Show More
@@ -917,12 +917,13 b' def update_repo(' | |||||
917 |
|
917 | |||
918 | ref_choices, _labels = ScmModel().get_repo_landing_revs(repo=repo) |
|
918 | ref_choices, _labels = ScmModel().get_repo_landing_revs(repo=repo) | |
919 |
|
919 | |||
|
920 | old_values = repo.get_api_data() | |||
920 | schema = repo_schema.RepoSchema().bind( |
|
921 | schema = repo_schema.RepoSchema().bind( | |
921 | repo_type_options=rhodecode.BACKENDS.keys(), |
|
922 | repo_type_options=rhodecode.BACKENDS.keys(), | |
922 | repo_ref_options=ref_choices, |
|
923 | repo_ref_options=ref_choices, | |
923 | # user caller |
|
924 | # user caller | |
924 | user=apiuser, |
|
925 | user=apiuser, | |
925 |
old_values= |
|
926 | old_values=old_values) | |
926 | try: |
|
927 | try: | |
927 | schema_data = schema.deserialize(dict( |
|
928 | schema_data = schema.deserialize(dict( | |
928 | # we save old value, users cannot change type |
|
929 | # we save old value, users cannot change type | |
@@ -967,6 +968,9 b' def update_repo(' | |||||
967 |
|
968 | |||
968 | try: |
|
969 | try: | |
969 | RepoModel().update(repo, **validated_updates) |
|
970 | RepoModel().update(repo, **validated_updates) | |
|
971 | audit_logger.store_api( | |||
|
972 | 'repo.edit', action_data={'old_data': old_values}, | |||
|
973 | user=apiuser, repo=repo) | |||
970 | Session().commit() |
|
974 | Session().commit() | |
971 | return { |
|
975 | return { | |
972 | 'msg': 'updated repo ID:%s %s' % (repo.repo_id, repo.repo_name), |
|
976 | 'msg': 'updated repo ID:%s %s' % (repo.repo_id, repo.repo_name), | |
@@ -1173,15 +1177,14 b' def delete_repo(request, apiuser, repoid' | |||||
1173 | 'Cannot delete `%s` it still contains attached forks' % |
|
1177 | 'Cannot delete `%s` it still contains attached forks' % | |
1174 | (repo.repo_name,) |
|
1178 | (repo.repo_name,) | |
1175 | ) |
|
1179 | ) | |
1176 |
|
|
1180 | old_data = repo.get_api_data() | |
1177 | RepoModel().delete(repo, forks=forks) |
|
1181 | RepoModel().delete(repo, forks=forks) | |
1178 |
|
1182 | |||
1179 | repo = audit_logger.RepoWrap(repo_id=None, |
|
1183 | repo = audit_logger.RepoWrap(repo_id=None, | |
1180 | repo_name=repo.repo_name) |
|
1184 | repo_name=repo.repo_name) | |
1181 |
|
1185 | |||
1182 | audit_logger.store_api( |
|
1186 | audit_logger.store_api( | |
1183 | action='repo.delete', |
|
1187 | 'repo.delete', action_data={'old_data': old_data}, | |
1184 | action_data={'data': repo_data}, |
|
|||
1185 | user=apiuser, repo=repo) |
|
1188 | user=apiuser, repo=repo) | |
1186 |
|
1189 | |||
1187 | ScmModel().mark_for_invalidation(repo_name, delete=True) |
|
1190 | ScmModel().mark_for_invalidation(repo_name, delete=True) | |
@@ -1472,7 +1475,7 b' def comment_commit(' | |||||
1472 | rc_config = SettingsModel().get_all_settings() |
|
1475 | rc_config = SettingsModel().get_all_settings() | |
1473 | renderer = rc_config.get('rhodecode_markup_renderer', 'rst') |
|
1476 | renderer = rc_config.get('rhodecode_markup_renderer', 'rst') | |
1474 | status_change_label = ChangesetStatus.get_status_lbl(status) |
|
1477 | status_change_label = ChangesetStatus.get_status_lbl(status) | |
1475 | comm = CommentsModel().create( |
|
1478 | comment = CommentsModel().create( | |
1476 | message, repo, user, commit_id=commit_id, |
|
1479 | message, repo, user, commit_id=commit_id, | |
1477 | status_change=status_change_label, |
|
1480 | status_change=status_change_label, | |
1478 | status_change_type=status, |
|
1481 | status_change_type=status, | |
@@ -1484,7 +1487,7 b' def comment_commit(' | |||||
1484 | # also do a status change |
|
1487 | # also do a status change | |
1485 | try: |
|
1488 | try: | |
1486 | ChangesetStatusModel().set_status( |
|
1489 | ChangesetStatusModel().set_status( | |
1487 | repo, status, user, comm, revision=commit_id, |
|
1490 | repo, status, user, comment, revision=commit_id, | |
1488 | dont_allow_on_closed_pull_request=True |
|
1491 | dont_allow_on_closed_pull_request=True | |
1489 | ) |
|
1492 | ) | |
1490 | except StatusChangeOnClosedPullRequestError: |
|
1493 | except StatusChangeOnClosedPullRequestError: | |
@@ -1498,7 +1501,7 b' def comment_commit(' | |||||
1498 | return { |
|
1501 | return { | |
1499 | 'msg': ( |
|
1502 | 'msg': ( | |
1500 | 'Commented on commit `%s` for repository `%s`' % ( |
|
1503 | 'Commented on commit `%s` for repository `%s`' % ( | |
1501 | comm.revision, repo.repo_name)), |
|
1504 | comment.revision, repo.repo_name)), | |
1502 | 'status_change': status, |
|
1505 | 'status_change': status, | |
1503 | 'success': True, |
|
1506 | 'success': True, | |
1504 | } |
|
1507 | } | |
@@ -1879,6 +1882,11 b' def strip(request, apiuser, repoid, revi' | |||||
1879 |
|
1882 | |||
1880 | try: |
|
1883 | try: | |
1881 | ScmModel().strip(repo, revision, branch) |
|
1884 | ScmModel().strip(repo, revision, branch) | |
|
1885 | audit_logger.store_api( | |||
|
1886 | 'repo.commit.strip', action_data={'commit_id': revision}, | |||
|
1887 | repo=repo, | |||
|
1888 | user=apiuser, commit=True) | |||
|
1889 | ||||
1882 | return { |
|
1890 | return { | |
1883 | 'msg': 'Stripped commit %s from repo `%s`' % ( |
|
