Add support for full logging of all actions in Quay, and the ability to view and filter these logs in the org’s admin view
This commit is contained in:
Joseph Schorr
parent
d5c0f768c2
commit
cca5daf097
16 changed files with 25024 additions and 16 deletions
|
|
@ -211,7 +211,23 @@ class QueueItem(BaseModel):
|
|||
retries_remaining = IntegerField(default=5)
|
||||
|
||||
|
||||
class LogEntryKind(BaseModel):
|
||||
name = CharField(index=True)
|
||||
|
||||
|
||||
class LogEntry(BaseModel):
|
||||
kind = ForeignKeyField(LogEntryKind, index=True)
|
||||
account = ForeignKeyField(User, index=True, related_name = 'account')
|
||||
performer = ForeignKeyField(User, index=True, null=True, related_name = 'performer')
|
||||
repository = ForeignKeyField(Repository, index=True, null=True)
|
||||
access_token = ForeignKeyField(AccessToken, null=True)
|
||||
datetime = DateTimeField(default=datetime.now, index=True)
|
||||
ip = CharField(null=True)
|
||||
description = TextField(null=True)
|
||||
metadata_json = TextField(default='{}')
|
||||
|
||||
|
||||
all_models = [User, Repository, Image, AccessToken, Role,
|
||||
RepositoryPermission, Visibility, RepositoryTag,
|
||||
EmailConfirmation, FederatedLogin, LoginService, QueueItem,
|
||||
RepositoryBuild, Team, TeamMember, TeamRole, Webhook]
|
||||
RepositoryBuild, Team, TeamMember, TeamRole, Webhook, LogEntryKind, LogEntry]
|
||||
|
|
|
|||
|
|
@ -1,9 +1,11 @@
|
|||
import bcrypt
|
||||
import logging
|
||||
import datetime
|
||||
import dateutil.parser
|
||||
import operator
|
||||
import json
|
||||
|
||||
from datetime import timedelta
|
||||
from database import *
|
||||
from util.validation import *
|
||||
from util.names import format_robot_username
|
||||
|
|
@ -201,7 +203,7 @@ def create_team(name, org, team_role_name, description=''):
|
|||
description=description)
|
||||
|
||||
|
||||
def __get_user_admin_teams(org_name, username):
|
||||
def __get_user_admin_teams(org_name, teamname, username):
|
||||
Org = User.alias()
|
||||
user_teams = Team.select().join(TeamMember).join(User)
|
||||
with_org = user_teams.switch(Team).join(Org,
|
||||
|
|
@ -1053,3 +1055,16 @@ def list_webhooks(namespace_name, repository_name):
|
|||
def delete_webhook(namespace_name, repository_name, public_id):
|
||||
webhook = get_webhook(namespace_name, repository_name, public_id)
|
||||
webhook.delete_instance()
|
||||
|
||||
def list_logs(user_or_organization_name):
|
||||
account = User.get(User.username == user_or_organization_name)
|
||||
week_ago = datetime.today() - timedelta(7) # One week
|
||||
return LogEntry.select().where(LogEntry.account == account, LogEntry.datetime >= week_ago).order_by(LogEntry.datetime.desc())
|
||||
|
||||
def log_action(kind_name, user_or_organization_name, performer=None, repository=None,
|
||||
access_token=None, ip=None, description=None, metadata={}):
|
||||
kind = LogEntryKind.get(LogEntryKind.name == kind_name)
|
||||
account = User.get(User.username == user_or_organization_name)
|
||||
entry = LogEntry.create(kind = kind, account = account, performer = performer,
|
||||
repository = repository, access_token = access_token, ip = ip,
|
||||
description = description, metadata_json = json.dumps(metadata))
|
||||
|
|
|
|||
Reference in a new issue