##// END OF EJS Templates
security: update lastactivity when on audit logs....
marcink -
r2930:a5198975 default
parent child Browse files
Show More
@@ -208,6 +208,7 b' def request_view(request):'
208 208
209 209 # register our auth-user
210 210 request.rpc_user = auth_u
211 request.environ['rc_auth_user_id'] = auth_u.user_id
211 212
212 213 # now check if token is valid for API
213 214 auth_token = request.rpc_api_key
@@ -76,6 +76,8 b' class TestUpdateUser(object):'
76 76 'user': ret
77 77 }
78 78 expected = ret
79 expected['user']['last_activity'] = response.json['result']['user'][
80 'last_activity']
79 81 assert_ok(id_, expected, given=response.body)
80 82
81 83 def test_api_update_user_by_user_id(self):
@@ -91,6 +93,8 b' class TestUpdateUser(object):'
91 93 'user': ret
92 94 }
93 95 expected = ret
96 expected['user']['last_activity'] = response.json['result']['user'][
97 'last_activity']
94 98 assert_ok(id_, expected, given=response.body)
95 99
96 100 def test_api_update_user_default_user(self):
@@ -25,13 +25,13 b' import collections'
25 25 import tempfile
26 26
27 27 from paste.gzipper import make_gzip_middleware
28 import pyramid.events
28 29 from pyramid.wsgi import wsgiapp
29 30 from pyramid.authorization import ACLAuthorizationPolicy
30 31 from pyramid.config import Configurator
31 32 from pyramid.settings import asbool, aslist
32 33 from pyramid.httpexceptions import (
33 34 HTTPException, HTTPError, HTTPInternalServerError, HTTPFound, HTTPNotFound)
34 from pyramid.events import ApplicationCreated
35 35 from pyramid.renderers import render_to_response
36 36
37 37 from rhodecode.model import meta
@@ -39,6 +39,7 b' from rhodecode.config import patches'
39 39 from rhodecode.config import utils as config_utils
40 40 from rhodecode.config.environment import load_pyramid_environment
41 41
42 import rhodecode.events
42 43 from rhodecode.lib.middleware.vcs import VCSMiddleware
43 44 from rhodecode.lib.request import Request
44 45 from rhodecode.lib.vcs import VCSCommunicationError
@@ -268,11 +269,14 b' def includeme(config):'
268 269 settings['default_locale_name'] = settings.get('lang', 'en')
269 270
270 271 # Add subscribers.
271 config.add_subscriber(inject_app_settings, ApplicationCreated)
272 config.add_subscriber(scan_repositories_if_enabled, ApplicationCreated)
273 config.add_subscriber(write_metadata_if_needed, ApplicationCreated)
274 config.add_subscriber(write_js_routes_if_enabled, ApplicationCreated)
275
272 config.add_subscriber(inject_app_settings,
273 pyramid.events.ApplicationCreated)
274 config.add_subscriber(scan_repositories_if_enabled,
275 pyramid.events.ApplicationCreated)
276 config.add_subscriber(write_metadata_if_needed,
277 pyramid.events.ApplicationCreated)
278 config.add_subscriber(write_js_routes_if_enabled,
279 pyramid.events.ApplicationCreated)
276 280
277 281 # request custom methods
278 282 config.add_request_method(
@@ -32,9 +32,11 b' def trigger(event, registry=None):'
32 32 # For the first step we are using pyramids thread locals here. If the
33 33 # event mechanism works out as a good solution we should think about
34 34 # passing the registry as an argument to get rid of it.
35 event_name = event.__class__
36 log.debug('event %s sent for execution', event_name)
35 37 registry = registry or get_current_registry()
36 38 registry.notify(event)
37 log.debug('event %s triggered using registry %s', event.__class__, registry)
39 log.debug('event %s triggered using registry %s', event_name, registry)
38 40
39 41 # Send the events to integrations directly
40 42 from rhodecode.integrations import integrations_event_handler
@@ -241,20 +241,24 b' def store(action, user, action_data=None'
241 241 action_name = safe_unicode(action)
242 242 ip_address = safe_unicode(ip_addr)
243 243
244 user_log = _store_log(
245 action_name=action_name,
246 action_data=action_data or {},
247 user_id=user_id,
248 username=username,
249 user_data=user_data or {},
250 ip_address=ip_address,
251 repository_id=repository_id,
252 repository_name=repository_name
253 )
244 with sa_session.no_autoflush:
245 update_user_last_activity(sa_session, user_id)
254 246
255 sa_session.add(user_log)
256 if commit:
257 sa_session.commit()
247 user_log = _store_log(
248 action_name=action_name,
249 action_data=action_data or {},
250 user_id=user_id,
251 username=username,
252 user_data=user_data or {},
253 ip_address=ip_address,
254 repository_id=repository_id,
255 repository_name=repository_name
256 )
257
258 sa_session.add(user_log)
259
260 if commit:
261 sa_session.commit()
258 262
259 263 entry_id = user_log.entry_id or ''
260 264 log.info('AUDIT[%s]: Logging action: `%s` by user:id:%s[%s] ip:%s',
@@ -262,3 +266,14 b' def store(action, user, action_data=None'
262 266
263 267 except Exception:
264 268 log.exception('AUDIT: failed to store audit log')
269
270
271 def update_user_last_activity(sa_session, user_id):
272 _last_activity = datetime.datetime.now()
273 try:
274 sa_session.query(User).filter(User.user_id == user_id).update(
275 {"last_activity": _last_activity})
276 log.debug(
277 'updated user `%s` last activity to:%s', user_id, _last_activity)
278 except Exception:
279 log.exception("Failed last activity update")
@@ -521,6 +521,7 b' class SimpleVCS(object):'
521 521 if not self.valid_and_active_user(user):
522 522 return HTTPForbidden()(environ, start_response)
523 523 username = user.username
524 user_id = user.user_id
524 525
525 526 # check user attributes for password change flag
526 527 user_obj = user
@@ -536,6 +537,7 b' class SimpleVCS(object):'
536 537 plugin, plugin_cache_active, cache_ttl)
537 538 if not perm:
538 539 return HTTPForbidden()(environ, start_response)
540 environ['rc_auth_user_id'] = user_id
539 541
540 542 # extras are injected into UI object and later available
541 543 # in hooks executed by RhodeCode
@@ -931,12 +931,6 b' class User(Base, BaseModel):'
931 931 Session().add(self)
932 932 log.debug('updated user %s lastlogin', self.username)
933 933
934 def update_lastactivity(self):
935 """Update user lastactivity"""
936 self.last_activity = datetime.datetime.now()
937 Session().add(self)
938 log.debug('updated user `%s` last activity', self.username)
939
940 934 def update_password(self, new_password):
941 935 from rhodecode.lib.auth import get_crypt_password
942 936
@@ -100,6 +100,7 b' def add_request_user_context(event):'
100 100 auth_user = get_auth_user(request)
101 101 request.user = auth_user
102 102 request.environ['rc_auth_user'] = auth_user
103 request.environ['rc_auth_user_id'] = auth_user.user_id
103 104 request.environ['rc_req_id'] = req_id
104 105
105 106
General Comments 0
You need to be logged in to leave comments. Login now