trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

audit(major): AuditEntry -> Event

This commit is contained in:
Langhammer, Jens 2019-10-28 14:26:34 +01:00
parent 543e949a48
commit ffca957838
8 changed files with 48 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
passbook/admin/urls.py
View File

@ -1,5 +1,5 @@
"""passbook URL Configuration"""
from django.urls import include, path
from django.urls import path
from passbook.admin.views import (applications, audit, debug, factors, groups,
invitations, overview, policy,
@ -74,7 +74,7 @@ urlpatterns = [
path('group/<uuid:pk>/update/', groups.GroupUpdateView.as_view(), name='group-update'),
path('group/<uuid:pk>/delete/', groups.GroupDeleteView.as_view(), name='group-delete'),
# Audit Log
path('audit/', audit.AuditEntryListView.as_view(), name='audit-log'),
path('audit/', audit.EventListView.as_view(), name='audit-log'),
# Groups
path('groups/', groups.GroupListView.as_view(), name='groups'),
# Debug

12
passbook/admin/views/audit.py
View File

@ -1,18 +1,18 @@
"""passbook AuditEntry administration"""
"""passbook Event administration"""
from django.views.generic import ListView
from guardian.mixins import PermissionListMixin
from passbook.audit.models import AuditEntry
from passbook.audit.models import Event
class AuditEntryListView(PermissionListMixin, ListView):
class EventListView(PermissionListMixin, ListView):
"""Show list of all invitations"""
model = AuditEntry
model = Event
template_name = 'administration/audit/list.html'
permission_required = 'passbook_audit.view_auditentry'
permission_required = 'passbook_audit.view_event'
ordering = '-created'
paginate_by = 10
def get_queryset(self):
return AuditEntry.objects.all().order_by('-created')
return Event.objects.all().order_by('-created')

19
passbook/audit/migrations/0002_auto_20191028_0829.py Normal file
View File

@ -0,0 +1,19 @@
# Generated by Django 2.2.6 on 2019-10-28 08:29
from django.conf import settings
from django.db import migrations
class Migration(migrations.Migration):
dependencies = [
migrations.swappable_dependency(settings.AUTH_USER_MODEL),
('passbook_audit', '0001_initial'),
]
operations = [
migrations.RenameModel(
old_name='AuditEntry',
new_name='Event',
),
]

8
passbook/audit/models.py
View File

@ -12,8 +12,8 @@ from passbook.lib.models import UUIDModel
LOGGER = get_logger()
class AuditEntry(UUIDModel):
"""An individual audit log entry"""
class Event(UUIDModel):
"""An individual audit log event"""
ACTION_LOGIN = 'login'
ACTION_LOGIN_FAILED = 'login_failed'
@ -46,7 +46,7 @@ class AuditEntry(UUIDModel):
@staticmethod
def create(action, request, **kwargs):
"""Create AuditEntry from arguments"""
"""Create Event from arguments"""
client_ip, _ = get_client_ip(request)
if not hasattr(request, 'user'):
user = None
@ -54,7 +54,7 @@ class AuditEntry(UUIDModel):
user = request.user
if isinstance(user, AnonymousUser):
user = kwargs.get('user', None)
entry = AuditEntry.objects.create(
entry = Event.objects.create(
action=action,
user=user,
# User 255.255.255.255 as fallback if IP cannot be determined

