vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Move log descriptions into the client side

Browse source
This commit is contained in:
Joseph Schorr 2013-11-29 00:04:50 -05:00
parent 378aebe1ec
commit b77dabd586
5 changed files with 104 additions and 69 deletions
Download patch file Download diff file Expand all files Collapse all files

99
endpoints/api.py
View file

@ -35,10 +35,10 @@ user_files = app.config['USERFILES']
logger = logging.getLogger(__name__)
def log_action(kind, user_or_orgname, description=None, metadata={}, repo=None):
def log_action(kind, user_or_orgname, metadata={}, repo=None):
performer = current_user.db_user()
model.log_action(kind, user_or_orgname, performer=parent, ip=request.remote_addr,
description=description, metadata=metadata, repository=repo)
model.log_action(kind, user_or_orgname, performer=performer, ip=request.remote_addr,
metadata=metadata, repository=repo)
def api_login_required(f):
@wraps(f)
@ -148,7 +148,7 @@ def convert_user_to_organization():
# Convert the user to an organization.
model.convert_user_to_organization(user, model.get_user(admin_username))
log_action('account_convert', user.username, 'Convert account to an organization')
log_action('account_convert', user.username)
# And finally login with the admin credentials.
return conduct_signin(admin_username, admin_password)
@ -165,7 +165,7 @@ def change_user_details():
try:
if 'password' in user_data:
logger.debug('Changing password for user: %s', user.username)
log_action('account_change_password', user.username, 'Change account password')
log_action('account_change_password', user.username)
model.change_password(user, user_data['password'])
if 'invoice_email' in user_data:
@ -494,21 +494,21 @@ def update_organization_team(orgname, teamname):
org = model.get_organization(orgname)
team = model.create_team(teamname, org, role, description)
log_action('org_create_team', orgname, 'Creation of team {team}', {'team': teamname})
log_action('org_create_team', orgname, {'team': teamname})
if is_existing:
if 'description' in details:
if 'description' in details and team.description != details['description']:
team.description = details['description']
team.save()
log_action('org_set_team_description', orgname, 'Set description for {team}: {description}',
{'team': teamname, 'description': team.description})
log_action('org_set_team_description', orgname, {'team': teamname, 'description': team.description})
if 'role' in details:
team = model.set_team_org_permission(team, details['role'],
current_user.db_user().username)
log_action('org_set_team_role', orgname, 'Set role for {team} to {role}',
{'team': teamname, 'role': details['role']})
role = model.get_team_org_role(team).name
if role != details['role']:
team = model.set_team_org_permission(team, details['role'],
current_user.db_user().username)
log_action('org_set_team_role', orgname, {'team': teamname, 'role': details['role']})
resp = jsonify(team_view(orgname, team))
if not is_existing:
resp.status_code = 201
@ -524,7 +524,7 @@ def delete_organization_team(orgname, teamname):
permission = AdministerOrganizationPermission(orgname)
if permission.can():
model.remove_team(orgname, teamname, current_user.db_user().username)
log_action('org_delete_team', orgname, 'Deletion of team {team}', {'team': teamname})
log_action('org_delete_team', orgname, {'team': teamname})
return make_response('Deleted', 204)
abort(403)
@ -575,7 +575,7 @@ def update_organization_team_member(orgname, teamname, membername):
# Add the user to the team.
model.add_user_to_team(user, team)
log_action('org_add_team_member', orgname, 'Add member {member} to team {team}', {'member': membername, 'team': teamname})
log_action('org_add_team_member', orgname, {'member': membername, 'team': teamname})
return jsonify(member_view(user))
abort(403)
@ -590,7 +590,7 @@ def delete_organization_team_member(orgname, teamname, membername):
