"Fossies" - the Fresh Open Source Software Archive

Member "LinOTP-release-2.10.5.3/linotpd/src/linotp/controllers/audit.py" (24 Jun 2019, 5200 Bytes) of package /linux/misc/LinOTP-release-2.10.5.3.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) Python source code syntax highlighting (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file. For more information about "audit.py" see the Fossies "Dox" file reference documentation.

    1 # -*- coding: utf-8 -*-
    2 #
    3 #    LinOTP - the open source solution for two factor authentication
    4 #    Copyright (C) 2010 - 2019 KeyIdentity GmbH
    5 #
    6 #    This file is part of LinOTP server.
    7 #
    8 #    This program is free software: you can redistribute it and/or
    9 #    modify it under the terms of the GNU Affero General Public
   10 #    License, version 3, as published by the Free Software Foundation.
   11 #
   12 #    This program is distributed in the hope that it will be useful,
   13 #    but WITHOUT ANY WARRANTY; without even the implied warranty of
   14 #    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   15 #    GNU Affero General Public License for more details.
   16 #
   17 #    You should have received a copy of the
   18 #               GNU Affero General Public License
   19 #    along with this program.  If not, see <http://www.gnu.org/licenses/>.
   20 #
   21 #
   22 #    E-mail: linotp@keyidentity.com
   23 #    Contact: www.linotp.org
   24 #    Support: www.keyidentity.com
   25 #
   26 """
   27 audit controller - to search the audit trail
   28 """
   29 
   30 import logging
   31 
   32 from pylons import tmpl_context as c
   33 from pylons import request, response, config
   34 from linotp.lib.base import BaseController
   35 
   36 
   37 from linotp.lib.util import check_session
   38 from linotp.lib.user import getUserFromRequest
   39 from linotp.lib.policy import checkPolicyPre
   40 from linotp.lib.policy import PolicyException
   41 
   42 from linotp.lib.reply import sendError
   43 from linotp.lib.audit.iterator import AuditQuery
   44 from linotp.lib.audit.iterator import CSVAuditIterator
   45 from linotp.lib.audit.iterator import JSONAuditIterator
   46 
   47 from linotp.lib.util import get_client
   48 
   49 from linotp.lib.context import request_context
   50 
   51 import linotp.model
   52 Session = linotp.model.Session
   53 
   54 audit = config.get('audit')
   55 
   56 optional = True
   57 required = False
   58 
   59 log = logging.getLogger(__name__)
   60 
   61 
   62 class AuditController(BaseController):
   63 
   64     '''
   65     this is the controller for doing some audit stuff
   66 
   67         https://server/audit/<functionname>
   68 
   69     '''
   70 
   71     def __before__(self, action, **params):
   72 
   73 
   74         try:
   75             c.audit = request_context['audit']
   76             c.audit['client'] = get_client(request)
   77             check_session(request)
   78             request_context['Audit'] = audit
   79 
   80 
   81         except Exception as exx:
   82             log.exception("[__before__::%r] exception %r" % (action, exx))
   83             Session.rollback()
   84             Session.close()
   85             return sendError(response, exx, context='before')
   86 
   87 
   88     def __after__(self):
   89         c.audit['administrator'] = getUserFromRequest(request).get("login")
   90         audit.log(c.audit)
   91 
   92 
   93     def search(self):
   94 
   95         '''
   96         This functions searches within the audit trail
   97         It returns the audit information for the given search pattern
   98 
   99         method:
  100             audit/search
  101 
  102         arguments:
  103             key, value pairs as search patterns.
  104 
  105             * outform - optional: if set to "csv", than the token list will be
  106                         given in CSV
  107 
  108 
  109             or: Usually the key=values will be locally AND concatenated.
  110                 it a parameter or=true is passed, the filters will
  111                 be OR concatenated.
  112 
  113             The Flexigrid provides us the following parameters:
  114                 ('page', u'1'), ('rp', u'25'),
  115                 ('sortname', u'number'),
  116                 ('sortorder', u'asc'),
  117                 ('query', u''), ('qtype', u'serial')]
  118         returns:
  119             JSON response or csv format
  120         '''
  121 
  122         try:
  123             log.debug("[search] params: %s" % self.request_params)
  124 
  125             checkPolicyPre('audit', 'view', {})
  126 
  127             # remove the param outform (and other parameters that should not
  128             # be used for search!
  129             search_params = self.request_params.copy()
  130             for key in ["outform", 'delimiter']:
  131                 if key in search_params:
  132                     del search_params[key]
  133 
  134             output_format = self.request_params.get("outform", 'json') or 'json'
  135             delimiter = self.request_params.get('delimiter', ',') or ','
  136 
  137             audit_iterator = None
  138 
  139             audit_query = AuditQuery(search_params, audit)
  140 
  141             if output_format == "csv":
  142                 filename = "linotp-audit.csv"
  143                 response.content_type = "application/force-download"
  144                 response.headers['Content-disposition'] = (
  145                                         'attachment; filename=%s' % filename)
  146 
  147                 audit_iterator = CSVAuditIterator(audit_query, delimiter)
  148             else:
  149                 response.content_type = 'application/json'
  150                 audit_iterator = JSONAuditIterator(audit_query)
  151 
  152             c.audit['success'] = True
  153             Session.commit()
  154             return audit_iterator
  155 
  156         except PolicyException as pe:
  157             log.exception("[getotp] gettoken/getotp policy failed: %r" % pe)
  158             Session.rollback()
  159             return sendError(response, unicode(pe), 1)
  160 
  161         except Exception as e:
  162             log.exception("[search] audit/search failed: %r" % e)
  163             Session.rollback()
  164             return sendError(response, "audit/search failed", 0)
  165 
  166         finally:
  167             Session.close()
  168 
  169 
  170 #eof###########################################################################