feat(admin-log): added tracking for all content changes (#3833)

thorsten · thorsten · commit 93452cd9a3c0 · 2026-01-06T16:28:49.000+01:00
diff --git a/phpmyfaq/src/phpMyFAQ/Controller/Administration/Api/AbstractAdministrationApiController.php b/phpmyfaq/src/phpMyFAQ/Controller/Administration/Api/AbstractAdministrationApiController.php
@@ -0,0 +1,33 @@
+<?php
+
+/**
+ * The abstract Administration API controller
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public License,
+ * v. 2.0. If a copy of the MPL was not distributed with this file, You can
+ * obtain one at https://mozilla.org/MPL/2.0/.
+ *
+ * @package   phpMyFAQ
+ * @author    Thorsten Rinne <thorsten@phpmyfaq.de>
+ * @copyright 2026 phpMyFAQ Team
+ * @license   https://www.mozilla.org/MPL/2.0/ Mozilla Public License Version 2.0
+ * @link      https://www.phpmyfaq.de
+ * @since     2026-01-06
+ */
+
+namespace phpMyFAQ\Controller\Administration\Api;
+
+use phpMyFAQ\Administration\AdminLog;
+use phpMyFAQ\Controller\AbstractController;
+
+class AbstractAdministrationApiController extends AbstractController
+{
+    protected ?AdminLog $adminLog = null;
+
+    public function __construct()
+    {
+        parent::__construct();
+
+        $this->adminLog = $this->container->get(id: 'phpmyfaq.admin.admin-log');
+    }
+}
diff --git a/phpmyfaq/src/phpMyFAQ/Controller/Administration/Api/AttachmentController.php b/phpmyfaq/src/phpMyFAQ/Controller/Administration/Api/AttachmentController.php
@@ -22,8 +22,8 @@
 use phpMyFAQ\Attachment\AttachmentException;
 use phpMyFAQ\Attachment\AttachmentFactory;
 use phpMyFAQ\Attachment\Filesystem\File\FileException;
-use phpMyFAQ\Controller\AbstractController;
 use phpMyFAQ\Core\Exception;
+use phpMyFAQ\Enums\AdminLogType;
 use phpMyFAQ\Enums\PermissionType;
 use phpMyFAQ\Session\Token;
 use phpMyFAQ\Translation;
@@ -33,7 +33,7 @@
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\Routing\Attribute\Route;
 
-final class AttachmentController extends AbstractController
+final class AttachmentController extends AbstractAdministrationApiController
 {
     /**
      * @throws \Exception
@@ -51,6 +51,11 @@ public function delete(Request $request): JsonResponse
 
             $attachment = AttachmentFactory::create($deleteData->attId);
             if ($attachment->delete()) {
+                $this->adminLog->log(
+                    $this->currentUser,
+                    AdminLogType::ATTACHMENT_DELETE->value . ':' . $deleteData->attId,
+                );
+
                 return $this->json(['success' => Translation::get(key: 'msgAttachmentsDeleted')], Response::HTTP_OK);
             }
 
@@ -150,6 +155,15 @@ public function upload(Request $request): JsonResponse
             }
         }
 
+        if (!empty($uploadedFiles)) {
+            $adminLog = $this->container->get(id: 'phpmyfaq.admin.admin-log');
+            $attachmentIds = array_column($uploadedFiles, 'attachmentId');
+            $adminLog->log(
+                $this->currentUser,
+                AdminLogType::ATTACHMENT_ADD->value . ':' . implode(',', $attachmentIds),
+            );
+        }
+
         return $this->json($uploadedFiles, Response::HTTP_OK);
     }
 }
diff --git a/phpmyfaq/src/phpMyFAQ/Controller/Administration/Api/CategoryController.php b/phpmyfaq/src/phpMyFAQ/Controller/Administration/Api/CategoryController.php
@@ -22,8 +22,8 @@
 use phpMyFAQ\Category;
 use phpMyFAQ\Category\Permission;
 use phpMyFAQ\Category\Relation;
-use phpMyFAQ\Controller\AbstractController;
 use phpMyFAQ\Core\Exception;
+use phpMyFAQ\Enums\AdminLogType;
 use phpMyFAQ\Enums\PermissionType;
 use phpMyFAQ\Filter;
 use phpMyFAQ\Session\Token;
@@ -34,7 +34,7 @@
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\Routing\Attribute\Route;
 