1891 | 'msg': 'Stripped commit %s from repo `%s`' % ( | |
1884 | revision, repo.repo_name), |
|
1892 | revision, repo.repo_name), |
@@ -27,6 +27,7 b' from rhodecode.api.utils import (' | |||||
27 | has_superadmin_permission, Optional, OAttr, get_user_or_error, |
|
27 | has_superadmin_permission, Optional, OAttr, get_user_or_error, | |
28 | get_repo_group_or_error, get_perm_or_error, get_user_group_or_error, |
|
28 | get_repo_group_or_error, get_perm_or_error, get_user_group_or_error, | |
29 | get_origin, validate_repo_group_permissions, validate_set_owner_permissions) |
|
29 | get_origin, validate_repo_group_permissions, validate_set_owner_permissions) | |
|
30 | from rhodecode.lib import audit_logger | |||
30 | from rhodecode.lib.auth import ( |
|
31 | from rhodecode.lib.auth import ( | |
31 | HasRepoGroupPermissionAnyApi, HasUserGroupPermissionAnyApi) |
|
32 | HasRepoGroupPermissionAnyApi, HasUserGroupPermissionAnyApi) | |
32 | from rhodecode.model.db import Session |
|
33 | from rhodecode.model.db import Session | |
@@ -222,6 +223,13 b' def create_repo_group(' | |||||
222 | group_name=validated_group_name, |
|
223 | group_name=validated_group_name, | |
223 | group_description=schema_data['repo_group_name'], |
|
224 | group_description=schema_data['repo_group_name'], | |
224 | copy_permissions=schema_data['repo_group_copy_permissions']) |
|
225 | copy_permissions=schema_data['repo_group_copy_permissions']) | |
|
226 | Session().flush() | |||
|
227 | ||||
|
228 | repo_group_data = repo_group.get_api_data() | |||
|
229 | audit_logger.store_api( | |||
|
230 | 'repo_group.create', action_data={'data': repo_group_data}, | |||
|
231 | user=apiuser) | |||
|
232 | ||||
225 | Session().commit() |
|
233 | Session().commit() | |
226 | return { |
|
234 | return { | |
227 | 'msg': 'Created new repo group `%s`' % validated_group_name, |
|
235 | 'msg': 'Created new repo group `%s`' % validated_group_name, | |
@@ -310,8 +318,13 b' def update_repo_group(' | |||||
310 | enable_locking=schema_data['repo_group_enable_locking'], |
|
318 | enable_locking=schema_data['repo_group_enable_locking'], | |
311 | ) |
|
319 | ) | |
312 |
|
320 | |||
|
321 | old_data = repo_group.get_api_data() | |||
313 | try: |
|
322 | try: | |
314 | RepoGroupModel().update(repo_group, validated_updates) |
|
323 | RepoGroupModel().update(repo_group, validated_updates) | |
|
324 | audit_logger.store_api( | |||
|
325 | 'repo_group.edit', action_data={'old_data': old_data}, | |||
|
326 | user=apiuser) | |||
|
327 | ||||
315 | Session().commit() |
|
328 | Session().commit() | |
316 | return { |
|
329 | return { | |
317 | 'msg': 'updated repository group ID:%s %s' % ( |
|
330 | 'msg': 'updated repository group ID:%s %s' % ( | |
@@ -365,8 +378,12 b' def delete_repo_group(request, apiuser, ' | |||||
365 | validate_repo_group_permissions( |
|
378 | validate_repo_group_permissions( | |
366 | apiuser, repogroupid, repo_group, ('group.admin',)) |
|
379 | apiuser, repogroupid, repo_group, ('group.admin',)) | |
367 |
|
380 | |||
|
381 | old_data = repo_group.get_api_data() | |||
368 | try: |
|
382 | try: | |
369 | RepoGroupModel().delete(repo_group) |
|
383 | RepoGroupModel().delete(repo_group) | |
|
384 | audit_logger.store_api( | |||
|
385 | 'repo_group.delete', action_data={'old_data': old_data}, | |||
|
386 | user=apiuser) | |||
370 | Session().commit() |
|
387 | Session().commit() | |
371 | return { |
|
388 | return { | |
372 | 'msg': 'deleted repo group ID:%s %s' % |
|
389 | 'msg': 'deleted repo group ID:%s %s' % |
@@ -23,6 +23,7 b' import logging' | |||||
23 | from rhodecode.api import jsonrpc_method, JSONRPCError, JSONRPCForbidden |
|
23 | from rhodecode.api import jsonrpc_method, JSONRPCError, JSONRPCForbidden | |
24 | from rhodecode.api.utils import ( |
|
24 | from rhodecode.api.utils import ( | |
25 | Optional, OAttr, has_superadmin_permission, get_user_or_error, store_update) |
|
25 | Optional, OAttr, has_superadmin_permission, get_user_or_error, store_update) | |
|
26 | from rhodecode.lib import audit_logger | |||
26 | from rhodecode.lib.auth import AuthUser, PasswordGenerator |
|
27 | from rhodecode.lib.auth import AuthUser, PasswordGenerator | |
27 | from rhodecode.lib.exceptions import DefaultUserException |
|
28 | from rhodecode.lib.exceptions import DefaultUserException | |
28 | from rhodecode.lib.utils2 import safe_int, str2bool |
|
29 | from rhodecode.lib.utils2 import safe_int, str2bool | |
@@ -251,6 +252,12 b' def create_user(request, apiuser, userna' | |||||
251 | force_password_change=Optional.extract(force_password_change), |
|
252 | force_password_change=Optional.extract(force_password_change), | |
252 | create_repo_group=create_repo_group |
|
253 | create_repo_group=create_repo_group | |
253 | ) |
|
254 | ) | |
|
255 | Session().flush() | |||
|
256 | creation_data = user.get_api_data() | |||
|
257 | audit_logger.store_api( | |||
|
258 | 'user.create', action_data={'data': creation_data}, | |||
|
259 | user=apiuser) | |||
|
260 | ||||
254 | Session().commit() |
|
261 | Session().commit() | |
255 | return { |
|
262 | return { | |
256 | 'msg': 'created new user `%s`' % username, |
|
263 | 'msg': 'created new user `%s`' % username, | |
