def log_model_event(instance,
event=None,
user_details: types.UserDetails = None):
if isinstance(instance, AuditEvent):
return
user_details = user_details or dict()
try:
audit_record = get_audit_resource_record(instance, event)
if user_details:
audit_record.update(user_details)
resource = audit_record.get("resource")
if resource:
if AUDIT_TO_FILE:
write_entry(audit_record)
resource_type = resource.get("resource_type")
resource_uuid = resource.get("resource_uuid")
log_event(event=event,
resource_type=resource_type,
resource_uuid=resource_uuid,
user_details=user_details)
else:
logger.debug(
"get_audit_resource_record returned nothing (normal if %s not in AUDIT_MODELS)",
str(instance).encode("utf-8"),
)
except Exception:
logger.exception("Exception during audit event.")
def log_event(instance, event=None):
if isinstance(instance, AuditEvent):
return
try:
d = get_audit_crud_dict(instance, event)
if d:
if AUDIT_TO_FILE:
write_entry(d)
from audit_logging.utils import log_event
user_details = getattr(audit_logging_thread_local, 'user_details',
{})
logger.debug(
'Got user_details from audit_logging_thread_local: {}'.format(
str(user_details).encode('utf-8')))
resource = d.get('resource')
resource_type = resource.get('type',
'unknown') if resource else 'unknown'
resource_uuid = resource.get('id',
'unknown') if resource else 'unknown'
log_event(event=event,
resource_type=resource_type,
resource_uuid=resource_uuid,
user_details=user_details)
else:
logger.debug(
'get_audit_crud_dict() returned nothing (normal if {} not in AUDIT_MODELS)'
.format(str(instance).encode('utf-8')))
except Exception as ex:
logger.exception('Exception during audit event.')
def readline(self, *args, **kwargs):
res = self.regular_file.readline(*args, **kwargs)
log_event(
event='FileRead', resource_type='file', resource_uuid=self.regular_file.name,
user_details=self.user_details
)
return res
def truncate(self, *args, **kwargs):
res = self.regular_file.truncate(*args, **kwargs)
log_event(
event='FileWrite', resource_type='file', resource_uuid=self.regular_file.name,
user_details=self.user_details
)
return res
def __exit__(self, *args, **kwargs):
event = "File{0}{1}Close".format('Read' if self.reads else '',
'Write' if self.writes else '')
log_event(event=event,
resource_type='file',
resource_uuid=self.regular_file.name,
user_details=self.user_details)
self.regular_file.close()
def __exit__(self, *args, **kwargs):
event = "File{0}{1}Close".format("Read" if self.reads else "",
"Write" if self.writes else "")
log_event(event=event,
resource_type="file",
resource_uuid=self.regular_file.name,
user_details=self.user_details)
self.regular_file.close()
def log_event(instance, event=None):
if isinstance(instance, AuditEvent):
return
try:
d = get_audit_crud_dict(instance, event)
if d:
if AUDIT_TO_FILE:
write_entry(d)
# audit_event = AuditEvent(
# event=event
# )
# if d.get('user_details'):
# logger.debug('got user_details from instance to log: {}'.format(d.get('user_details')))
# if d.get('user_details').get('username'):
# audit_event.username = d['user_details']['username']
# if d.get('user_details').get('email'):
# audit_event.email = d['user_details']['email']
# if d.get('user_details').get('fullname'):
# audit_event.fullname = d['user_details']['fullname']
# if d.get('user_details').get('superuser'):
# audit_event.superuser = d['user_details']['superuser']
# if d.get('user_details').get('staff'):
# audit_event.staff = d['user_details']['staff']
# if d.get('resource'):
# logger.debug('got resource details from instance to log: {}'.format(d.get('resource')))
# if d.get('resource').get('type'):
# audit_event.resource_type = d['resource']['type']
# if d.get('resource').get('id'):
# logger.debug('setting resource_uuid to {}'.format(d['resource']['id']))
# audit_event.resource_uuid = d['resource']['id']
# if d.get('resource').get('title'):
# audit_event.resource_title = d['resource']['title']
# if d.get('resource').get('username'):
# audit_event.username = d['resource']['username']
# audit_event.save()
from audit_logging.utils import log_event
user_details = getattr(audit_logging_thread_local, 'user_details',
{})
logger.debug(
'Got user_details from audit_logging_thread_local: {} ')
resource = d.get('resource')
resource_type = resource.get('type',
'unknown') if resource else 'unknown'
resource_uuid = resource.get('id',
'unknown') if resource else 'unknown'
log_event(event=event,
resource_type=resource_type,
resource_uuid=resource_uuid,
user_details=user_details)
else:
logger.debug(
'get_audit_crud_dict() returned nothing (normal if {} not in AUDIT_MODELS)'
.format(instance))
except Exception as ex:
logger.exception('Exception during audit event.')
def post_delete(sender, instance, using, **kwargs):
"""
signal to catch delete signals and log them in the audit log
"""
if isinstance(instance, AuditEvent):
return
logger.debug('Received post_delete signal for: {} ({})'.format(
instance, type(instance)))
log_event(instance, 'delete')
def post_save(sender, instance, created, raw, using, update_fields, **kwargs):
"""
signal to catch save signals (create and update) and log them in
the audit log.
"""
if isinstance(instance, AuditEvent):
return
logger.debug('Received post_save signal for: {} ({})'.format(
instance, type(instance)))
if created:
event = 'create'
else:
event = 'update'
log_event(instance, event)
def logging_open(filepath, mode='r', user_details=None):
""" Equivalent of builtin open() which logs file creation to AuditEvent if appropriate and returns a LoggingFile
instead of regular file-like object.
"""
exists_before = os.path.exists(filepath)
res = open(filepath, mode)
if getattr(settings, 'AUDIT_FILE_EVENTS', True):
res = LoggingFile(res, user_details)
exists_after = os.path.exists(filepath)
if not exists_before and exists_after:
# This is just to make it easier to trace when user_details haven't been sent
if user_details is None:
user_details = {'username': '******'}
log_event(event='FileCreate', resource_type='file', resource_uuid=filepath, user_details=user_details)
return res
def __enter__(self, *args, **kwargs):
log_event(event='FileOpen',
resource_type='file',
resource_uuid=self.regular_file.name,
user_details=self.user_details)
return self