From 34f3e29fdaf2871173e03cde9ec4a4fbd302460e Mon Sep 17 00:00:00 2001 From: bradymiller Date: Fri, 3 Dec 2010 04:18:48 -0800 Subject: [PATCH] Migrated logging options from global.php to Administration => Globals. --- interface/globals.php | 29 -------------- interface/main/backup.php | 2 +- library/globals.inc.php | 97 +++++++++++++++++++++++++++++++++++++++++++++++ library/log.inc | 12 +++--- 4 files changed, 104 insertions(+), 36 deletions(-) diff --git a/interface/globals.php b/interface/globals.php index bc89e6265..81e1e4a42 100644 --- a/interface/globals.php +++ b/interface/globals.php @@ -405,35 +405,6 @@ $sl_services_id = 'MS'; // sql-ledger parts table id for medical service $sl_dbname = 'sql-ledger'; // sql-ledger database name $sl_dbuser = 'sql-ledger'; // sql-ledger database login name $sl_dbpass = 'secret'; // sql-ledger database login password - -///////////////////////// AUDIT LOGGING CONFIG //////////////// -//$GLOBALS["enable_auditlog"]=0 is to off the logging feature in openemr -//$GLOBALS["enable_auditlog"]=1 is to on the logging feature in openemr -//patient-record:- set 1 (0 to off) to log the patient related activites like creation of new patient, encounters, history//etc. -//scheduling:- set 1 (0 to off) to log the patient related scheduling like Appointments. -//query:- set 1 (0 to off) to log all SQL SELECT queries. -//order:- set 1 (0 to off) to log an orders like medical service or medical item (like a prescription). -//security-administration:- set 1 to (0 to off) to log events such as creating/updating users/facility etc. -//backup:- set 1 (0 to off) to log backup related activites. -$GLOBALS["enable_auditlog"]=1; -$GLOBALS["audit_events"]=array("patient-record"=>1, - "scheduling"=>1, - "query"=>0, - "order"=>1, - "security-administration"=>1, - "backup"=>1, - ); - -// Configure the settings below to enable Audit Trail and Node Authentication (ATNA). -// See RFC 3881, RFC 5424, RFC 5425 for details. -// atna_audit_host = The hostname of the audit repository machine -// atna_audit_port = Listening port of the RFC 5425 TLS syslog server -// atna_audit_localcert - Certificate to send to RFC 5425 TLS syslog server -// atna_audit_cacert - CA Certificate for verifying the RFC 5425 TLS syslog server -$GLOBALS['atna_audit_host'] = ''; -$GLOBALS['atna_audit_port'] = 6514; -$GLOBALS['atna_audit_localcert'] = ''; -$GLOBALS['atna_audit_cacert'] = ''; ////////////////////////////////////////////////////////////////// // Don't change anything below this line. //////////////////////////// diff --git a/interface/main/backup.php b/interface/main/backup.php index f3f3e247e..27be6c223 100644 --- a/interface/main/backup.php +++ b/interface/main/backup.php @@ -307,7 +307,7 @@ if ($form_step == 7) { // create the final compressed tar containing all files die(xl("Error: Unable to create downloadable archive")); chdir($cur_dir); /* To log the backup event */ - if ($GLOBALS["audit_events"]["backup"] == 1 ){ + if ($GLOBALS['audit_events_backup']){ newEvent("backup", $_SESSION['authUser'], $_SESSION['authProvider'], 0,"Backup is completed"); } $auto_continue = true; diff --git a/library/globals.inc.php b/library/globals.inc.php index 05de1a4b4..bd6fce8f5 100644 --- a/library/globals.inc.php +++ b/library/globals.inc.php @@ -701,6 +701,103 @@ $GLOBALS_METADATA = array( ), + // Logging + // + 'Logging' => array( + + 'enable_auditlog' => array( + xl('Enable Audit Logging'), + 'bool', // data type + '1', // default + xl('Enable Audit Logging.') + ), + + 'audit_events_patient-record' => array( + xl('Audit Logging Patient Record'), + 'bool', // data type + '1', // default + xl('Enable logging of patient record modifications.').' ('.xl('Note that Audit Logging needs to be enabled above').')' + ), + + 'audit_events_scheduling' => array( + xl('Audit Logging Scheduling'), + 'bool', // data type + '1', // default + xl('Enable