audit: optimize eventaction,
This commit is contained in:
parent
3b61191614
commit
cf6ce9c915
37
passbook/audit/migrations/0005_auto_20201005_2139.py
Normal file
37
passbook/audit/migrations/0005_auto_20201005_2139.py
Normal file
|
@ -0,0 +1,37 @@
|
|||
# Generated by Django 3.1.2 on 2020-10-05 21:39
|
||||
|
||||
from django.db import migrations, models
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
|
||||
dependencies = [
|
||||
("passbook_audit", "0004_auto_20200921_1829"),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.AlterField(
|
||||
model_name="event",
|
||||
name="action",
|
||||
field=models.TextField(
|
||||
choices=[
|
||||
("login", "Login"),
|
||||
("login_failed", "Login Failed"),
|
||||
("logout", "Logout"),
|
||||
("user_write", "User Write"),
|
||||
("suspicious_request", "Suspicious Request"),
|
||||
("password_set", "Password Set"),
|
||||
("invitation_created", "Invite Created"),
|
||||
("invitation_used", "Invite Used"),
|
||||
("authorize_application", "Authorize Application"),
|
||||
("source_linked", "Source Linked"),
|
||||
("impersonation_started", "Impersonation Started"),
|
||||
("impersonation_ended", "Impersonation Ended"),
|
||||
("model_created", "Model Created"),
|
||||
("model_updated", "Model Updated"),
|
||||
("model_deleted", "Model Deleted"),
|
||||
("custom_", "Custom Prefix"),
|
||||
]
|
||||
),
|
||||
),
|
||||
]
|
|
@ -96,14 +96,14 @@ class EventAction(models.TextChoices):
|
|||
LOGIN_FAILED = "login_failed"
|
||||
LOGOUT = "logout"
|
||||
|
||||
SIGN_UP = "sign_up"
|
||||
AUTHORIZE_APPLICATION = "authorize_application"
|
||||
USER_WRITE = "user_write"
|
||||
SUSPICIOUS_REQUEST = "suspicious_request"
|
||||
PASSWORD_SET = "password_set" # noqa # nosec
|
||||
|
||||
INVITE_CREATED = "invitation_created"
|
||||
INVITE_USED = "invitation_used"
|
||||
|
||||
AUTHORIZE_APPLICATION = "authorize_application"
|
||||
SOURCE_LINKED = "source_linked"
|
||||
|
||||
IMPERSONATION_STARTED = "impersonation_started"
|
||||
|
|
|
@ -12,6 +12,7 @@ from django.http import HttpRequest
|
|||
|
||||
from passbook.audit.models import Event, EventAction
|
||||
from passbook.core.models import User
|
||||
from passbook.core.signals import password_changed
|
||||
from passbook.stages.invitation.models import Invitation
|
||||
from passbook.stages.invitation.signals import invitation_created, invitation_used
|
||||
from passbook.stages.user_write.signals import user_write
|
||||
|
@ -58,9 +59,12 @@ def on_user_logged_out(sender, request: HttpRequest, user: User, **_):
|
|||
|
||||
@receiver(user_write)
|
||||
# pylint: disable=unused-argument
|
||||
def on_user_write(sender, request: HttpRequest, user: User, data: Dict[str, Any], **_):
|
||||
def on_user_write(
|
||||
sender, request: HttpRequest, user: User, data: Dict[str, Any], **kwargs
|
||||
):
|
||||
"""Log User write"""
|
||||
thread = EventNewThread("stages/user_write", request, **data)
|
||||
thread = EventNewThread(EventAction.USER_WRITE, request, **data)
|
||||
thread.kwargs["created"] = kwargs.get("created", False)
|
||||
thread.user = user
|
||||
thread.run()
|
||||
|
||||
|
@ -93,3 +97,11 @@ def on_invitation_used(sender, request: HttpRequest, invitation: Invitation, **_
|
|||
EventAction.INVITE_USED, request, invitation_uuid=invitation.invite_uuid.hex
|
||||
)
|
||||
thread.run()
|
||||
|
||||
|
||||
@receiver(password_changed)
|
||||
# pylint: disable=unused-argument
|
||||
def on_password_changed(sender, user: User, password: str, **_):
|
||||
"""Log password change"""
|
||||
thread = EventNewThread(EventAction.PASSWORD_SET, None, user=user)
|
||||
thread.run()
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
"""passbook user_write signals"""
|
||||
from django.core.signals import Signal
|
||||
|
||||
# Arguments: request: HttpRequest, user: User, data: Dict[str, Any]
|
||||
# Arguments: request: HttpRequest, user: User, data: Dict[str, Any], created: bool
|
||||
user_write = Signal()
|
||||
|
|
|
@ -27,6 +27,7 @@ class UserWriteStageView(StageView):
|
|||
LOGGER.debug(message)
|
||||
return self.executor.stage_invalid()
|
||||
data = self.executor.plan.context[PLAN_CONTEXT_PROMPT]
|
||||
user_created = False
|
||||
if PLAN_CONTEXT_PENDING_USER not in self.executor.plan.context:
|
||||
self.executor.plan.context[PLAN_CONTEXT_PENDING_USER] = User()
|
||||
self.executor.plan.context[
|
||||
|
@ -36,6 +37,7 @@ class UserWriteStageView(StageView):
|
|||
"Created new user",
|
||||
flow_slug=self.executor.flow.slug,
|
||||
)
|
||||
user_created = True
|
||||
user = self.executor.plan.context[PLAN_CONTEXT_PENDING_USER]
|
||||
# Before we change anything, check if the user is the same as in the request
|
||||
# and we're updating a password. In that case we need to update the session hash
|
||||
|
@ -63,7 +65,9 @@ class UserWriteStageView(StageView):
|
|||
continue
|
||||
user.attributes[key.replace("attribute_", "", 1)] = value
|
||||
user.save()
|
||||
user_write.send(sender=self, request=request, user=user, data=data)
|
||||
user_write.send(
|
||||
sender=self, request=request, user=user, data=data, created=user_created
|
||||
)
|
||||
# Check if the password has been updated, and update the session auth hash
|
||||
if should_update_seesion:
|
||||
update_session_auth_hash(self.request, user)
|
||||
|
|
Reference in a new issue