class ActionLogger(object): """ A wrapper to log actions """ def __init__(self): self.audit = Audit() self._actions = {'create': 'Criou', 'update': 'Atualizou', 'delete': 'Removeu', 'upload': 'Realizou Upload', 'download': 'Realizou Download', 'enable': 'Habilitou', 'disable': 'Desabilitou'} def log(self, user, action, item): if action not in self._actions.keys(): raise ActionNotFound('Invalid action: "%s"' % action) self.audit.user = user self.audit.action = self._actions[action] self.audit.item = self.to_str(item) self.audit.save() msg = 'User {} {} {}'.format(user, self._actions[action], self.to_str(item)) syslog.syslog(syslog.LOG_INFO, msg) def to_str(self, obj): if isinstance(obj, unicode): return obj.encode('utf8') elif isinstance(obj, str): return str(obj) else: return repr(obj)
def audit(request, action): logger.debug('In audit') if request.user.id is not None: audit_record = Audit(done_by=request.user.id, action=action) else: audit_record = Audit(done_by=0, action=action) logger.error('An action is being performed without actual user id.') audit_record.save()
def audit(request, action): logger.debug('In audit') if request.user.id is not None: audit_record = Audit(done_by=request.user.id, action=action) else: audit_record = Audit(done_by=0, action=action) logger.error('An action is being performed without actual user id.') audit_record.save()
def audit(request, obj, action): logger.debug("In audit") if request.user.id is not None: audit_record = Audit(done_by=request.user.id, category=type(obj).__name__, item_id=obj.id, action=action) else: audit_record = Audit(done_by=0, category=type(obj).__name__, item_id=obj.id, action=action) logger.error("An action is being performed without actual user id.") audit_record.save()
def get(self, service_key): user_session = self.session.get('user') role = self.session.get('role') if role != "admin": self.redirect("/users/login?message=Unauthorized action") return else: sql_statement = "SELECT name_french, id FROM service WHERE id={0}".format( service_key) services = QueryHandler.execute_query(sql_statement) sql_statement = "DELETE FROM service WHERE id={0}".format( service_key) update = QueryHandler.execute_query(sql_statement, True) service_dict = { "service": "Delete service '{0}'".format(services[0][0].encode("utf-8")) } service_json = json.dumps(service_dict) user_audit = Audit.save( initiated_by=self.session.get("user"), organization_affected=self.request.get("name"), security_clearance="admin", json_data=service_json, model="Service", action="Delete Service") self.redirect("/admin?message={0} {1}".format( services[0][0].encode("utf-8"), " deleted"))
def get(self, org_key): user_session = self.session.get('user') role = self.session.get('role') if role != "admin": self.redirect("/users/login?message=Unauthorized action") return else: sql_statement = "SELECT id FROM org_prog WHERE id={0}".format( org_key) programs = QueryHandler.execute_query(sql_statement) sql_statement = "DELETE FROM org_prog WHERE id={0}".format(org_key) # raise Exception(sql_statement) update = QueryHandler.execute_query(sql_statement, True) program_dict = {"program": "Delete program '{0}'".format(org_key)} program_json = json.dumps(program_dict) user_audit = Audit.save( initiated_by=self.session.get("user"), organization_affected=self.request.get("name"), security_clearance="admin", json_data=program_json, model="Program", action="Delete Program") self.redirect("/admin?message={0}".format("program deleted"))
def create_audit(self, data_type, name, data, action): for word in words: name = name.replace(word, words[word]) for item in data: for word in words: data[item] = data[item].replace(word, words[word]) a = Audit.save(initiated_by=self.session.get("user"), user_affected=name, security_clearance=self.session.get("role"), json_data=json.dumps(data), model=data_type, action=action) return
def get(self, user_key): user_session = self.session.get('user') role = self.session.get('role') if role != "admin": self.redirect("/users/login?message=Unauthorized action") return else: user = User.User.get_by_id(int(user_key)) email = user.email user_dict = {"user": "******".format(email)} user_json = json.dumps(user_dict) user_audit = Audit.save(initiated_by=user_session, user_affected=email, security_clearance="admin", json_data=user_json, model="User", action="Delete User") user.key.delete() self.redirect("/admin/users?message={0} {1}".format( email, " deleted"))
def get(self, org_key): user_session = self.session.get('user') role = self.session.get('role') if role != "admin": self.redirect("/users/login?message=Unauthorized action") return else: sql_statement = "SELECT 1_nom, id FROM organization WHERE id={0}".format(org_key) records = QueryHandler.execute_query(sql_statement) org_dict = { "org": "Delete organization '{0}'".format(records[0][0]) } org_json = json.dumps(org_dict) sql_statement = """ UPDATE `organization` SET `is_deleted` = 1 WHERE `id` = "{0}" LIMIT 1; """.format(records[0][1]) update = QueryHandler.execute_query(sql_statement, True) user_audit = Audit.save(initiated_by = self.session.get("user"), organization_affected = self.request.get("name"), security_clearance = "admin", json_data = org_json, model= "Organization", action = "Delete Organization") self.redirect("/admin/records?message={0} {1}".format(records[0][0], " deleted"))
def save(entity): entity = Audit.save(entity) return entity