feat(admin-log): improved admin logging (#3833)

Author: thorsten

phpmyfaq/src/phpMyFAQ/Controller/Administration/AbstractAdministrationController.php

@@ -20,6 +20,7 @@
 namespace phpMyFAQ\Controller\Administration;
 
 use Exception;
+use phpMyFAQ\Administration\AdminLog;
 use phpMyFAQ\Administration\Helper;
 use phpMyFAQ\Controller\AbstractController;
 use phpMyFAQ\Controller\Exception\ForbiddenException;
@@ -36,6 +37,15 @@
 
 abstract class AbstractAdministrationController extends AbstractController
 {
+    protected ?AdminLog $adminLog = null;
+
+    public function __construct()
+    {
+        parent::__construct();
+
+        $this->adminLog = $this->container->get(id: 'phpmyfaq.admin.admin-log');
+    }
+
     /**
      * @return string[]
      * @throws Exception

phpmyfaq/src/phpMyFAQ/Controller/Administration/AdminLogController.php

@@ -45,21 +45,19 @@ public function index(Request $request): Response
     {
         $this->userHasPermission(PermissionType::STATISTICS_ADMINLOG);
 
-        $adminLog = $this->container->get(id: 'phpmyfaq.admin.admin-log');
-
         $itemsPerPage = 15;
         $page = Filter::filterVar($request->attributes->get('page'), FILTER_VALIDATE_INT, 1);
 
         // Pagination options
         $options = [
             'baseUrl' => $request->getUri(),
-            'total' => $adminLog->getNumberOfEntries(),
+            'total' => $this->adminLog->getNumberOfEntries(),
             'perPage' => $itemsPerPage,
             'pageParamName' => 'page',
         ];
         $pagination = new Pagination($options);
 
-        $loggingData = $adminLog->getAll();
+        $loggingData = $this->adminLog->getAll();
 
         $offset = ($page - 1) * $itemsPerPage;
         $currentItems = array_slice($loggingData, $offset, $itemsPerPage);

phpmyfaq/src/phpMyFAQ/Controller/Administration/AuthenticationController.php

@@ -39,8 +39,6 @@ public function authenticate(Request $request): Response
             return new RedirectResponse(url: './');
         }
 
-        $logging = $this->container->get(id: 'phpmyfaq.admin.admin-log');
-
         $username = Filter::filterVar($request->request->get(key: 'faqusername'), FILTER_SANITIZE_SPECIAL_CHARS);
         $password = Filter::filterVar(
             $request->request->get(key: 'faqpassword'),
@@ -68,7 +66,7 @@ public function authenticate(Request $request): Response
                     return new RedirectResponse(url: './token?user-id=' . $this->currentUser->getUserId());
                 }
             } catch (Exception) {
-                $logging->log(
+                $this->adminLog->log(
                     $this->currentUser,
                     'Login-error\nLogin: ' . $username . '\nErrors: '
                         . implode(separator: ', ', array: $this->currentUser->errors),

phpmyfaq/src/phpMyFAQ/Controller/Administration/BackupController.php

@@ -20,6 +20,7 @@
 namespace phpMyFAQ\Controller\Administration;
 
 use phpMyFAQ\Core\Exception;
+use phpMyFAQ\Enums\AdminLogType;
 use phpMyFAQ\Enums\BackupType;
 use phpMyFAQ\Enums\PermissionType;
 use phpMyFAQ\Session\Token;
@@ -70,10 +71,12 @@ public function export(Request $request): Response
         $this->userHasPermission(PermissionType::BACKUP);
 
         $type = $request->attributes->get(key: 'type');
-        if (!\in_array($type, ['content', 'logs'], true)) {
+        if (!in_array($type, ['content', 'logs'], true)) {
             return new Response(status: Response::HTTP_BAD_REQUEST);
         }
 
+        $this->adminLog->log($this->currentUser, AdminLogType::BACKUP_EXPORT->value);
+
         $backup = $this->container->get(id: 'phpmyfaq.backup');
 
