def test_log_owner_operation(caplog, fixed_datetime, profile, operation): audit_logging.log(profile, operation, profile, get_time=fixed_datetime) message = json.loads(caplog.records[-1].message) assert message == { **_common_fields, "audit_event": {**_common_fields["audit_event"], "operation": operation.value}, }
def test_log_status(caplog, fixed_datetime, profile, status): audit_logging.log(profile, Operation.READ, profile, status, get_time=fixed_datetime) message = json.loads(caplog.records[-1].message) assert message == { **_common_fields, "audit_event": {**_common_fields["audit_event"], "status": status.value}, }
def permission_denied(self, request, message=None, code=None): audit_logging.log( self._get_actor(), self._get_operation(), self._get_target(), Status.FORBIDDEN, ) super().permission_denied(request, message, code)
def test_log_anonymous_role(caplog, fixed_datetime, profile, other_profile): audit_logging.log(AnonymousUser(), Operation.READ, profile, get_time=fixed_datetime) message = json.loads(caplog.records[-1].message) assert message == { **_common_fields, "audit_event": { **_common_fields["audit_event"], "actor": {"role": "ANONYMOUS", "profile_id": None}, }, }
def test_log_system_operation(caplog, fixed_datetime, profile, operation): audit_logging.log(None, operation, profile, get_time=fixed_datetime) message = json.loads(caplog.records[-1].message) assert message == { **_common_fields, "audit_event": { **_common_fields["audit_event"], "operation": operation.value, "actor": {"role": "SYSTEM", "profile_id": None}, }, }
def test_log_user_role(caplog, fixed_datetime, profile, other_profile): audit_logging.log(profile, Operation.READ, other_profile, get_time=fixed_datetime) message = json.loads(caplog.records[-1].message) assert message == { **_common_fields, "audit_event": { **_common_fields["audit_event"], "actor": {"role": "USER", "profile_id": str(profile.pk)}, "target": {"id": str(other_profile.pk), "type": "Profile"}, }, }
def test_log_current_timestamp(caplog, profile): tolerance = timedelta(seconds=1) date_before_logging = datetime.now(tz=timezone.utc) - tolerance audit_logging.log(profile, Operation.READ, profile) date_after_logging = datetime.now(tz=timezone.utc) + tolerance message = json.loads(caplog.records[-1].message) logged_date_from_date_time_epoch = datetime.fromtimestamp( int(message["audit_event"]["date_time_epoch"]) / 1000, tz=timezone.utc ) assert date_before_logging <= logged_date_from_date_time_epoch <= date_after_logging logged_date_from_date_time = datetime.strptime( message["audit_event"]["date_time"], "%Y-%m-%dT%H:%M:%S.%f%z" ) assert date_before_logging <= logged_date_from_date_time <= date_after_logging
def test_log_origin(caplog, fixed_datetime, profile): audit_logging.log(profile, Operation.READ, profile, get_time=fixed_datetime) message = json.loads(caplog.records[-1].message) assert message["audit_event"]["origin"] == "APARTMENT_APPLICATION_SERVICE"
def test_log_logs_at_info_level(caplog, profile): audit_logging.log(profile, Operation.READ, profile) for record in caplog.records: assert record.levelname == "INFO"
def perform_destroy(self, instance): actor = copy(self._get_actor()) target = copy(instance) super().perform_destroy(instance) audit_logging.log(actor, Operation.DELETE, target)
def perform_update(self, serializer): super().perform_update(serializer) audit_logging.log(self._get_actor(), Operation.UPDATE, serializer.instance)
def retrieve(self, request, *args, **kwargs): response = super().retrieve(request, *args, **kwargs) audit_logging.log(self._get_actor(), Operation.READ, self._get_target()) return response