class ActionLogger(object):
""" A wrapper to log actions """
def __init__(self):
self.audit = Audit()
self._actions = {'create': 'Criou',
'update': 'Atualizou',
'delete': 'Removeu',
'upload': 'Realizou Upload',
'download': 'Realizou Download',
'enable': 'Habilitou',
'disable': 'Desabilitou'}
def log(self, user, action, item):
if action not in self._actions.keys():
raise ActionNotFound('Invalid action: "%s"' % action)
self.audit.user = user
self.audit.action = self._actions[action]
self.audit.item = self.to_str(item)
self.audit.save()
msg = 'User {} {} {}'.format(user, self._actions[action], self.to_str(item))
syslog.syslog(syslog.LOG_INFO, msg)
def to_str(self, obj):
if isinstance(obj, unicode):
return obj.encode('utf8')
elif isinstance(obj, str):
return str(obj)
else:
return repr(obj)
def audit(request, action):
logger.debug('In audit')
if request.user.id is not None:
audit_record = Audit(done_by=request.user.id, action=action)
else:
audit_record = Audit(done_by=0, action=action)
logger.error('An action is being performed without actual user id.')
audit_record.save()
def audit(request, obj, action):
logger.debug("In audit")
if request.user.id is not None:
audit_record = Audit(done_by=request.user.id, category=type(obj).__name__, item_id=obj.id, action=action)
else:
audit_record = Audit(done_by=0, category=type(obj).__name__, item_id=obj.id, action=action)
logger.error("An action is being performed without actual user id.")
audit_record.save()
def get(self, service_key):
user_session = self.session.get('user')
role = self.session.get('role')
if role != "admin":
self.redirect("/users/login?message=Unauthorized action")
return
else:
sql_statement = "SELECT name_french, id FROM service WHERE id={0}".format(
service_key)
services = QueryHandler.execute_query(sql_statement)
sql_statement = "DELETE FROM service WHERE id={0}".format(
service_key)
update = QueryHandler.execute_query(sql_statement, True)
service_dict = {
"service":
"Delete service '{0}'".format(services[0][0].encode("utf-8"))
}
service_json = json.dumps(service_dict)
user_audit = Audit.save(
initiated_by=self.session.get("user"),
organization_affected=self.request.get("name"),
security_clearance="admin",
json_data=service_json,
model="Service",
action="Delete Service")
self.redirect("/admin?message={0} {1}".format(
services[0][0].encode("utf-8"), " deleted"))
def get(self, org_key):
user_session = self.session.get('user')
role = self.session.get('role')
if role != "admin":
self.redirect("/users/login?message=Unauthorized action")
return
else:
sql_statement = "SELECT id FROM org_prog WHERE id={0}".format(
org_key)
programs = QueryHandler.execute_query(sql_statement)
sql_statement = "DELETE FROM org_prog WHERE id={0}".format(org_key)
# raise Exception(sql_statement)
update = QueryHandler.execute_query(sql_statement, True)
program_dict = {"program": "Delete program '{0}'".format(org_key)}
program_json = json.dumps(program_dict)
user_audit = Audit.save(
initiated_by=self.session.get("user"),
organization_affected=self.request.get("name"),
security_clearance="admin",
json_data=program_json,
model="Program",
action="Delete Program")
self.redirect("/admin?message={0}".format("program deleted"))
def signup(username, password) -> Tuple[Audit, Signer_Impl]:
try:
signer = create_account(username, password)
audit = Audit(username=username, password=password)
audit.account_addr = str(signer.keypair.address)
audit.account_pub = str(signer.keypair.public_key)
audit.account_priv = str(signer.keypair.private_key)
privkey, pubkey = gen_rsakey()
audit.envelope_pub = pubkey
audit.envelope_priv = privkey
managementAddr = db.session.query(Contracts).filter(
Contracts.name == "Management").first().addr
call_contract(managementAddr,
"Management",
"addAudit",
args=[
username,
to_checksum_address(audit.account_addr),
audit.envelope_pub, ""
],
signer=signer)
db.session.add(audit)
db.session.commit()
except Exception:
traceback.print_exc()
db.session.rollback()
return None, None
return audit, signer
def __init__(self):
self.audit = Audit()
self._actions = {'create': 'Criou',
'update': 'Atualizou',
'delete': 'Removeu',
'upload': 'Realizou Upload',
'download': 'Realizou Download',
'enable': 'Habilitou',
'disable': 'Desabilitou'}
def audit(request, action):
logger.debug('In audit')
if request.user.id is not None:
audit_record = Audit(done_by=request.user.id, action=action)
else:
audit_record = Audit(done_by=0, action=action)
logger.error('An action is being performed without actual user id.')
