Summit

Merge lp:~mhall119/summit/add-auditing into lp:summit

add-auditing
Merge into trunk

Proposed by Michael Hall on 2013-02-24

Status:	Needs review
Proposed branch:	lp:~mhall119/summit/add-auditing
Merge into:	lp:summit
Diff against target:	417 lines (+321/-0) 9 files modified summit/common/admin/__init__.py (+1/-0) summit/common/admin/auditadmin.py (+12/-0) summit/common/audit.py (+131/-0) summit/common/migrations/0003_add_audit_model.py (+125/-0) summit/common/models.py (+36/-0) summit/schedule/models/agendamodel.py (+5/-0) summit/schedule/models/meetingmodel.py (+5/-0) summit/schedule/models/summitmodel.py (+5/-0) summit/settings.py (+1/-0)
To merge this branch:	bzr merge lp:~mhall119/summit/add-auditing
Related bugs:	Link a bug report

Reviewer	Review Type	Date Requested	Status
Summit Hackers		2013-02-24	Pending
Review via email: mp+150249@code.launchpad.net

Description of the change

Adds change auditing to Summit, Meeting and Agenda

Unmerged revisions

484. By Michael Hall on 2013-02-24: Add auditing

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

Dave Walker

José Antonio Rey

Michael Hall

 === modified file 'summit/common/admin/__init__.py'
 --- summit/common/admin/__init__.py	2012-03-08 01:55:17 +0000
 +++ summit/common/admin/__init__.py	2013-02-24 22:47:21 +0000
@@ -15,3 +15,4 @@
  # along with this program.  If not, see <http://www.gnu.org/licenses/>.
  from menuadmin import *
++from auditadmin import *
 === added file 'summit/common/admin/auditadmin.py'
 --- summit/common/admin/auditadmin.py	1970-01-01 00:00:00 +0000
 +++ summit/common/admin/auditadmin.py	2013-02-24 22:47:21 +0000
@@ -0,0 +1,12 @@
++from django.contrib import admin
++from common.models import AuditRecord, AuditChange
++
++class AuditChangeInline(admin.TabularInline):
++    model = AuditChange
++
++class AuditAdmin(admin.ModelAdmin):
++    inlines = [AuditChangeInline]
++    list_display = ('audit_date', 'change_type', 'app_name', 'model_name', 'model_id', 'user')
++    list_filter = ('change_type', 'app_name', 'model_name')
++
++admin.site.register(AuditRecord, AuditAdmin)
 === added file 'summit/common/audit.py'
 --- summit/common/audit.py	1970-01-01 00:00:00 +0000
 +++ summit/common/audit.py	2013-02-24 22:47:21 +0000
@@ -0,0 +1,131 @@
++"""
++Hook existing objects into auditing sytem through Django signals
++
++Use:
++
++from common.audit import auditSave, auditDelete
++from django.db.models.signals import pre_save, pre_delete
++
++pre_save.connect(auditSave, sender=YourObject)
++pre_delete.connect(auditDelete, sender=YourObject)
++
++"""
++import django
++from models import AuditRecord, AuditChange
++
++
++try:
++    from threading import local
++except ImportError:
++    from django.utils._threading_local import local
++
++_thread_locals = local()
++
++
++def get_current_user():
++    "Return the owner of the current thread"
++    return getattr(_thread_locals, 'user', None)
++
++def get_current_user_id():
++    user = get_current_user()
++    if (user != None):
++        return getattr(user, 'id', 0)
++    else:
++        return 0
++
++def set_current_user(user):
++    "Set the owner of the current thread"
++    _thread_locals.user = user
++
++
++class CaptureRequestUser(object):
++    "Middleware that captures the current HTTP request user for auditing purposes"
++
++    def process_request(self, request):
++        set_current_user(getattr(request, 'user', None))
++
++
++def auditSave(sender, **kwargs):
++    instance = kwargs['instance']
++    if (instance.pk is not None and instance.pk > 0):
++        try:
++            old = instance.__class__.objects.get(id=instance.pk)
++        except:
++            old = instance.__class__()
++    else:
++        old = instance.__class__()
++
++    rec = AuditRecord()
++    rec.user = get_current_user()
++    rec.app_name = instance._meta.app_label;
++    rec.model_name = instance.__class__.__name__
