KN4CK3R · KN4CK3R · Mar 4, 2024
diff --git a/models/audit/action.go b/models/audit/action.go
@@ -123,3 +123,240 @@ const (
 	SystemOAuth2ApplicationSecret    Action = "system:oauth2application:secret"
 	SystemOAuth2ApplicationRemove    Action = "system:oauth2application:remove"
 )
+
+func (a Action) LocaleKey() string {
+	switch a {
+	case UserImpersonation:
+		return "audit.action.user.impersonation"
+	case UserCreate:
+		return "audit.action.user.create"
+	case UserDelete:
+		return "audit.action.user.delete"
+	case UserAuthenticationFailTwoFactor:
+		return "audit.action.user.authentication.fail.twofactor"
+	case UserAuthenticationSource:
+		return "audit.action.user.authentication.source"
+	case UserActive:
+		return "audit.action.user.active"
+	case UserRestricted:
+		return "audit.action.user.restricted"
+	case UserAdmin:
+		return "audit.action.user.admin"
+	case UserName:
+		return "audit.action.user.name"
+	case UserPassword:
+		return "audit.action.user.password"
+	case UserPasswordResetRequest:
+		return "audit.action.user.password.resetrequest"
+	case UserVisibility:
+		return "audit.action.user.visibility"
+	case UserEmailPrimaryChange:
+		return "audit.action.user.email.primary"
+	case UserEmailAdd:
+		return "audit.action.user.email.add"
+	case UserEmailActivate:
+		return "audit.action.user.email.activate"
+	case UserEmailRemove:
+		return "audit.action.user.email.remove"
+	case UserTwoFactorEnable:
+		return "audit.action.user.twofactor.enable"
+	case UserTwoFactorRegenerate:
+		return "audit.action.user.twofactor.regenerate"
+	case UserTwoFactorDisable:
+		return "audit.action.user.twofactor.disable"
+	case UserWebAuthAdd:
+		return "audit.action.user.webauth.add"
+	case UserWebAuthRemove:
+		return "audit.action.user.webauth.remove"
+	case UserExternalLoginAdd:
+		return "audit.action.user.externallogin.add"
+	case UserExternalLoginRemove:
+		return "audit.action.user.externallogin.remove"
+	case UserOpenIDAdd:
+		return "audit.action.user.openid.add"
+	case UserOpenIDRemove:
+		return "audit.action.user.openid.remove"
+	case UserAccessTokenAdd:
+		return "audit.action.user.accesstoken.add"
+	case UserAccessTokenRemove:
+		return "audit.action.user.accesstoken.remove"
+	case UserOAuth2ApplicationAdd:
+		return "audit.action.user.oauth2application.add"
+	case UserOAuth2ApplicationUpdate:
+		return "audit.action.user.oauth2application.update"
+	case UserOAuth2ApplicationSecret:
+		return "audit.action.user.oauth2application.secret"
+	case UserOAuth2ApplicationGrant:
+		return "audit.action.user.oauth2application.grant"
+	case UserOAuth2ApplicationRevoke:
+		return "audit.action.user.oauth2application.revoke"
+	case UserOAuth2ApplicationRemove:
+		return "audit.action.user.oauth2application.remove"
+	case UserKeySSHAdd:
+		return "audit.action.user.key.ssh.add"
+	case UserKeySSHRemove:
+		return "audit.action.user.key.ssh.remove"
+	case UserKeyPrincipalAdd:
+		return "audit.action.user.key.principal.add"
+	case UserKeyPrincipalRemove:
+		return "audit.action.user.key.principal.remove"
+	case UserKeyGPGAdd:
+		return "audit.action.user.key.gpg.add"
+	case UserKeyGPGRemove:
+		return "audit.action.user.key.gpg.remove"
+	case UserSecretAdd:
+		return "audit.action.user.secret.add"
+	case UserSecretUpdate:
+		return "audit.action.user.secret.update"
+	case UserSecretRemove:
+		return "audit.action.user.secret.remove"
+	case UserWebhookAdd:
+		return "audit.action.user.webhook.add"
+	case UserWebhookUpdate:
+		return "audit.action.user.webhook.update"
+	case UserWebhookRemove:
+		return "audit.action.user.webhook.remove"
+
+	case OrganizationCreate:
+		return "audit.action.organization.create"
+	case OrganizationDelete:
+		return "audit.action.organization.delete"
+	case OrganizationName:
+		return "audit.action.organization.name"
+	case OrganizationVisibility:
+		return "audit.action.organization.visibility"
+	case OrganizationTeamAdd:
+		return "audit.action.organization.team.add"
+	case OrganizationTeamUpdate:
+		return "audit.action.organization.team.update"
+	case OrganizationTeamRemove:
+		return "audit.action.organization.team.remove"
+	case OrganizationTeamPermission:
+		return "audit.action.organization.team.permission"
+	case OrganizationTeamMemberAdd:
+		return "audit.action.organization.team.member.add"
+	case OrganizationTeamMemberRemove:
+		return "audit.action.organization.team.member.remove"
+	case OrganizationOAuth2ApplicationAdd:
+		return "audit.action.organization.oauth2application.add"
+	case OrganizationOAuth2ApplicationUpdate:
+		return "audit.action.organization.oauth2application.update"
+	case OrganizationOAuth2ApplicationSecret:
+		return "audit.action.organization.oauth2application.secret"
+	case OrganizationOAuth2ApplicationRemove:
+		return "audit.action.organization.oauth2application.remove"
+	case OrganizationSecretAdd:
+		return "audit.action.organization.secret.add"
+	case OrganizationSecretUpdate:
+		return "audit.action.organization.secret.update"
+	case OrganizationSecretRemove:
+		return "audit.action.organization.secret.remove"
+	case OrganizationWebhookAdd:
+		return "audit.action.organization.webhook.add"
+	case OrganizationWebhookUpdate:
+		return "audit.action.organization.webhook.update"
+	case OrganizationWebhookRemove:
+		return "audit.action.organization.webhook.remove"
+
+	case RepositoryCreate:
+		return "audit.action.repository.create"
+	case RepositoryCreateFork:
+		return "audit.action.repository.create.fork"
+	case RepositoryArchive:
+		return "audit.action.repository.archive"
+	case RepositoryUnarchive:
+		return "audit.action.repository.unarchive"
+	case RepositoryDelete:
+		return "audit.action.repository.delete"
+	case RepositoryName:
+		return "audit.action.repository.name"
+	case RepositoryVisibility:
+		return "audit.action.repository.visibility"
+	case RepositoryConvertFork:
+		return "audit.action.repository.convert.fork"
+	case RepositoryConvertMirror:
+		return "audit.action.repository.convert.mirror"
+	case RepositoryMirrorPushAdd:
+		return "audit.action.repository.mirror.push.add"
+	case RepositoryMirrorPushRemove:
+		return "audit.action.repository.mirror.push.remove"
+	case RepositorySigningVerification:
+		return "audit.action.repository.signingverification"
+	case RepositoryTransferStart:
+		return "audit.action.repository.transfer.start"
+	case RepositoryTransferFinish:
+		return "audit.action.repository.transfer.finish"
+	case RepositoryTransferCancel:
+		return "audit.action.repository.transfer.cancel"
+	case RepositoryWikiDelete:
+		return "audit.action.repository.wiki.delete"
+	case RepositoryCollaboratorAdd:
+		return "audit.action.repository.collaborator.add"
+	case RepositoryCollaboratorAccess:
+		return "audit.action.repository.collaborator.access"
+	case RepositoryCollaboratorRemove:
+		return "audit.action.repository.collaborator.remove"
+	case RepositoryCollaboratorTeamAdd:
+		return "audit.action.repository.collaborator.team.add"
+	case RepositoryCollaboratorTeamRemove:
+		return "audit.action.repository.collaborator.team.remove"
+	case RepositoryBranchDefault:
+		return "audit.action.repository.branch.default"
+	case RepositoryBranchProtectionAdd:
+		return "audit.action.repository.branch.protection.add"
+	case RepositoryBranchProtectionUpdate:
+		return "audit.action.repository.branch.protection.update"
+	case RepositoryBranchProtectionRemove:
+		return "audit.action.repository.branch.protection.remove"
+	case RepositoryTagProtectionAdd:
+		return "audit.action.repository.tag.protection.add"
+	case RepositoryTagProtectionUpdate:
+		return "audit.action.repository.tag.protection.update"
+	case RepositoryTagProtectionRemove:
+		return "audit.action.repository.tag.protection.remove"
+	case RepositoryWebhookAdd:
+		return "audit.action.repository.webhook.add"
+	case RepositoryWebhookUpdate:
+		return "audit.action.repository.webhook.update"
+	case RepositoryWebhookRemove:
+		return "audit.action.repository.webhook.remove"
+	case RepositoryDeployKeyAdd:
+		return "audit.action.repository.deploykey.add"
+	case RepositoryDeployKeyRemove:
+		return "audit.action.repository.deploykey.remove"
+	case RepositorySecretAdd:
+		return "audit.action.repository.secret.add"
+	case RepositorySecretUpdate:
+		return "audit.action.repository.secret.update"
+	case RepositorySecretRemove:
+		return "audit.action.repository.secret.remove"
+
+	case SystemStartup:
+		return "audit.action.system.startup"
+	case SystemShutdown:
+		return "audit.action.system.shutdown"
+	case SystemWebhookAdd:
+		return "audit.action.system.webhook.add"
+	case SystemWebhookUpdate:
+		return "audit.action.system.webhook.update"
+	case SystemWebhookRemove:
+		return "audit.action.system.webhook.remove"
+	case SystemAuthenticationSourceAdd:
+		return "audit.action.system.authenticationsource.add"
+	case SystemAuthenticationSourceUpdate:
+		return "audit.action.system.authenticationsource.update"
+	case SystemAuthenticationSourceRemove:
+		return "audit.action.system.authenticationsource.remove"
+	case SystemOAuth2ApplicationAdd:
+		return "audit.action.system.oauth2application.add"
+	case SystemOAuth2ApplicationUpdate:
+		return "audit.action.system.oauth2application.update"
+	case SystemOAuth2ApplicationSecret:
+		return "audit.action.system.oauth2application.secret"
+	case SystemOAuth2ApplicationRemove:
+		return "audit.action.system.oauth2application.remove"
+
+	default:
+		panic("unknown audit action: " + a)
+	}
+}
diff --git a/models/audit/audit_event.go b/models/audit/audit_event.go
@@ -17,16 +17,16 @@ func init() {
 }
 
