class ActionLogger(object): """ A wrapper to log actions """ def __init__(self): self.audit = Audit() self._actions = {'create': 'Criou', 'update': 'Atualizou', 'delete': 'Removeu', 'upload': 'Realizou Upload', 'download': 'Realizou Download', 'enable': 'Habilitou', 'disable': 'Desabilitou'} def log(self, user, action, item): if action not in self._actions.keys(): raise ActionNotFound('Invalid action: "%s"' % action) self.audit.user = user self.audit.action = self._actions[action] self.audit.item = self.to_str(item) self.audit.save() msg = 'User {} {} {}'.format(user, self._actions[action], self.to_str(item)) syslog.syslog(syslog.LOG_INFO, msg) def to_str(self, obj): if isinstance(obj, unicode): return obj.encode('utf8') elif isinstance(obj, str): return str(obj) else: return repr(obj)
def audit(request, action): logger.debug('In audit') if request.user.id is not None: audit_record = Audit(done_by=request.user.id, action=action) else: audit_record = Audit(done_by=0, action=action) logger.error('An action is being performed without actual user id.') audit_record.save()
def audit(request, obj, action): logger.debug("In audit") if request.user.id is not None: audit_record = Audit(done_by=request.user.id, category=type(obj).__name__, item_id=obj.id, action=action) else: audit_record = Audit(done_by=0, category=type(obj).__name__, item_id=obj.id, action=action) logger.error("An action is being performed without actual user id.") audit_record.save()
def get(self, service_key): user_session = self.session.get('user') role = self.session.get('role') if role != "admin": self.redirect("/users/login?message=Unauthorized action") return else: sql_statement = "SELECT name_french, id FROM service WHERE id={0}".format( service_key) services = QueryHandler.execute_query(sql_statement) sql_statement = "DELETE FROM service WHERE id={0}".format( service_key) update = QueryHandler.execute_query(sql_statement, True) service_dict = { "service": "Delete service '{0}'".format(services[0][0].encode("utf-8")) } service_json = json.dumps(service_dict) user_audit = Audit.save( initiated_by=self.session.get("user"), organization_affected=self.request.get("name"), security_clearance="admin", json_data=service_json, model="Service", action="Delete Service") self.redirect("/admin?message={0} {1}".format( services[0][0].encode("utf-8"), " deleted"))
def get(self, org_key): user_session = self.session.get('user') role = self.session.get('role') if role != "admin": self.redirect("/users/login?message=Unauthorized action") return else: sql_statement = "SELECT id FROM org_prog WHERE id={0}".format( org_key) programs = QueryHandler.execute_query(sql_statement) sql_statement = "DELETE FROM org_prog WHERE id={0}".format(org_key) # raise Exception(sql_statement) update = QueryHandler.execute_query(sql_statement, True) program_dict = {"program": "Delete program '{0}'".format(org_key)} program_json = json.dumps(program_dict) user_audit = Audit.save( initiated_by=self.session.get("user"), organization_affected=self.request.get("name"), security_clearance="admin", json_data=program_json, model="Program", action="Delete Program") self.redirect("/admin?message={0}".format("program deleted"))
def signup(username, password) -> Tuple[Audit, Signer_Impl]: try: signer = create_account(username, password) audit = Audit(username=username, password=password) audit.account_addr = str(signer.keypair.address) audit.account_pub = str(signer.keypair.public_key) audit.account_priv = str(signer.keypair.private_key) privkey, pubkey = gen_rsakey() audit.envelope_pub = pubkey audit.envelope_priv = privkey managementAddr = db.session.query(Contracts).filter( Contracts.name == "Management").first().addr call_contract(managementAddr, "Management", "addAudit", args=[ username, to_checksum_address(audit.account_addr), audit.envelope_pub, "" ], signer=signer) db.session.add(audit) db.session.commit() except Exception: traceback.print_exc() db.session.rollback() return None, None return audit, signer
def __init__(self): self.audit = Audit() self._actions = {'create': 'Criou', 'update': 'Atualizou', 'delete': 'Removeu', 'upload': 'Realizou Upload', 'download': 'Realizou Download', 'enable': 'Habilitou', 'disable': 'Desabilitou'}