++    rec.model_id = instance.id or 0
++    if instance.id:
++        rec.change_type = rec.AUDIT_MODIFY
++    else:
++        rec.change_type = rec.AUDIT_CREATE
++
++    rec.save()
++
++    fields_changed = rec.change_type == rec.AUDIT_CREATE
++
++    for f in get_audit_fields(instance):
++        try:
++            oldval = getattr(old, f, None)
++        except:
++            oldval = None
++        newval = getattr(instance, f)
++
++        # For some reason oldval will be an int, when the field is infact a
++        # boolean, so this will force oldval to be the right type
++        if isinstance(newval, bool) and isinstance(oldval, int):
++            oldval = bool(oldval)
++
++        if (isinstance(oldval, django.db.models.Model)):
++            oldval = getattr(oldval, 'pk', oldval)
++        if (isinstance(newval, django.db.models.Model)):
++            newval = getattr(newval, 'pk', newval)
++
++        if ((oldval and oldval.__str__().strip() != '') or (newval and newval.__str__().strip() != '')) and not (oldval and newval and oldval.__str__().strip() == newval.__str__().strip()):
++            if hasattr(instance, 'audit_censor') and f in instance.audit_censor:
++                oldval = '*****'
++                newval = '*****'
++            change = AuditChange()
++            change.record = rec
++            change.field_name = f[0:50]
++            change.old_val = str(oldval)[0:255]
++            change.new_val = str(newval)[0:255]
++            change.save()
++            fields_changed = True
++    if not fields_changed:
++        rec.delete()
++
++
++def auditDelete(sender, **kwargs):
++
++    instance = kwargs['instance']
++
++    rec = AuditRecord()
++    rec.user = get_current_user()
++    rec.app_name = instance._meta.app_label;
++    rec.model_name = instance.__class__.__name__
++    rec.model_id = instance.id or 0
++    rec.change_type = rec.AUDIT_DELETE
++    rec.save()
++
++def recordChange(rec, fieldname, oldval, newval):
++    change = AuditChange()
++    change.record = rec
++    change.field_name = fieldname[0:50]
++    change.old_val = str(oldval)[0:255]
++    change.new_val = str(newval)[0:255]
++    change.save()
++
++def get_audit_fields(instance):
++    "Get a list of fields from a model for which value changes should be audited"
++    # The use of _meta is not encouraged, as it is not an external API for Django
++    # But I don't see any other reliable way to get a list of a model's fields.
++    if hasattr(instance, 'audit_ignore'):
++        return [f.column for f in instance._meta.fields if f.name not in instance.audit_ignore]
++    else:
++        return [f.column for f in instance._meta.fields]
 === added file 'summit/common/migrations/0003_add_audit_model.py'
 --- summit/common/migrations/0003_add_audit_model.py	1970-01-01 00:00:00 +0000
 +++ summit/common/migrations/0003_add_audit_model.py	2013-02-24 22:47:21 +0000
@@ -0,0 +1,125 @@
++# encoding: utf-8
++import datetime
++from south.db import db
++from south.v2 import SchemaMigration
++from django.db import models
++
++class Migration(SchemaMigration):
++
++    def forwards(self, orm):
++
++        # Adding model 'AuditChange'
++        db.create_table('common_auditchange', (
++            ('id', self.gf('django.db.models.fields.AutoField')(primary_key=True)),
++            ('record', self.gf('django.db.models.fields.related.ForeignKey')(related_name='changes', to=orm['common.AuditRecord'])),
++            ('field_name', self.gf('django.db.models.fields.CharField')(max_length=50)),
++            ('old_val', self.gf('django.db.models.fields.CharField')(max_length=255, null=True, blank=True)),
++            ('new_val', self.gf('django.db.models.fields.CharField')(max_length=255, null=True, blank=True)),
++        ))
++        db.send_create_signal('common', ['AuditChange'])
++
++        # Adding model 'AuditRecord'
