def save_response(self, data):
if not self.audit_obj and data:
# We got an exception before hitting auditwrapper on the way in: make sure to add basic info
data['datetime'] = strftime("%Y-%m-%d %H:%M:%S")
self.audit_obj = Audit(**data)
else:
for k, v in data.iteritems():
if hasattr(self.audit_obj, k):
setattr(self.audit_obj, k, v)
self.audit_obj.save()
def save_response(self, data):
if not self.audit_obj and data:
# We got an exception before hitting auditwrapper on the way in: make sure to add basic info
data['datetime'] = strftime("%Y-%m-%d %H:%M:%S")
self.audit_obj = Audit(**data)
else:
for k,v in data.iteritems():
if hasattr(self.audit_obj, k):
setattr(self.audit_obj, k, v)
self.audit_obj.save()
def process_view(self, request, view_func, view_args, view_kwargs):
basic = {}
principal_info = {}
resources = {}
request_info = {}
# Don't audit unless required to
if not self.must_audit(request):
self.audit_obj = None
return None
# Basic Info
basic['datetime'] = strftime("%Y-%m-%d %H:%M:%S")
if hasattr(view_func, 'resolve'):
view_func = view_func.resolve(request)
basic['view_func'] = view_func.func_name
# Principal Info
if request.principal:
principal_info['effective_principal_email'] = request.principal.effective_principal.email
proxied_by = request.principal.proxied_by
if proxied_by:
principal_info['proxied_by_email'] = proxied_by.email
# Resources
carenet_id = record_id = None
if view_kwargs.has_key('record'):
resources['record_id'] = view_kwargs['record'].id
elif view_kwargs.has_key('carenet'):
resources['carenet_id'] = view_kwargs['carenet'].id
if view_kwargs.has_key('document_id'):
resources['document_id'] = view_kwargs['document_id']
if view_kwargs.has_key('external_id'):
# No need to resolve external ids: the info will still be in the DB
resources['external_id'] = view_kwargs['external_id']
if view_kwargs.has_key('message_id'):
resources['message_id'] = view_kwargs['message_id']
if view_kwargs.has_key('pha'):
resources['pha_id'] = view_kwargs['pha'].id
# Request Info
# if request.META contains HTTP_AUTHORIZATION then use it
# SZ: Temporary solution
# Due to the possibility of different standards
# we will need to check request.META
# abstract this out!
req_headers = ''
if request.META.has_key('HTTP_AUTHORIZATION'):
req_headers = request.META['HTTP_AUTHORIZATION']
remote_host = ''
if request.META.has_key('REMOTE_HOST'):
remote_host = request.META['REMOTE_HOST']
request_info['req_domain'] = remote_host
request_info['req_headers'] = req_headers
request_info['req_method'] = request.META['REQUEST_METHOD']
request_info['req_ip_address'] = request.META['REMOTE_ADDR']
request_info['req_url'] = request.META['PATH_INFO']
# Build Audit object based on audit level
data = {}
for data_category in AUDIT_LEVELS[self.audit_level]:
if data_category == BASIC:
data.update(basic)
if data_category == PRINCIPAL_INFO:
data.update(principal_info)
elif data_category == RESOURCES:
data.update(resources)
elif data_category == REQUEST_INFO:
data.update(request_info)
else:
pass # ignore data categories we don't know about
self.audit_obj = Audit(**data) if data else None
return None
class AuditWrapper(object):
"""
Audit...
