예제 #1
0
    def __call__(self):
        warnings = []
        enabled_event_id = AuditLogEventType.by_name('UserEnabled').id
        disabled_event_id = AuditLogEventType.by_name('UserDisabled').id
        for user in User.get_all():
            last_enabled_entry = AuditLogEntry.get_all(
                security=False,
                filter_by={
                    'event_type_id': enabled_event_id,
                    'user_id': user.id
                },
                order_by='timestamp'
            ).first()
            last_disabled_entry = AuditLogEntry.get_all(
                security=False,
                filter_by={
                    'event_type_id': disabled_event_id,
                    'user_id': user.id
                },
                order_by='timestamp'
            ).first()

            if user.enabled:
                if not last_enabled_entry:
                    warnings.append(
                        'User {} ({}) is enabled, '
                        'but has no UserEnabled entry.'.format(
                            user.email, user.id))

                elif last_disabled_entry and (
                        last_enabled_entry.timestamp < last_disabled_entry.timestamp):  # noqa
                    warnings.append(
                        'User {} ({}) is enabled, '
                        'but has an UserDisabled entry '
                        'after UserEnabled entry.'.format(
                            user.email, user.id))

            else:
                if not last_disabled_entry:
                    warnings.append(
                        'User {} ({}) is disabled, '
                        'but has no UserDisabled entry.'.format(
                            user.email, user.id))

                elif last_enabled_entry and (
                        last_disabled_entry.timestamp < last_enabled_entry.timestamp):  # noqa
                    warnings.append(
                        'User {} ({}) is disabled, '
                        'but has an UserEnabled entry '
                        'after UserDisabled entry.'.format(
                            user.email, user.id))

        return warnings
예제 #2
0
 def _make_enabled_entry(self):
     from pyramid_bimt.models import AuditLogEventType
     from pyramid_bimt.tests.test_auditlog_model import _make_entry
     _make_entry(
         user=self.user,
         event_type=AuditLogEventType.by_name('UserEnabled'),
     )
예제 #3
0
def add_demo_auditlog_entries():
    """Add a dummy audit-log entry."""
    with transaction.manager:
        read = AuditLogEntry(
            user=User.by_email('*****@*****.**'),
            event_type_id=AuditLogEventType.by_name(u'UserChangedPassword').id,
            comment=u'read entry',
            read=True,
        )
        Session.add(read)

        unread = AuditLogEntry(
            user=User.by_email('*****@*****.**'),
            event_type_id=AuditLogEventType.by_name(u'UserChangedPassword').id,
            comment=u'unread entry',
            read=False,
        )
        Session.add(unread)
예제 #4
0
def expire_subscriptions():
    """Find all outstanding subscriptions and expire them."""
    with transaction.manager:
        for user in User.get_all():
            if user.enabled:
                if user.valid_to < date.today():
                    user.disable()
                    msg = u'Disabled user {} ({}) because its valid_to ({}) ' \
                        'has expired.'.format(
                            user.email, user.id, user.valid_to)
                    Session.add(
                        AuditLogEntry(
                            user_id=user.id,
                            event_type_id=AuditLogEventType.by_name(
                                'UserDisabled').id,
                            comment=msg,
                        ))
                    logger.info(msg)
                    continue

                # handle addons
                for prop in user.properties:
                    if not prop.key.startswith('addon_'):
                        continue
                    if not prop.key.endswith('_valid_to'):
                        continue
                    valid_to = datetime.strptime(prop.value, '%Y-%m-%d').date()
                    if valid_to >= date.today():
                        continue
                    group = Group.by_product_id(
                        prop.key.split('addon_')[1].split('_valid_to')[0])
                    user.groups.remove(group)
                    msg = u'Addon "{}" disabled for user {} ({}) because ' \
                        'its valid_to ({}) has expired.'.format(
                            group.name, user.email, user.id, prop.value)
                    Session.add(
                        AuditLogEntry(
                            user_id=user.id,
                            event_type_id=AuditLogEventType.by_name(
                                'UserDisabled').id,
                            comment=msg,
                        ))
예제 #5
0
 def log_event(self, comment=None, read=False):
     from pyramid_bimt.models import AuditLogEntry
     from pyramid_bimt.models import AuditLogEventType
     event_type = AuditLogEventType.by_name(name=self.__class__.__name__)
     entry = AuditLogEntry(
         user_id=self.user.id,
         event_type_id=event_type.id,
         comment=comment,
         read=read,
     )
     Session.add(entry)
예제 #6
0
def default_audit_log_event_types():
    """Return a list of all default Audit log event types.

    This is normally used in scripts that populate DB with initial data.

    :return: All default Audit log event types.
    :rtype: list of AuditLogEventType objects
    """
    types = []
    for name, obj in inspect.getmembers(events, inspect.isclass):
        if (issubclass(obj, events.PyramidBIMTEvent)
                and name != 'PyramidBIMTEvent'):
            types.append(
                AuditLogEventType(
                    name=name,
                    title=u' '.join(re.findall('[A-Z][^A-Z]*', name)),
                    description=unicode(obj.__doc__),
                ))
    return types
예제 #7
0
    def test_audit_log_read_all(self):
        from pyramid_bimt.models import AuditLogEventType
        from pyramid_bimt.views.auditlog import audit_log_read_all
        import transaction
        self.config.testing_securitypolicy(userid='*****@*****.**',
                                           permissive=True)
        request = self.request
        request.user = User(id=1, email='*****@*****.**')
        entry = AuditLogEntry(
            user_id=1,
            event_type_id=AuditLogEventType.by_name('UserCreated').id,
        )
        Session.add(entry)
        transaction.commit()
        self.assertFalse(AuditLogEntry.get_all(request=request).first().read)

        resp = audit_log_read_all(request)
        self.assertIn('/activity/', resp.location)

        self.assertTrue(AuditLogEntry.get_all(request=request).first().read)
예제 #8
0
    def test_audit_log_delete(self):
        from pyramid_bimt.models import AuditLogEventType
        from pyramid_bimt.views.auditlog import audit_log_delete
        import transaction
        self.config.testing_securitypolicy(userid='*****@*****.**',
                                           permissive=True)
        request = self.request
        request.user = User(id=1, email='*****@*****.**')
        entry = AuditLogEntry(
            user_id=1,
            event_type_id=AuditLogEventType.by_name('UserCreated').id,
        )
        Session.add(entry)
        request.context = entry
        transaction.commit()
        resp = audit_log_delete(request)
        self.assertIn('/activity/', resp.location)

        self.assertEqual(len(handler.records), 1)
        self.assertEqual(
            handler.records[0].message,
            'User <User:1 (email=\'[email protected]\')> removing auditlog entry '
            '<AuditLogEntry:3 (user=u\'[email protected]\', type=u\'UserCreated\')>.'  # noqa
        )