 type Event struct {
-	ID            int64      `xorm:"pk autoincr"`
-	Action        Action     `xorm:"INDEX NOT NULL"`
-	ActorID       int64      `xorm:"INDEX NOT NULL"`
-	ScopeType     ObjectType `xorm:"INDEX(scope) NOT NULL"`
-	ScopeID       int64      `xorm:"INDEX(scope) NOT NULL"`
-	TargetType    ObjectType `xorm:"NOT NULL"`
-	TargetID      int64      `xorm:"NOT NULL"`
-	Message       string
-	IPAddress     string
-	TimestampUnix timeutil.TimeStamp `xorm:"INDEX NOT NULL"`
+	ID             int64      `xorm:"pk autoincr"`
+	Action         Action     `xorm:"INDEX NOT NULL"`
+	ActorID        int64      `xorm:"INDEX NOT NULL"`
+	ScopeType      ObjectType `xorm:"INDEX(scope) NOT NULL"`
+	ScopeID        int64      `xorm:"INDEX(scope) NOT NULL"`
+	TargetType     ObjectType `xorm:"NOT NULL"`
+	TargetID       int64      `xorm:"NOT NULL"`
+	MessageContext []any      `xorm:"JSON TEXT"`
+	IPAddress      string
+	TimestampUnix  timeutil.TimeStamp `xorm:"INDEX NOT NULL"`
 }
 
