def password(self, request, pk, *args, **kwargs): data = request.data.copy() scirius_user = self.get_object() data['user'] = scirius_user.user.pk if request.user.is_superuser: pass_serializer = ChangePasswordSuperUserSerializer(data=data) else: pass_serializer = ChangePasswordSerializer(data=data) pass_serializer.is_valid(raise_exception=True) if request.user.is_superuser is False: if not scirius_user.user.check_password( pass_serializer.validated_data.get('old_password')): raise serializers.ValidationError( {'old_password': ['Wrong password']}) scirius_user.user.set_password( pass_serializer.validated_data.get('new_password')) scirius_user.user.save() scirius_user.save() comment = data.pop('comment', None) comment_serializer = CommentSerializer(data={'comment': comment}) comment_serializer.is_valid(raise_exception=True) UserAction.create(action_type='edit_user_password', comment=comment_serializer.validated_data['comment'], user=request.user, other_user=scirius_user.user) return Response({'password': '******'})
def add_user(request): if request.method == 'POST': form = UserSettingsForm(request.POST) password_form = PasswordCreationForm(request.POST) if form.is_valid() and password_form.is_valid(): ruser = form.save() ruser.set_password(password_form.cleaned_data['password1']) ruser.save() UserAction.create(action_type='create_user', comment=form.cleaned_data['comment'], user=request.user, new_user=ruser) return redirect('list_accounts') context = { 'error': 'Username and/or password are not valid', 'form': form, 'password_form': password_form, 'current_action': 'Add user' } return scirius_render(request, 'accounts/user.html', context) form = UserSettingsForm() password_form = PasswordCreationForm() context = { 'form': form, 'current_action': 'Add user', 'password_form': password_form } return scirius_render(request, 'accounts/user.html', context)
def logoutview(request): from rules.models import UserAction UserAction.create(action_type='logout', user=request.user, force_insert=True) logout(request) return redirect(settings.LOGIN_URL)
def post(self, request, format=None): suri = Suricata.objects.first() try: suri.ruleset.update() except IOError as e: raise serializers.ValidationError( {'update_push_all': ['Can not fetch data: %s' % e]}) suri.generate() ret = suri.push() suri.updated_date = timezone.now() suri.save() msg = ['Suricata restart already asked'] if ret: msg = 'ok' comment = request.data.get('comment', None) comment_serializer = CommentSerializer(data={'comment': comment}) comment_serializer.is_valid(raise_exception=True) UserAction.create( action_type='update_push_all', user=request.user, ruleset=suri.ruleset, comment=comment_serializer.validated_data['comment']) return Response({'update_push_all': msg})
def partial_update(self, request, pk, *args, **kwargs): if request.user.is_superuser is False: for right in ( 'is_active', 'is_staff', 'is_superuser', ): if right in request.data: raise PermissionDenied({ right: 'You do not have permission to perform this action.' }) data = request.data.copy() comment = data.pop('comment', None) instance = self.get_object() serializer = self.get_serializer(instance, data=request.data, partial=True) serializer.is_valid(raise_exception=True) comment_serializer = CommentSerializer(data={'comment': comment}) comment_serializer.is_valid(raise_exception=True) UserAction.create(action_type='edit_user', comment=comment_serializer.validated_data['comment'], user=request.user, other_user=serializer.instance.user) return super(AccountViewSet, self).update(request, pk, partial=True, *args, **kwargs)
def _update_or_partial_update(self, request, partial, *args, **kwargs): comment = request.data.pop('comment', None) instance = self.get_object() serializer = self.get_serializer(instance, data=request.data, partial=partial) serializer.is_valid(raise_exception=True) # This save is used to have the new name if user has edited transfo serializer.save() trans_type = serializer.validated_data['key'] trans_value = serializer.validated_data['value'] ruleset = serializer.validated_data['ruleset_transformation'] comment_serializer = CommentSerializer(data={'comment': comment}) comment_serializer.is_valid(raise_exception=True) UserAction.create(action_type='transform_ruleset', comment=comment_serializer.validated_data['comment'], user=request.user, transformation='%s: %s' % (trans_type, trans_value.title()), ruleset=ruleset)