@@ -326,7 +333,7 b' def update_user(request, apiuser, userid' | |||||
326 | raise JSONRPCForbidden() |
|
333 | raise JSONRPCForbidden() | |
327 |
|
334 | |||
328 | user = get_user_or_error(userid) |
|
335 | user = get_user_or_error(userid) | |
329 |
|
336 | old_data = user.get_api_data() | ||
330 | # only non optional arguments will be stored in updates |
|
337 | # only non optional arguments will be stored in updates | |
331 | updates = {} |
|
338 | updates = {} | |
332 |
|
339 | |||
@@ -343,6 +350,9 b' def update_user(request, apiuser, userid' | |||||
343 | store_update(updates, extern_type, 'extern_type') |
|
350 | store_update(updates, extern_type, 'extern_type') | |
344 |
|
351 | |||
345 | user = UserModel().update_user(user, **updates) |
|
352 | user = UserModel().update_user(user, **updates) | |
|
353 | audit_logger.store_api( | |||
|
354 | 'user.edit', action_data={'old_data': old_data}, | |||
|
355 | user=apiuser) | |||
346 | Session().commit() |
|
356 | Session().commit() | |
347 | return { |
|
357 | return { | |
348 | 'msg': 'updated user ID:%s %s' % (user.user_id, user.username), |
|
358 | 'msg': 'updated user ID:%s %s' % (user.user_id, user.username), | |
@@ -405,9 +415,13 b' def delete_user(request, apiuser, userid' | |||||
405 | raise JSONRPCForbidden() |
|
415 | raise JSONRPCForbidden() | |
406 |
|
416 | |||
407 | user = get_user_or_error(userid) |
|
417 | user = get_user_or_error(userid) | |
408 |
|
418 | old_data = user.get_api_data() | ||
409 | try: |
|
419 | try: | |
410 | UserModel().delete(userid) |
|
420 | UserModel().delete(userid) | |
|
421 | audit_logger.store_api( | |||
|
422 | 'user.delete', action_data={'old_data': old_data}, | |||
|
423 | user=apiuser) | |||
|
424 | ||||
411 | Session().commit() |
|
425 | Session().commit() | |
412 | return { |
|
426 | return { | |
413 | 'msg': 'deleted user ID:%s %s' % (user.user_id, user.username), |
|
427 | 'msg': 'deleted user ID:%s %s' % (user.user_id, user.username), |
@@ -24,6 +24,7 b' from rhodecode.api import jsonrpc_method' | |||||
24 | from rhodecode.api.utils import ( |
|
24 | from rhodecode.api.utils import ( | |
25 | Optional, OAttr, store_update, has_superadmin_permission, get_origin, |
|
25 | Optional, OAttr, store_update, has_superadmin_permission, get_origin, | |
26 | get_user_or_error, get_user_group_or_error, get_perm_or_error) |
|
26 | get_user_or_error, get_user_group_or_error, get_perm_or_error) | |
|
27 | from rhodecode.lib import audit_logger | |||
27 | from rhodecode.lib.auth import HasUserGroupPermissionAnyApi, HasPermissionAnyApi |
|
28 | from rhodecode.lib.auth import HasUserGroupPermissionAnyApi, HasPermissionAnyApi | |
28 | from rhodecode.lib.exceptions import UserGroupAssignedException |
|
29 | from rhodecode.lib.exceptions import UserGroupAssignedException | |
29 | from rhodecode.model.db import Session |
|
30 | from rhodecode.model.db import Session | |
@@ -217,13 +218,18 b' def create_user_group(' | |||||
217 | owner = get_user_or_error(owner) |
|
218 | owner = get_user_or_error(owner) | |
218 | active = Optional.extract(active) |
|
219 | active = Optional.extract(active) | |
219 | description = Optional.extract(description) |
|
220 | description = Optional.extract(description) | |
220 | ug = UserGroupModel().create( |
|
221 | user_group = UserGroupModel().create( | |
221 | name=group_name, description=description, owner=owner, |
|
222 | name=group_name, description=description, owner=owner, | |
222 | active=active) |
|
223 | active=active) | |
|
224 | Session().flush() | |||
|
225 | creation_data = user_group.get_api_data() | |||
|
226 | audit_logger.store_api( | |||
|
227 | 'user_group.create', action_data={'data': creation_data}, | |||
|
228 | user=apiuser) | |||
223 | Session().commit() |
|
229 | Session().commit() | |
224 | return { |
|
230 | return { | |
225 | 'msg': 'created new user group `%s`' % group_name, |
|
231 | 'msg': 'created new user group `%s`' % group_name, | |
226 |
'user_group': |
|
232 | 'user_group': creation_data | |
227 | } |
|
233 | } | |
228 | except Exception: |
|
234 | except Exception: | |
229 | log.exception("Error occurred during creation of user group") |
|
235 | log.exception("Error occurred during creation of user group") | |
@@ -291,6 +297,7 b' def update_user_group(request, apiuser, ' | |||||
291 | if not isinstance(owner, Optional): |
|
297 | if not isinstance(owner, Optional): | |
292 | owner = get_user_or_error(owner) |
|
298 | owner = get_user_or_error(owner) | |
293 |
|
299 | |||
|
300 | old_data = user_group.get_api_data() | |||
294 | updates = {} |
|
301 | updates = {} | |
295 | store_update(updates, group_name, 'users_group_name') |
|
302 | store_update(updates, group_name, 'users_group_name') | |
296 | store_update(updates, description, 'user_group_description') |
|
303 | store_update(updates, description, 'user_group_description') | |
@@ -298,6 +305,9 b' def update_user_group(request, apiuser, ' | |||||
298 | store_update(updates, active, 'users_group_active') |
|
305 | store_update(updates, active, 'users_group_active') | |
299 | try: |
|
306 | try: | |