         $backupType = $type === 'content' ? BackupType::BACKUP_TYPE_DATA : BackupType::BACKUP_TYPE_LOGS;
@@ -107,6 +110,8 @@ public function restore(Request $request): Response
             throw new UnauthorizedHttpException(challenge: 'Invalid CSRF token');
         }
 
+        $this->adminLog->log($this->currentUser, AdminLogType::BACKUP_RESTORE->value);
+
         $file = $request->files->get(key: 'userfile');
 
         if (!$file) {

phpmyfaq/src/phpMyFAQ/Controller/Administration/FaqController.php

@@ -26,6 +26,7 @@
 use phpMyFAQ\Core\Exception;
 use phpMyFAQ\Database;
 use phpMyFAQ\Entity\SeoEntity;
+use phpMyFAQ\Enums\AdminLogType;
 use phpMyFAQ\Enums\PermissionType;
 use phpMyFAQ\Enums\SeoType;
 use phpMyFAQ\Faq\Permission;
@@ -108,7 +109,7 @@ public function add(Request $request): Response
         $faq = $this->container->get(id: 'phpmyfaq.faq');
         $userHelper = $this->container->get(id: 'phpmyfaq.helper.user-helper');
 
-        $this->container->get(id: 'phpmyfaq.admin.admin-log')->log($this->currentUser, 'admin-add-faq');
+        $this->adminLog->log($this->currentUser, AdminLogType::FAQ_ADD->value);
         $categories = [];
 
         $faqData = [
@@ -181,7 +182,7 @@ public function addInCategory(Request $request): Response
         $faq = $this->container->get(id: 'phpmyfaq.faq');
         $userHelper = $this->container->get(id: 'phpmyfaq.helper.user-helper');
 
-        $this->container->get(id: 'phpmyfaq.admin.admin-log')->log($this->currentUser, 'admin-add-faq');
+        $this->adminLog->log($this->currentUser, AdminLogType::FAQ_ADD->value);
 
         $faqData = [
             'id' => 0,
@@ -258,7 +259,7 @@ public function edit(Request $request): Response
         $faqLanguage = Filter::filterVar($request->attributes->get('faqLanguage'), FILTER_SANITIZE_SPECIAL_CHARS);
         $selectedRevisionId = Filter::filterVar($request->attributes->get('selectedRevisionId'), FILTER_VALIDATE_INT);
 
-        $this->container->get(id: 'phpmyfaq.admin.admin-log')->log($this->currentUser, 'admin-edit-faq ' . $faqId);
+        $this->adminLog->log($this->currentUser, AdminLogType::FAQ_EDIT->value . ':' . $faqId);
 
         $categories = $categoryRelation->getCategories($faqId, $faqLanguage);
 
@@ -293,7 +294,7 @@ public function edit(Request $request): Response
 
         // User permissions
         $userPermission = $this->container->get(id: 'phpmyfaq.faq.permission')->get(Permission::USER, $faqId);
-        if (count($userPermission) == 0 || $userPermission[0] == -1) {
+        if (count($userPermission) === 0 || $userPermission[0] === -1) {
             $allUsers = true;
             $restrictedUsers = false;
             $userPermission[0] = -1;
@@ -385,7 +386,7 @@ public function copy(Request $request): Response
         $faqId = (int) Filter::filterVar($request->attributes->get('faqId'), FILTER_VALIDATE_INT);
         $faqLanguage = Filter::filterVar($request->attributes->get('faqLanguage'), FILTER_SANITIZE_SPECIAL_CHARS);
 
-        $this->container->get(id: 'phpmyfaq.admin.admin-log')->log($this->currentUser, 'admin-copy-faq ' . $faqId);
+        $this->adminLog->log($this->currentUser, AdminLogType::FAQ_COPY->value . ':' . $faqId);
 
         $categories = [];
 
@@ -459,7 +460,7 @@ public function translate(Request $request): Response
         $faqId = (int) Filter::filterVar($request->attributes->get('faqId'), FILTER_VALIDATE_INT);
         $faqLanguage = Filter::filterVar($request->attributes->get('faqLanguage'), FILTER_SANITIZE_SPECIAL_CHARS);
 
-        $this->container->get(id: 'phpmyfaq.admin.admin-log')->log($this->currentUser, 'admin-translate-faq ' . $faqId);
+        $this->adminLog->log($this->currentUser, AdminLogType::FAQ_TRANSLATE->value . ':' . $faqId);
 
         $categories = [];
 
@@ -533,10 +534,7 @@ public function answer(Request $request): Response
         $questionId = (int) Filter::filterVar($request->attributes->get('questionId'), FILTER_VALIDATE_INT);
         $faqLanguage = Filter::filterVar($request->attributes->get('faqLanguage'), FILTER_SANITIZE_SPECIAL_CHARS);
 
-        $this->container->get(id: 'phpmyfaq.admin.admin-log')->log(
-            $this->currentUser,
-            'admin-answer-question ' . $questionId,
-        );
+        $this->adminLog->log($this->currentUser, AdminLogType::FAQ_ANSWER_ADD->value . ':' . $questionId);
 
         /** @var Question $question */
         $question = $this->container->get(id: 'phpmyfaq.question');

phpmyfaq/src/phpMyFAQ/Enums/AdminLogType.php

@@ -0,0 +1,31 @@
+<?php
+
+/**
+ * Admin log type enum
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public License,
+ * v. 2.0. If a copy of the MPL was not distributed with this file, You can
+ * obtain one at https://mozilla.org/MPL/2.0/.
+ *
+ * @package   phpMyFAQ
+ * @author    Thorsten Rinne <[email protected]>
+ * @copyright 2026 phpMyFAQ Team
+ * @license   https://www.mozilla.org/MPL/2.0/ Mozilla Public License Version 2.0
+ * @link      https://www.phpmyfaq.de
+ * @since     2026-01-04
+ */
+
+declare(strict_types=1);
+
+namespace phpMyFAQ\Enums;
+
+enum AdminLogType: string
+{
+    case BACKUP_EXPORT = 'backup-export';
+    case BACKUP_RESTORE = 'backup-restore';
+    case FAQ_ADD = 'faq-add';
+    case FAQ_EDIT = 'faq-edit';
+    case FAQ_COPY = 'faq-copy';
+    case FAQ_TRANSLATE = 'faq-translate';
+    case FAQ_ANSWER_ADD = 'faq-answer-add';
+}

tests/phpMyFAQ/Controller/BackupControllerTest.php

@@ -4,6 +4,7 @@
 
 namespace phpMyFAQ\Controller;
 
+use phpMyFAQ\Administration\AdminLog;
 use phpMyFAQ\Administration\Backup;
 use phpMyFAQ\Administration\Backup\BackupExportResult;
 use phpMyFAQ\Configuration;
@@ -28,6 +29,7 @@ class BackupControllerTest extends TestCase
     private CurrentUser $currentUserMock;
     private BasicPermission $permissionMock;
     private Backup $backupServiceMock;
+    private AdminLog $adminLogMock;
 
     private Session $session;
 
@@ -37,6 +39,7 @@ protected function setUp(): void
         $this->currentUserMock = $this->createStub(CurrentUser::class);
         $this->permissionMock = $this->createStub(BasicPermission::class);
         $this->backupServiceMock = $this->createMock(Backup::class);
+        $this->adminLogMock = $this->createStub(AdminLog::class);
         $this->session = new Session(new MockArraySessionStorage());
 
         $this->currentUserMock->perm = $this->permissionMock;
@@ -48,19 +51,23 @@ private function createController(): BackupController
             $this->configurationMock,
             $this->currentUserMock,
             $this->backupServiceMock,
+            $this->adminLogMock,
             $this->session,
         ) extends BackupController {
             public function __construct(
                 Configuration $configuration,
                 CurrentUser $currentUser,
                 Backup $backupService,
+                AdminLog $adminLog,
                 Session $session,
             ) {
                 $this->configuration = $configuration;
                 $this->currentUser = $currentUser;
                 $this->session = $session;
+                $this->adminLog = $adminLog;
                 $this->container = new ContainerBuilder();
                 $this->container->set('phpmyfaq.backup', $backupService);
+                $this->container->set('phpmyfaq.admin.admin-log', $adminLog);
                 $this->container->set('session', $session);
             }
         };