def test_log_owner_operation(caplog, fixed_datetime, profile, operation):
audit_logging.log(profile, operation, profile, get_time=fixed_datetime)
message = json.loads(caplog.records[-1].message)
assert message == {
**_common_fields,
"audit_event": {**_common_fields["audit_event"], "operation": operation.value},
}
def test_log_status(caplog, fixed_datetime, profile, status):
audit_logging.log(profile, Operation.READ, profile, status, get_time=fixed_datetime)
message = json.loads(caplog.records[-1].message)
assert message == {
**_common_fields,
"audit_event": {**_common_fields["audit_event"], "status": status.value},
}
def permission_denied(self, request, message=None, code=None):
audit_logging.log(
self._get_actor(),
self._get_operation(),
self._get_target(),
Status.FORBIDDEN,
)
super().permission_denied(request, message, code)
def test_log_anonymous_role(caplog, fixed_datetime, profile, other_profile):
audit_logging.log(AnonymousUser(), Operation.READ, profile, get_time=fixed_datetime)
message = json.loads(caplog.records[-1].message)
assert message == {
**_common_fields,
"audit_event": {
**_common_fields["audit_event"],
"actor": {"role": "ANONYMOUS", "profile_id": None},
},
}
def test_log_system_operation(caplog, fixed_datetime, profile, operation):
audit_logging.log(None, operation, profile, get_time=fixed_datetime)
message = json.loads(caplog.records[-1].message)
assert message == {
**_common_fields,
"audit_event": {
**_common_fields["audit_event"],
"operation": operation.value,
"actor": {"role": "SYSTEM", "profile_id": None},
},
}
def test_log_user_role(caplog, fixed_datetime, profile, other_profile):
audit_logging.log(profile, Operation.READ, other_profile, get_time=fixed_datetime)
message = json.loads(caplog.records[-1].message)
assert message == {
**_common_fields,
"audit_event": {
**_common_fields["audit_event"],
"actor": {"role": "USER", "profile_id": str(profile.pk)},
"target": {"id": str(other_profile.pk), "type": "Profile"},
},
}
def test_log_current_timestamp(caplog, profile):
tolerance = timedelta(seconds=1)
date_before_logging = datetime.now(tz=timezone.utc) - tolerance
audit_logging.log(profile, Operation.READ, profile)
date_after_logging = datetime.now(tz=timezone.utc) + tolerance
message = json.loads(caplog.records[-1].message)
logged_date_from_date_time_epoch = datetime.fromtimestamp(
int(message["audit_event"]["date_time_epoch"]) / 1000, tz=timezone.utc
)
assert date_before_logging <= logged_date_from_date_time_epoch <= date_after_logging
logged_date_from_date_time = datetime.strptime(
message["audit_event"]["date_time"], "%Y-%m-%dT%H:%M:%S.%f%z"
)
assert date_before_logging <= logged_date_from_date_time <= date_after_logging
def test_log_origin(caplog, fixed_datetime, profile):
audit_logging.log(profile, Operation.READ, profile, get_time=fixed_datetime)
message = json.loads(caplog.records[-1].message)
assert message["audit_event"]["origin"] == "APARTMENT_APPLICATION_SERVICE"
def test_log_logs_at_info_level(caplog, profile):
audit_logging.log(profile, Operation.READ, profile)
for record in caplog.records:
assert record.levelname == "INFO"
def perform_destroy(self, instance):
actor = copy(self._get_actor())
target = copy(instance)
super().perform_destroy(instance)
audit_logging.log(actor, Operation.DELETE, target)
def perform_update(self, serializer):
super().perform_update(serializer)
audit_logging.log(self._get_actor(), Operation.UPDATE,
serializer.instance)
def retrieve(self, request, *args, **kwargs):
response = super().retrieve(request, *args, **kwargs)
audit_logging.log(self._get_actor(), Operation.READ,
self._get_target())
return response
