diff --git a/migrations/0044__drop_audit_log.sql b/migrations/0044__drop_audit_log.sql new file mode 100644 index 000000000..cf4d99346 --- /dev/null +++ b/migrations/0044__drop_audit_log.sql @@ -0,0 +1 @@ +DROP TABLE audit_log; \ No newline at end of file diff --git a/public/javascripts/init.js b/public/javascripts/init.js index e2aa723cf..1cb4b3eb9 100644 --- a/public/javascripts/init.js +++ b/public/javascripts/init.js @@ -134,7 +134,6 @@ function showAppIfHidden() { function initAjax() { $.ajaxSetup({ headers: { - 'x-browser-id': browserId, 'x-protected-session-id': typeof protected_session !== 'undefined' ? protected_session.getProtectedSessionId() : null } }); diff --git a/routes/api/notes.js b/routes/api/notes.js index a08c564b8..9f0c3d532 100644 --- a/routes/api/notes.js +++ b/routes/api/notes.js @@ -31,10 +31,9 @@ router.get('/:noteId', auth.checkApiAuth, async (req, res, next) => { router.post('/:parentNoteId/children', async (req, res, next) => { const parentNoteId = req.params.parentNoteId; - const browserId = utils.browserId(req); const note = req.body; - const { noteId, noteTreeId } = await notes.createNewNote(parentNoteId, note, browserId); + const { noteId, noteTreeId } = await notes.createNewNote(parentNoteId, note); res.send({ 'note_id': noteId, @@ -53,10 +52,8 @@ router.put('/:noteId', async (req, res, next) => { }); router.delete('/:noteTreeId', async (req, res, next) => { - const browserId = utils.browserId(req); - await sql.doInTransaction(async () => { - await notes.deleteNote(req.params.noteTreeId, browserId); + await notes.deleteNote(req.params.noteTreeId); }); res.send({}); diff --git a/routes/api/notes_move.js b/routes/api/notes_move.js index 19ab21064..1d5ce504f 100644 --- a/routes/api/notes_move.js +++ b/routes/api/notes_move.js @@ -4,7 +4,6 @@ const express = require('express'); const router = express.Router(); const sql = require('../../services/sql'); const utils = require('../../services/utils'); -const audit_category = require('../../services/audit_category'); const auth = require('../../services/auth'); const sync_table = require('../../services/sync_table'); @@ -22,7 +21,6 @@ router.put('/:noteTreeId/moveTo/:parentNoteId', auth.checkApiAuth, async (req, r [parentNoteId, newNotePos, now, noteTreeId]); await sync_table.addNoteTreeSync(noteTreeId); - await sql.addAudit(audit_category.CHANGE_PARENT, utils.browserId(req), null, null, parentNoteId); }); res.send({}); @@ -47,7 +45,6 @@ router.put('/:noteTreeId/moveBefore/:beforeNoteTreeId', async (req, res, next) = await sync_table.addNoteTreeSync(noteTreeId); await sync_table.addNoteReorderingSync(beforeNote.note_pid); - await sql.addAudit(audit_category.CHANGE_POSITION, utils.browserId(req), beforeNote.note_pid); }); res.send({}); @@ -76,7 +73,6 @@ router.put('/:noteTreeId/moveAfter/:afterNoteTreeId', async (req, res, next) => await sync_table.addNoteTreeSync(noteTreeId); await sync_table.addNoteReorderingSync(afterNote.note_pid); - await sql.addAudit(audit_category.CHANGE_POSITION, utils.browserId(req), afterNote.note_pid); }); res.send({}); @@ -175,7 +171,6 @@ router.put('/:noteId/cloneAfter/:afterNoteTreeId', async (req, res, next) => { await sync_table.addNoteTreeSync(noteTree.note_tree_id); await sync_table.addNoteReorderingSync(afterNote.note_pid); - await sql.addAudit(audit_category.CHANGE_POSITION, utils.browserId(req), afterNote.note_pid); res.send({ success: true diff --git a/routes/api/settings.js b/routes/api/settings.js index a981e697c..0257bbd15 100644 --- a/routes/api/settings.js +++ b/routes/api/settings.js @@ -4,7 +4,6 @@ const express = require('express'); const router = express.Router(); const sql = require('../../services/sql'); const options = require('../../services/options'); -const audit_category = require('../../services/audit_category'); const auth = require('../../services/auth'); const utils = require('../../services/utils'); @@ -31,8 +30,6 @@ router.post('/', async (req, res, next) => { const optionName = await options.getOption(body['name']); await