feat: add action_by and environment to privilege escalation email

romanetar · romanetar · commit 7534e4878cd1 · 2025-09-02T09:53:40.000+02:00
Signed-off-by: romanetar &lt;roman_ag@hotmail.com&gt;
diff --git a/app/Mail/MonitoredSecurityGroupNotificationEmail.php b/app/Mail/MonitoredSecurityGroupNotificationEmail.php
@@ -34,6 +34,11 @@ final class MonitoredSecurityGroupNotificationEmail extends Mailable
      */
     public $action;
 
+    /**
+     * @var string
+     */
+    public $action_by;
+
     /**
      * @var int
      */
@@ -79,6 +84,7 @@ final class MonitoredSecurityGroupNotificationEmail extends Mailable
     /**
      * @param string $email
      * @param string $action
+     * @param string $action_by
      * @param int $user_id
      * @param string $user_email
      * @param string $user_name
@@ -90,6 +96,7 @@ public function __construct
     (
         string $email,
         string $action,
+        string $action_by,
         int $user_id,
         string $user_email,
         string $user_name,
@@ -100,6 +107,7 @@ public function __construct
     {
         $this->email = $email;
         $this->action = $action;
+        $this->action_by = $action_by;
         $this->user_id = $user_id;
         $this->user_email = $user_email;
         $this->user_name = $user_name;
@@ -111,9 +119,10 @@ public function __construct
         (
             sprintf
             (
-                "MonitoredSecurityGroupNotificationEmail::constructor email %s action %s user_id %s user_email %s user_name %s group_id %s group_name %s group_slug %s",
+                "MonitoredSecurityGroupNotificationEmail::constructor email %s action %s action_by %s user_id %s user_email %s user_name %s group_id %s group_name %s group_slug %s",
                 $email,
                 $action,
+                $action_by,
                 $user_id,
                 $user_email,
                 $user_name,
@@ -126,15 +135,19 @@ public function __construct
 
     public function build()
     {
+        $action_by_phrase = $this->action_by ? " by $this->action_by" : "";
+
         $this->subject = sprintf
         (
-            "[%s] Monitored Security Groups - User %s (%s) has been %s - Group %s (%s)"
+            "[%s] Monitored Security Groups - User %s (%s) has been %s%s - Group %s (%s) - Environment: %s"
             ,Config::get('app.app_name')
             ,$this->user_name
             ,$this->user_email
             ,$this->action
+            ,$action_by_phrase
             ,$this->group_name
             ,$this->group_id
+            ,Config::get('app.env')
         );
         Log::debug(sprintf("MonitoredSecurityGroupNotificationEmail::build to %s", $this->email));
         return $this->from(Config::get("mail.from"))
diff --git a/app/Services/OpenId/UserService.php b/app/Services/OpenId/UserService.php
@@ -37,7 +37,6 @@
 use Illuminate\Support\Facades\Storage;
 use models\exceptions\EntityNotFoundException;
 use models\exceptions\ValidationException;
-use Models\OAuth2\Client;
 use models\utils\IEntity;
 use OAuth2\IResourceServerContext;
 use OAuth2\Models\IClient;
@@ -483,6 +482,14 @@ public function notifyMonitoredSecurityGroupActivity(string $action, int $user_i
             return;
         }
 
+        $action_by = '';
+        $current_user = !empty($this->server_ctx->getCurrentUserId()) ?
+            $this->repository->getById($this->server_ctx->getCurrentUserId()) : null;
+
+        if (!is_null($current_user)) {
+            $action_by = sprintf("%s %s", $current_user->getFirstName(), $current_user->getLastName());
+        }
+
         $notified_users = [];
         foreach ($watcher_groups as $watcher_group_slug) {
             Log::debug(sprintf("UserService::notifyMonitoredSecurityGroupActivity processing %s", $watcher_group_slug));
@@ -504,6 +511,7 @@ public function notifyMonitoredSecurityGroupActivity(string $action, int $user_i
                     (
                         $user->getEmail(),
                         $action,
+                        $action_by,
                         $user_id,
                         $user_email,
                         $user_name,
@@ -514,6 +522,5 @@ public function notifyMonitoredSecurityGroupActivity(string $action, int $user_i
                 );
             }
         }
-
     }
 }

Original file line number	Diff line number	Diff line change
`@@ -37,7 +37,6 @@`
`37`	`37`	`use Illuminate\Support\Facades\Storage;`
`38`	`38`	`use models\exceptions\EntityNotFoundException;`
`39`	`39`	`use models\exceptions\ValidationException;`
`40`		`-use Models\OAuth2\Client;`
`41`	`40`	`use models\utils\IEntity;`
`42`	`41`	`use OAuth2\IResourceServerContext;`
`43`	`42`	`use OAuth2\Models\IClient;`
`@@ -483,6 +482,14 @@ public function notifyMonitoredSecurityGroupActivity(string $action, int $user_i`
`483`	`482`	`return;`
`484`	`483`	`}`
`485`	`484`
	`485`	`+ $action_by = '';`
	`486`	`+ $current_user = !empty($this->server_ctx->getCurrentUserId()) ?`
	`487`	`+ $this->repository->getById($this->server_ctx->getCurrentUserId()) : null;`
	`488`	`+`
	`489`	`+ if (!is_null($current_user)) {`
	`490`	`+ $action_by = sprintf("%s %s", $current_user->getFirstName(), $current_user->getLastName());`
	`491`	`+ }`
	`492`	`+`
`486`	`493`	`$notified_users = [];`
`487`	`494`	`foreach ($watcher_groups as $watcher_group_slug) {`
`488`	`495`	`Log::debug(sprintf("UserService::notifyMonitoredSecurityGroupActivity processing %s", $watcher_group_slug));`
`@@ -504,6 +511,7 @@ public function notifyMonitoredSecurityGroupActivity(string $action, int $user_i`
`504`	`511`	`(`
`505`	`512`	`$user->getEmail(),`
`506`	`513`	`$action,`
	`514`	`+ $action_by,`
`507`	`515`	`$user_id,`
`508`	`516`	`$user_email,`
`509`	`517`	`$user_name,`
`@@ -514,6 +522,5 @@ public function notifyMonitoredSecurityGroupActivity(string $action, int $user_i`
`514`	`522`	`);`
`515`	`523`	`}`
`516`	`524`	`}`
`517`		`-`
`518`	`525`	`}`
`519`	`526`	`}`