300 | UserGroupModel().update(user_group, updates) |
|
307 | UserGroupModel().update(user_group, updates) | |
|
308 | audit_logger.store_api( | |||
|
309 | 'user_group.edit', action_data={'old_data': old_data}, | |||
|
310 | user=apiuser) | |||
301 | Session().commit() |
|
311 | Session().commit() | |
302 | return { |
|
312 | return { | |
303 | 'msg': 'updated user group ID:%s %s' % ( |
|
313 | 'msg': 'updated user group ID:%s %s' % ( | |
@@ -359,8 +369,12 b' def delete_user_group(request, apiuser, ' | |||||
359 | raise JSONRPCError( |
|
369 | raise JSONRPCError( | |
360 | 'user group `%s` does not exist' % (usergroupid,)) |
|
370 | 'user group `%s` does not exist' % (usergroupid,)) | |
361 |
|
371 | |||
|
372 | old_data = user_group.get_api_data() | |||
362 | try: |
|
373 | try: | |
363 | UserGroupModel().delete(user_group) |
|
374 | UserGroupModel().delete(user_group) | |
|
375 | audit_logger.store_api( | |||
|
376 | 'user_group.delete', action_data={'old_data': old_data}, | |||
|
377 | user=apiuser) | |||
364 | Session().commit() |
|
378 | Session().commit() | |
365 | return { |
|
379 | return { | |
366 | 'msg': 'deleted user group ID:%s %s' % ( |
|
380 | 'msg': 'deleted user group ID:%s %s' % ( | |
@@ -438,6 +452,12 b' def add_user_to_user_group(request, apiu' | |||||
438 | user.username, user_group.users_group_name |
|
452 | user.username, user_group.users_group_name | |
439 | ) |
|
453 | ) | |
440 | msg = msg if success else 'User is already in that group' |
|
454 | msg = msg if success else 'User is already in that group' | |
|
455 | if success: | |||
|
456 | user_data = user.get_api_data() | |||
|
457 | audit_logger.store_api( | |||
|
458 | 'user_group.edit.member.add', action_data={'user': user_data}, | |||
|
459 | user=apiuser) | |||
|
460 | ||||
441 | Session().commit() |
|
461 | Session().commit() | |
442 |
|
462 | |||
443 | return { |
|
463 | return { | |
@@ -501,6 +521,12 b' def remove_user_from_user_group(request,' | |||||
501 | user.username, user_group.users_group_name |
|
521 | user.username, user_group.users_group_name | |
502 | ) |
|
522 | ) | |
503 | msg = msg if success else "User wasn't in group" |
|
523 | msg = msg if success else "User wasn't in group" | |
|
524 | if success: | |||
|
525 | user_data = user.get_api_data() | |||
|
526 | audit_logger.store_api( | |||
|
527 | 'user_group.edit.member.delete', action_data={'user': user_data}, | |||
|
528 | user=apiuser) | |||
|
529 | ||||
504 | Session().commit() |
|
530 | Session().commit() | |
505 | return {'success': success, 'msg': msg} |
|
531 | return {'success': success, 'msg': msg} | |
506 | except Exception: |
|
532 | except Exception: |
@@ -209,8 +209,8 b' class AdminUsersView(BaseAppView, DataGr' | |||||
209 |
|
209 | |||
210 | self.maybe_attach_token_scope(token) |
|
210 | self.maybe_attach_token_scope(token) | |
211 | audit_logger.store_web( |
|
211 | audit_logger.store_web( | |
212 |
|
|
212 | 'user.edit.token.add', action_data={ | |
213 |
|
|
213 | 'data': {'token': token_data, 'user': user_data}}, | |
214 | user=self._rhodecode_user, ) |
|
214 | user=self._rhodecode_user, ) | |
215 | Session().commit() |
|
215 | Session().commit() | |
216 |
|
216 | |||
@@ -239,8 +239,8 b' class AdminUsersView(BaseAppView, DataGr' | |||||
239 |
|
239 | |||
240 | AuthTokenModel().delete(del_auth_token, c.user.user_id) |
|
240 | AuthTokenModel().delete(del_auth_token, c.user.user_id) | |
241 | audit_logger.store_web( |
|
241 | audit_logger.store_web( | |
242 |
|
|
242 | 'user.edit.token.delete', action_data={ | |
243 |
|
|
243 | 'data': {'token': token_data, 'user': user_data}}, | |
244 | user=self._rhodecode_user,) |
|
244 | user=self._rhodecode_user,) | |
245 | Session().commit() |
|
245 | Session().commit() | |
246 | h.flash(_("Auth token successfully deleted"), category='success') |
|
246 | h.flash(_("Auth token successfully deleted"), category='success') | |
@@ -284,8 +284,7 b' class AdminUsersView(BaseAppView, DataGr' | |||||
284 | try: |
|
284 | try: | |
285 | UserModel().add_extra_email(c.user.user_id, email) |
|
285 | UserModel().add_extra_email(c.user.user_id, email) | |
286 | audit_logger.store_web( |
|
286 | audit_logger.store_web( | |
287 | 'user.edit.email.add', |
|
287 | 'user.edit.email.add', action_data={'email': email, 'user': user_data}, | |
288 | action_data={'email': email, 'user': user_data}, |
|
|||
289 | user=self._rhodecode_user) |
|
288 | user=self._rhodecode_user) | |
290 | Session().commit() |
|
289 | Session().commit() | |
291 | h.flash(_("Added new email address `%s` for user account") % email, |
|
290 | h.flash(_("Added new email address `%s` for user account") % email, | |
@@ -318,8 +317,7 b' class AdminUsersView(BaseAppView, DataGr' | |||||
318 | user_data = c.user.get_api_data() |
|
317 | user_data = c.user.get_api_data() | |
319 | user_model.delete_extra_email(c.user.user_id, email_id) |
|
318 | user_model.delete_extra_email(c.user.user_id, email_id) | |
320 | audit_logger.store_web( |
|
319 | audit_logger.store_web( | |
321 | 'user.edit.email.delete', |
|
320 | 'user.edit.email.delete', action_data={'email': email, 'user': user_data}, | |
322 | action_data={'email': email, 'user': user_data}, |
|
|||
323 | user=self._rhodecode_user) |
|
321 | user=self._rhodecode_user) | |
324 | Session().commit() |
|
322 | Session().commit() | |
325 | h.flash(_("Removed email address from user account"), |
|
323 | h.flash(_("Removed email address from user account"), | |
@@ -379,8 +377,7 b' class AdminUsersView(BaseAppView, DataGr' | |||||
379 | try: |
|
377 | try: | |
380 | user_model.add_extra_ip(c.user.user_id, ip, desc) |
|
378 | user_model.add_extra_ip(c.user.user_id, ip, desc) | |
381 | audit_logger.store_web( |
|
379 | audit_logger.store_web( | |
382 | 'user.edit.ip.add', |
|
380 | 'user.edit.ip.add', action_data={'ip': ip, 'user': user_data}, | |
383 | action_data={'ip': ip, 'user': user_data}, |
|
|||
384 | user=self._rhodecode_user) |
|
381 | user=self._rhodecode_user) | |
385 | Session().commit() |
|
382 | Session().commit() | |
386 | added.append(ip) |
|
383 | added.append(ip) | |
@@ -420,8 +417,7 b' class AdminUsersView(BaseAppView, DataGr' | |||||
420 | ip = UserIpMap.query().get(ip_id).ip_addr |
|
417 | ip = UserIpMap.query().get(ip_id).ip_addr | |
421 | user_model.delete_extra_ip(c.user.user_id, ip_id) |
|
418 | user_model.delete_extra_ip(c.user.user_id, ip_id) | |
422 | audit_logger.store_web( |
|
419 | audit_logger.store_web( | |
423 | 'user.edit.ip.delete', |
|
420 | 'user.edit.ip.delete', action_data={'ip': ip, 'user': user_data}, | |
424 | action_data={'ip': ip, 'user': user_data}, |
|
|||
425 | user=self._rhodecode_user) |
|
421 | user=self._rhodecode_user) | |
426 | Session().commit() |
|
422 | Session().commit() | |
427 | h.flash(_("Removed ip address from user whitelist"), category='success') |
|
423 | h.flash(_("Removed ip address from user whitelist"), category='success') |
@@ -173,7 +173,7 b' class LoginView(BaseAppView):' | |||||
173 | ip_addr=self.request.remote_addr) |
|
173 | ip_addr=self.request.remote_addr) | |
174 | action_data = {'user_agent': self.request.user_agent} |
|
174 | action_data = {'user_agent': self.request.user_agent} | |
175 | audit_logger.store_web( |
|
175 | audit_logger.store_web( | |
176 |
|
|
176 | 'user.login.success', action_data=action_data, | |
177 | user=audit_user, commit=True) |
|
177 | user=audit_user, commit=True) | |
178 |
|
178 | |||
179 | raise HTTPFound(c.came_from, headers=headers) |
|
179 | raise HTTPFound(c.came_from, headers=headers) | |
@@ -192,7 +192,7 b' class LoginView(BaseAppView):' | |||||
192 | ip_addr=self.request.remote_addr) |
|
192 | ip_addr=self.request.remote_addr) | |
193 | action_data = {'user_agent': self.request.user_agent} |
|
193 | action_data = {'user_agent': self.request.user_agent} | |
194 | audit_logger.store_web( |
|
194 | audit_logger.store_web( | |
195 |
|
|
195 | 'user.login.failure', action_data=action_data, | |
196 | user=audit_user, commit=True) |
|
196 | user=audit_user, commit=True) | |
197 | return render_ctx |
|
197 | return render_ctx | |
198 |
|
198 | |||
@@ -212,7 +212,7 b' class LoginView(BaseAppView):' | |||||
212 |
|
212 | |||
213 | action_data = {'user_agent': self.request.user_agent} |
|
213 | action_data = {'user_agent': self.request.user_agent} | |
214 | audit_logger.store_web( |
|
214 | audit_logger.store_web( | |
215 |
|
|
215 | 'user.logout', action_data=action_data, | |
216 | user=auth_user, commit=True) |
|
216 | user=auth_user, commit=True) | |
217 | self.session.delete() |
|
217 | self.session.delete() | |
218 | return HTTPFound(h.route_path('home')) |
|
218 | return HTTPFound(h.route_path('home')) | |
@@ -365,8 +365,7 b' class LoginView(BaseAppView):' | |||||
365 | action_data = {'email': user_email, |
|
365 | action_data = {'email': user_email, | |
366 | 'user_agent': self.request.user_agent} |
|
366 | 'user_agent': self.request.user_agent} | |
367 | audit_logger.store_web( |
|
367 | audit_logger.store_web( | |
368 |
|
|
368 | 'user.password.reset_request', action_data=action_data, | |
369 | action_data=action_data, |
|
|||
370 | user=self._rhodecode_user, commit=True) |
|
369 | user=self._rhodecode_user, commit=True) | |
371 | return HTTPFound(self.request.route_path('reset_password')) |
|
370 | return HTTPFound(self.request.route_path('reset_password')) | |
372 |
|
371 |
@@ -183,8 +183,8 b' class MyAccountView(BaseAppView):' | |||||
183 |
|
183 | |||
184 | self.maybe_attach_token_scope(token) |
|
184 | self.maybe_attach_token_scope(token) | |
185 | audit_logger.store_web( |
|
185 | audit_logger.store_web( | |
186 |
|
|
186 | 'user.edit.token.add', action_data={ | |
187 |
|
|
187 | 'data': {'token': token_data, 'user': 'self'}}, | |
188 | user=self._rhodecode_user, ) |
|
188 | user=self._rhodecode_user, ) | |
189 | Session().commit() |
|
189 | Session().commit() | |
190 |
|
190 | |||
@@ -208,8 +208,8 b' class MyAccountView(BaseAppView):' | |||||
208 |
|
208 | |||
209 | AuthTokenModel().delete(del_auth_token, c.user.user_id) |
|
209 | AuthTokenModel().delete(del_auth_token, c.user.user_id) | |
210 | audit_logger.store_web( |
|
210 | audit_logger.store_web( | |
211 |
|
|
211 | 'user.edit.token.delete', action_data={ | |
212 |
|
|
212 | 'data': {'token': token_data, 'user': 'self'}}, | |
213 | user=self._rhodecode_user,) |