sql.doInTransaction(async () => { - await sql.addAudit(audit_category.SETTINGS, utils.browserId(req), null, optionName, body['value'], body['name']); - await options.setOption(body['name'], body['value']); }); diff --git a/routes/api/status.js b/routes/api/status.js index 44b116afb..d70c5edba 100644 --- a/routes/api/status.js +++ b/routes/api/status.js @@ -6,28 +6,18 @@ const sql = require('../../services/sql'); const options = require('../../services/options'); const auth = require('../../services/auth'); const sync = require('../../services/sync'); -const audit_category = require('../../services/audit_category'); +const source_id = require('../../services/source_id'); router.post('', auth.checkApiAuth, async (req, res, next) => { const treeLoadTime = req.body.treeLoadTime; const currentNoteId = req.body.currentNoteId; const currentNoteLoadTime = req.body.currentNoteLoadTime; - const browserId = req.get('x-browser-id'); + const noteTreeChangesCount = await sql.getSingleValue("SELECT COUNT(*) FROM sync WHERE entity_name = 'notes_tree' AND source_id != ? " + + "AND sync_date >= ?", [source_id.currentSourceId, treeLoadTime]); - const noteTreeChangesCount = await sql.getSingleValue("SELECT COUNT(*) FROM audit_log WHERE (browser_id IS NULL OR browser_id != ?) " + - "AND date_modified >= ? AND category IN (?, ?, ?, ?)", [browserId, treeLoadTime, - audit_category.UPDATE_TITLE, audit_category.CHANGE_PARENT, audit_category.CHANGE_POSITION, audit_category.DELETE_NOTE]); - - const currentNoteChangesCount = await sql.getSingleValue("SELECT COUNT(*) FROM audit_log WHERE (browser_id IS NULL OR browser_id != ?) " + - "AND date_modified >= ? AND note_id = ? AND category IN (?, ?)", [browserId, currentNoteLoadTime, currentNoteId, - audit_category.UPDATE_TITLE, audit_category.UPDATE_CONTENT]); - - if (currentNoteChangesCount > 0) { - console.log("Current note changed!"); - console.log("SELECT COUNT(*) FROM audit_log WHERE (browser_id IS NULL OR browser_id != '" + browserId + "') " + - "AND date_modified >= " + currentNoteLoadTime + " AND note_id = '" + currentNoteId + "' AND category IN ('" + audit_category.UPDATE_TITLE + "', '" + audit_category.UPDATE_CONTENT + "')"); - } + const currentNoteChangesCount = await sql.getSingleValue("SELECT COUNT(*) FROM sync WHERE source_id != ? " + + "AND sync_date >= ? AND entity_name = 'notes' AND entity_id = ?", [source_id.currentSourceId, currentNoteLoadTime, currentNoteId]); let changesToPushCount = 0; diff --git a/routes/index.js b/routes/index.js index 25758ad80..d279d303f 100644 --- a/routes/index.js +++ b/routes/index.js @@ -6,9 +6,7 @@ const auth = require('../services/auth'); const utils = require('../services/utils'); router.get('', auth.checkAuth, async (req, res, next) => { - res.render('index', { - browserId: utils.randomString(12) - }); + res.render('index', {}); }); module.exports = router; diff --git a/services/audit_category.js b/services/audit_category.js deleted file mode 100644 index 77f831e2d..000000000 --- a/services/audit_category.js +++ /dev/null @@ -1,16 +0,0 @@ -"use strict"; - -module.exports = { - UPDATE_CONTENT: 'CONTENT', - UPDATE_TITLE: 'TITLE', - // associated noteId is parent of notes WHERE position changes happened - CHANGE_POSITION: 'POSITION', - CHANGE_EXPANDED: 'EXPANDED', - CREATE_NOTE: 'CREATE', - DELETE_NOTE: 'DELETE', - CHANGE_PARENT: 'PARENT', - PROTECTED: 'PROTECTED', - CHANGE_PASSWORD: 'PASSWORD', - SETTINGS: 'SETTINGS', - SYNC: 'SYNC' -}; \ No newline at end of file diff --git a/services/change_password.js b/services/change_password.js index cd29664a8..3a5b1d468 100644 --- a/services/change_password.js +++ b/services/change_password.js @@ -4,7 +4,6 @@ const sql = require('./sql'); const options = require('./options'); const my_scrypt = require('./my_scrypt'); const utils = require('./utils'); -const audit_category = require('./audit_category'); const password_encryption = require('./password_encryption'); async function changePassword(currentPassword, newPassword, req) { @@ -22,8 +21,6 @@ async function changePassword(currentPassword, newPassword, req) { await password_encryption.setDataKey(newPassword, decryptedDataKey); await options.setOption('password_verification_hash', newPasswordVerificationKey); - - await sql.addAudit(audit_category.CHANGE_PASSWORD, utils.browserId(req)); }); return { diff --git a/services/log.js b/services/log.js index f18892f62..6cd78cded 100644 --- a/services/log.js +++ b/services/log.js @@ -25,7 +25,7 @@ function error(message) { info(message); } -const requestBlacklist = [ "/api/audit", "/libraries", "/javascripts", "/images", "/stylesheets" ]; +const requestBlacklist = [ "/libraries", "/javascripts", "/images", "/stylesheets" ]; function request(req) { for (const bl of requestBlacklist) { diff --git a/services/migration.js b/services/migration.js index a1b5f2cf4..0bdccba6c 100644 --- a/services/migration.js +++ b/services/migration.js @@ -4,7 +4,7 @@ const options = require('./options'); const fs = require('fs-extra'); const log = require('./log'); -const APP_DB_VERSION = 43; +const APP_DB_VERSION = 44; const MIGRATIONS_DIR = "migrations"; async function migrate() { diff --git a/services/notes.js b/services/notes.js index 48f07b1a5..8223599f8 100644 --- a/services/notes.js +++ b/services/notes.js @@ -2,11 +2,10 @@ const sql = require('./sql'); const options = require('./options'); const utils = require('./utils'); const notes = require('./notes'); -const audit_category = require('./audit_category'); const data_encryption = require('./data_encryption'); const sync_table = require('./sync_table'); -async function createNewNote(parentNoteId, note, browserId) { +async function createNewNote(parentNoteId, note) { const noteId = utils.newNoteId(); const noteTreeId = utils.newNoteTreeId(); @@ -30,7 +29,6 @@ async function createNewNote(parentNoteId, note, browserId) { } await sql.doInTransaction(async () => { - await sql.addAudit(audit_category.CREATE_NOTE, browserId, noteId); await sync_table.addNoteTreeSync(noteTreeId); await sync_table.addNoteSync(noteId); @@ -168,8 +166,6 @@ async function updateNote(noteId, newNote, ctx) { await protectNoteHistory(noteId, ctx.getDataKeyOrNull(), newNote.detail.is_protected); - await addNoteAudits(origNoteDetail, newNote.detail, ctx.browserId); - await sql.execute("UPDATE notes SET note_title = ?, note_text = ?, is_protected = ?, date_modified = ? WHERE note_id = ?", [ newNote.detail.note_title, newNote.detail.note_text, @@ -195,28 +191,7 @@ async function updateNote(noteId, newNote, ctx) { }); } -async function addNoteAudits(origNote, newNote, browserId) { - const noteId = newNote.note_id; - - if (!origNote || newNote.note_title !== origNote.note_title) { - await sql.deleteRecentAudits(audit_category.UPDATE_TITLE, browserId, noteId); - await sql.addAudit(audit_category.UPDATE_TITLE, browserId, noteId); - } - - if (!origNote || newNote.note_text !== origNote.note_text) { - await sql.deleteRecentAudits(audit_category.UPDATE_CONTENT, browserId, noteId); - await sql.addAudit(audit_category.UPDATE_CONTENT, browserId, noteId); - } - - if (!origNote || newNote.is_protected !== origNote.is_protected) { - const origIsProtected = origNote ? origNote.is_protected : null; - - await sql.addAudit(audit_category.PROTECTED, browserId, noteId, origIsProtected, newNote.is_protected); - } -} - - -async function deleteNote(noteTreeId, browserId) { +async function deleteNote(noteTreeId) { const now = utils.nowTimestamp(); await sql.execute("UPDATE notes_tree SET is_deleted = 1, date_modified = ? WHERE note_tree_id = ?", [now, noteTreeId]); await sync_table.addNoteTreeSync(noteTreeId); @@ -232,17 +207,14 @@ async function deleteNote(noteTreeId, browserId) { const children = await sql.getResults("SELECT note_tree_id FROM notes_tree WHERE note_pid = ? AND is_deleted = 0", [noteId]); for (const child of children) { - await deleteNote(child.note_tree_id, browserId); + await deleteNote(child.note_tree_id); } - - await