59 lines
1.4 KiB
PHP
59 lines
1.4 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
namespace App\Framework\Exception\SecurityEvent;
|
|
|
|
use App\Framework\Exception\SecurityLogLevel;
|
|
|
|
/**
|
|
* Admin-Aktion Event
|
|
*/
|
|
final readonly class AuthorizationAdminActionEvent implements SecurityEventInterface
|
|
{
|
|
public function __construct(
|
|
public string $userId,
|
|
public string $resource,
|
|
public string $action = 'admin_action'
|
|
) {}
|
|
|
|
public function getEventIdentifier(): string
|
|
{
|
|
return "authz_admin:{$this->userId},{$this->resource}";
|
|
}
|
|
|
|
public function getDescription(): string
|
|
{
|
|
return "User {$this->userId} administrative action on {$this->resource}";
|
|
}
|
|
|
|
public function getLogLevel(): SecurityLogLevel
|
|
{
|
|
return SecurityLogLevel::WARN;
|
|
}
|
|
|
|
public function getCategory(): string
|
|
{
|
|
return 'authorization';
|
|
}
|
|
|
|
public function requiresAlert(): bool
|
|
{
|
|
// Admin-Aktionen sind immer beobachtungswürdig
|
|
return true;
|
|
}
|
|
|
|
public function toArray(): array
|
|
{
|
|
return [
|
|
'userId' => $this->userId,
|
|
'resource' => $this->resource,
|
|
'action' => $this->action,
|
|
'event_identifier' => $this->getEventIdentifier(),
|
|
'category' => $this->getCategory(),
|
|
'log_level' => $this->getLogLevel()->value,
|
|
'requires_alert' => $this->requiresAlert()
|
|
];
|
|
}
|
|
}
|