"""
# DH 04-25-2011: Not sure what this was for--let's try getting rid of it.
#def process_request(self, request):
# if not request.principal:
# try:
# request.principal, request.oauth_request = security.get_principal(request)
# except:
# to get around an annoying bug for now, when auth fails
# pass
def __init__(self):
# get Audit related settings
self.audit_level = settings.AUDIT_LEVEL
self.audit_oauth = settings.AUDIT_OAUTH
self.audit_failure = settings.AUDIT_FAILURE
if not AUDIT_LEVELS.has_key(self.audit_level):
raise Exception('Invalid audit level in settings.py: %s'%(self.audit_level))
self.audit_obj = None
def must_audit(self, request):
if self.audit_level == 'None':
return False
return self.audit_oauth or (not request.META['PATH_INFO'].startswith('/oauth'))
def process_view(self, request, view_func, view_args, view_kwargs):
basic = {}
principal_info = {}
resources = {}
request_info = {}
# Don't audit unless required to
if not self.must_audit(request):
self.audit_obj = None
return None
# Basic Info
basic['datetime'] = strftime("%Y-%m-%d %H:%M:%S")
if hasattr(view_func, 'resolve'):
view_func = view_func.resolve(request)
basic['view_func'] = view_func.func_name
# Principal Info
if request.principal:
principal_info['effective_principal_email'] = request.principal.effective_principal.email
proxied_by = request.principal.proxied_by
if proxied_by:
principal_info['proxied_by_email'] = proxied_by.email
# Resources
carenet_id = record_id = None
if view_kwargs.has_key('record'):
resources['record_id'] = view_kwargs['record'].id
elif view_kwargs.has_key('carenet'):
resources['carenet_id'] = view_kwargs['carenet'].id
if view_kwargs.has_key('document_id'):
resources['document_id'] = view_kwargs['document_id']
if view_kwargs.has_key('external_id'):
# No need to resolve external ids: the info will still be in the DB
resources['external_id'] = view_kwargs['external_id']
if view_kwargs.has_key('message_id'):
resources['message_id'] = view_kwargs['message_id']
if view_kwargs.has_key('pha'):
resources['pha_id'] = view_kwargs['pha'].id
# Request Info
# if request.META contains HTTP_AUTHORIZATION then use it
# SZ: Temporary solution
# Due to the possibility of different standards
# we will need to check request.META
# abstract this out!
req_headers = ''
if request.META.has_key('HTTP_AUTHORIZATION'):
req_headers = request.META['HTTP_AUTHORIZATION']
remote_host = ''
if request.META.has_key('REMOTE_HOST'):
remote_host = request.META['REMOTE_HOST']
request_info['req_domain'] = remote_host
request_info['req_headers'] = req_headers
request_info['req_method'] = request.META['REQUEST_METHOD']
request_info['req_ip_address'] = request.META['REMOTE_ADDR']
request_info['req_url'] = request.META['PATH_INFO']
# Build Audit object based on audit level
data = {}
for data_category in AUDIT_LEVELS[self.audit_level]:
if data_category == BASIC:
data.update(basic)
if data_category == PRINCIPAL_INFO:
data.update(principal_info)
elif data_category == RESOURCES:
data.update(resources)
elif data_category == REQUEST_INFO:
data.update(request_info)
else:
pass # ignore data categories we don't know about
self.audit_obj = Audit(**data) if data else None
return None
def process_response(self, request, response):
# Don't audit unless required to
if not self.must_audit(request):
return response
# Build up data
content_type = 'text/plain'
content_type_str = 'content-type'
status_code = 500
if hasattr(response, 'status_code'):
status_code = response.status_code
if hasattr(response, '_headers') and \
response._headers.has_key(content_type_str) and \
response._headers[content_type_str][1]:
content_type = response._headers[content_type_str][1]
# Did the request complete successfully
request_successful = status_code < 400
data = {}
for data_category in AUDIT_LEVELS[self.audit_level]:
if data_category == BASIC:
data['request_successful'] = request_successful
elif data_category == RESPONSE_INFO:
data['resp_code'] = status_code
data['resp_headers'] = content_type
# Add error message in here mabye
# Don't audit if we failed and aren't auditing failures
if self.audit_failure or status_code < 400:
self.save_response(data)
if status_code == 403:
logging.error("permission denied")
from django import http
return http.HttpResponseForbidden("<h4>Permission Denied</h4>")
return response
def save_response(self, data):
if not self.audit_obj and data:
# We got an exception before hitting auditwrapper on the way in: make sure to add basic info
data['datetime'] = strftime("%Y-%m-%d %H:%M:%S")
self.audit_obj = Audit(**data)
else:
for k,v in data.iteritems():
if hasattr(self.audit_obj, k):
setattr(self.audit_obj, k, v)
self.audit_obj.save()
def process_exception(self, request, exception):
logging.error(str(exception))
def process_view(self, request, view_func, view_args, view_kwargs):
basic = {}
principal_info = {}
resources = {}
request_info = {}
# Don't audit unless required to
if not self.must_audit(request):
self.audit_obj = None
return None
# Basic Info
basic['datetime'] = strftime("%Y-%m-%d %H:%M:%S")
if hasattr(view_func, 'resolve'):
view_func = view_func.resolve(request)
basic['view_func'] = view_func.func_name if view_func else ''
# Principal Info
if request.principal:
principal_info[
'effective_principal_email'] = request.principal.effective_principal.email
proxied_by = request.principal.proxied_by
if proxied_by:
principal_info['proxied_by_email'] = proxied_by.email
# Resources
carenet_id = record_id = None
if view_kwargs.has_key('record'):
resources['record_id'] = view_kwargs['record'].id
elif view_kwargs.has_key('carenet'):
resources['carenet_id'] = view_kwargs['carenet'].id
if view_kwargs.has_key('document_id'):
resources['document_id'] = view_kwargs['document_id']
if view_kwargs.has_key('external_id'):
# No need to resolve external ids: the info will still be in the DB
resources['external_id'] = view_kwargs['external_id']
if view_kwargs.has_key('message_id'):
resources['message_id'] = view_kwargs['message_id']
if view_kwargs.has_key('pha'):
resources['pha_id'] = view_kwargs['pha'].id
# Request Info
# if request.META contains HTTP_AUTHORIZATION then use it
# SZ: Temporary solution
# Due to the possibility of different standards
# we will need to check request.META
# abstract this out!
req_headers = ''
if request.META.has_key('HTTP_AUTHORIZATION'):
req_headers = request.META['HTTP_AUTHORIZATION']
remote_host = ''
if request.META.has_key('REMOTE_HOST'):
remote_host = request.META['REMOTE_HOST']
request_info['req_domain'] = remote_host
request_info['req_headers'] = req_headers
request_info['req_method'] = request.META['REQUEST_METHOD']
request_info['req_ip_address'] = request.META['REMOTE_ADDR']
request_info['req_url'] = request.META['PATH_INFO']
# Build Audit object based on audit level
data = {}
for data_category in AUDIT_LEVELS[self.audit_level]:
if data_category == BASIC:
data.update(basic)
if data_category == PRINCIPAL_INFO:
data.update(principal_info)
elif data_category == RESOURCES:
data.update(resources)
elif data_category == REQUEST_INFO:
data.update(request_info)
else:
pass # ignore data categories we don't know about
self.audit_obj = Audit(**data) if data else None
return None
class AuditWrapper(object):
"""
Audit...
