From 8242c139c24ff4674a07499785695a9ed1582d10 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Thu, 18 Mar 2021 17:10:59 +0100 Subject: [PATCH] events: use ExpiringModel with delta of 1 year for events Signed-off-by: Jens Langhammer --- authentik/events/api/event.py | 1 + authentik/events/migrations/0014_expiry.py | 41 ++++++++++++++++++++++ authentik/events/models.py | 14 ++++++-- 3 files changed, 54 insertions(+), 2 deletions(-) create mode 100644 authentik/events/migrations/0014_expiry.py diff --git a/authentik/events/api/event.py b/authentik/events/api/event.py index ab7b13f05..cede53465 100644 --- a/authentik/events/api/event.py +++ b/authentik/events/api/event.py @@ -26,6 +26,7 @@ class EventSerializer(ModelSerializer): "context", "client_ip", "created", + "expires", ] diff --git a/authentik/events/migrations/0014_expiry.py b/authentik/events/migrations/0014_expiry.py new file mode 100644 index 000000000..e722c8ff8 --- /dev/null +++ b/authentik/events/migrations/0014_expiry.py @@ -0,0 +1,41 @@ +# Generated by Django 3.1.7 on 2021-03-18 16:01 + +from datetime import timedelta + +from django.apps.registry import Apps +from django.db import migrations, models +from django.db.backends.base.schema import BaseDatabaseSchemaEditor + +import authentik.events.models + + +def update_expires(apps: Apps, schema_editor: BaseDatabaseSchemaEditor): + db_alias = schema_editor.connection.alias + + Event = apps.get_model("authentik_events", "event") + for event in Event.objects.using(db_alias).all(): + event.expires = event.created + timedelta(days=365) + event.save() + + +class Migration(migrations.Migration): + + dependencies = [ + ("authentik_events", "0013_auto_20210209_1657"), + ] + + operations = [ + migrations.AddField( + model_name="event", + name="expires", + field=models.DateTimeField( + default=authentik.events.models.default_event_duration + ), + ), + migrations.AddField( + model_name="event", + name="expiring", + field=models.BooleanField(default=True), + ), + migrations.RunPython(update_expires), + ] diff --git a/authentik/events/models.py b/authentik/events/models.py index 9ef5fc38c..cc41586af 100644 --- a/authentik/events/models.py +++ b/authentik/events/models.py @@ -1,4 +1,5 @@ """authentik events models""" +from datetime import timedelta from inspect import getmodule, stack from smtplib import SMTPException from typing import Optional, Union @@ -7,6 +8,7 @@ from uuid import uuid4 from django.conf import settings from django.db import models from django.http import HttpRequest +from django.utils.timezone import now from django.utils.translation import gettext as _ from geoip2.errors import GeoIP2Error from requests import RequestException, post @@ -17,7 +19,7 @@ from authentik.core.middleware import ( SESSION_IMPERSONATE_ORIGINAL_USER, SESSION_IMPERSONATE_USER, ) -from authentik.core.models import Group, User +from authentik.core.models import ExpiringModel, Group, User from authentik.events.geo import GEOIP_READER from authentik.events.utils import cleanse_dict, get_user, sanitize_dict from authentik.lib.sentry import SentryIgnoredException @@ -28,6 +30,11 @@ from authentik.stages.email.utils import TemplateEmailMessage LOGGER = get_logger("authentik.events") +def default_event_duration(): + """Default duration an Event is saved""" + return now() + timedelta(days=365) + + class NotificationTransportError(SentryIgnoredException): """Error raised when a notification fails to be delivered""" @@ -71,7 +78,7 @@ class EventAction(models.TextChoices): CUSTOM_PREFIX = "custom_" -class Event(models.Model): +class Event(ExpiringModel): """An individual Audit/Metrics/Notification/Error Event""" event_uuid = models.UUIDField(primary_key=True, editable=False, default=uuid4) @@ -82,6 +89,9 @@ class Event(models.Model): client_ip = models.GenericIPAddressField(null=True) created = models.DateTimeField(auto_now_add=True) + # Shadow the expires attribute from ExpiringModel to override the default duration + expires = models.DateTimeField(default=default_event_duration) + @staticmethod def _get_app_from_request(request: HttpRequest) -> str: if not isinstance(request, HttpRequest):