DATA-DOG · acornforth · Mar 3, 2022 · Mar 3, 2022 · Mar 9, 2022 · Mar 9, 2022
diff --git a/src/DependencyInjection/Configuration.php b/src/DependencyInjection/Configuration.php
@@ -28,8 +28,18 @@ public function getConfigTreeBuilder(): TreeBuilder
             ->end()
             ->children()
                 ->booleanNode('blame_impersonator')
-                ->defaultFalse()
+                    ->defaultFalse()
+                ->end()
+            ->end()
+            ->children()
+                ->booleanNode('log_user_ip')
+                    ->defaultFalse()
+                ->end()
+                ->booleanNode('log_user_agent')
+                    ->defaultFalse()
+                ->end()
             ->end()
+
         ;
         // @formatter:on
 

diff --git a/src/DependencyInjection/DataDogAuditExtension.php b/src/DependencyInjection/DataDogAuditExtension.php
@@ -28,5 +28,12 @@ public function load(array $configs, ContainerBuilder $container): void
         if (isset($config['blame_impersonator'])) {
             $auditSubscriber->addMethodCall('setBlameImpersonator', array($config['blame_impersonator']));
         }
+
+        if (isset($config['log_user_ip'])) {
+            $auditSubscriber->addMethodCall('setLogIp', array($config['log_user_ip']));
+        }
+        if (isset($config['log_user_agent'])) {
+            $auditSubscriber->addMethodCall('setLogUserAgent', array($config['log_user_agent']));
+        }
     }
 }
diff --git a/src/Entity/AuditLog.php b/src/Entity/AuditLog.php
@@ -8,6 +8,10 @@ class AuditLog
 
     private string $action;
 
+    private ?string $ip;
+
+    private ?string $userAgent;
+
     private string $tbl;
 
     private Association $source;
@@ -59,4 +63,14 @@ public function getLoggedAt(): \DateTimeInterface
     {
         return $this->loggedAt;
     }
+
+    public function getIp(): ?string
+    {
+        return $this->ip;
+    }
+
+    public function getUserAgent(): ?string
+    {
+        return $this->userAgent;
+    }
 }
diff --git a/src/EventSubscriber/AuditSubscriber.php b/src/EventSubscriber/AuditSubscriber.php
@@ -14,6 +14,7 @@
 use Doctrine\ORM\Event\OnFlushEventArgs;
 use Doctrine\ORM\Events;
 use Doctrine\ORM\Mapping\ClassMetadataInfo;
+use Symfony\Component\HttpFoundation\RequestStack;
 use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
 use Symfony\Component\Security\Core\Role\SwitchUserRole;
@@ -52,9 +53,19 @@ class AuditSubscriber implements EventSubscriber
 
     protected TokenStorageInterface $securityTokenStorage;
 
-    public function __construct(TokenStorageInterface $securityTokenStorage)
+    private RequestStack $requestStack;
+
+    private bool $logIp = false;
+
+    private bool $logUserAgent = false;
+
+    public function __construct(
+        TokenStorageInterface $securityTokenStorage,
+        RequestStack $requestStack
+    )
     {
         $this->securityTokenStorage = $securityTokenStorage;
+        $this->requestStack = $requestStack;
     }
 
     public function setLabeler(?callable $labeler = null): self
@@ -345,6 +356,13 @@ protected function audit(EntityManager $em, array $data)
             // audit association explicitly sets that.
             $data[$field] = $meta->idGenerator->generate($em, null);
         }
+        // Log the ip address.
+        $mainRequest = $this->requestStack->getMasterRequest();
+        // use this instead when support for symfony <5.3 dropped
+        // $mainRequest = $this->requestStack->getMainRequest();
+
+        $data['ip'] = $this->logIp && $mainRequest ? $mainRequest->getClientIp() : null;
+        $data['userAgent'] = $this->logUserAgent && $mainRequest ? substr($mainRequest->headers->get('User-Agent'), 0, 255) : null;
 
         $meta = $em->getClassMetadata(AuditLog::class);
         $data['loggedAt'] = new \DateTime();
@@ -534,4 +552,14 @@ public function setBlameUser(UserInterface $user)
     {
         $this->blameUser = $user;
     }
+
+    public function setLogIp(bool $logIp): void
+    {
+        $this->logIp = $logIp;
+    }
+
+    public function setLogUserAgent(bool $logUserAgent): void
+    {
+        $this->logUserAgent = $logUserAgent;
+    }
 }
diff --git a/src/Resources/config/doctrine/AuditLog.orm.xml b/src/Resources/config/doctrine/AuditLog.orm.xml
@@ -7,6 +7,8 @@
         <id name="id" type="bigint" column="id">
             <generator strategy="AUTO" />
         </id>
+        <field name="ip" nullable="true" type="string" length="32"/>
+        <field name="userAgent" nullable="true" type="string" length="255"/>
         <field name="action" length="12" />
         <field name="tbl" length="128" />
         <one-to-one field="source" target-entity="Association">

diff --git a/src/Resources/config/services.php b/src/Resources/config/services.php
@@ -4,6 +4,7 @@
 
 use DataDog\AuditBundle\EventSubscriber\AuditSubscriber;
 use Symfony\Component\DependencyInjection\Reference;
+use Symfony\Component\HttpFoundation\RequestStack;
 use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
 
 return static function (ContainerConfigurator $container) {
@@ -12,6 +13,7 @@
     $services
         ->set('datadog.event_subscriber.audit', AuditSubscriber::class)->private()
         ->arg(0, new Reference(TokenStorageInterface::class))
+        ->arg(1, new Reference(RequestStack::class))
         ->tag('doctrine.event_subscriber')
     ;
     // @formatter:on