diff --git a/rhodecode/controllers/files.py b/rhodecode/controllers/files.py --- a/rhodecode/controllers/files.py +++ b/rhodecode/controllers/files.py @@ -35,7 +35,7 @@ from webob.exc import HTTPNotFound, HTTP from rhodecode.controllers.utils import parse_path_ref from rhodecode.lib import diffs, helpers as h, caches -from rhodecode.lib.compat import OrderedDict +from rhodecode.lib import audit_logger from rhodecode.lib.codeblocks import ( filenode_as_lines_tokens, filenode_as_annotated_lines_tokens) from rhodecode.lib.utils import jsonify, action_logger @@ -813,6 +813,26 @@ class FilesController(BaseRepoController shutil.move(archive, cached_archive_path) archive = cached_archive_path + # store download action + action_logger(user=c.rhodecode_user, + action='user_downloaded_archive:%s' % archive_name, + repo=repo_name, ipaddr=self.ip_addr, commit=True) + + audit_logger.store( + action='repo.archive.download', + action_data={'user_agent': request.user_agent, + 'archive_name': archive_name, + 'archive_spec': fname, + 'archive_cached': use_cached_archive}, + user=c.rhodecode_user, + repo=dbrepo, + commit=True + ) + + response.content_disposition = str( + 'attachment; filename=%s' % archive_name) + response.content_type = str(content_type) + def get_chunked_archive(archive): with open(archive, 'rb') as stream: while True: @@ -826,14 +846,6 @@ class FilesController(BaseRepoController break yield data - # store download action - action_logger(user=c.rhodecode_user, - action='user_downloaded_archive:%s' % archive_name, - repo=repo_name, ipaddr=self.ip_addr, commit=True) - response.content_disposition = str( - 'attachment; filename=%s' % archive_name) - response.content_type = str(content_type) - return get_chunked_archive(archive) @LoginRequired() diff --git a/rhodecode/lib/audit_logger.py b/rhodecode/lib/audit_logger.py --- a/rhodecode/lib/audit_logger.py +++ b/rhodecode/lib/audit_logger.py @@ -39,7 +39,8 @@ ACTIONS = { 'repo.add': {}, 'repo.edit': {}, 'repo.edit.permissions': {}, - 'repo.commit.strip': {} + 'repo.commit.strip': {}, + 'repo.archive.download': {}, } @@ -97,14 +98,31 @@ def store( from rhodecode.lib import audit_logger - audit_logger.store(action='repo.edit', user=self._rhodecode_user) - audit_logger.store(action='repo.delete', user=audit_logger.UserWrap(username='itried-to-login', ip_addr='8.8.8.8')) + audit_logger.store( + action='repo.edit', user=self._rhodecode_user) + audit_logger.store( + action='repo.delete', + user=audit_logger.UserWrap(username='itried-login', ip_addr='8.8.8.8')) + + # repo action + audit_logger.store( + action='repo.delete', + user=audit_logger.UserWrap(username='itried-login', ip_addr='8.8.8.8'), + repo=audit_logger.RepoWrap(repo_name='some-repo')) + + # repo action, when we know and have the repository object already + audit_logger.store( + action='repo.delete', + user=audit_logger.UserWrap(username='itried-login', ip_addr='8.8.8.8'), + repo=repo_object) # without an user ? - audit_user = audit_logger.UserWrap( - username=self.request.params.get('username'), - ip_addr=self.request.remote_addr) - audit_logger.store(action='user.login.failure', user=audit_user) + audit_logger.store( + action='user.login.failure', + user=audit_logger.UserWrap( + username=self.request.params.get('username'), + ip_addr=self.request.remote_addr)) + """ from rhodecode.lib.utils2 import safe_unicode from rhodecode.lib.auth import AuthUser