++        db.create_table('common_auditrecord', (
++            ('id', self.gf('django.db.models.fields.AutoField')(primary_key=True)),
++            ('audit_date', self.gf('django.db.models.fields.DateTimeField')(auto_now_add=True, blank=True)),
++            ('user', self.gf('django.db.models.fields.related.ForeignKey')(to=orm['auth.User'], null=True)),
++            ('app_name', self.gf('django.db.models.fields.CharField')(max_length=50)),
++            ('model_name', self.gf('django.db.models.fields.CharField')(max_length=50)),
++            ('model_id', self.gf('django.db.models.fields.PositiveIntegerField')()),
++            ('change_type', self.gf('django.db.models.fields.PositiveIntegerField')()),
++        ))
++        db.send_create_signal('common', ['AuditRecord'])
++
++
++    def backwards(self, orm):
++
++        # Deleting model 'AuditChange'
++        db.delete_table('common_auditchange')
++
++        # Deleting model 'AuditRecord'
++        db.delete_table('common_auditrecord')
++
++
++    models = {
++        'auth.group': {
++            'Meta': {'object_name': 'Group'},
++            'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
++            'name': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '80'}),
++            'permissions': ('django.db.models.fields.related.ManyToManyField', [], {'to': "orm['auth.Permission']", 'symmetrical': 'False', 'blank': 'True'})
++        },
++        'auth.permission': {
++            'Meta': {'ordering': "('content_type__app_label', 'content_type__model', 'codename')", 'unique_together': "(('content_type', 'codename'),)", 'object_name': 'Permission'},
++            'codename': ('django.db.models.fields.CharField', [], {'max_length': '100'}),
++            'content_type': ('django.db.models.fields.related.ForeignKey', [], {'to': "orm['contenttypes.ContentType']"}),
++            'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
++            'name': ('django.db.models.fields.CharField', [], {'max_length': '50'})
++        },
++        'auth.user': {
++            'Meta': {'ordering': "['username']", 'object_name': 'User'},
++            'date_joined': ('django.db.models.fields.DateTimeField', [], {'default': 'datetime.datetime.now'}),
++            'email': ('django.db.models.fields.EmailField', [], {'max_length': '75', 'blank': 'True'}),
++            'first_name': ('django.db.models.fields.CharField', [], {'max_length': '30', 'blank': 'True'}),
++            'groups': ('django.db.models.fields.related.ManyToManyField', [], {'to': "orm['auth.Group']", 'symmetrical': 'False', 'blank': 'True'}),
++            'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
++            'is_active': ('django.db.models.fields.BooleanField', [], {'default': 'True'}),
++            'is_staff': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),
++            'is_superuser': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),
++            'last_login': ('django.db.models.fields.DateTimeField', [], {'default': 'datetime.datetime.now'}),
++            'last_name': ('django.db.models.fields.CharField', [], {'max_length': '30', 'blank': 'True'}),
++            'password': ('django.db.models.fields.CharField', [], {'max_length': '128'}),
++            'user_permissions': ('django.db.models.fields.related.ManyToManyField', [], {'to': "orm['auth.Permission']", 'symmetrical': 'False', 'blank': 'True'}),
++            'username': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '30'})
++        },
++        'common.auditchange': {
++            'Meta': {'object_name': 'AuditChange'},
++            'field_name': ('django.db.models.fields.CharField', [], {'max_length': '50'}),
++            'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
++            'new_val': ('django.db.models.fields.CharField', [], {'max_length': '255', 'null': 'True', 'blank': 'True'}),
++            'old_val': ('django.db.models.fields.CharField', [], {'max_length': '255', 'null': 'True', 'blank': 'True'}),
++            'record': ('django.db.models.fields.related.ForeignKey', [], {'related_name': "'changes'", 'to': "orm['common.AuditRecord']"})
++        },
++        'common.auditrecord': {
++            'Meta': {'ordering': "['-audit_date']", 'object_name': 'AuditRecord'},
++            'app_name': ('django.db.models.fields.CharField', [], {'max_length': '50'}),
++            'audit_date': ('django.db.models.fields.DateTimeField', [], {'auto_now_add': 'True', 'blank': 'True'}),
++            'change_type': ('django.db.models.fields.PositiveIntegerField', [], {}),
++            'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
++            'model_id': ('django.db.models.fields.PositiveIntegerField', [], {}),
++            'model_name': ('django.db.models.fields.CharField', [], {'max_length': '50'}),
++            'user': ('django.db.models.fields.related.ForeignKey', [], {'to': "orm['auth.User']", 'null': 'True'})
++        },
++        'common.menu': {
++            'Meta': {'object_name': 'Menu'},
++            'base_url': ('django.db.models.fields.CharField', [], {'max_length': '100', 'null': 'True', 'blank': 'True'}),
++            'description': ('django.db.models.fields.TextField', [], {'null': 'True', 'blank': 'True'}),
++            'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
++            'name': ('django.db.models.fields.CharField', [], {'max_length': '100'}),
++            'site': ('django.db.models.fields.related.ForeignKey', [], {'to': "orm['sites.Site']"}),
++            'slug': ('django.db.models.fields.SlugField', [], {'max_length': '50', 'db_index': 'True'})
++        },
++        'common.menuitem': {
++            'Meta': {'object_name': 'MenuItem'},
++            'anonymous_only': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),
++            'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
++            'link_url': ('django.db.models.fields.CharField', [], {'max_length': '100'}),
++            'login_required': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),
++            'menu': ('django.db.models.fields.related.ForeignKey', [], {'to': "orm['common.Menu']"}),
++            'order': ('django.db.models.fields.IntegerField', [], {}),
++            'title': ('django.db.models.fields.CharField', [], {'max_length': '100'})
++        },
++        'contenttypes.contenttype': {
++            'Meta': {'ordering': "('name',)", 'unique_together': "(('app_label', 'model'),)", 'object_name': 'ContentType', 'db_table': "'django_content_type'"},
++            'app_label': ('django.db.models.fields.CharField', [], {'max_length': '100'}),
++            'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
++            'model': ('django.db.models.fields.CharField', [], {'max_length': '100'}),
++            'name': ('django.db.models.fields.CharField', [], {'max_length': '100'})
++        },
++        'sites.site': {
++            'Meta': {'ordering': "('domain',)", 'object_name': 'Site', 'db_table': "'django_site'"},
++            'domain': ('django.db.models.fields.CharField', [], {'max_length': '100'}),
++            'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
++            'name': ('django.db.models.fields.CharField', [], {'max_length': '50'})
++        }
++    }
++
++    complete_apps = ['common']
 === modified file 'summit/common/models.py'
 --- summit/common/models.py	2012-10-02 18:07:24 +0000
 +++ summit/common/models.py	2013-02-24 22:47:21 +0000
@@ -2,6 +2,7 @@
  from django.contrib.sites.models import Site
  from django.contrib.sites.managers import CurrentSiteManager
++from django.contrib.auth.models import User
  class Menu(models.Model):
      name = models.CharField(max_length=100)
@@ -42,3 +43,38 @@
      def __unicode__(self):