"""
def __init__(self):
# get Audit related settings
self.audit_level = settings.AUDIT_LEVEL
self.audit_oauth = settings.AUDIT_OAUTH
self.audit_failure = settings.AUDIT_FAILURE
if not AUDIT_LEVELS.has_key(self.audit_level):
raise Exception('Invalid audit level in settings.py: %s' %
(self.audit_level))
self.audit_obj = None
def must_audit(self, request):
if self.audit_level == 'None':
return False
return self.audit_oauth or (
not request.META['PATH_INFO'].startswith('/oauth'))
def process_view(self, request, view_func, view_args, view_kwargs):
basic = {}
principal_info = {}
resources = {}
request_info = {}
# Don't audit unless required to
if not self.must_audit(request):
self.audit_obj = None
return None
# Basic Info
basic['datetime'] = strftime("%Y-%m-%d %H:%M:%S")
if hasattr(view_func, 'resolve'):
view_func = view_func.resolve(request)
basic['view_func'] = view_func.func_name if view_func else ''
# Principal Info
if request.principal:
principal_info[
'effective_principal_email'] = request.principal.effective_principal.email
proxied_by = request.principal.proxied_by
if proxied_by:
principal_info['proxied_by_email'] = proxied_by.email
# Resources
carenet_id = record_id = None
if view_kwargs.has_key('record'):
resources['record_id'] = view_kwargs['record'].id
elif view_kwargs.has_key('carenet'):
resources['carenet_id'] = view_kwargs['carenet'].id
if view_kwargs.has_key('document_id'):
resources['document_id'] = view_kwargs['document_id']
if view_kwargs.has_key('external_id'):
# No need to resolve external ids: the info will still be in the DB
resources['external_id'] = view_kwargs['external_id']
if view_kwargs.has_key('message_id'):
resources['message_id'] = view_kwargs['message_id']
if view_kwargs.has_key('pha'):
resources['pha_id'] = view_kwargs['pha'].id
# Request Info
# if request.META contains HTTP_AUTHORIZATION then use it
# SZ: Temporary solution
# Due to the possibility of different standards
# we will need to check request.META
# abstract this out!
req_headers = ''
if request.META.has_key('HTTP_AUTHORIZATION'):
req_headers = request.META['HTTP_AUTHORIZATION']
remote_host = ''
if request.META.has_key('REMOTE_HOST'):
remote_host = request.META['REMOTE_HOST']
request_info['req_domain'] = remote_host
request_info['req_headers'] = req_headers
request_info['req_method'] = request.META['REQUEST_METHOD']
request_info['req_ip_address'] = request.META['REMOTE_ADDR']
request_info['req_url'] = request.META['PATH_INFO']
# Build Audit object based on audit level
data = {}
for data_category in AUDIT_LEVELS[self.audit_level]:
if data_category == BASIC:
data.update(basic)
if data_category == PRINCIPAL_INFO:
data.update(principal_info)
elif data_category == RESOURCES:
data.update(resources)
elif data_category == REQUEST_INFO:
data.update(request_info)
else:
pass # ignore data categories we don't know about
self.audit_obj = Audit(**data) if data else None
return None
def process_response(self, request, response):
# Don't audit unless required to
if not self.must_audit(request):
return response
# Build up data
content_type = 'text/plain'
content_type_str = 'content-type'
status_code = 500
if hasattr(response, 'status_code'):
status_code = response.status_code
if hasattr(response, '_headers') and \
response._headers.has_key(content_type_str) and \
response._headers[content_type_str][1]:
content_type = response._headers[content_type_str][1]
# Did the request complete successfully
request_successful = status_code < 400
data = {}
for data_category in AUDIT_LEVELS[self.audit_level]:
if data_category == BASIC:
data['request_successful'] = request_successful
elif data_category == RESPONSE_INFO:
data['resp_code'] = status_code
data['resp_headers'] = content_type
# Add error message in here mabye
# Don't audit if we failed and aren't auditing failures
if self.audit_failure or status_code < 400:
self.save_response(data)
if status_code == 403:
logging.error("permission denied")
from django import http
return http.HttpResponseForbidden("<h4>Permission Denied</h4>")
return response
def save_response(self, data):
if not self.audit_obj and data:
# We got an exception before hitting auditwrapper on the way in: make sure to add basic info
data['datetime'] = strftime("%Y-%m-%d %H:%M:%S")
self.audit_obj = Audit(**data)
else:
for k, v in data.iteritems():
if hasattr(self.audit_obj, k):
setattr(self.audit_obj, k, v)
self.audit_obj.save()
def process_exception(self, request, exception):
logging.error(str(exception))
