Mathis/allianceauth
1
0
Fork 0
mirror of https://gitlab.com/allianceauth/allianceauth.git synced 2025-07-11 21:40:17 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add Audit Log to Group Management

Browse Source
This commit is contained in:
colcrunch 2018-06-04 01:45:44 -04:00
parent 41429ec7c7
commit bf1fe99d98
6 changed files with 141 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
allianceauth/groupmanagement/migrations/0009_requestlog.py Normal file
View File

@ -0,0 +1,28 @@
# Generated by Django 2.0.6 on 2018-06-04 02:45
from django.conf import settings
from django.db import migrations, models
import django.db.models.deletion
class Migration(migrations.Migration):
dependencies = [
('auth', '0009_alter_user_last_name_max_length'),
migrations.swappable_dependency(settings.AUTH_USER_MODEL),
('groupmanagement', '0008_remove_authgroup_permissions'),
]
operations = [
migrations.CreateModel(
name='RequestLog',
fields=[
('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
('request_type', models.NullBooleanField(default=0)),
('request_info', models.CharField(max_length=254)),
('action', models.BooleanField(default=0)),
('group', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='auth.Group')),
('request_actor', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL)),
],
),
]

31
allianceauth/groupmanagement/models.py
View File

@ -23,6 +23,37 @@ class GroupRequest(models.Model):
return self.user.username + ":" + self.group.name return self.user.username + ":" + self.group.name
class RequestLog(models.Model):
request_type = models.NullBooleanField(default=0)
group = models.ForeignKey(Group, on_delete=models.CASCADE)
request_info = models.CharField(max_length=254)
action = models.BooleanField(default=0)
request_actor = models.ForeignKey(User, on_delete=models.CASCADE)
def requestor(self):
return self.request_info.split(":")[0]
def type_to_str(self):
if self.request_type is None:
return "Removed"
elif self.request_type is True:
return "Leave"
elif self.request_type is False:
return "Join"
def action_to_str(self):
if self.action is True:
return "Accept"
elif self.action is False:
return "Reject"
def req_char(self):
usr = self.requestor()
user = User.objects.get(username=usr)
return user.profile.main_character
class AuthGroup(models.Model): class AuthGroup(models.Model):
""" """
Extends Django Group model with a one-to-one field Extends Django Group model with a one-to-one field

40
allianceauth/groupmanagement/templates/groupmanagement/audit.html Normal file
View File

@ -0,0 +1,40 @@
{% extends "allianceauth/base.html" %}
{% load staticfiles %}
{% load i18n %}
{% block page_title %}{{ group }} {% trans "Audit Log" %}{% endblock page_title %}
{% block extra_css %}{% endblock extra_css %}
{% block content %}
<div class="col-lg-12">
<br>
{% include 'groupmanagement/menu.html' %}
<div>
{% if entries %}
<h3>{{ group }} Audit Log</h3>
<table class="table">
<tr>
<th class="text-center">{% trans "Requestor" %}</th>
<th class="text-center">{% trans "Main Character" %}</th>
<th class="text-center">{% trans "Group" %}</th>
<th class="text-center">{% trans "Type" %}</th>
<th class="text-center">{% trans "Action" %}</th>
<th class="text-center">{% trans "Actor" %}</th>
</tr>
{% for entry in entries %}
<tr>
<td class="text-center">{{ entry.requestor }}</td>
<td class="text-center">{{ entry.req_char }}</td>
<td class="text-center">{{ entry.group }}</td>
<td class="text-center">{{ entry.type_to_str }}</td>
<td class="text-center">{{ entry.action_to_str }}</td>
<td class="text-center">{{ entry.request_actor }}</td>
</tr>
{% endfor %}
</table>
{% else %}
<div class="alert alert-warning text-center">{% trans "No entries found." %}</div>
{% endif %}
</div>
</div>
{% endblock content %}

3
allianceauth/groupmanagement/templates/groupmanagement/groupmembership.html
View File

@ -41,6 +41,9 @@
title="{% trans "View Members" %}"> title="{% trans "View Members" %}">
<i class="glyphicon glyphicon-eye-open"></i> <i class="glyphicon glyphicon-eye-open"></i>
</a> </a>
<a href="{% url "groupmanagement:audit_log" group.id %}" class="btn btn-info" title="{% trans "Audit Members" %}">
<i class="glyphicon glyphicon-list-alt"></i>
</a>
</td> </td>
</tr> </tr>
{% endfor %} {% endfor %}

1
allianceauth/groupmanagement/urls.py
View File

@ -12,6 +12,7 @@ urlpatterns = [
name='membership'), name='membership'),
url(r'^membership/(\w+)/$', views.group_membership_list, url(r'^membership/(\w+)/$', views.group_membership_list,
name='membership_list'), name='membership_list'),
url(r'^membership/(\w+)/audit/', views.group_membership_audit, name="audit_log"),
url(r'^membership/(\w+)/remove/(\w+)/$', views.group_membership_remove, url(r'^membership/(\w+)/remove/(\w+)/$', views.group_membership_remove,
name='membership_remove'), name='membership_remove'),
url(r'^request_add/(\w+)', views.group_request_add, url(r'^request_add/(\w+)', views.group_request_add,

