mirror of
https://github.com/ail-project/ail-framework.git
synced 2024-11-22 22:27:17 +00:00
chg: [access logs] add user_agent
This commit is contained in:
parent
ca13a33472
commit
34d64e74d3
3 changed files with 25 additions and 25 deletions
|
@ -308,7 +308,7 @@ def api_get_orgs_meta():
|
||||||
meta['orgs'].append(org.get_meta(options=options))
|
meta['orgs'].append(org.get_meta(options=options))
|
||||||
return meta
|
return meta
|
||||||
|
|
||||||
def api_create_org(creator, org_uuid, name, ip_address, description=None):
|
def api_create_org(creator, org_uuid, name, ip_address, user_agent, description=None):
|
||||||
if not is_valid_uuid_v4(org_uuid):
|
if not is_valid_uuid_v4(org_uuid):
|
||||||
return {'status': 'error', 'reason': 'Invalid UUID'}, 400
|
return {'status': 'error', 'reason': 'Invalid UUID'}, 400
|
||||||
if exists_org(org_uuid):
|
if exists_org(org_uuid):
|
||||||
|
@ -316,13 +316,13 @@ def api_create_org(creator, org_uuid, name, ip_address, description=None):
|
||||||
|
|
||||||
org = Organisation(org_uuid)
|
org = Organisation(org_uuid)
|
||||||
org.create(creator, name, description=description)
|
org.create(creator, name, description=description)
|
||||||
access_logger.info(f'Created org {org_uuid}', extra={'user_id': creator, 'ip_address': ip_address})
|
access_logger.info(f'Created org {org_uuid}', extra={'user_id': creator, 'ip_address': ip_address, 'user_agent': user_agent})
|
||||||
return org.get_uuid(), 200
|
return org.get_uuid(), 200
|
||||||
|
|
||||||
def api_delete_org(org_uuid, admin_id, ip_address): # TODO check if nothing is linked to this org
|
def api_delete_org(org_uuid, admin_id, ip_address, user_agent): # TODO check if nothing is linked to this org
|
||||||
if not exists_org(org_uuid):
|
if not exists_org(org_uuid):
|
||||||
return {'status': 'error', 'reason': 'Org not found'}, 404
|
return {'status': 'error', 'reason': 'Org not found'}, 404
|
||||||
access_logger.warning(f'Deleted org {org_uuid}', extra={'user_id': admin_id, 'ip_address': ip_address})
|
access_logger.warning(f'Deleted org {org_uuid}', extra={'user_id': admin_id, 'ip_address': ip_address, 'user_agent': user_agent})
|
||||||
org = Organisation(org_uuid)
|
org = Organisation(org_uuid)
|
||||||
org.delete()
|
org.delete()
|
||||||
return org_uuid, 200
|
return org_uuid, 200
|
||||||
|
|
|
@ -599,15 +599,15 @@ def api_get_user_hotp(user_id):
|
||||||
hotp = get_user_hotp_code(user_id)
|
hotp = get_user_hotp_code(user_id)
|
||||||
return hotp, 200
|
return hotp, 200
|
||||||
|
|
||||||
def api_logout_user(admin_id, user_id, ip_address):
|
def api_logout_user(admin_id, user_id, ip_address, user_agent):
|
||||||
user = AILUser(user_id)
|
user = AILUser(user_id)
|
||||||
if not user.exists():
|
if not user.exists():
|
||||||
return {'status': 'error', 'reason': 'User not found'}, 404
|
return {'status': 'error', 'reason': 'User not found'}, 404
|
||||||
access_logger.info(f'Logout user {user_id}', extra={'user_id': admin_id, 'ip_address': ip_address})
|
access_logger.info(f'Logout user {user_id}', extra={'user_id': admin_id, 'ip_address': ip_address, 'user_agent': user_agent})
|
||||||
return user.kill_session(), 200
|
return user.kill_session(), 200
|
||||||
|
|
||||||
def api_logout_users(admin_id, ip_address):
|
def api_logout_users(admin_id, ip_address, user_agent):
|
||||||
access_logger.info('Logout all users', extra={'user_id': admin_id, 'ip_address': ip_address})
|
access_logger.info('Logout all users', extra={'user_id': admin_id, 'ip_address': ip_address, 'user_agent': user_agent})
|
||||||
return kill_sessions(), 200
|
return kill_sessions(), 200
|
||||||
|
|
||||||
def api_disable_user(admin_id, user_id): # TODO LOG ADMIN ID
|
def api_disable_user(admin_id, user_id): # TODO LOG ADMIN ID
|
||||||
|
@ -663,29 +663,29 @@ def api_reset_user_otp(admin_id, user_id, ip_address): # TODO LOGS
|
||||||
enable_user_2fa(user_id)
|
enable_user_2fa(user_id)
|
||||||
return user_id, 200
|
return user_id, 200
|
||||||
|
|
||||||
def api_create_user_api_key_self(user_id, ip_address):
|
def api_create_user_api_key_self(user_id, ip_address, user_agent):
|
||||||
user = AILUser(user_id)
|
user = AILUser(user_id)
|
||||||
if not user.exists():
|
if not user.exists():
|
||||||
return {'status': 'error', 'reason': 'User not found'}, 404
|
return {'status': 'error', 'reason': 'User not found'}, 404
|
||||||
access_logger.info('New api key', extra={'user_id': user_id, 'ip_address': ip_address})
|
access_logger.info('New api key', extra={'user_id': user_id, 'ip_address': ip_address, 'user_agent': user_agent})
|
||||||
return user.new_api_key(), 200
|
return user.new_api_key(), 200
|
||||||
|
|
||||||
def api_create_user_api_key(user_id, admin_id, ip_address):
|
def api_create_user_api_key(user_id, admin_id, ip_address, user_agent):
|
||||||
user = AILUser(user_id)
|
user = AILUser(user_id)
|
||||||
if not user.exists():
|
if not user.exists():
|
||||||
return {'status': 'error', 'reason': 'User not found'}, 404
|
return {'status': 'error', 'reason': 'User not found'}, 404
|
||||||
access_logger.info(f'New api key for user {user_id}', extra={'user_id': admin_id, 'ip_address': ip_address})
|
access_logger.info(f'New api key for user {user_id}', extra={'user_id': admin_id, 'ip_address': ip_address, 'user_agent': user_agent})
|
||||||
return user.new_api_key(), 200
|
return user.new_api_key(), 200
|
||||||
|
|
||||||
def api_create_user(admin_id, ip_address, user_id, password, org_uuid, role, otp):
|
def api_create_user(admin_id, ip_address, user_agent, user_id, password, org_uuid, role, otp):
|
||||||
user = AILUser(user_id)
|
user = AILUser(user_id)
|
||||||
if not user.exists():
|
if not user.exists():
|
||||||
create_user(user_id, password=password, admin_id=admin_id, org_uuid=org_uuid, role=role, otp=otp)
|
create_user(user_id, password=password, admin_id=admin_id, org_uuid=org_uuid, role=role, otp=otp)
|
||||||
access_logger.info(f'Create user {user_id}', extra={'user_id': admin_id, 'ip_address': ip_address})
|
access_logger.info(f'Create user {user_id}', extra={'user_id': admin_id, 'ip_address': ip_address, 'user_agent': user_agent})
|
||||||
# Edit
|
# Edit
|
||||||
else:
|
else:
|
||||||
edit_user(admin_id, user_id, password, chg_passwd=True, org_uuid=org_uuid, edit_otp=True, otp=otp)
|
edit_user(admin_id, user_id, password, chg_passwd=True, org_uuid=org_uuid, edit_otp=True, otp=otp)
|
||||||
access_logger.info(f'Edit user {user_id}', extra={'user_id': admin_id, 'ip_address': ip_address})
|
access_logger.info(f'Edit user {user_id}', extra={'user_id': admin_id, 'ip_address': ip_address, 'user_agent': user_agent})