          return "%s %s. %s" % (self.menu.slug, self.order, self.title)
++
++class AuditRecord(models.Model):
++    audit_date = models.DateTimeField("Date", auto_now_add=True)
++    user = models.ForeignKey(User, null=True)
++    app_name = models.CharField("Application", max_length = 50)
++    model_name = models.CharField("Model", max_length = 50)
++    model_id = models.PositiveIntegerField("Model ID")
++    AUDIT_CREATE = 0
++    AUDIT_MODIFY = 1
++    AUDIT_DELETE = 2
++    AUDIT_CHANGE_TYPES = (
++        (AUDIT_CREATE, 'create'),
++        (AUDIT_MODIFY, 'modify'),
++        (AUDIT_DELETE, 'delete'),
++    )
++    change_type = models.PositiveIntegerField("Change Type", choices = AUDIT_CHANGE_TYPES)
++
++    class Meta:
++        ordering = ['-audit_date']
++        verbose_name = "Audit Record"
++
++    def __unicode__(self):
++        return "%s.%s[%s] @ %s" % (self.app_name, self.model_name, self.model_id, self.audit_date)
++
++class AuditChange(models.Model):
++    record = models.ForeignKey(AuditRecord, related_name='changes')
++    field_name = models.CharField("Field", max_length = 50)
++    old_val = models.CharField("From", max_length = 255, blank=True, null=True)
++    new_val = models.CharField("To", max_length = 255, blank=True, null=True)
++
++    class Meta:
++        verbose_name = "Audit Change"
++
++    def __unicode__(self):
++        return "%s: %s -> %s" % (self.field_name, self.old_val, self.new_val)
 === modified file 'summit/schedule/models/agendamodel.py'
 --- summit/schedule/models/agendamodel.py	2012-01-23 01:18:55 +0000
 +++ summit/schedule/models/agendamodel.py	2013-02-24 22:47:21 +0000
@@ -20,6 +20,9 @@
  from summit.schedule.models.roommodel import Room
  from summit.schedule.models.meetingmodel import Meeting
++from common.audit import auditSave, auditDelete
++from django.db.models.signals import pre_save, pre_delete
++
  __all__ = (
      'Agenda',
+ )
@@ -48,3 +51,5 @@
      def __unicode__(self):
          return "%s" % self.meeting
++pre_save.connect(auditSave, sender=Agenda)
++pre_delete.connect(auditDelete, sender=Agenda)
 === modified file 'summit/schedule/models/meetingmodel.py'
 --- summit/schedule/models/meetingmodel.py	2013-02-20 13:57:06 +0000
 +++ summit/schedule/models/meetingmodel.py	2013-02-24 22:47:21 +0000
@@ -33,6 +33,9 @@
  from summit.schedule.autoslug import AutoSlugMixin
++from common.audit import auditSave, auditDelete
++from django.db.models.signals import pre_save, pre_delete
++
  __all__ = (
      'Meeting',
+ )
@@ -601,3 +604,5 @@
                          print "-- could not schedule %s in %s at %s (%s)" % (self, room, slot, e)
          return False
++pre_save.connect(auditSave, sender=Meeting)
++pre_delete.connect(auditDelete, sender=Meeting)
 === modified file 'summit/schedule/models/summitmodel.py'
 --- summit/schedule/models/summitmodel.py	2013-02-21 23:10:17 +0000
 +++ summit/schedule/models/summitmodel.py	2013-02-24 22:47:21 +0000
@@ -40,6 +40,9 @@
  from summit.schedule.fields import NameField
  from summit.common import launchpad
++from common.audit import auditSave, auditDelete
++from django.db.models.signals import pre_save, pre_delete
++
  __all__ = (
      'Summit',
      'SummitSprint',
@@ -512,6 +515,8 @@
          if attendee is not None:
              return self.lead_set.filter(lead=attendee).exists()
          return False
++pre_save.connect(auditSave, sender=Summit)
++pre_delete.connect(auditDelete, sender=Summit)
  class SummitSprint(models.Model):
 === modified file 'summit/settings.py'
 --- summit/settings.py	2013-02-04 23:22:10 +0000
 +++ summit/settings.py	2013-02-24 22:47:21 +0000
@@ -108,6 +108,7 @@
      'django.middleware.locale.LocaleMiddleware',
      'django.contrib.sessions.middleware.SessionMiddleware',
      'django.contrib.auth.middleware.AuthenticationMiddleware',
++    'common.audit.CaptureRequestUser',
+ )
  ROOT_URLCONF = 'summit.urls'