|
213 | user=self._rhodecode_user,) | |
214 | Session().commit() |
|
214 | Session().commit() | |
215 | h.flash(_("Auth token successfully deleted"), category='success') |
|
215 | h.flash(_("Auth token successfully deleted"), category='success') | |
@@ -245,8 +245,8 b' class MyAccountView(BaseAppView):' | |||||
245 | try: |
|
245 | try: | |
246 | UserModel().add_extra_email(c.user.user_id, email) |
|
246 | UserModel().add_extra_email(c.user.user_id, email) | |
247 | audit_logger.store_web( |
|
247 | audit_logger.store_web( | |
248 |
|
|
248 | 'user.edit.email.add', action_data={ | |
249 |
|
|
249 | 'data': {'email': email, 'user': 'self'}}, | |
250 | user=self._rhodecode_user,) |
|
250 | user=self._rhodecode_user,) | |
251 |
|
251 | |||
252 | Session().commit() |
|
252 | Session().commit() | |
@@ -274,8 +274,8 b' class MyAccountView(BaseAppView):' | |||||
274 | email = UserEmailMap.get_or_404(del_email_id, pyramid_exc=True).email |
|
274 | email = UserEmailMap.get_or_404(del_email_id, pyramid_exc=True).email | |
275 | UserModel().delete_extra_email(c.user.user_id, del_email_id) |
|
275 | UserModel().delete_extra_email(c.user.user_id, del_email_id) | |
276 | audit_logger.store_web( |
|
276 | audit_logger.store_web( | |
277 |
|
|
277 | 'user.edit.email.delete', action_data={ | |
278 |
|
|
278 | 'data': {'email': email, 'user': 'self'}}, | |
279 | user=self._rhodecode_user,) |
|
279 | user=self._rhodecode_user,) | |
280 | Session().commit() |
|
280 | Session().commit() | |
281 | h.flash(_("Email successfully deleted"), |
|
281 | h.flash(_("Email successfully deleted"), |
@@ -95,14 +95,13 b' class RepoSettingsView(RepoAppView):' | |||||
95 | handle_forks = 'delete' |
|
95 | handle_forks = 'delete' | |
96 | h.flash(_('Deleted %s forks') % _forks, category='success') |
|
96 | h.flash(_('Deleted %s forks') % _forks, category='success') | |
97 |
|
97 | |||
98 |
|
|
98 | old_data = self.db_repo.get_api_data() | |
99 | RepoModel().delete(self.db_repo, forks=handle_forks) |
|
99 | RepoModel().delete(self.db_repo, forks=handle_forks) | |
100 |
|
100 | |||
101 | repo = audit_logger.RepoWrap(repo_id=None, |
|
101 | repo = audit_logger.RepoWrap(repo_id=None, | |
102 | repo_name=self.db_repo.repo_name) |
|
102 | repo_name=self.db_repo.repo_name) | |
103 | audit_logger.store_web( |
|
103 | audit_logger.store_web( | |
104 | action='repo.delete', |
|
104 | 'repo.delete', action_data={'old_data': old_data}, | |
105 | action_data={'data': repo_data}, |
|
|||
106 | user=self._rhodecode_user, repo=repo) |
|
105 | user=self._rhodecode_user, repo=repo) | |
107 |
|
106 | |||
108 | ScmModel().mark_for_invalidation(self.db_repo_name, delete=True) |
|
107 | ScmModel().mark_for_invalidation(self.db_repo_name, delete=True) |
@@ -106,10 +106,8 b' class StripView(RepoAppView):' | |||||
106 | data[commit['rev']] = True |
|
106 | data[commit['rev']] = True | |
107 |
|
107 | |||
108 | audit_logger.store_web( |
|
108 | audit_logger.store_web( | |
109 |
|
|
109 | 'repo.commit.strip', action_data={'commit_id': commit['rev']}, | |
110 | action_data={'commit_id': commit['rev']}, |
|
110 | repo=self.db_repo, user=self._rhodecode_user, commit=True) | |
111 | repo=self.db_repo, |
|
|||
112 | user=self._rhodecode_user, commit=True) |
|
|||
113 |
|
111 | |||
114 | except Exception as e: |
|
112 | except Exception as e: | |
115 | data[commit['rev']] = False |
|
113 | data[commit['rev']] = False |
@@ -185,14 +185,16 b' class RepoGroupsController(BaseControlle' | |||||
185 | owner=owner.user_id, |
|
185 | owner=owner.user_id, | |
186 | copy_permissions=form_result['group_copy_permissions'] |
|
186 | copy_permissions=form_result['group_copy_permissions'] | |
187 | ) |
|
187 | ) | |
188 |
Session(). |
|
188 | Session().flush() | |
189 | repo_group_data = repo_group.get_api_data() |
|
|||
190 | _new_group_name = form_result['group_name_full'] |
|
|||
191 |
|
189 | |||
|
190 | repo_group_data = repo_group.get_api_data() | |||
192 | audit_logger.store_web( |
|
191 | audit_logger.store_web( | |
193 |
|
|
192 | 'repo_group.create', action_data={'data': repo_group_data}, | |
194 | action_data={'data': repo_group_data}, |
|
193 | user=c.rhodecode_user) | |
195 | user=c.rhodecode_user, commit=True) |
|
194 | ||
|
195 | Session().commit() | |||
|
196 | ||||
|
197 | _new_group_name = form_result['group_name_full'] | |||
196 |
|
198 | |||
197 | repo_group_url = h.link_to( |
|
199 | repo_group_url = h.link_to( | |
198 | _new_group_name, |
|
200 | _new_group_name, | |
@@ -304,8 +306,7 b' class RepoGroupsController(BaseControlle' | |||||
304 | RepoGroupModel().delete(group_name) |
|
306 | RepoGroupModel().delete(group_name) | |
305 |
|
307 | |||
306 | audit_logger.store_web( |
|
308 | audit_logger.store_web( | |
307 | 'repo_group.delete', |
|
309 | 'repo_group.delete', action_data={'old_data': old_values}, | |
308 | action_data={'old_data': old_values}, |
|
|||
309 | user=c.rhodecode_user) |
|
310 | user=c.rhodecode_user) | |
310 |
|
311 | |||
311 | Session().commit() |
|
312 | Session().commit() |
@@ -205,6 +205,7 b' class UserGroupsController(BaseControlle' | |||||
205 | pstruct = peppercorn.parse(request.POST.items()) |
|
205 | pstruct = peppercorn.parse(request.POST.items()) | |
206 | form_result['users_group_members'] = pstruct['user_group_members'] |
|
206 | form_result['users_group_members'] = pstruct['user_group_members'] | |
207 |
|
207 | |||
|
208 | user_group, added_members, removed_members = \ | |||
208 | UserGroupModel().update(c.user_group, form_result) |
|
209 | UserGroupModel().update(c.user_group, form_result) | |
209 | updated_user_group = form_result['users_group_name'] |
|
210 | updated_user_group = form_result['users_group_name'] | |
210 |
|
211 | |||
@@ -212,6 +213,8 b' class UserGroupsController(BaseControlle' | |||||
212 | 'user_group.edit', action_data={'old_data': old_values}, |
|
213 | 'user_group.edit', action_data={'old_data': old_values}, | |
213 | user=c.rhodecode_user) |
|
214 | user=c.rhodecode_user) | |
214 |
|
215 | |||
|
216 | # TODO(marcink): use added/removed to set user_group.edit.member.add | |||
|
217 | ||||
215 | h.flash(_('Updated user group %s') % updated_user_group, |
|
218 | h.flash(_('Updated user group %s') % updated_user_group, | |
216 | category='success') |
|
219 | category='success') | |
217 | Session().commit() |
|
220 | Session().commit() |
@@ -815,8 +815,8 b' class FilesController(BaseRepoController' | |||||
815 |
|
815 | |||
816 | # store download action |
|
816 | # store download action | |
817 | audit_logger.store_web( |
|
817 | audit_logger.store_web( | |
818 |
|
|
818 | 'repo.archive.download', action_data={ | |
819 |
|
|
819 | 'user_agent': request.user_agent, | |
820 |
|
|
820 | 'archive_name': archive_name, | |
821 |
|
|
821 | 'archive_spec': fname, | |
822 |
|
|
822 | 'archive_cached': use_cached_archive}, |
@@ -53,8 +53,8 b' ACTIONS_V1 = {' | |||||
53 | 'user_group.delete': {'old_data': {}}, |
|
53 | 'user_group.delete': {'old_data': {}}, | |
54 | 'user_group.edit': {'old_data': {}}, |
|
54 | 'user_group.edit': {'old_data': {}}, | |
55 | 'user_group.edit.permissions': {}, |
|
55 | 'user_group.edit.permissions': {}, | |
56 | 'user_group.edit.member.add': {}, |
|
56 | 'user_group.edit.member.add': {'user': {}}, | |
57 | 'user_group.edit.member.delete': {}, |
|
57 | 'user_group.edit.member.delete': {'user': {}}, | |
58 |
|
58 | |||
59 | 'repo.create': {'data': {}}, |
|
59 | 'repo.create': {'data': {}}, | |
60 | 'repo.fork': {'data': {}}, |
|
60 | 'repo.fork': {'data': {}}, | |
@@ -76,8 +76,8 b' ACTIONS_V1 = {' | |||||
76 | 'repo.pull_request.reviewer.add': '', |
|
76 | 'repo.pull_request.reviewer.add': '', | |
77 | 'repo.pull_request.reviewer.delete': '', |
|
77 | 'repo.pull_request.reviewer.delete': '', | |
78 |
|
78 | |||
79 | 'repo.commit.comment.create': '', |
|
79 | 'repo.commit.comment.create': {'data': {}}, | |
80 | 'repo.commit.comment.delete': '', |
|
80 | 'repo.commit.comment.delete': {'data': {}}, | |
81 | 'repo.commit.vote': '', |
|
81 | 'repo.commit.vote': '', | |
82 |
|
82 | |||
83 | 'repo_group.create': {'data': {}}, |
|
83 | 'repo_group.create': {'data': {}}, | |
@@ -164,34 +164,32 b' def store(action, user, action_data=None' | |||||
164 | from rhodecode.lib import audit_logger |
|
164 | from rhodecode.lib import audit_logger | |
165 |
|
165 | |||
166 | audit_logger.store( |
|
166 | audit_logger.store( | |
167 |
|
|
167 | 'repo.edit', user=self._rhodecode_user) | |
168 | audit_logger.store( |
|
168 | audit_logger.store( | |
169 |
|
|
169 | 'repo.delete', action_data={'data': repo_data}, | |
170 | user=audit_logger.UserWrap(username='itried-login', ip_addr='8.8.8.8')) |
|
170 | user=audit_logger.UserWrap(username='itried-login', ip_addr='8.8.8.8')) | |
171 |
|
171 | |||
172 | # repo action |
|
172 | # repo action | |
173 | audit_logger.store( |
|
173 | audit_logger.store( | |
174 |
|
|
174 | 'repo.delete', | |
175 | user=audit_logger.UserWrap(username='itried-login', ip_addr='8.8.8.8'), |
|
175 | user=audit_logger.UserWrap(username='itried-login', ip_addr='8.8.8.8'), | |
176 | repo=audit_logger.RepoWrap(repo_name='some-repo')) |
|
176 | repo=audit_logger.RepoWrap(repo_name='some-repo')) | |
177 |
|
177 | |||
178 | # repo action, when we know and have the repository object already |
|
178 | # repo action, when we know and have the repository object already | |
179 | audit_logger.store( |
|
179 | audit_logger.store( | |
180 | action='repo.delete', |
|
180 | 'repo.delete', action_data={'source': audit_logger.SOURCE_WEB, }, | |
181 | action_data={'source': audit_logger.SOURCE_WEB, }, |
|
|||
182 | user=self._rhodecode_user, |
|
181 | user=self._rhodecode_user, | |
183 | repo=repo_object) |
|
182 | repo=repo_object) | |
184 |
|
183 | |||
185 | # alternative wrapper to the above |
|
184 | # alternative wrapper to the above | |
186 | audit_logger.store_web( |
|
185 | audit_logger.store_web( | |
187 |
|
|
186 | 'repo.delete', action_data={}, | |
188 | action_data={}, |
|
|||
189 | user=self._rhodecode_user, |
|
187 | user=self._rhodecode_user, | |
190 | repo=repo_object) |
|
188 | repo=repo_object) | |
191 |
|
189 | |||
192 | # without an user ? |
|
190 | # without an user ? | |
193 | audit_logger.store( |
|
191 | audit_logger.store( | |
194 |
|
|
192 | 'user.login.failure', | |
195 | user=audit_logger.UserWrap( |
|
193 | user=audit_logger.UserWrap( | |
196 | username=self.request.params.get('username'), |
|
194 | username=self.request.params.get('username'), | |
197 | ip_addr=self.request.remote_addr)) |
|
195 | ip_addr=self.request.remote_addr)) |
@@ -179,9 +179,8 b' def create_repo(form_data, cur_user):' | |||||
179 | repo_id = repo.repo_id |
|
179 | repo_id = repo.repo_id | |
180 | repo_data = repo.get_api_data() |
|
180 | repo_data = repo.get_api_data() | |
181 |
|
181 | |||
182 |
audit_logger.store |
|
182 | audit_logger.store( | |
183 | action='repo.create', |
|
183 | 'repo.create', action_data={'data': repo_data}, | |
184 | action_data={'data': repo_data}, |
|
|||
185 | user=cur_user, |
|
184 | user=cur_user, | |
186 | repo=audit_logger.RepoWrap(repo_name=repo_name, repo_id=repo_id)) |
|
185 | repo=audit_logger.RepoWrap(repo_name=repo_name, repo_id=repo_id)) | |
187 |
|
186 | |||
@@ -274,9 +273,8 b' def create_repo_fork(form_data, cur_user' | |||||
274 |
|
273 | |||
275 | repo_id = repo.repo_id |
|
274 | repo_id = repo.repo_id | |
276 | repo_data = repo.get_api_data() |
|
275 | repo_data = repo.get_api_data() | |
277 |
audit_logger.store |
|
276 | audit_logger.store( | |
278 | action='repo.fork', |
|
277 | 'repo.fork', action_data={'data': repo_data}, | |
279 | action_data={'data': repo_data}, |
|
|||
280 | user=cur_user, |
|
278 | user=cur_user, | |
281 | repo=audit_logger.RepoWrap(repo_name=repo_name, repo_id=repo_id)) |
|
279 | repo=audit_logger.RepoWrap(repo_name=repo_name, repo_id=repo_id)) | |
282 |
|
280 |
@@ -158,7 +158,7 b' def post_pull(extras):' | |||||
158 | ip_addr=extras.ip) |
|
158 | ip_addr=extras.ip) | |
159 | repo = audit_logger.RepoWrap(repo_name=extras.repository) |
|
159 | repo = audit_logger.RepoWrap(repo_name=extras.repository) | |
160 | audit_logger.store( |
|
160 | audit_logger.store( | |
161 |
|
|
161 | 'user.pull', action_data={ | |
162 | 'user_agent': extras.user_agent}, |
|
162 | 'user_agent': extras.user_agent}, | |
163 | user=audit_user, repo=repo, commit=True) |
|
163 | user=audit_user, repo=repo, commit=True) | |
164 |
|
164 | |||
@@ -199,7 +199,7 b' def post_push(extras):' | |||||
199 | username=extras.username, ip_addr=extras.ip) |
|
199 | username=extras.username, ip_addr=extras.ip) | |
200 | repo = audit_logger.RepoWrap(repo_name=extras.repository) |
|
200 | repo = audit_logger.RepoWrap(repo_name=extras.repository) | |
201 | audit_logger.store( |
|
201 | audit_logger.store( | |
202 |
|
|
202 | 'user.push', action_data={ | |
203 | 'user_agent': extras.user_agent, |
|
203 | 'user_agent': extras.user_agent, | |
204 | 'commit_ids': commit_ids[:10000]}, |
|
204 | 'commit_ids': commit_ids[:10000]}, | |
205 | user=audit_user, repo=repo, commit=True) |
|
205 | user=audit_user, repo=repo, commit=True) |
@@ -175,7 +175,7 b' class UserGroupModel(BaseModel):' | |||||
175 | user_id for user_id in current_members_ids |
|
175 | user_id for user_id in current_members_ids | |
176 | if user_id not in user_id_list] |
|
176 | if user_id not in user_id_list] | |
177 |
|
177 | |||
178 |
return |
|
178 | return added_members, deleted_members | |
179 |
|
179 | |||
180 | def _set_users_as_members(self, user_group, user_ids): |
|
180 | def _set_users_as_members(self, user_group, user_ids): | |
181 | user_group.members = [] |
|
181 | user_group.members = [] | |
@@ -191,6 +191,7 b' class UserGroupModel(BaseModel):' | |||||
191 | self._set_users_as_members(user_group, user_ids) |
|
191 | self._set_users_as_members(user_group, user_ids) | |
192 | self._log_user_changes('added to', user_group, added) |
|
192 | self._log_user_changes('added to', user_group, added) | |
193 | self._log_user_changes('removed from', user_group, removed) |
|
193 | self._log_user_changes('removed from', user_group, removed) | |
|
194 | return added, removed | |||
194 |
|
195 | |||
195 | def _clean_members_data(self, members_data): |
|
196 | def _clean_members_data(self, members_data): | |
196 | if not members_data: |
|
197 | if not members_data: | |
@@ -225,12 +226,16 b' class UserGroupModel(BaseModel):' | |||||
225 |
|
226 | |||
226 | user_group.user = owner |
|
227 | user_group.user = owner | |
227 |
|
228 | |||
|
229 | added_user_ids = [] | |||
|
230 | removed_user_ids = [] | |||
228 | if 'users_group_members' in form_data: |
|
231 | if 'users_group_members' in form_data: | |
229 | members_id_list = self._clean_members_data( |
|
232 | members_id_list = self._clean_members_data( | |
230 | form_data['users_group_members']) |
|
233 | form_data['users_group_members']) | |
|
234 | added_user_ids, removed_user_ids = \ | |||
231 | self._update_members_from_user_ids(user_group, members_id_list) |
|
235 | self._update_members_from_user_ids(user_group, members_id_list) | |
232 |
|
236 | |||
233 | self.sa.add(user_group) |
|
237 | self.sa.add(user_group) | |
|
238 | return user_group, added_user_ids, removed_user_ids | |||
234 |
|
239 | |||
235 | def delete(self, user_group, force=False): |
|
240 | def delete(self, user_group, force=False): | |
236 | """ |
|
241 | """ |
General Comments 0
You need to be logged in to leave comments.
Login now