# Remote the user from the team.
invoking_user = current_user.db_user().username
model.remove_user_from_team(orgname, teamname, membername, invoking_user)
log_action('org_remove_team_member', orgname, 'Remove member {member} from team {team}', {'member': membername, 'team': teamname})
log_action('org_remove_team_member', orgname, {'member': membername, 'team': teamname})
return make_response('Deleted', 204)
abort(403)
@ -619,8 +619,7 @@ def create_repo_api():
repo.description = req['description']
repo.save()
log_action('create_repo', namespace_name, 'Create repository {repo}',
{'repo': repository_name, 'namespace': namespace_name}, repo=repo)
log_action('create_repo', namespace_name, {'repo': repository_name, 'namespace': namespace_name}, repo=repo)
return jsonify({
'namespace': namespace_name,
'name': repository_name
@ -705,8 +704,8 @@ def update_repo_api(namespace, repository):
repo.description = values['description']
repo.save()
log_action('set_repo_description', namespace, 'Set description of repository {repo}: {description}',
{'repo': repository, 'description': values['description']}, repo=repo)
log_action('set_repo_description', namespace, {'repo': repository, 'description': values['description']},
repo=repo)
return jsonify({
'success': True
})
@ -725,8 +724,8 @@ def change_repo_visibility_api(namespace, repository):
if repo:
values = request.get_json()
model.set_repository_visibility(repo, values['visibility'])
log_action('change_repo_visibility', namespace, 'Change visibility of repository {repo}: {visibility}',
{'repo': repository, 'visibility': values['visibility']}, repo=repo)
log_action('change_repo_visibility', namespace, {'repo': repository, 'visibility': values['visibility']},
repo=repo)
return jsonify({
'success': True
})
@ -742,7 +741,7 @@ def delete_repository(namespace, repository):
if permission.can():
model.purge_repository(namespace, repository)
registry.delete_repository_storage(namespace, repository)
log_action('delete_repo', namespace, 'Delete repository {repo}', {'repo': repository, 'namespace': namespace})
log_action('delete_repo', namespace, {'repo': repository, 'namespace': namespace})
return make_response('Deleted', 204)
abort(403)
@ -858,7 +857,7 @@ def request_repo_build(namespace, repository):
tag)
dockerfile_build_queue.put(json.dumps({'build_id': build_request.id}))
log_action('build_dockerfile', namespace, 'Build dockerfile and update repository {repo}',
log_action('build_dockerfile', namespace,
{'repo': repository, 'namespace': namespace, 'fileid': dockerfile_id}, repo=repo)
resp = jsonify({
@ -889,7 +888,7 @@ def create_webhook(namespace, repository):
repo_string = '%s/%s' % (namespace, repository)
resp.headers['Location'] = url_for('get_webhook', repository=repo_string,
public_id=webhook.public_id)
log_action('add_repo_webhook', namespace, 'Create push webhook {webhook_id} on repo {repo}',
log_action('add_repo_webhook', namespace,
{'repo': repository, 'webhook_id': webhook.public_id}, repo=repo)
return resp
@ -931,7 +930,7 @@ def delete_webhook(namespace, repository, public_id):
permission = AdministerRepositoryPermission(namespace, repository)
if permission.can():
model.delete_webhook(namespace, repository, public_id)
log_action('delete_repo_webhook', namespace, 'Delete webhook {webhook_id} on repository {repo}',
log_action('delete_repo_webhook', namespace,
{'repo': repository, 'webhook_id': public_id},
repo=model.get_repository(namespace, repository))
return make_response('No Content', 204)
@ -1174,7 +1173,7 @@ def change_user_permissions(namespace, repository, username):
error_resp.status_code = 400
return error_resp
log_action('change_repo_permission', namespace, 'Change permissions for user {username} on repository {repo} to {role}',
log_action('change_repo_permission', namespace,
{'username': username, 'repo': repository, 'role': new_permission['role']},
repo=model.get_repository(namespace, repository))
@ -1201,7 +1200,7 @@ def change_team_permissions(namespace, repository, teamname):
perm = model.set_team_repo_permission(teamname, namespace, repository,
new_permission['role'])
log_action('change_repo_permission', namespace, 'Change permissions for team {team} on repository {repo} to {role}',
log_action('change_repo_permission', namespace,
{'team': team, 'repo': repository, 'role': new_permission['role']},
repo=model.get_repository(namespace, repository))
@ -1229,8 +1228,8 @@ def delete_user_permissions(namespace, repository, username):
error_resp.status_code = 400
return error_resp
log_action('delete_repo_permission', namespace, 'Delete permissions for user {username} on repository {repo}',
{'username': username, 'repo': repository}, repo=model.get_repository(namespace, repository))
log_action('delete_repo_permission', namespace, {'username': username, 'repo': repository},
repo=model.get_repository(namespace, repository))
return make_response('Deleted', 204)
@ -1246,8 +1245,8 @@ def delete_team_permissions(namespace, repository, teamname):
if permission.can():
model.delete_team_permission(teamname, namespace, repository)
log_action('delete_repo_permission', namespace, 'Delete permissions for team {team} on repository {repo}',
{'team': teamname, 'repo': repository}, repo=model.get_repository(namespace, repository))
log_action('delete_repo_permission', namespace, {'team': teamname, 'repo': repository},
repo=model.get_repository(namespace, repository))
return make_response('Deleted', 204)
@ -1300,8 +1299,7 @@ def create_token(namespace, repository):