 func (*Event) TableName() string {

diff --git a/models/migrations/v1_22/v288.go b/models/migrations/v1_22/v288.go
@@ -11,16 +11,16 @@ import (
 
 func AddAuditEventTable(x *xorm.Engine) error {
 	type AuditEvent struct {
-		ID            int64  `xorm:"pk autoincr"`
-		Action        string `xorm:"INDEX NOT NULL"`
-		ActorID       int64  `xorm:"INDEX NOT NULL"`
-		ScopeType     string `xorm:"INDEX(scope) NOT NULL"`
-		ScopeID       int64  `xorm:"INDEX(scope) NOT NULL"`
-		TargetType    string `xorm:"NOT NULL"`
-		TargetID      int64  `xorm:"NOT NULL"`
-		Message       string
-		IPAddress     string
-		TimestampUnix timeutil.TimeStamp `xorm:"INDEX NOT NULL"`
+		ID             int64  `xorm:"pk autoincr"`
+		Action         string `xorm:"INDEX NOT NULL"`
+		ActorID        int64  `xorm:"INDEX NOT NULL"`
+		ScopeType      string `xorm:"INDEX(scope) NOT NULL"`
+		ScopeID        int64  `xorm:"INDEX(scope) NOT NULL"`
+		TargetType     string `xorm:"NOT NULL"`
+		TargetID       int64  `xorm:"NOT NULL"`
+		MessageContext []any  `xorm:"JSON TEXT"`
+		IPAddress      string
+		TimestampUnix  timeutil.TimeStamp `xorm:"INDEX NOT NULL"`
 	}
 
 	return x.Sync(&AuditEvent{})

diff --git a/modules/translation/mock.go b/modules/translation/mock.go
@@ -25,6 +25,10 @@ func (l MockLocale) Tr(s string, a ...any) template.HTML {
 	return template.HTML(s)
 }
 
+func (l MockLocale) TrExpand(s string, a []any) template.HTML {
+	return l.Tr(s, a...)
+}
+
 func (l MockLocale) TrN(cnt any, key1, keyN string, args ...any) template.HTML {
 	return template.HTML(key1)
 }

diff --git a/modules/translation/translation.go b/modules/translation/translation.go
@@ -31,6 +31,7 @@ type Locale interface {
 	TrString(string, ...any) string
 
 	Tr(key string, args ...any) template.HTML
+	TrExpand(key string, args []any) template.HTML
 	TrN(cnt any, key1, keyN string, args ...any) template.HTML
 
 	PrettyNumber(v any) string
@@ -226,6 +227,10 @@ func (l *locale) Tr(s string, args ...any) template.HTML {
 	return l.TrHTML(s, args...)
 }
 
+func (l *locale) TrExpand(s string, args []any) template.HTML {
+	return l.Tr(s, args...)
+}
+
 // TrN returns translated message for plural text translation
 func (l *locale) TrN(cnt any, key1, keyN string, args ...any) template.HTML {
 	var c int64