def edit_password(request, user_id): user = get_object_or_404(User, pk=user_id) context = {'user': user, 'username': json.dumps(user.username)} if request.method == 'POST': form = PasswordForm(request.POST) if form.is_valid(): user.set_password(form.cleaned_data['password']) user.save() if user == request.user: # If the user change his own password prevent the session to be invalidated update_session_auth_hash(request, user) UserAction.create(action_type='edit_user_password', comment=form.cleaned_data['comment'], user=request.user, other_user=user) return redirect('list_accounts') else: context['error'] = 'Password form is not valid' context['form'] = form return scirius_render(request, 'accounts/user.html', context) form = PasswordForm() context['form'] = form context['current_action'] = 'Edit password for user %s' % user.username return scirius_render(request, 'accounts/user.html', context)
def edit_user(request, user_id): user = get_object_or_404(User, pk=user_id) context = {'user': user, 'username': json.dumps(user.username)} if request.method == 'POST': form = UserSettingsForm(request.POST, instance=user) if form.is_valid(): user = form.save() UserAction.create(action_type='edit_user', comment=form.cleaned_data['comment'], user=request.user, other_user=user) return redirect('list_accounts') context['error'] = 'Edition form is not valid' context['form'] = form context['current_action'] = 'Edit user %s' % user.username return scirius_render(request, 'accounts/user.html', context) form = UserSettingsForm(instance=user) context['form'] = form context['current_action'] = 'Edit user %s' % user.username context['is_from_ldap'] = user.sciriususer.is_from_ldap() return scirius_render(request, 'accounts/user.html', context)
def token(self, request, *args, **kwargs): scirius_user = self.get_object() tokens = Token.objects.filter(user=scirius_user.user) token = '' if request.method == 'GET': if len(tokens) > 0: token = tokens[0].key else: if len(tokens) > 0: tokens[0].delete() token = Token.objects.create(user=scirius_user.user).key data = request.data.copy() comment = data.pop('comment', None) comment_serializer = CommentSerializer(data={'comment': comment}) comment_serializer.is_valid(raise_exception=True) UserAction.create( action_type='edit_user_token', comment=comment_serializer.validated_data['comment'], user=request.user, other_user=scirius_user.user) return Response({'token': token})
def add_group(request): if request.method == 'POST': form = GroupEditForm(request.POST) if form.is_valid(): group = form.save() UserAction.create(action_type='create_group', comment=form.cleaned_data['comment'], user=request.user, new_group=group) return redirect('list_accounts') context = { 'form': form, 'current_action': 'Add role', 'can_edit': True } return scirius_render(request, 'accounts/group.html', context) form = GroupEditForm() context = { 'form': form, 'current_action': 'Add role', 'mapping': json.dumps(form.mapping), 'can_edit': True } return scirius_render(request, 'accounts/group.html', context)
def edit_group(request, group_id): django_group = get_object_or_404(DjangoGroup, pk=group_id) context = { 'group': django_group, 'action': 'edit', 'group_name': json.dumps(django_group.name) } if request.method == 'POST': form = GroupEditForm(request.POST, instance=django_group) if form.is_valid(): form.save() UserAction.create(action_type='edit_group', comment=form.cleaned_data['comment'], user=request.user, group=django_group) return redirect('list_accounts') context['error'] = 'Edition form is not valid' context['form'] = form context['current_action'] = 'Edit group %s' % django_group.name return scirius_render(request, 'accounts/group.html', context) form = GroupEditForm(instance=django_group) context['can_edit'] = django_group.name not in GroupEditForm.DEFAULT_GROUPS context['form'] = form context['mapping'] = json.dumps(form.mapping) context['current_action'] = 'Edit role %s' % django_group.name return scirius_render(request, 'accounts/group.html', context)
def post(self, request, format=None): suri = Suricata.objects.first() try: suri.ruleset.update() except IOError as e: raise serializers.ValidationError({'update_push_all': ['Can not fetch data: %s' % e]}) suri.generate() ret = suri.push() suri.updated_date = timezone.now() suri.save() msg = ['Suricata restart already asked'] if ret: msg = 'ok' comment = request.data.get('comment', None) comment_serializer = CommentSerializer(data={'comment': comment}) comment_serializer.is_valid(raise_exception=True) UserAction.create( action_type='update_push_all', user=request.user, ruleset=suri.ruleset, comment=comment_serializer.validated_data['comment'] ) return Response({'update_push_all': msg})