audit_record.save()
def create_audit(self, data_type, name, data, action):
for word in words:
name = name.replace(word, words[word])
for item in data:
for word in words:
data[item] = data[item].replace(word, words[word])
a = Audit.save(initiated_by=self.session.get("user"),
user_affected=name,
security_clearance=self.session.get("role"),
json_data=json.dumps(data),
model=data_type,
action=action)
return
def create_audit(event_id):
event = Event.query.get(event_id)
form = AuditForm()
if form.validate_on_submit():
audit = Audit()
audit.active = form.active.data
audit.event = event
audit.location = form.location.data
audit.starts = form.starts.data
audit.ends = form.ends.data
db_session.add(audit)
db_session.commit()
return redirect(url_for('show_event', event_id=event.id))
return render_template("admin/create_audit.html", **locals())
def get(self, user_key):
user_session = self.session.get('user')
role = self.session.get('role')
if role != "admin":
self.redirect("/users/login?message=Unauthorized action")
return
else:
user = User.User.get_by_id(int(user_key))
email = user.email
user_dict = {"user": "******".format(email)}
user_json = json.dumps(user_dict)
user_audit = Audit.save(initiated_by=user_session,
user_affected=email,
security_clearance="admin",
json_data=user_json,
model="User",
action="Delete User")
user.key.delete()
self.redirect("/admin/users?message={0} {1}".format(
email, " deleted"))
def get(self, org_key):
user_session = self.session.get('user')
role = self.session.get('role')
if role != "admin":
self.redirect("/users/login?message=Unauthorized action")
return
else:
sql_statement = "SELECT 1_nom, id FROM organization WHERE id={0}".format(org_key)
records = QueryHandler.execute_query(sql_statement)
org_dict = {
"org": "Delete organization '{0}'".format(records[0][0])
}
org_json = json.dumps(org_dict)
sql_statement = """
UPDATE `organization` SET
`is_deleted` = 1
WHERE `id` = "{0}"
LIMIT 1;
""".format(records[0][1])
update = QueryHandler.execute_query(sql_statement, True)
user_audit = Audit.save(initiated_by = self.session.get("user"), organization_affected = self.request.get("name"), security_clearance = "admin", json_data = org_json, model= "Organization", action = "Delete Organization")
self.redirect("/admin/records?message={0} {1}".format(records[0][0], " deleted"))
def save(entity):
entity = Audit.save(entity)
return entity
def get_all(page, page_size, filters):
return Audit.get_all(page, page_size, filters)
def get(id):
return Audit.get(id)
def save(entity):
is_new = True
if entity.key is None:
entity = ServiceOrderProblem.save(entity)
else:
is_new = False
current = ServiceOrderProblem.get(entity.key.urlsafe())
if current is not None:
current.state = entity.state
entity = ServiceOrderProblem.save(entity)
else:
raise ValueError("Service order problem does not exists")
csr_users = User.get_by_roles_and_company(
"OFFICE ADMIN-CSR",
entity.service_order_key.get().customer_key.get().company_key)
sender = config.NOREPLY_EMAIL
try:
route_item = RouteItem.get_by_item_key(entity.service_order_key)
if route_item is not None:
route = route_item.route_key.get()
if route is not None:
dispatcher_email = route.created_by
if dispatcher_email is not None:
dispatcher = User.get_by_email(dispatcher_email)
if dispatcher is not None:
subject = ""
body = ""
if is_new == True:
subject = "new problem"
body = "The user %s has reported and problem on the system" % (
entity.created_by)
else:
subject = "problem update"
body = "The user %s has made an update on problem: %s " % (
entity.created_by, entity.key.urlsafe())
'''1. Send internal message and email to creator of the route'''
Notifier.InternalMessageAndEmailHelper.send_internal_message(
route.company_key, entity.driver_key,
dispatcher.key, subject, body)
Notifier.InternalMessageAndEmailHelper.send_email(
sender, dispatcher_email, subject, body)
'''2. Send internal message and email to csr users'''
for user in csr_users:
Notifier.InternalMessageAndEmailHelper.send_internal_message(
route.company_key, entity.driver_key,
user.key, subject, body)
Notifier.InternalMessageAndEmailHelper.send_email(
sender, user.email, subject, body)
except Exception, e:
errors = [str(e)]
message = "Error sending notification about route incident. Sender %s" % sender
audit = Audit()
audit.populate(user_email='', error=str(e), message=message)
AuditService.AuditInstance.save(audit)