-final class CategoryController extends AbstractController
+final class CategoryController extends AbstractAdministrationApiController
 {
     /**
      * @throws Exception
@@ -83,6 +83,8 @@ public function delete(Request $request): JsonResponse
             $category->delete((int) $data->categoryId, $data->language)
             && $categoryRelation->delete((int) $data->categoryId, $data->language)
         ) {
+            $this->adminLog->log($this->currentUser, AdminLogType::CATEGORY_DELETE->value . ':' . $data->categoryId);
+
             return $this->json(['success' => Translation::get(key: 'ad_categ_deleted')], Response::HTTP_OK);
         }
 
@@ -158,6 +160,8 @@ public function updateOrder(Request $request): JsonResponse
         $category->setGroups($currentAdminGroups);
         $category->updateParentCategory((int) $data->categoryId, $parentId);
 
+        $this->adminLog->log($this->currentUser, AdminLogType::CATEGORY_REORDER->value . ':' . $data->categoryId);
+
         return $this->json(['success' => Translation::get(key: 'ad_categ_save_order')], Response::HTTP_OK);
     }
 }
diff --git a/phpmyfaq/src/phpMyFAQ/Controller/Administration/Api/CommentController.php b/phpmyfaq/src/phpMyFAQ/Controller/Administration/Api/CommentController.php
@@ -19,7 +19,7 @@
 
 namespace phpMyFAQ\Controller\Administration\Api;
 
-use phpMyFAQ\Controller\AbstractController;
+use phpMyFAQ\Enums\AdminLogType;
 use phpMyFAQ\Enums\PermissionType;
 use phpMyFAQ\Session\Token;
 use phpMyFAQ\Translation;
@@ -28,7 +28,7 @@
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\Routing\Attribute\Route;
 
-final class CommentController extends AbstractController
+final class CommentController extends AbstractAdministrationApiController
 {
     /**
      * @throws \Exception
@@ -57,6 +57,13 @@ public function delete(Request $request): JsonResponse
                 $result = $comments->delete($data->type, $commentId);
             }
 
+            if ($result) {
+                $this->adminLog->log(
+                    $this->currentUser,
+                    AdminLogType::COMMENT_DELETE->value . ':' . implode(',', $commentIds),
+                );
+            }
+
             return $this->json(['success' => $result], Response::HTTP_OK);
         }
 
diff --git a/phpmyfaq/src/phpMyFAQ/Controller/Administration/Api/ConfigurationTabController.php b/phpmyfaq/src/phpMyFAQ/Controller/Administration/Api/ConfigurationTabController.php
@@ -20,8 +20,8 @@
 namespace phpMyFAQ\Controller\Administration\Api;
 
 use phpMyFAQ\Administration\Helper;
-use phpMyFAQ\Controller\AbstractController;
 use phpMyFAQ\Core\Exception;
+use phpMyFAQ\Enums\AdminLogType;
 use phpMyFAQ\Enums\PermissionType;
 use phpMyFAQ\Filter;
 use phpMyFAQ\Helper\LanguageHelper;
@@ -37,7 +37,7 @@
 use Symfony\Component\Routing\Attribute\Route;
 use Twig\Error\LoaderError;
 
-final class ConfigurationTabController extends AbstractController
+final class ConfigurationTabController extends AbstractAdministrationApiController
 {
     /**
      * @throws TemplateException
@@ -183,7 +183,7 @@ public function save(Request $request): JsonResponse
             $newConfigValues[$key] = $value;
         }
 
-        // Replace main.referenceUrl in FAQs
+        // Replace "main.referenceUrl" in FAQs
         if ($oldConfigurationData['main.referenceURL'] !== $newConfigValues['main.referenceURL']) {
             $this->configuration->replaceMainReferenceUrl(
                 $oldConfigurationData['main.referenceURL'],
@@ -193,6 +193,9 @@ public function save(Request $request): JsonResponse
 
         $this->configuration->update($newConfigValues);
 