def _update_or_create(self, operation, instance, validated_data): filters = validated_data.pop('filter_defs', None) comment = validated_data.pop('comment', None) previous_index = None new_index = None index_max = RuleProcessingFilter.objects.aggregate(models.Max('index'))['index__max'] if operation == 'create': if not filters: # Error on null and empt list raise serializers.ValidationError({'filter_defs': ['This field is required.']}) if validated_data.get('index') is None: if index_max is None: validated_data['index'] = 0 else: validated_data['index'] = index_max + 1 else: new_index = validated_data['index'] if new_index != 0 and (index_max is None or new_index > index_max + 1): raise serializers.ValidationError({'index': ['Invalid index value (too high).']}) instance = super(RuleProcessingFilterSerializer, self).create(validated_data) user_action = 'create' else: if filters is not None and len(filters) == 0: # Error on empty list only raise serializers.ValidationError({'filter_defs': ['This field is required.']}) if 'index' in validated_data: previous_index = instance.index new_index = validated_data['index'] if new_index is None: new_index = index_max + 1 validated_data['index'] = new_index elif new_index > index_max + 1: raise serializers.ValidationError({'index': ['Invalid index value (too high).']}) instance = super(RuleProcessingFilterSerializer, self).update(instance, validated_data) user_action = 'edit' self._reorder(instance, previous_index, new_index) if filters: try: self._set_filters(instance, filters) except: if operation == 'create': instance.delete() raise UserAction.create( action_type='%s_rule_filter' % user_action, comment=comment, user=self.context['request'].user, rule_filter=instance ) return instance
def update(request): suri = get_suri() if not request.user.is_staff: return redirect('/') if suri is None: form = SuricataForm() context = {'creation': True, 'form': form} return scirius_render(request, 'suricata/edit.html', context) if request.method == 'POST': form = SuricataUpdateForm(request.POST) if not form.is_valid(): return scirius_render(request, 'suricata/update.html', { 'suricata': suri, 'error': "Invalid form" }) message = [] if form.cleaned_data['reload']: try: suri.ruleset.update() except IOError as errors: return index(request, error="Can not fetch data: %s" % (errors)) message.append("Rule downloaded at %s." % str(suri.ruleset.updated_date)) if form.cleaned_data['build']: suri.generate() suri.updated_date = timezone.now() suri.save() message.append("Successful ruleset build at %s." % str(suri.updated_date)) if form.cleaned_data['push']: ret = suri.push() suri.updated_date = timezone.now() suri.save() if ret: message.append("Successful asked ruleset reload at %s." % str(suri.updated_date)) else: message.append("Suricata restart already asked.") UserAction.create(action_type='edit_suricata', comment=form.cleaned_data['comment'], user=request.user, suricata=suri) context = {'message': message, 'suricata': suri} return scirius_render(request, 'suricata/update.html', context) else: return scirius_render(request, 'suricata/update.html', { 'suricata': suri, 'form': CommentForm() })
def edit(request): suri = get_suri() if request.method == 'POST': if suri: suri.updated_date = timezone.now() form = SuricataForm(request.POST, instance=suri) else: form = SuricataForm(request.POST) if form.is_valid(): if suri: form.save() UserAction.create( action_type='edit_suricata', comment=form.cleaned_data['comment'], user=request.user, suricata=suri ) return redirect(index) try: suricata = Suricata.objects.create( name=form.cleaned_data['name'], descr=form.cleaned_data['descr'], output_directory=form.cleaned_data['output_directory'], created_date=timezone.now(), updated_date=timezone.now(), ruleset=form.cleaned_data['ruleset'], yaml_file=form.cleaned_data['yaml_file'], ) except IntegrityError as error: return scirius_render( request, 'suricata/edit.html', {'form': form, 'error': error} ) UserAction.create( action_type='create_suricata', comment=form.cleaned_data['comment'], user=request.user, suricata=suricata ) return redirect(index) else: return scirius_render( request, 'suricata/edit.html', {'form': form, 'error': 'Invalid form'} ) else: if suri: form = SuricataForm(instance=suri) else: form = SuricataForm() missing = dependencies_check(Suricata) return scirius_render(request, 'suricata/edit.html', {'form': form, 'missing': missing})
def logoutview(request): from rules.models import UserAction UserAction.create( action_type='logout', user=request.user, force_insert=True ) logout(request) return redirect(settings.LOGIN_URL)