logging of scheduling activities.').' ('.xl('Note that Audit Logging needs to be enabled above').')' + ), + + 'audit_events_order' => array( + xl('Audit Logging Order'), + 'bool', // data type + '1', // default + xl('Enable logging of ordering activities.').' ('.xl('Note that Audit Logging needs to be enabled above').')' + ), + + 'audit_events_security-administration' => array( + xl('Audit Logging Security Administration'), + 'bool', // data type + '1', // default + xl('Enable logging of security and administration activities.').' ('.xl('Note that Audit Logging needs to be enabled above').')' + ), + + 'audit_events_backup' => array( + xl('Audit Logging Backups'), + 'bool', // data type + '1', // default + xl('Enable logging of backup related activities.').' ('.xl('Note that Audit Logging needs to be enabled above').')' + ), + + 'audit_events_other' => array( + xl('Audit Logging Miscellaneous'), + 'bool', // data type + '1', // default + xl('Enable logging of miscellaneous activities.').' ('.xl('Note that Audit Logging needs to be enabled above').')' + ), + + 'audit_events_query' => array( + xl('Audit Logging SELECT Query'), + 'bool', // data type + '0', // default + xl('Enable logging of all SQL SELECT queries.').' ('.xl('Note that Audit Logging needs to be enabled above').')' + ), + + 'enable_atna_audit' => array( + xl('Enable ATNA Auditing'), + 'bool', // data type + '0', // default + xl('Enable Audit Trail and Node Authentication (ATNA).') + ), + + 'atna_audit_host' => array( + xl('ATNA audit host'), + 'text', // data type + '', // default + xl('The hostname of the ATNA audit repository machine.') + ), + + 'atna_audit_port' => array( + xl('ATNA audit port'), + 'text', // data type + '6514', // default + xl('Listening port of the RFC 5425 TLS syslog server.') + ), + + 'atna_audit_localcert' => array( + xl('ATNA audit local certificate'), + 'text', // data type + '', // default + xl('Certificate to send to RFC 5425 TLS syslog server.') + ), + + 'atna_audit_cacert' => array( + xl('ATNA audit CA certificate'), + 'text', // data type + '', // default + xl('CA Certificate for verifying the RFC 5425 TLS syslog server.') + ), + + ), + // Miscellaneous Tab // 'Miscellaneous' => array( diff --git a/library/log.inc b/library/log.inc index fb92a369c..fcf8b03f1 100644 --- a/library/log.inc +++ b/library/log.inc @@ -455,7 +455,7 @@ function create_tls_conn($host, $port, $localcert, $cafile) { function send_atna_audit_msg($user, $group, $event, $patient_id, $outcome, $comments) { /* If no ATNA repository server is configured, return */ - if ($GLOBALS['atna_audit_host'] === null || $GLOBALS['atna_audit_host'] == "") { + if ($GLOBALS['atna_audit_host'] === null || $GLOBALS['atna_audit_host'] == "" || !($GLOBALS['enable_atna_audit'])) { return; } $host = $GLOBALS['atna_audit_host']; @@ -481,7 +481,7 @@ function auditSQLEvent($statement, $outcome) { $user = $_SESSION['authUser']; /* Don't log anything if the audit logging is not enabled. Exception for "emergency" users */ - if (isset($GLOBALS['enable_auditlog']) && ($GLOBALS["enable_auditlog"] === 0)) + if (!($GLOBALS['enable_auditlog'])) { if ((soundex($user) != soundex("emergency")) && (soundex($user) != soundex("breakglass"))) return; @@ -656,14 +656,14 @@ function auditSQLEvent($statement, $outcome) } } - /* If query events are not enabled in globals.php,don't log them */ - if (($querytype == "select") && ($GLOBALS["audit_events"]["query"]) != 1) + /* If query events are not enabled, don't log them */ + if (($querytype == "select") && !($GLOBALS['audit_events_query'])) { if ((soundex($user) != soundex("emergency")) && (soundex($user) != soundex("breakglass"))) return; } - - if (($GLOBALS["audit_events"][$event]) === 0) + + if (!($GLOBALS["audit_events_${event}"])) { if ((soundex($user) != soundex("emergency")) && (soundex($user) != soundex("breakglass"))) return; -- 2.11.4.GIT