Implemented audit logs in mysql

[sheldor1510]

• Created new table audit_log
• Added a function addLog() to add logs to the table
• Implement audit log in mysql #68

[hakasapl]

The PHP implementation and bootstrapping looks good. Something to keep in mind is that the operator will not always be the user object. Admins can access the web portal as their user and modify a user's ssh keys, for example. In that case the admin would be the operator.

I think the best way to do this is by including an optional "operator" parameter for the setsshkeys method, which would be filled in with the global $USER variable.

Any thoughts on this?

[sheldor1510]

Yes, adding the optional "operator" parameter makes sense for the setsshkeys method.

@hakasapl Can you explain how would I go about getting the global $USER variable? Is that present in some other scope since it's not showing up when I write it in UnityUser.php.

[hakasapl]

The $USER variable point to the UnityUser object for the person who is currently authenticated. It is set in the resources/init.php file, and will only be available on the panel/* and admin/* pages.

[sheldor1510]

When I tried using the $USER variable in panel/account.php, it is always giving the user who the admin is accessing and not the admin itself. Is there some other way around this?

[hakasapl]

You're right - I forgot how that worked. I just made a PR but accidentally merged it with my last PR before I could request a review from you. See this commit: e4cd4be

That's now merged, so once you sync your fork you can use the $OPERATOR variable which will always be the user signed in, and the $USER var, which will stay the same.

[hakasapl]

Looks good. I will merge this, I assume you'll make another PR for auditing everything else? I will add a message to the issue listing each case we should have a log for