def destroy(self, request, *args, **kwargs): ruleset = self.get_object() comment = request.data.pop('comment', None) comment_serializer = CommentSerializer(data={'comment': comment}) comment_serializer.is_valid(raise_exception=True) UserAction.create(action_type='delete_ruleset', user=request.user, ruleset=ruleset, comment=comment_serializer.validated_data['comment']) return super(RulesetViewSet, self).destroy(request, *args, **kwargs)
def loginview(request, target): if request.method == 'POST': form = LoginForm(request.POST) if not form.is_valid(): # All validation rules pass form = LoginForm() context = {'form': form, 'error': 'Invalid form'} return scirius_render(request, 'accounts/login.html', context) username = form.cleaned_data['username'] password = form.cleaned_data['password'] user = authenticate(username=username, password=password) if user is not None: if user.is_active: login(request, user) try: sciriususer = SciriusUser.objects.get(user=user) sciriususer.sciriususerapp except (SciriusUser.DoesNotExist, AttributeError): SciriusUser.objects.get_or_create( user=user, defaults={'timezone': 'UTC'}) get_middleware_module('common').update_scirius_user_class( user, form.cleaned_data) if not form.cleaned_data['persistent']: request.session.set_expiry(0) logger = logging.getLogger('authentication') logger.info("Successful login for '%s' from '%s'", username, get_client_ip(request)) UserAction.create(action_type='login', user=user, force_insert=True) return redirect("/" + target) else: form = LoginForm() context = {'form': form, 'error': 'Disabled account'} logger = logging.getLogger('authentication') logger.error( "Invalid login attempt for disabled account '%s' from '%s'", username, get_client_ip(request)) return scirius_render(request, 'accounts/login.html', context) else: form = LoginForm() context = {'form': form, 'error': 'Invalid login'} logger = logging.getLogger('authentication') logger.error("Invalid login attempt for '%s' from '%s'", username, get_client_ip(request)) return scirius_render(request, 'accounts/login.html', context) else: form = LoginForm() context = {'form': form} return scirius_render(request, 'accounts/login.html', context)
def destroy(self, request, *args, **kwargs): old_user = self.get_object() # Do not need to copy 'request.data' and pop 'comment' # because we are not using serializer there comment = request.data.get('comment', None) comment_serializer = CommentSerializer(data={'comment': comment}) comment_serializer.is_valid(raise_exception=True) UserAction.create(action_type='delete_user', user=request.user, old_user=old_user.user, comment=comment_serializer.validated_data['comment']) return super(AccountViewSet, self).destroy(request, *args, **kwargs)
def destroy(self, request, *args, **kwargs): transfo = self.get_object() comment = request.data.pop('comment', None) comment_serializer = CommentSerializer(data={'comment': comment}) comment_serializer.is_valid(raise_exception=True) UserAction.create(action_type='delete_transform_ruleset', comment=comment_serializer.validated_data['comment'], user=request.user, transformation='%s: %s' % (transfo.key, transfo.value.title()), ruleset=transfo.ruleset_transformation) return super(RulesetTransformationViewSet, self).destroy(request, *args, **kwargs)
def loginview(request, target): if request.method == 'POST': form = LoginForm(request.POST) if not form.is_valid(): # All validation rules pass form = LoginForm() context = {'form': form, 'error': 'Invalid form'} return scirius_render(request, 'accounts/login.html', context) username = form.cleaned_data['username'] password = form.cleaned_data['password'] user = authenticate(username=username, password=password) if user is not None: if user.is_active: login(request, user) try: sciriususer = SciriusUser.objects.get(user=user) except SciriusUser.DoesNotExist: sciriususer = SciriusUser.objects.create(user=user, timezone='UTC') if not form.cleaned_data['persistent']: request.session.set_expiry(0) logger = logging.getLogger('authentication') logger.info("Successful login for '%s' from '%s'", username, get_real_ip(request)) from rules.models import UserAction UserAction.create(action_type='login', user=user, force_insert=True) return redirect("/" + target) else: form = LoginForm() context = {'form': form, 'error': 'Disabled account'} logger = logging.getLogger('authentication') logger.error( "Invalid login attempt for disabled account '%s' from '%s'", username, get_real_ip(request)) return scirius_render(request, 'accounts/login.html', context) else: form = LoginForm() context = {'form': form, 'error': 'Invalid login'} logger = logging.getLogger('authentication') logger.error("Invalid login attempt for '%s' from '%s'", username, get_real_ip(request)) return scirius_render(request, 'accounts/login.html', context) else: form = LoginForm() context = {'form': form} return scirius_render(request, 'accounts/login.html', context)