39
allianceauth/groupmanagement/views.py
View File

@ -10,7 +10,7 @@ from django.http import Http404
from django.shortcuts import render, redirect, get_object_or_404 from django.shortcuts import render, redirect, get_object_or_404
from django.utils.translation import ugettext_lazy as _ from django.utils.translation import ugettext_lazy as _
from .managers import GroupManager from .managers import GroupManager
from .models import GroupRequest from .models import GroupRequest, RequestLog
from allianceauth.notifications import notify from allianceauth.notifications import notify
@ -65,6 +65,32 @@ def group_membership(request):
return render(request, 'groupmanagement/groupmembership.html', context=render_items) return render(request, 'groupmanagement/groupmembership.html', context=render_items)
@login_required
@user_passes_test(GroupManager.can_manage_groups)
def group_membership_audit(request, group_id):
logger.debug("group_management_audit called by user %s" % request.user)
group = get_object_or_404(Group, id=group_id)
try:
# Check its a joinable group i.e. not corp or internal
# And the user has permission to manage it
if not GroupManager.joinable_group(group) or not GroupManager.can_manage_group(request.user, group):
logger.warning("User %s attempted to view the membership of group %s but permission was denied" %
(request.user, group_id))
raise PermissionDenied
except ObjectDoesNotExist:
raise Http404("Group does not exist")
entries = RequestLog.objects.filter(group=group)
render_items = {'entries': entries, 'group': group.name}
return render(request, 'groupmanagement/audit.html', context=render_items)
@login_required @login_required
@user_passes_test(GroupManager.can_manage_groups) @user_passes_test(GroupManager.can_manage_groups)
def group_membership_list(request, group_id): def group_membership_list(request, group_id):
@ -112,6 +138,9 @@ def group_membership_remove(request, group_id, user_id):
try: try:
user = group.user_set.get(id=user_id) user = group.user_set.get(id=user_id)
request_info = user.username + ":" + group.name
log = RequestLog(request_type=None,group=group,request_info=request_info,action=1,request_actor=request.user)
log.save()
# Remove group from user # Remove group from user
user.groups.remove(group) user.groups.remove(group)
logger.info("User %s removed user %s from group %s" % (request.user, user, group)) logger.info("User %s removed user %s from group %s" % (request.user, user, group))
@ -139,6 +168,8 @@ def group_accept_request(request, group_request_id):
group_request.user.groups.add(group) group_request.user.groups.add(group)
group_request.user.save() group_request.user.save()
log = RequestLog(request_type=group_request.leave_request,group=group,request_info=group_request.__str__(),action=1,request_actor=request.user)
log.save()
group_request.delete() group_request.delete()
logger.info("User %s accepted group request from user %s to group %s" % ( logger.info("User %s accepted group request from user %s to group %s" % (
request.user, group_request.user, group_request.group.name)) request.user, group_request.user, group_request.group.name))
@ -172,6 +203,8 @@ def group_reject_request(request, group_request_id):
if group_request: if group_request:
logger.info("User %s rejected group request from user %s to group %s" % ( logger.info("User %s rejected group request from user %s to group %s" % (
request.user, group_request.user, group_request.group.name)) request.user, group_request.user, group_request.group.name))
log = RequestLog(request_type=group_request.leave_request,group=group_request.group,request_info=group_request.__str__(),action=0,request_actor=request.user)
log.save()
group_request.delete() group_request.delete()
notify(group_request.user, "Group Application Rejected", level="danger", notify(group_request.user, "Group Application Rejected", level="danger",
message="Your application to %s has been rejected." % group_request.group) message="Your application to %s has been rejected." % group_request.group)
@ -204,6 +237,8 @@ def group_leave_accept_request(request, group_request_id):
group, created = Group.objects.get_or_create(name=group_request.group.name) group, created = Group.objects.get_or_create(name=group_request.group.name)
group_request.user.groups.remove(group) group_request.user.groups.remove(group)
group_request.user.save() group_request.user.save()
log = RequestLog(request_type=group_request.leave_request,group=group_request.group,request_info=group_request.__str__(),action=1,request_actor=request.user)
log.save()
group_request.delete() group_request.delete()
logger.info("User %s accepted group leave request from user %s to group %s" % ( logger.info("User %s accepted group leave request from user %s to group %s" % (
request.user, group_request.user, group_request.group.name)) request.user, group_request.user, group_request.group.name))
@ -236,6 +271,8 @@ def group_leave_reject_request(request, group_request_id):
raise PermissionDenied raise PermissionDenied
if group_request: if group_request:
log = RequestLog(request_type=group_request.leave_request,group=group_request.group,request_info=group_request.__str__(),action=0,request_actor=request.user)
log.save()
group_request.delete() group_request.delete()
logger.info("User %s rejected group leave request from user %s for group %s" % ( logger.info("User %s rejected group leave request from user %s for group %s" % (
request.user, group_request.user, group_request.group.name)) request.user, group_request.user, group_request.group.name))