def sys_log_perm_audit(request):
"""
"""
if not EVENTS_ENABLED:
raise Http404
# Make sure page request is an int. If not, deliver first page.
try:
current_page = int(request.GET.get('page', '1'))
per_page = int(request.GET.get('per_page', '100'))
except ValueError:
current_page = 1
per_page = 100
user_selected = request.GET.get('email', None)
repo_selected = request.GET.get('repo_id', None)
start = per_page * (current_page - 1)
limit = per_page
# org_id = 0, show all file audit
events = get_perm_audit_events(user_selected, 0, repo_selected, start,
limit)
if events:
for ev in events:
if ev.to.isdigit():
group = ccnet_api.get_group(int(ev.to))
ev.perm_group_name = group.group_name if group else None
ev.repo = seafile_api.get_repo(ev.repo_id)
ev.folder_name = os.path.basename(ev.file_path)
ev.time = utc_to_local(ev.timestamp)
page_next = True if len(events) == per_page else False
else:
page_next = False
extra_href = ''
if user_selected:
extra_href += "&email=%s" % user_selected
if repo_selected:
extra_href += "&repo_id=%s" % repo_selected
return render(
request, 'sys_perm_audit.html', {
'events': events,
'user_selected': user_selected,
'repo_selected': repo_selected,
'extra_href': extra_href,
'current_page': current_page,
'prev_page': current_page - 1,
'next_page': current_page + 1,
'per_page': per_page,
'page_next': page_next,
})
def get(self, request):
""" Get all share permissions logs.
Permission checking:
1. only admin can perform this action.
"""
try:
current_page = int(request.GET.get('page', '1'))
per_page = int(request.GET.get('per_page', '100'))
except ValueError:
current_page = 1
per_page = 100
user_selected = request.GET.get('email', None)
if user_selected and not is_valid_email(user_selected):
error_msg = 'email %s invalid.' % user_selected
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
repo_id_selected = request.GET.get('repo_id', None)
if repo_id_selected and not is_valid_repo_id_format(repo_id_selected):
error_msg = 'repo_id %s invalid.' % repo_id_selected
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
start = per_page * (current_page - 1)
limit = per_page
# org_id = 0, show all file audit
events = get_perm_audit_events(user_selected, 0, repo_id_selected,
start, limit) or []
has_next_page = True if len(events) == per_page else False
# Use dict to reduce memcache fetch cost in large for-loop.
from_nickname_dict = {}
from_contact_email_dict = {}
to_nickname_dict = {}
to_contact_email_dict = {}
repo_dict = {}
from_user_email_set = set()
to_user_email_set = set()
repo_id_set = set()
for event in events:
from_user_email_set.add(event.from_user)
to_user_email_set.add(event.to)
repo_id_set.add(event.repo_id)
for e in from_user_email_set:
if e not in from_nickname_dict:
from_nickname_dict[e] = email2nickname(e)
if e not in from_contact_email_dict:
from_contact_email_dict[e] = email2contact_email(e)
for e in to_user_email_set:
if e not in to_nickname_dict:
to_nickname_dict[e] = email2nickname(e)
if e not in to_contact_email_dict:
to_contact_email_dict[e] = email2contact_email(e)
for e in repo_id_set:
if e not in repo_dict:
repo_dict[e] = seafile_api.get_repo(e)
events_info = []
for ev in events:
data = {}
from_user_email = ev.from_user
to_user_email = ev.to
data['from_user_email'] = from_user_email
data['from_user_name'] = from_nickname_dict.get(
from_user_email, '')
data['from_user_contact_email'] = from_contact_email_dict.get(
from_user_email, '')
data['to_user_email'] = to_user_email
data['to_user_name'] = to_nickname_dict.get(to_user_email, '')
data['to_user_contact_email'] = to_contact_email_dict.get(
to_user_email, '')
data['etype'] = ev.etype
data['permission'] = ev.permission
repo_id = ev.repo_id
data['repo_id'] = repo_id
repo = repo_dict.get(repo_id, None)
data['repo_name'] = repo.name if repo else ''
data['folder'] = '/' if ev.file_path == '/' else os.path.basename(
ev.file_path.rstrip('/'))
data['date'] = utc_datetime_to_isoformat_timestr(ev.timestamp)
events_info.append(data)
resp = {
'share_permission_log_list': events_info,
'has_next_page': has_next_page,
}
return Response(resp)
def get(self, request):
"""List organization permission audit in logs
"""
if not EVENTS_ENABLED:
error_msg = "Events not enabled."