|
||||||
|
|
||||||
def api_change_user_self_password(user_id, password):
|
def api_change_user_self_password(user_id, password):
|
||||||
if not check_password_strength(password):
|
if not check_password_strength(password):
|
||||||
|
@ -695,11 +695,11 @@ def api_change_user_self_password(user_id, password):
|
||||||
user.edit_password(password_hash, chg_passwd=False)
|
user.edit_password(password_hash, chg_passwd=False)
|
||||||
return user_id, 200
|
return user_id, 200
|
||||||
|
|
||||||
def api_delete_user(user_id, admin_id, ip_address):
|
def api_delete_user(user_id, admin_id, ip_address, user_agent):
|
||||||
user = AILUser(user_id)
|
user = AILUser(user_id)
|
||||||
if not user.exists():
|
if not user.exists():
|
||||||
return {'status': 'error', 'reason': 'User not found'}, 404
|
return {'status': 'error', 'reason': 'User not found'}, 404
|
||||||
access_logger.info(f'Delete user {user_id}', extra={'user_id': admin_id, 'ip_address': ip_address})
|
access_logger.info(f'Delete user {user_id}', extra={'user_id': admin_id, 'ip_address': ip_address, 'user_agent': user_agent})
|
||||||
return user.delete(), 200
|
return user.delete(), 200
|
||||||
|
|
||||||
########################################################################################################################
|
########################################################################################################################
|
||||||
|
|
|
@ -165,7 +165,7 @@ def user_otp_reset(): # TODO ask for password ?
|
||||||
@login_user
|
@login_user
|
||||||
def new_token_user_self():
|
def new_token_user_self():
|
||||||
user_id = current_user.get_user_id()
|
user_id = current_user.get_user_id()
|
||||||
r = ail_users.api_create_user_api_key_self(user_id, request.access_route[0])
|
r = ail_users.api_create_user_api_key_self(user_id, request.access_route[0], request.user_agent)
|
||||||
if r[1] != 200:
|
if r[1] != 200:
|
||||||
return create_json_response(r[0], r[1])
|
return create_json_response(r[0], r[1])
|
||||||
else:
|
else:
|
||||||
|
@ -177,7 +177,7 @@ def new_token_user_self():
|
||||||
def new_token_user():
|
def new_token_user():
|
||||||
user_id = request.args.get('user_id')
|
user_id = request.args.get('user_id')
|
||||||
admin_id = current_user.get_user_id()
|
admin_id = current_user.get_user_id()
|
||||||
r = ail_users.api_create_user_api_key(user_id, admin_id, request.access_route[0])
|
r = ail_users.api_create_user_api_key(user_id, admin_id, request.access_route[0], request.user_agent)
|
||||||
if r[1] != 200:
|
if r[1] != 200:
|
||||||
return create_json_response(r[0], r[1])
|
return create_json_response(r[0], r[1])
|
||||||
else:
|
else:
|
||||||
|
@ -189,7 +189,7 @@ def new_token_user():
|
||||||
def user_logout():
|
def user_logout():
|
||||||
user_id = request.args.get('user_id') # TODO LOGS
|
user_id = request.args.get('user_id') # TODO LOGS
|
||||||
admin_id = current_user.get_user_id()
|
admin_id = current_user.get_user_id()
|
||||||
r = ail_users.api_logout_user(admin_id, user_id, request.access_route[0])
|
r = ail_users.api_logout_user(admin_id, user_id, request.access_route[0], request.user_agent)
|
||||||
if r[1] != 200:
|
if r[1] != 200:
|
||||||
return create_json_response(r[0], r[1])
|
return create_json_response(r[0], r[1])
|
||||||
else:
|
else:
|
||||||
