository) accessRepository: IAccessRepository,`
			`@Inject(IAuditRepository) private repository: IAuditRepository,`
			`) {`
			`this.access = new AccessCore(accessRepository);`
			`}`

			`async handleCleanup(): Promise<boolean> {`
			`await this.repository.removeBefore(DateTime.now().minus(AUDIT_LOG_MAX_DURATION).toJSDate());`
			`return true;`
			`}`

			`async getDeletes(authUser: AuthUserDto, dto: AuditDeletesDto): Promise<AuditDeletesResponseDto> {`
			`const userId = dto.userId \|\| authUser.id;`
			`await this.access.requirePermission(authUser, Permission.LIBRARY_READ, userId);`

			`const audits = await this.repository.getAfter(dto.after, {`
			`ownerId: userId,`
			`entityType: dto.entityType,`
			`action: DatabaseAction.DELETE,`
			`});`

			`const duration = DateTime.now().diff(DateTime.fromJSDate(dto.after));`

			`return {`
			`needsFullSync: duration > AUDIT_LOG_MAX_DURATION,`
			`ids: audits.map(({ entityId }) => entityId),`
			`};`
			`}`
			`}`