12
passbook/audit/signals.py
View File

@ -2,7 +2,7 @@
from django.contrib.auth.signals import user_logged_in, user_logged_out
from django.dispatch import receiver
from passbook.audit.models import AuditEntry
from passbook.audit.models import Event
from passbook.core.signals import (invitation_created, invitation_used,
user_signed_up)
@ -10,26 +10,26 @@ from passbook.core.signals import (invitation_created, invitation_used,
@receiver(user_logged_in)
def on_user_logged_in(sender, request, user, **kwargs):
"""Log successful login"""
AuditEntry.create(AuditEntry.ACTION_LOGIN, request)
Event.create(Event.ACTION_LOGIN, request)
@receiver(user_logged_out)
def on_user_logged_out(sender, request, user, **kwargs):
"""Log successfully logout"""
AuditEntry.create(AuditEntry.ACTION_LOGOUT, request)
Event.create(Event.ACTION_LOGOUT, request)
@receiver(user_signed_up)
def on_user_signed_up(sender, request, user, **kwargs):
"""Log successfully signed up"""
AuditEntry.create(AuditEntry.ACTION_SIGN_UP, request)
Event.create(Event.ACTION_SIGN_UP, request)
@receiver(invitation_created)
def on_invitation_created(sender, request, invitation, **kwargs):
"""Log Invitation creation"""
AuditEntry.create(AuditEntry.ACTION_INVITE_CREATED, request,
Event.create(Event.ACTION_INVITE_CREATED, request,
invitation_uuid=invitation.uuid.hex)
@receiver(invitation_used)
def on_invitation_used(sender, request, invitation, **kwargs):
"""Log Invitation usage"""
AuditEntry.create(AuditEntry.ACTION_INVITE_USED, request,
Event.create(Event.ACTION_INVITE_USED, request,
invitation_uuid=invitation.uuid.hex)

6
passbook/providers/oauth/views/oauth2.py
View File

@ -8,7 +8,7 @@ from django.utils.translation import ugettext as _
from oauth2_provider.views.base import AuthorizationView
from structlog import get_logger
from passbook.audit.models import AuditEntry
from passbook.audit.models import Event
from passbook.core.models import Application
from passbook.core.views.access import AccessMixin
from passbook.core.views.utils import LoadingView, PermissionDeniedView
@ -77,8 +77,8 @@ class PassbookAuthorizationView(AccessMixin, AuthorizationView):
def form_valid(self, form):
# User has clicked on "Authorize"
AuditEntry.create(
action=AuditEntry.ACTION_AUTHORIZE_APPLICATION,
Event.create(
action=Event.ACTION_AUTHORIZE_APPLICATION,
request=self.request,
app=str(self._application))
LOGGER.debug('user %s authorized %s', self.request.user, self._application)

6
passbook/providers/oidc/lib.py
View File

@ -3,7 +3,7 @@ from django.contrib import messages
from django.shortcuts import redirect
from structlog import get_logger
from passbook.audit.models import AuditEntry
from passbook.audit.models import Event
from passbook.core.models import Application
from passbook.policies.engine import PolicyEngine
@ -28,8 +28,8 @@ def check_permissions(request, user, client):
messages.error(request, policy_message)
return redirect('passbook_providers_oauth:oauth2-permission-denied')
AuditEntry.create(
action=AuditEntry.ACTION_AUTHORIZE_APPLICATION,
Event.create(
action=Event.ACTION_AUTHORIZE_APPLICATION,
request=request,
app=application.name,
skipped_authorization=False)

10
passbook/providers/saml/views.py
View File

@ -13,7 +13,7 @@ from django.views.decorators.csrf import csrf_exempt
from signxml.util import strip_pem_header
from structlog import get_logger
from passbook.audit.models import AuditEntry
from passbook.audit.models import Event
from passbook.core.models import Application
from passbook.lib.mixins import CSRFExemptMixin
from passbook.lib.utils.template import render_to_string
@ -123,8 +123,8 @@ class LoginProcessView(AccessRequiredView):
if self.provider.application.skip_authorization:
ctx = self.provider.processor.generate_response()
# Log Application Authorization
AuditEntry.create(
action=AuditEntry.ACTION_AUTHORIZE_APPLICATION,
Event.create(
action=Event.ACTION_AUTHORIZE_APPLICATION,
request=request,
app=self.provider.application.name,
skipped_authorization=True)
@ -145,8 +145,8 @@ class LoginProcessView(AccessRequiredView):
# Check if user has access
if request.POST.get('ACSUrl', None):
# User accepted request
AuditEntry.create(
action=AuditEntry.ACTION_AUTHORIZE_APPLICATION,
Event.create(
action=Event.ACTION_AUTHORIZE_APPLICATION,
request=request,
app=self.provider.application.name,
skipped_authorization=False)