|
@ -200,7 +200,7 @@ def user_logout():
|
||||||
@login_admin
|
@login_admin
|
||||||
def users_logout():
|
def users_logout():
|
||||||
admin_id = current_user.get_user_id() # TODO LOGS
|
admin_id = current_user.get_user_id() # TODO LOGS
|
||||||
r = ail_users.api_logout_users(admin_id, request.access_route[0])
|
r = ail_users.api_logout_users(admin_id, request.access_route[0], request.user_agent)
|
||||||
if r[1] != 200:
|
if r[1] != 200:
|
||||||
return create_json_response(r[0], r[1])
|
return create_json_response(r[0], r[1])
|
||||||
else:
|
else:
|
||||||
|
@ -277,7 +277,7 @@ def create_user_post():
|
||||||
edit = True
|
edit = True
|
||||||
else:
|
else:
|
||||||
edit = False
|
edit = False
|
||||||
ail_users.api_create_user(admin_id, request.access_route[0], email, password, org_uuid, role, enable_2_fa)
|
ail_users.api_create_user(admin_id, request.access_route[0], request.user_agent, email, password, org_uuid, role, enable_2_fa)
|
||||||
new_user = {'email': email, 'password': str_password, 'org': org_uuid, 'otp': enable_2_fa, 'edited': edit}
|
new_user = {'email': email, 'password': str_password, 'org': org_uuid, 'otp': enable_2_fa, 'edited': edit}
|
||||||
return render_template("create_user.html", new_user=new_user, meta={}, all_roles=all_roles, acl_admin=True)
|
return render_template("create_user.html", new_user=new_user, meta={}, all_roles=all_roles, acl_admin=True)
|
||||||
|
|
||||||
|
@ -294,7 +294,7 @@ def create_user_post():
|
||||||
def delete_user():
|
def delete_user():
|
||||||
user_id = request.args.get('user_id')
|
user_id = request.args.get('user_id')
|
||||||
admin_id = current_user.get_user_id()
|
admin_id = current_user.get_user_id()
|
||||||
r = ail_users.api_delete_user(user_id, admin_id, request.access_route[0])
|
r = ail_users.api_delete_user(user_id, admin_id, request.access_route[0], request.user_agent)
|
||||||
if r[1] != 200:
|
if r[1] != 200:
|
||||||
return create_json_response(r[0], r[1])
|
return create_json_response(r[0], r[1])
|
||||||
else:
|
else:
|
||||||
|
@ -334,7 +334,7 @@ def create_org_post():
|
||||||
name = request.form.get('name')
|
name = request.form.get('name')
|
||||||
description = request.form.get('description')
|
description = request.form.get('description')
|
||||||
|
|
||||||
r = ail_orgs.api_create_org(admin_id, org_uuid, name, request.access_route[0], description=description)
|
r = ail_orgs.api_create_org(admin_id, org_uuid, name, request.access_route[0], request.user_agent, description=description)
|
||||||
if r[1] != 200:
|
if r[1] != 200:
|
||||||
return create_json_response(r[0], r[1])
|
return create_json_response(r[0], r[1])
|
||||||
else:
|
else:
|
||||||
|
@ -350,7 +350,7 @@ def create_org_post():
|
||||||
def delete_org():
|
def delete_org():
|
||||||
admin_id = current_user.get_user_id()
|
admin_id = current_user.get_user_id()
|
||||||
org_uuid = request.args.get('uuid')
|
org_uuid = request.args.get('uuid')
|
||||||
r = ail_orgs.api_delete_org(org_uuid, admin_id, request.access_route[0])
|
r = ail_orgs.api_delete_org(org_uuid, admin_id, request.access_route[0], request.user_agent)
|
||||||
if r[1] != 200:
|
if r[1] != 200:
|
||||||
return create_json_response(r[0], r[1])
|
return create_json_response(r[0], r[1])
|
||||||
else:
|
else:
|
||||||
|
|
Loading…
Reference in a new issue