def create_audit(self, data_type, name, data, action): for word in words: name = name.replace(word, words[word]) for item in data: for word in words: data[item] = data[item].replace(word, words[word]) a = Audit.save(initiated_by=self.session.get("user"), user_affected=name, security_clearance=self.session.get("role"), json_data=json.dumps(data), model=data_type, action=action) return
def create_audit(event_id): event = Event.query.get(event_id) form = AuditForm() if form.validate_on_submit(): audit = Audit() audit.active = form.active.data audit.event = event audit.location = form.location.data audit.starts = form.starts.data audit.ends = form.ends.data db_session.add(audit) db_session.commit() return redirect(url_for('show_event', event_id=event.id)) return render_template("admin/create_audit.html", **locals())
def get(self, user_key): user_session = self.session.get('user') role = self.session.get('role') if role != "admin": self.redirect("/users/login?message=Unauthorized action") return else: user = User.User.get_by_id(int(user_key)) email = user.email user_dict = {"user": "******".format(email)} user_json = json.dumps(user_dict) user_audit = Audit.save(initiated_by=user_session, user_affected=email, security_clearance="admin", json_data=user_json, model="User", action="Delete User") user.key.delete() self.redirect("/admin/users?message={0} {1}".format( email, " deleted"))
def get(self, org_key): user_session = self.session.get('user') role = self.session.get('role') if role != "admin": self.redirect("/users/login?message=Unauthorized action") return else: sql_statement = "SELECT 1_nom, id FROM organization WHERE id={0}".format(org_key) records = QueryHandler.execute_query(sql_statement) org_dict = { "org": "Delete organization '{0}'".format(records[0][0]) } org_json = json.dumps(org_dict) sql_statement = """ UPDATE `organization` SET `is_deleted` = 1 WHERE `id` = "{0}" LIMIT 1; """.format(records[0][1]) update = QueryHandler.execute_query(sql_statement, True) user_audit = Audit.save(initiated_by = self.session.get("user"), organization_affected = self.request.get("name"), security_clearance = "admin", json_data = org_json, model= "Organization", action = "Delete Organization") self.redirect("/admin/records?message={0} {1}".format(records[0][0], " deleted"))
def save(entity): entity = Audit.save(entity) return entity
def get_all(page, page_size, filters): return Audit.get_all(page, page_size, filters)
def get(id): return Audit.get(id)
def save(entity): is_new = True if entity.key is None: entity = ServiceOrderProblem.save(entity) else: is_new = False current = ServiceOrderProblem.get(entity.key.urlsafe()) if current is not None: current.state = entity.state entity = ServiceOrderProblem.save(entity) else: raise ValueError("Service order problem does not exists") csr_users = User.get_by_roles_and_company( "OFFICE ADMIN-CSR", entity.service_order_key.get().customer_key.get().company_key) sender = config.NOREPLY_EMAIL try: route_item = RouteItem.get_by_item_key(entity.service_order_key) if route_item is not None: route = route_item.route_key.get() if route is not None: dispatcher_email = route.created_by if dispatcher_email is not None: dispatcher = User.get_by_email(dispatcher_email) if dispatcher is not None: subject = "" body = "" if is_new == True: subject = "new problem" body = "The user %s has reported and problem on the system" % ( entity.created_by) else: subject = "problem update" body = "The user %s has made an update on problem: %s " % ( entity.created_by, entity.key.urlsafe()) '''1. Send internal message and email to creator of the route''' Notifier.InternalMessageAndEmailHelper.send_internal_message( route.company_key, entity.driver_key, dispatcher.key, subject, body) Notifier.InternalMessageAndEmailHelper.send_email( sender, dispatcher_email, subject, body) '''2. Send internal message and email to csr users''' for user in csr_users: Notifier.InternalMessageAndEmailHelper.send_internal_message( route.company_key, entity.driver_key, user.key, subject, body) Notifier.InternalMessageAndEmailHelper.send_email( sender, user.email, subject, body) except Exception, e: errors = [str(e)] message = "Error sending notification about route incident. Sender %s" % sender audit = Audit() audit.populate(user_email='', error=str(e), message=message) AuditService.AuditInstance.save(audit)