+        $changedKeys = array_keys(array_diff_assoc($newConfigValues, $oldConfigurationData));
+        $this->adminLog->log($this->currentUser, AdminLogType::CONFIG_CHANGE->value . ':' . implode(',', $changedKeys));
+
         return $this->json(['success' => Translation::get(key: 'ad_config_saved')], Response::HTTP_OK);
     }
 
diff --git a/phpmyfaq/src/phpMyFAQ/Controller/Administration/Api/FaqController.php b/phpmyfaq/src/phpMyFAQ/Controller/Administration/Api/FaqController.php
@@ -27,9 +27,9 @@
 use phpMyFAQ\Category;
 use phpMyFAQ\Category\Permission as CategoryPermission;
 use phpMyFAQ\Category\Relation;
-use phpMyFAQ\Controller\AbstractController;
 use phpMyFAQ\Entity\FaqEntity;
 use phpMyFAQ\Entity\SeoEntity;
+use phpMyFAQ\Enums\AdminLogType;
 use phpMyFAQ\Enums\PermissionType;
 use phpMyFAQ\Enums\SeoType;
 use phpMyFAQ\Faq;
@@ -54,7 +54,7 @@
 use Symfony\Component\Mailer\Exception\TransportExceptionInterface;
 use Symfony\Component\Routing\Attribute\Route;
 
-final class FaqController extends AbstractController
+final class FaqController extends AbstractAdministrationApiController
 {
     /**
      * @throws \phpMyFAQ\Core\Exception
@@ -70,7 +70,6 @@ public function create(Request $request): JsonResponse
         $faq = $this->container->get(id: 'phpmyfaq.faq');
         $tagging = $this->container->get(id: 'phpmyfaq.tags');
         $notification = $this->container->get(id: 'phpmyfaq.notification');
-        $logging = $this->container->get(id: 'phpmyfaq.admin.admin-log');
         $changelog = $this->container->get(id: 'phpmyfaq.admin.changelog');
         $visits = $this->container->get(id: 'phpmyfaq.visits');
         $seo = $this->container->get(id: 'phpmyfaq.seo');
@@ -115,7 +114,7 @@ public function create(Request $request): JsonResponse
         // Permissions
         $permissions = $faqPermission->createPermissionArray();
 
-        $logging->log($this->currentUser, 'admin-save-new-faq');
+        $this->adminLog->log($this->currentUser, AdminLogType::FAQ_ADD->value);
 
         if ($question === '' && $content === '') {
             return $this->json(['error' => Translation::get(key: 'msgNoQuestionAndAnswer')], Response::HTTP_CONFLICT);
@@ -221,7 +220,7 @@ public function create(Request $request): JsonResponse
                 }
             }
 
-            // Let the admin and the category owners to be informed by email of this new entry
+            // Let the admin and the category owners be informed by email of this new entry
             try {
                 $categoryHelper = new CategoryHelper();
                 $categoryHelper->setCategory($category)->setConfiguration($this->configuration);
@@ -334,9 +333,9 @@ public function update(Request $request): JsonResponse
         // Permissions
         $permissions = $faqPermission->createPermissionArray();
 
-        $logging->log($this->currentUser, 'admin-save-existing-faq ' . $faqId);
+        $logging->log($this->currentUser, AdminLogType::FAQ_EDIT->value . ':' . $faqId);
         if ($active === 'yes') {
-            $logging->log($this->currentUser, 'admin-publish-existing-faq ' . $faqId);
+            $logging->log($this->currentUser, AdminLogType::FAQ_PUBLISH->value . ':' . $faqId);
         }
 
         if ('yes' === $revision && $this->configuration->get(item: 'records.enableAutoRevisions')) {
@@ -563,6 +562,7 @@ public function activate(Request $request): JsonResponse
             }
 
             if ($success) {
+                $this->adminLog->log($this->currentUser, AdminLogType::FAQ_EDIT->value);
                 return $this->json(['success' => Translation::get(key: 'ad_entry_savedsuc')], Response::HTTP_OK);
             }
 
@@ -633,8 +633,7 @@ public function delete(Request $request): JsonResponse
             ], Response::HTTP_UNAUTHORIZED);
         }
 
-        $adminLog = $this->container->get(id: 'phpmyfaq.admin.admin-log');
-        $adminLog->log($this->currentUser, 'Deleted FAQ ID ' . $faqId);
+        $this->adminLog->log($this->currentUser, AdminLogType::FAQ_DELETE->value . ':' . $faqId);
 
         try {
             $faq->delete($faqId, $faqLanguage);
diff --git a/phpmyfaq/src/phpMyFAQ/Controller/Administration/Api/NewsController.php b/phpmyfaq/src/phpMyFAQ/Controller/Administration/Api/NewsController.php
@@ -20,8 +20,8 @@
 namespace phpMyFAQ\Controller\Administration\Api;
 
 use DateTime;
-use phpMyFAQ\Controller\AbstractController;
 use phpMyFAQ\Entity\NewsMessage;
+use phpMyFAQ\Enums\AdminLogType;
 use phpMyFAQ\Enums\PermissionType;
 use phpMyFAQ\Filter;
 use phpMyFAQ\News;
@@ -32,7 +32,7 @@
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\Routing\Attribute\Route;
 
-final class NewsController extends AbstractController
+final class NewsController extends AbstractAdministrationApiController
 {
     /**
      * @throws \Exception
@@ -76,6 +76,8 @@ public function create(Request $request): JsonResponse
             ->setCreated(new DateTime());
 
         if ($news->create($newsMessage)) {
+            $this->adminLog->log($this->currentUser, AdminLogType::NEWS_ADD->value);
+
             return $this->json(['success' => Translation::get(key: 'ad_news_updatesuc')], Response::HTTP_OK);
         }
 
@@ -101,6 +103,8 @@ public function delete(Request $request): JsonResponse
         $deleteId = Filter::filterVar($data->id, FILTER_VALIDATE_INT);
 
         if ($news->delete((int) $deleteId)) {
+            $this->adminLog->log($this->currentUser, AdminLogType::NEWS_DELETE->value . ':' . $deleteId);
+
             return $this->json(['success' => Translation::get(key: 'ad_news_delsuc')], Response::HTTP_OK);
         }
 
@@ -151,6 +155,8 @@ public function update(Request $request): JsonResponse
             ->setCreated(new DateTime());
 
         if ($news->update($newsMessage)) {
+            $this->adminLog->log($this->currentUser, AdminLogType::NEWS_EDIT->value . ':' . $newsId);
+
             return $this->json(['success' => Translation::get(key: 'ad_news_updatesuc')], Response::HTTP_OK);
         }
 
@@ -177,10 +183,14 @@ public function activate(Request $request): JsonResponse
 
         if ($status) {
             $news->activate($newsId);
+            $this->adminLog->log($this->currentUser, AdminLogType::NEWS_EDIT->value . ':' . $newsId);
+
             return $this->json(['success' => Translation::get(key: 'ad_news_updatesuc')], Response::HTTP_OK);
         }
 
         $news->deactivate($newsId);
+        $this->adminLog->log($this->currentUser, AdminLogType::NEWS_EDIT->value . ':' . $newsId);
+
         return $this->json(['success' => Translation::get(key: 'ad_news_updatesuc')], Response::HTTP_OK);
     }
 }
diff --git a/phpmyfaq/src/phpMyFAQ/Controller/Administration/CategoryController.php b/phpmyfaq/src/phpMyFAQ/Controller/Administration/CategoryController.php
@@ -26,6 +26,7 @@
 use phpMyFAQ\Database;
 use phpMyFAQ\Entity\CategoryEntity;
 use phpMyFAQ\Entity\SeoEntity;
+use phpMyFAQ\Enums\AdminLogType;
 use phpMyFAQ\Enums\PermissionType;
 use phpMyFAQ\Enums\SeoType;
 use phpMyFAQ\Filter;
@@ -281,6 +282,9 @@ public function create(Request $request): Response
                 ));
             $seo->create($seoEntity);
 
+            // Admin Log
+            $this->adminLog->log($this->currentUser, AdminLogType::CATEGORY_ADD->value . ':' . $categoryId);
+
             $templateVars = [
                 ...$templateVars,
                 'isSuccess' => true,
@@ -721,6 +725,9 @@ public function update(Request $request): Response
                 $seoService->update($seoEntity);
             }
 
+            // Admin Log
+            $this->adminLog->log($this->currentUser, AdminLogType::CATEGORY_EDIT->value . ':' . $categoryId);
+
             $templateVars = [
                 ...$templateVars,
                 'isSuccess' => true,
diff --git a/phpmyfaq/src/phpMyFAQ/Enums/AdminLogType.php b/phpmyfaq/src/phpMyFAQ/Enums/AdminLogType.php
@@ -32,6 +32,7 @@ enum AdminLogType: string
     case FAQ_TRANSLATE = 'faq-translate';
     case FAQ_ANSWER_ADD = 'faq-answer-add';
     case FAQ_DELETE = 'faq-delete';
+    case FAQ_PUBLISH = 'faq-publish';
 
     // Category operations
     case CATEGORY_ADD = 'category-add';