sql.addAudit(audit_category.DELETE_NOTE, browserId, noteTreeId); } } module.exports = { createNewNote, updateNote, - addNoteAudits, deleteNote, protectNoteRecursively }; \ No newline at end of file diff --git a/services/request_context.js b/services/request_context.js index e1526e98c..bb12d6ff7 100644 --- a/services/request_context.js +++ b/services/request_context.js @@ -3,8 +3,6 @@ const protected_session = require('./protected_session'); module.exports = function(req) { - const browserId = req.headers['x-browser-id']; - function isProtectedSessionAvailable() { return protected_session.isProtectedSessionAvailable(req); } @@ -26,7 +24,6 @@ module.exports = function(req) { } return { - browserId, isProtectedSessionAvailable, getDataKey, getDataKeyOrNull diff --git a/services/sql.js b/services/sql.js index f1e60247c..7868f5670 100644 --- a/services/sql.js +++ b/services/sql.js @@ -103,32 +103,6 @@ async function remove(tableName, noteId) { return await execute("DELETE FROM " + tableName + " WHERE note_id = ?", [noteId]); } -async function addAudit(category, browserId=null, noteId=null, changeFrom=null, changeTo=null, comment=null) { - const now = utils.nowTimestamp(); - log.info("audit: " + category + ", browserId=" + browserId + ", noteId=" + noteId + ", from=" + changeFrom - + ", to=" + changeTo + ", comment=" + comment); - - const id = utils.randomString(14); - - await insert("audit_log", { - id: id, - date_modified: now, - category: category, - browser_id: browserId, - note_id: noteId, - change_from: changeFrom, - change_to: changeTo, - comment: comment - }); -} - -async function deleteRecentAudits(category, browserId, noteId) { - const deleteCutoff = utils.nowTimestamp() - 10 * 60; - - await execute("DELETE FROM audit_log WHERE category = ? AND browser_id = ? AND note_id = ? AND date_modified > ?", - [category, browserId, noteId, deleteCutoff]) -} - async function wrap(func) { const thisError = new Error(); @@ -190,8 +164,6 @@ module.exports = { getFlattenedResults, execute, executeScript, - addAudit, - deleteRecentAudits, remove, doInTransaction }; \ No newline at end of file diff --git a/services/sync_update.js b/services/sync_update.js index 6ebd5296c..e96c3e303 100644 --- a/services/sync_update.js +++ b/services/sync_update.js @@ -2,7 +2,6 @@ const sql = require('./sql'); const log = require('./log'); const options = require('./options'); const utils = require('./utils'); -const audit_category = require('./audit_category'); const eventLog = require('./event_log'); const notes = require('./notes'); const sync_table = require('./sync_table'); @@ -23,7 +22,6 @@ async function updateNote(entity, links, sourceId) { } await sync_table.addNoteSync(entity.note_id, sourceId); - await notes.addNoteAudits(origNote, entity, sourceId); await eventLog.addNoteEvent(entity.note_id, "Synced note "); }); @@ -44,9 +42,6 @@ async function updateNoteTree(entity, sourceId) { await sql.replace('notes_tree', entity); await sync_table.addNoteTreeSync(entity.note_tree_id, sourceId); - - // not sure why this is here ... - await sql.addAudit(audit_category.UPDATE_TITLE, sourceId, entity.note_id); }); log.info("Update/sync note tree " + entity.note_tree_id); @@ -80,7 +75,6 @@ async function updateNoteReordering(entity, sourceId) { }); await sync_table.addNoteReorderingSync(entity.note_pid, sourceId); - await sql.addAudit(audit_category.CHANGE_POSITION, sourceId, entity.note_pid); }); } diff --git a/services/utils.js b/services/utils.js index dd45569d1..5f35d173c 100644 --- a/services/utils.js +++ b/services/utils.js @@ -48,10 +48,6 @@ function hmac(secret, value) { return hmac.digest('base64'); } -function browserId(req) { - return req == null ? null : req.get('x-browser-id'); -} - function isElectron() { return !!process.versions['electron']; } @@ -81,7 +77,6 @@ module.exports = { toBase64, fromBase64, hmac, - browserId, isElectron, formatTwoTimestamps, hash diff --git a/views/index.ejs b/views/index.ejs index 73a526fdf..c01d7c41f 100644 --- a/views/index.ejs +++ b/views/index.ejs @@ -263,7 +263,6 @@