def delete_user(request, user_id): if request.method != 'POST': return HttpResponseNotAllowed('Only POST here') user = get_object_or_404(User, pk=user_id) comment_form = CommentForm(request.POST) if not comment_form.is_valid(): return JsonResponse({'error': '\n'.join(comment_form.errors)}) user.delete() UserAction.create(action_type='delete_user', comment=comment_form.cleaned_data['comment'], user=request.user, old_user=user) return JsonResponse({'redirect': '/accounts/user/'})
def update(self, request, pk, *args, **kwargs): data = request.data.copy() comment = data.pop('comment', None) instance = self.get_object() serializer = self.get_serializer(instance, data=request.data, partial=False) serializer.is_valid(raise_exception=True) comment_serializer = CommentSerializer(data={'comment': comment}) comment_serializer.is_valid(raise_exception=True) UserAction.create(action_type='edit_user', comment=comment_serializer.validated_data['comment'], user=request.user, other_user=serializer.instance.user) return super(AccountViewSet, self).update(request, pk, *args, **kwargs)
def loginview(request, target): if request.method == 'POST': form = LoginForm(request.POST) if not form.is_valid(): # All validation rules pass form = LoginForm() context = { 'form': form, 'error': 'Invalid form' } return scirius_render(request, 'accounts/login.html', context) username = form.cleaned_data['username'] password = form.cleaned_data['password'] user = authenticate(username=username, password=password) if user is not None: if user.is_active: login(request, user) try: sciriususer = SciriusUser.objects.get(user=user) except SciriusUser.DoesNotExist: sciriususer = SciriusUser.objects.create(user=user, timezone = 'UTC') if not form.cleaned_data['persistent']: request.session.set_expiry(0) logger = logging.getLogger('authentication') logger.info("Successful login for '%s' from '%s'", username, get_real_ip(request)) from rules.models import UserAction UserAction.create( action_type='login', user=user, force_insert=True ) return redirect("/" + target) else: form = LoginForm() context = { 'form': form, 'error': 'Disabled account' } logger = logging.getLogger('authentication') logger.error("Invalid login attempt for disabled account '%s' from '%s'", username, get_real_ip(request)) return scirius_render(request, 'accounts/login.html', context) else: form = LoginForm() context = { 'form': form, 'error': 'Invalid login' } logger = logging.getLogger('authentication') logger.error("Invalid login attempt for '%s' from '%s'", username, get_real_ip(request)) return scirius_render(request, 'accounts/login.html', context) else: form = LoginForm() context = { 'form': form } return scirius_render(request, 'accounts/login.html', context)
def create(self, request, *args, **kwargs): data = request.data.copy() comment = data.pop('comment', None) serializer = AccountSerializer(data=data) serializer.is_valid(raise_exception=True) serializer.save() comment_serializer = CommentSerializer(data={'comment': comment}) comment_serializer.is_valid(raise_exception=True) UserAction.create(action_type='create_user', comment=comment_serializer.validated_data['comment'], user=request.user, new_user=serializer.instance.user) headers = self.get_success_headers(serializer.data) return Response(serializer.data, headers=headers, status=status.HTTP_201_CREATED)
def destroy(self, request, *args, **kwargs): from rules.rest_api import CommentSerializer comment_serializer = CommentSerializer(data=request.data) comment_serializer.is_valid(raise_exception=True) UserAction.create( action_type='delete_rule_filter', comment=comment_serializer.validated_data.get('comment'), user=request.user, rule_filter=self.get_object() ) index = self.get_object().index response = super(RuleProcessingFilterViewSet, self).destroy(request, *args, **kwargs) # Update index values RuleProcessingFilter.objects.filter(index__gt=index).update(index=models.F('index') - 1) return response
def delete_group(request, group_id): if request.method != 'POST': return HttpResponseNotAllowed('Only POST here') group = get_object_or_404(DjangoGroup, pk=group_id) comment_form = CommentForm(request.POST) if not comment_form.is_valid(): return JsonResponse({'error': '\n'.join(comment_form.errors)}) Group.objects.filter( priority__gt=group.group.priority, ).update(priority=F('priority') - 1) group.delete() UserAction.create(action_type='delete_group', comment=comment_form.cleaned_data['comment'], user=request.user, group=group.group) return JsonResponse({'redirect': '/accounts/role/'})