token = model.create_delegate_token(namespace, repository,
token_params['friendlyName'])
log_action('add_repo_accesstoken', namespace, 'Add access token {name} for repository {repo}',
{'repo': repository, 'name': token_params['friendlyName']},
log_action('add_repo_accesstoken', namespace, {'repo': repository, 'token': token_params['friendlyName']},
repo = model.get_repository(namespace, repository))
resp = jsonify(token_view(token))
@ -1325,8 +1323,9 @@ def change_token(namespace, repository, code):
token = model.set_repo_delegate_token_role(namespace, repository, code,
new_permission['role'])
log_action('change_repo_permission', namespace, 'Change permissions for access token {code} in repository {repo}',
{'repo': repository, 'code': code}, repo = model.get_repository(namespace, repository))
log_action('change_repo_permission', namespace,
{'repo': repository, 'token': token.friendly_name, 'code': code},
repo = model.get_repository(namespace, repository))
resp = jsonify(token_view(token))
return resp
@ -1341,10 +1340,11 @@ def change_token(namespace, repository, code):
def delete_token(namespace, repository, code):
permission = AdministerRepositoryPermission(namespace, repository)
if permission.can():
model.delete_delegate_token(namespace, repository, code)
token = model.delete_delegate_token(namespace, repository, code)
log_action('delete_repo_accesstoken', namespace, 'Delete access token {code} in repository {repo}',
{'repo': repository, 'code': code}, repo = model.get_repository(namespace, repository))
log_action('delete_repo_accesstoken', namespace,
{'repo': repository, 'token': token.friendly_name, 'code': code},
repo = model.get_repository(namespace, repository))
return make_response('Deleted', 204)
@ -1384,7 +1384,7 @@ def set_user_card_api():
user = current_user.db_user()
token = request.get_json()['token']
response = set_card(user, token)
log_action('account_change_cc', user.username, 'Change account credit card')
log_action('account_change_cc', user.username)
return response
@ -1396,7 +1396,7 @@ def set_org_card_api(orgname):
organization = model.get_organization(orgname)
token = request.get_json()['token']
response = set_card(organization, token)
log_action('account_change_cc', orgname, 'Change organization account credit card')
log_action('account_change_cc', orgname)
return response
abort(403)
@ -1486,7 +1486,7 @@ def subscribe(user, plan, token, accepted_plans):
cus = stripe.Customer.create(email=user.email, plan=plan, card=card)
user.stripe_id = cus.id
user.save()
log_action('account_change_plan', user.username, 'Change subscription plan', {'plan': plan})
log_action('account_change_plan', user.username, {'plan': plan})
except stripe.CardError as e:
return carderror_response(e)
@ -1502,7 +1502,7 @@ def subscribe(user, plan, token, accepted_plans):
# We only have to cancel the subscription if they actually have one
cus.cancel_subscription()
cus.save()
log_action('account_change_plan', user.username, 'Change subscription plan', {'plan': plan})
log_action('account_change_plan', user.username, {'plan': plan})
else:
# User may have been a previous customer who is resubscribing
@ -1517,7 +1517,7 @@ def subscribe(user, plan, token, accepted_plans):
return carderror_response(e)
response_json = subscription_view(cus.subscription, private_repos)
log_action('account_change_plan', user.username, 'Change subscription plan', {'plan': plan})
log_action('account_change_plan', user.username, {'plan': plan})
resp = jsonify(response_json)
resp.status_code = status_code
@ -1645,7 +1645,7 @@ def create_robot(robot_shortname):
parent = current_user.db_user()
robot, password = model.create_robot(robot_shortname, parent)
resp = jsonify(robot_view(robot.username, password))
log_action('create_robot', parent.username, 'Creation of robot account {robot}', {'robot': robot_shortname})
log_action('create_robot', parent.username, {'robot': robot_shortname})
resp.status_code = 201
return resp
@ -1659,7 +1659,7 @@ def create_org_robot(orgname, robot_shortname):
parent = model.get_organization(orgname)
robot, password = model.create_robot(robot_shortname, parent)
resp = jsonify(robot_view(robot.username, password))
log_action('create_robot', orgname, 'Creation of robot account {robot}', {'robot': robot_shortname})
log_action('create_robot', orgname, {'robot': robot_shortname})
resp.status_code = 201
return resp
@ -1671,7 +1671,7 @@ def create_org_robot(orgname, robot_shortname):
def delete_robot(robot_shortname):
parent = current_user.db_user()
model.delete_robot(format_robot_username(parent.username, robot_shortname))
log_action('delete_robot', parent.username, 'Deletion of robot account {robot}', {'robot': robot_shortname})
log_action('delete_robot', parent.username, {'robot': robot_shortname})
return make_response('No Content', 204)
@ -1682,7 +1682,7 @@ def delete_org_robot(orgname, robot_shortname):
permission = AdministerOrganizationPermission(orgname)
if permission.can():
model.delete_robot(format_robot_username(orgname, robot_shortname))
log_action('delete_robot', orgname, 'Deletion of robot account {robot}', {'robot': robot_shortname})
log_action('delete_robot', orgname, {'robot': robot_shortname})
return make_response('No Content', 204)
abort(403)
@ -1694,7 +1694,6 @@ def org_logs_api(orgname):
def log_view(log):
return {
'kind': log.kind.name,
'description': log.description,
'metadata': json.loads(log.metadata_json),
'ip': log.ip,
'performer': {