def log(code, target=None, comment=None, attributes_modified=None):
"""
:param code: The auditlog code.
:keyword target: The object being modified.
:keyword comment: Any description of event that is not captured by other attributes (e.g. search string would go in here).
:keyeword attributes_modified: Any object attributes being modified (if relevant).
"""
if attributes_modified is None:
attributes_modified = []
session = meta.Session()
try:
entry = model.AuditlogEntry()
entry.code = code
entry.comment = comment
entry.operator_id = operator_info().user_id
entry.operator_username = operator_info().username
if target:
entry.object_id = target.id
entry.object_type = target.__class__.__name__
if hasattr(target, 'label'):
entry.object_label = target.label
entry.attributes_modified = attributes_modified
session.add(entry)
session.flush()
build_msg = []
build_msg.append("code={0}".format(code))
if operator_info().username:
build_msg.append('operator={0}'.format(operator_info().username))
if target:
build_msg.append('target={0}'.format(target))
if attributes_modified:
build_msg.append('modified={0}'.format(','.join(attributes_modified)))
if comment:
build_msg.append(comment)
# For now we're just writing this to syslog, but probably we want a database
# log for this stuff too.
logger().info(' '.join(build_msg))
except:
# This may be wrong, but otherwise we go to try to commit() in our wrapper and it fails due to
# an invalid session state.
session.rollback()
logger().critical("There was an error writing audit log: {code}, target={target}, mod={mod}".format(code=code,
target=target,
mod=attributes_modified),
exc_info=True)
def has_access(perms):
"""
Check whether current operator has the specified access perms.
"""
if isinstance(perms, (int, basestring)):
perms = [perms]
return all([access.has_access(operator_info().user_id, perm) for perm in perms])
def index(self):
# Grab some recent passwords accessed by the current user.
results = auditlog.recent_content_views(operator_id=operator_info().user_id,
object_type=Password.object_type(),
limit=20,
skip_count=True)
return render("index.html", {'recent_pw_views': results.entries})
def wrapper(*args, **kwargs):
# set name_override to func.__name__
for perm in perms:
access.verify_access(operator_info().user_id, perm)
return f(*args, **kwargs)