def create(self, request, *args, **kwargs): comment = request.data.pop('comment', None) serializer = RulesetSerializer(data=request.data) serializer.is_valid(raise_exception=True) serializer.save() comment_serializer = CommentSerializer(data={'comment': comment}) comment_serializer.is_valid(raise_exception=True) ruleset = Ruleset.objects.filter(pk=serializer.data['pk'])[0] UserAction.create(action_type='create_ruleset', comment=comment_serializer.validated_data['comment'], user=request.user, ruleset=ruleset) headers = self.get_success_headers(serializer.data) return Response(serializer.data, status=status.HTTP_201_CREATED, headers=headers)
def _update_or_partial_update(self, request, partial, *args, **kwargs): comment = request.data.pop('comment', None) instance = self.get_object() serializer = self.get_serializer(instance, data=request.data, partial=partial) serializer.is_valid(raise_exception=True) # This save is used to have the new name if user has edited ruleset name serializer.save() comment_serializer = CommentSerializer(data={'comment': comment}) comment_serializer.is_valid(raise_exception=True) UserAction.create(action_type='edit_ruleset', comment=comment_serializer.validated_data['comment'], user=request.user, ruleset=instance)
def manageview(request, action): context = {'action': 'User management'} if request.method == 'POST': form = UserCreationForm(request.POST) if form.is_valid(): if request.user.is_superuser: ruser = form.save() sciriususer = SciriusUser.objects.create(user=ruser, timezone='UTC') sciriususer.save() UserAction.create(action_type='create_user', comment=form.cleaned_data['comment'], user=request.user, new_user=sciriususer.user) else: context['error'] = 'Not enough permission to create users' else: if action != 'add': context['error'] = 'Invalid form' else: context['error'] = 'Username and/or password are not valid' context['form'] = form return scirius_render(request, 'accounts/user.html', context) else: if request.user.is_superuser is False: if len(action) == 0: action = 'list' context['error'] = 'Not enough permission to %s users' % action return scirius_render(request, 'accounts/user.html', context) if (action == 'add'): form = UserCreationForm() context = {'form': form, 'current_action': 'Add user'} return scirius_render(request, 'accounts/user.html', context) return scirius_listing(request, User, 'Users', adduri="/accounts/manage/add")
def edit(request): suri = get_suri() if not request.user.is_staff: return redirect('/') if request.method == 'POST': if suri: suri.updated_date = timezone.now() form = SuricataForm(request.POST, instance=suri) else: form = SuricataForm(request.POST) if form.is_valid(): if suri: form.save() ua = UserAction(action='modify', options='suricata', user=request.user, userobject=suri, comment=form.cleaned_data['comment']) ua.save() return redirect(index) try: suricata = Suricata.objects.create( name=form.cleaned_data['name'], descr=form.cleaned_data['descr'], output_directory=form.cleaned_data['output_directory'], created_date=timezone.now(), updated_date=timezone.now(), ruleset=form.cleaned_data['ruleset'], yaml_file=form.cleaned_data['yaml_file'], ) except IntegrityError, error: return scirius_render(request, 'suricata/edit.html', { 'form': form, 'error': error }) ua = UserAction(action='create', options='suricata', user=request.user, userobject=suricata, comment=form.cleaned_data['comment']) ua.save() return redirect(index) else: return scirius_render(request, 'suricata/edit.html', { 'form': form, 'error': 'Invalid form' })
def create(self, request, *args, **kwargs): comment = request.data.pop('comment', None) serializer = self.get_serializer(data=request.data) serializer.is_valid(raise_exception=True) serializer.save() comment_serializer = CommentSerializer(data={'comment': comment}) comment_serializer.is_valid(raise_exception=True) ruleset = serializer.validated_data['ruleset_transformation'] trans_type = serializer.validated_data['key'] trans_value = serializer.validated_data['value'] UserAction.create(action_type='transform_ruleset', comment=comment_serializer.validated_data['comment'], user=request.user, transformation='%s: %s' % (trans_type, trans_value.title()), ruleset=ruleset) headers = self.get_success_headers(serializer.data) return Response(serializer.data, status=status.HTTP_201_CREATED, headers=headers)
def get_user_actions_dict(): from rules.models import UserAction return UserAction.get_user_actions_dict()