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# Make sure page request is an int. If not, deliver first page.
try:
page = int(request.GET.get('page', '1'))
per_page = int(request.GET.get('per_page', '25'))
except ValueError:
page = 1
per_page = 25
user_selected = request.GET.get('email', None)
repo_selected = request.GET.get('repo_id', None)
start = per_page * (page - 1)
limit = per_page
org_id = request.user.org.org_id
events = get_perm_audit_events(user_selected, org_id, repo_selected,
start, limit)
event_list = []
if not events:
return Response({
'log_list': event_list,
'page': page,
'page_next': False
})
ev_user_list = []
repo_id_list = []
group_id_list = []
for ev in events:
ev_user_list.append(ev.from_user)
repo_id_list.append(ev.repo_id)
if '@' in ev.to:
ev_user_list.append(ev.to)
if ev.to.isdigit():
group_id_list.append(ev.to)
ev_user_name_dict = get_user_name_dict(ev_user_list)
ev_user_contact_email_dict = get_user_contact_email_dict(ev_user_list)
ev_repo_dict = get_repo_dict(repo_id_list)
ev_group_dict = get_group_dict(group_id_list)
for ev in events:
event = {}
event['from_user_email'] = ev.from_user
event['from_user_name'] = ev_user_name_dict[ev.from_user]
event['from_user_contact_email'] = ev_user_contact_email_dict[
ev.from_user]
if ev.to.isdigit():
event['to_group_name'] = ev_group_dict[
ev.to].group_name if ev_group_dict[ev.to] else ''
event['to_group_id'] = ev.to
elif ev.to == 'all':
pass
else:
event['to_user_email'] = ev.to
event['to_user_name'] = ev_user_name_dict[ev.to]
event['to_user_contact_email'] = ev_user_contact_email_dict[
ev.to]
event['type'] = update_log_perm_audit_type(ev)
event['permission'] = ev.permission
event['repo_name'] = ev_repo_dict[ev.repo_id].name if ev_repo_dict[
ev.repo_id] else ''
event['repo_id'] = ev.repo_id
event['folder_name'] = os.path.basename(ev.file_path)
event['folder_path'] = ev.file_path
event['time'] = datetime_to_isoformat_timestr(ev.timestamp)
event_list.append(event)
page_next = True if len(events) == per_page else False
return Response({
'log_list': event_list,
'page': page,
'page_next': page_next,
})
def org_log_perm_audit(request):
"""
"""
if not EVENTS_ENABLED:
raise Http404
# Make sure page request is an int. If not, deliver first page.
try:
current_page = int(request.GET.get('page', '1'))
per_page = int(request.GET.get('per_page', '100'))
except ValueError:
current_page = 1
per_page = 100
user_selected = request.GET.get('email', None)
repo_selected = request.GET.get('repo_id', None)
start = per_page * (current_page - 1)
limit = per_page
org_id = request.user.org.org_id
events = get_perm_audit_events(user_selected, org_id, repo_selected, start,
limit)
if events:
for ev in events:
if ev.to.isdigit():
ev.perm_group_name = get_group(ev.to).group_name if \
get_group(ev.to) is not None else None
ev.repo = get_repo(ev.repo_id)
ev.folder_name = os.path.basename(ev.file_path)
ev.time = utc_to_local(ev.timestamp)
if org_user_exists(org_id, ev.from_user):
ev.is_org_from_user = True
if org_user_exists(org_id, ev.to):
ev.is_org_to_user = True
page_next = True if len(events) == per_page else False
else:
page_next = False
extra_href = ''
if user_selected:
extra_href += "&email=%s" % user_selected
if repo_selected:
extra_href += "&repo_id=%s" % repo_selected
return render(
request, 'organizations/org_perm_audit.html', {
'events': events,
'user_selected': user_selected,
'repo_selected': repo_selected,
'extra_href': extra_href,
'current_page': current_page,
'prev_page': current_page - 1,
'next_page': current_page + 1,
'per_page': per_page,
'page_next': page_next,
})