Add admin activity logging for CRUD operations

app/Listeners/AdminActivityListener.php

@@ -0,0 +1,64 @@
+<?php
+
+namespace App\Listeners;
+
+use App\Facades\Activity;
+use Filament\Facades\Filament;
+use Filament\Resources\Pages\Page;
+use Illuminate\Database\Eloquent\Model;
+use Illuminate\Support\Str;
+
+class AdminActivityListener
+{
+    protected const REDACTED_FIELDS = [
+        'password',
+        'password_confirmation',
+        'token',
+        'secret',
+        'api_key',
+    ];
+
+    /** @param array<string, mixed> $data */
+    public function handle(Model $record, array $data, Page $page): void
+    {
+        if (Filament::getCurrentPanel()?->getId() !== 'admin') {
+            return;
+        }
+
+        $resourceClass = $page::getResource();
+        $modelClass = $resourceClass::getModel();
+        $slug = Str::kebab(class_basename($modelClass));
+
+        $action = $page instanceof \Filament\Resources\Pages\CreateRecord ? 'create' : 'update';
+
+        $properties = $this->redactSensitiveFields($data);
+
+        Activity::event("admin:$slug.$action")
+            ->subject($record)
+            ->property($properties)
+            ->log();
+    }
+
+    /**
+     * @param  array<string, mixed>  $data
+     * @return array<string, mixed>
+     */
+    protected function redactSensitiveFields(array $data): array
+    {
+        $redacted = [];
+
+        foreach ($data as $key => $value) {
+            if (in_array($key, self::REDACTED_FIELDS, true)) {
+                continue;
+            }
+
+            if (is_array($value)) {
+                $redacted[$key] = $this->redactSensitiveFields($value);
+            } else {
+                $redacted[$key] = $value;
+            }
+        }
+
+        return $redacted;
+    }
+}

app/Providers/EventServiceProvider.php

@@ -2,7 +2,10 @@
 
 namespace App\Providers;
 
+use App\Listeners\AdminActivityListener;
 use App\Listeners\DispatchWebhooks;
+use Filament\Resources\Events\RecordCreated;
+use Filament\Resources\Events\RecordUpdated;
 use Illuminate\Foundation\Support\Providers\EventServiceProvider as ServiceProvider;
 
 class EventServiceProvider extends ServiceProvider
@@ -15,5 +18,7 @@ class EventServiceProvider extends ServiceProvider
         'eloquent.created*' => [DispatchWebhooks::class],
         'eloquent.deleted*' => [DispatchWebhooks::class],
         'eloquent.updated*' => [DispatchWebhooks::class],
+        RecordCreated::class => [AdminActivityListener::class],
+        RecordUpdated::class => [AdminActivityListener::class],
     ];
 }

app/Providers/Filament/FilamentServiceProvider.php

@@ -4,12 +4,14 @@
 
 use App\Enums\CustomizationKey;
 use App\Enums\TablerIcon;
+use App\Facades\Activity;
 use Filament\Actions\Action;
 use Filament\Actions\CreateAction;
 use Filament\Actions\DeleteAction;
 use Filament\Actions\EditAction;
 use Filament\Actions\View\ActionsIconAlias;
 use Filament\Actions\ViewAction;
+use Filament\Facades\Filament;
 use Filament\Forms\Components\Field;
 use Filament\Forms\Components\KeyValue;
 use Filament\Forms\Components\Repeater;
@@ -29,8 +31,10 @@
 use Filament\Tables\View\TablesIconAlias;
 use Filament\View\PanelsIconAlias;
 use Filament\View\PanelsRenderHook;
+use Illuminate\Database\Eloquent\Model;
 use Illuminate\Support\Facades\Blade;
 use Illuminate\Support\ServiceProvider;
+use Illuminate\Support\Str;
 use Livewire\Component;
 use Livewire\Livewire;
 
@@ -132,6 +136,18 @@ public function boot(): void
                 $action->iconButton();
                 $action->iconSize(IconSize::ExtraLarge);
             }
+
+            $action->before(function (Model $record) {
+                if (Filament::getCurrentPanel()?->getId() !== 'admin') {
+                    return;
+                }
+
+                $slug = Str::kebab(class_basename($record));
+
+                Activity::event("admin:$slug.delete")
+                    ->subject($record)
+                    ->log();
+            });
         });
 
         CreateAction::configureUsing(function (CreateAction $action) {

lang/en/activity.php

@@ -122,4 +122,51 @@
         ],
         'crashed' => 'Server crashed',
     ],
+    'admin' => [
+        'user' => [
+            'create' => 'Created user <b>:username</b>',
+            'update' => 'Updated user <b>:username</b>',
+            'delete' => 'Deleted user <b>:username</b>',
+        ],
+        'server' => [
+            'create' => 'Created server <b>:name</b>',
+            'update' => 'Updated server <b>:name</b>',
+            'delete' => 'Deleted server <b>:name</b>',
+        ],
+        'node' => [
+            'create' => 'Created node <b>:name</b>',
+            'update' => 'Updated node <b>:name</b>',
+            'delete' => 'Deleted node <b>:name</b>',
+        ],
+        'egg' => [
+            'create' => 'Created egg <b>:name</b>',
+            'update' => 'Updated egg <b>:name</b>',
+            'delete' => 'Deleted egg <b>:name</b>',
+        ],
+        'role' => [
+            'create' => 'Created role <b>:name</b>',
+            'update' => 'Updated role <b>:name</b>',
+            'delete' => 'Deleted role <b>:name</b>',
+        ],
+        'database-host' => [
+            'create' => 'Created database host <b>:name</b>',
+            'update' => 'Updated database host <b>:name</b>',
+            'delete' => 'Deleted database host <b>:name</b>',
+        ],
+        'mount' => [
+            'create' => 'Created mount <b>:name</b>',
+            'update' => 'Updated mount <b>:name</b>',
+            'delete' => 'Deleted mount <b>:name</b>',
+        ],
+        'webhook-configuration' => [
+            'create' => 'Created webhook <b>:description</b>',
+            'update' => 'Updated webhook <b>:description</b>',
+            'delete' => 'Deleted webhook <b>:description</b>',
+        ],
+        'api-key' => [
+            'create' => 'Created API key',
+            'update' => 'Updated API key',
+            'delete' => 'Deleted API key',
+        ],
+    ],
 ];