Commit b7e6ef18 authored by Mikaël Salson's avatar Mikaël Salson

Merge branch 'feature-s/misc-auth' into 'dev'

Give more auth information in the logs (for user/group creation/modification), and for the request analysis email.

Closes #2960

See merge request !143
parents 4277baff 5fdf0dbf
Pipeline #16243 passed with stages
in 27 seconds
......@@ -673,10 +673,17 @@ def user():
auth.is_logged_in = lambda: False
def post_register(form):
#default values for new user
group_id = db(db.auth_group.role == 'public' ).select()[0].id
# Set up a new user, after register
# Default permissions
add_default_group_permissions(auth, auth.user_group())
# Appartenance to the public group
group_id = db(db.auth_group.role == 'public').select()[0].id
db.auth_membership.insert(user_id = auth.user.id, group_id = group_id)
log.admin('User %s <%s> registered, group %s' % (auth.user.id, auth.user.email, auth.user_group()))
#restore admin session after register
session.auth = admin_auth
auth.user = session.auth.user
......
......@@ -79,8 +79,8 @@ def add_form():
add_default_group_permissions(auth, id)
res = {"redirect": "group/index",
"message" : "group '%s' created" % id}
log.info(res)
"message" : "group '%s' (%s) created" % (id, request.vars["group_name"])}
log.admin(res)
return gluon.contrib.simplejson.dumps(res, separators=(',',':'))
else :
......@@ -108,8 +108,8 @@ def edit_form():
description=request.vars["info"])
res = {"redirect": "group/index",
"message" : "group '%s' modified" % id}
log.info(res)
"message" : "group '%s' modified" % request.vars["id"]}
log.admin(res)
return gluon.contrib.simplejson.dumps(res, separators=(',',':'))
else :
......@@ -136,7 +136,7 @@ def delete():
res = {"redirect": "group/index",
"message": "group '%s' deleted" % request.vars["id"]}
log.info(res)
log.admin(res)
return gluon.contrib.simplejson.dumps(res, separators=(',',':'))
......@@ -171,7 +171,9 @@ def remove_permission():
auth.del_permission(auth.user_group(request.vars["user_id"]), PermissionEnum.admin_group.value, db.auth_group, request.vars["group_id"])
res = {"redirect" : "group/permission" ,
"args" : { "id" : request.vars["group_id"]} }
"args" : { "id" : request.vars["group_id"]},
"message": "user '%s' is not anymore owner of the group '%s'" % (request.vars["user_id"], request.vars["group_id"])
}
log.info(res)
return gluon.contrib.simplejson.dumps(res, separators=(',',':'))
......@@ -182,8 +184,9 @@ def change_permission():
return error_message("ACCESS_DENIED")
auth.add_permission(auth.user_group(request.vars["user_id"]), PermissionEnum.admin_group.value, db.auth_group, request.vars["group_id"])
res = {"redirect" : "group/permission" , "args" : { "id" : request.vars["group_id"]} }
log.info(res)
res = {"redirect" : "group/permission" , "args" : { "id" : request.vars["group_id"]},
"message": "user '%s' is now owner of the group '%s'" % (request.vars["user_id"], request.vars["group_id"]) }
log.admin(res)
return gluon.contrib.simplejson.dumps(res, separators=(',',':'))
## invite an user to join the group
......@@ -195,7 +198,7 @@ def invite():
res = {"redirect" : "group/info" ,
"args" : { "id" : request.vars["group_id"]},
"message" : "user '%s' added to group '%s'" % (request.vars["user_id"], request.vars["group_id"])}
log.info(res)
log.admin(res)
return gluon.contrib.simplejson.dumps(res, separators=(',',':'))
else:
......@@ -214,7 +217,7 @@ def kick():
res = {"redirect" : "group/info" ,
"args" : { "id" : request.vars["group_id"]},
"message" : "user '%s' removed from group '%s'" % (request.vars["user_id"], request.vars["group_id"])}
log.info(res)
log.admin(res)
return gluon.contrib.simplejson.dumps(res, separators=(',',':'))
else:
......
......@@ -27,6 +27,7 @@ class VidjilAuth(Auth):
permissions = {}
def __init__(self, environment=None, db=None):
self.log = None
super(VidjilAuth, self).__init__(environment, db)
def preload(self):
......@@ -610,3 +611,17 @@ class VidjilAuth(Auth):
(permission.table_name == table)
._select(permission.record_id))
return query
def log_event(self, description, vars=None, origin='auth'):
if self.log and description:
message = description % vars + '.'
for (k,v) in vars.iteritems():
if 'password' not in k:
message += ' %s' % v
if 'Logged-in' in description:
self.log.info(message)
else:
self.log.debug(message)
def __str__(self):
return "%04d – %s %s" % (self.id, self.first_name, self.last_name)
......@@ -95,6 +95,9 @@ auth.settings.remember_me_form = False
auth.settings.logged_url = URL('user', 'info')
auth.settings.login_next = URL('user', 'info')
auth.settings.create_user_groups = 'user_%(id)04d'
auth.messages.group_description = 'Group of user %(id)04d - %(first_name)s %(last_name)s'
## if you need to use OpenID, Facebook, MySpace, Twitter, Linkedin, etc.
## register with janrain.com, write your domain:api_key in private/janrain.key
from gluon.contrib.login_methods.rpx_account import use_janrain
......@@ -371,6 +374,7 @@ def _init_log():
log = _init_log()
auth.log = log
auth.preload()
current.log = log
......
......@@ -165,7 +165,7 @@
{{if can_upload: }}
{{if not auth.can_process_sample_set(request.vars['id']) :}}
<br /> Once your data are uploaded, please
<a href="mailto:support@vidjil.org?Subject=%5Bvidjil%5D%20New%20sequences&Body=%0AHi%2C%0A%0AI%20uploaded%20some%20sequences%20on%20the%20app.vidjil.org%20server.%0ACould%20you%20run%20Vidjil%20on%20these%20data%20%3F%0A%0A">request an analysis</a>.
<a href="mailto:support@vidjil.org?Subject=%5Bvidjil%5D%20New%20sequences&Body=%0AHi%2C%0A%0AI%20uploaded%20some%20sequences%20on%20the%20app.vidjil.org%20server%20(set%20{{=request.vars['id']}}).%0ACould%20you%20run%20Vidjil%20on%20these%20data%20%3F%0A%0A">request an analysis</a>.
{{pass}}
{{pass}}
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment