mirror of
https://github.com/dkmstr/openuds.git
synced 2025-03-11 00:58:39 +03:00
* Adding logs to users & authenticators
This commit is contained in:
Adolfo Gómez
parent
a740207b8e
commit
0a6f18f1cc
@ -36,13 +36,17 @@ Provides useful functions for authenticating, used by web interface.
|
||||
from functools import wraps
|
||||
from django.http import HttpResponseRedirect
|
||||
from uds.core.util.Config import GlobalConfig
|
||||
from uds.core.util import log
|
||||
from uds.core import auths
|
||||
from uds.core.managers.CryptoManager import CryptoManager
|
||||
from uds.core.util.State import State
|
||||
from uds.models import User
|
||||
|
||||
import logging
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
authLogger = logging.getLogger('authLog')
|
||||
|
||||
|
||||
USER_KEY = 'uk'
|
||||
PASS_KEY = 'pk'
|
||||
@ -221,3 +225,29 @@ def webLogout(request, exit_url = None):
|
||||
# Try to delete session
|
||||
return HttpResponseRedirect(request.build_absolute_uri(exit_url))
|
||||
|
||||
def authLogLogin(request, authenticator, userName, java, os, logStr = ''):
|
||||
'''
|
||||
Logs authentication
|
||||
'''
|
||||
|
||||
if logStr == '':
|
||||
logStr = 'Logged in'
|
||||
|
||||
javaStr = java and 'Java' or 'No Java'
|
||||
authLogger.info('|'.join([authenticator.name, userName, javaStr, os['OS'], logStr, request.META['HTTP_USER_AGENT']]))
|
||||
level = (logStr == 'Logged in') and log.INFO or log.ERROR
|
||||
log.doLog(authenticator, level, 'user {0} has {1} from {2} {3} java and os is {4}'.format(userName, logStr,
|
||||
request.ip, java and 'has' or 'has NOT', os['OS']), log.WEB)
|
||||
|
||||
try:
|
||||
user = authenticator.users.get(name=userName)
|
||||
log.doLog(user, level, '{0} from {1} {2} java and os is {3}'.format(logStr,
|
||||
request.ip, java and 'has' or 'has NOT', os['OS']), log.WEB)
|
||||
except:
|
||||
pass
|
||||
|
||||
|
||||
def authLogLogout(request):
|
||||
log.doLog(request.user.manager, log.INFO, 'user {0} has logged out from {1}'.format(request.user.name, request.ip), log.WEB)
|
||||
log.doLog(request.user, log.INFO, 'has logged out from {0}'.format(request.ip), log.WEB)
|
||||
|
||||
|
||||
@ -30,6 +30,7 @@
|
||||
@author: Adolfo Gómez, dkmaster at dkmon dot com
|
||||
'''
|
||||
|
||||
|
||||
from uds.models import UserService
|
||||
from uds.models import DeployedServicePublication
|
||||
from uds.models import DeployedService
|
||||
@ -39,9 +40,10 @@ from uds.models import User
|
||||
from uds.models import Group
|
||||
from uds.models import Authenticator
|
||||
|
||||
from uds.models import Log
|
||||
from uds.core.util import log
|
||||
|
||||
from uds.core.util.Config import GlobalConfig
|
||||
|
||||
import logging
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
@ -50,16 +52,16 @@ OT_USERSERVICE, OT_PUBLICATION, OT_DEPLOYED_SERVICE, OT_SERVICE, OT_PROVIDER, OT
|
||||
|
||||
# Dict for translations
|
||||
transDict = {
|
||||
UserService : OT_USERSERVICE,
|
||||
DeployedServicePublication : OT_PUBLICATION,
|
||||
DeployedService : OT_DEPLOYED_SERVICE,
|
||||
Service : OT_SERVICE,
|
||||
Provider : OT_PROVIDER,
|
||||
User : OT_USER,
|
||||
Group : OT_GROUP,
|
||||
Authenticator : OT_AUTHENTICATOR
|
||||
}
|
||||
|
||||
UserService : OT_USERSERVICE,
|
||||
DeployedServicePublication : OT_PUBLICATION,
|
||||
DeployedService : OT_DEPLOYED_SERVICE,
|
||||
Service : OT_SERVICE,
|
||||
Provider : OT_PROVIDER,
|
||||
User : OT_USER,
|
||||
Group : OT_GROUP,
|
||||
Authenticator : OT_AUTHENTICATOR
|
||||
}
|
||||
|
||||
class LogManager(object):
|
||||
'''
|
||||
Manager for logging (at database) events
|
||||
@ -80,6 +82,7 @@ class LogManager(object):
|
||||
Logs a message associated to owner
|
||||
'''
|
||||
from uds.models import getSqlDatetime
|
||||
from uds.models import Log
|
||||
|
||||
qs = Log.objects.filter(owner_id = owner_id, owner_type = owner_type)
|
||||
# First, ensure we do not have more than requested logs, and we can put one more log item
|
||||
@ -94,6 +97,8 @@ class LogManager(object):
|
||||
'''
|
||||
Get all logs associated with an user service, ordered by date
|
||||
'''
|
||||
from uds.models import Log
|
||||
|
||||
qs = Log.objects.filter(owner_id = owner_id, owner_type = owner_type)
|
||||
return [{'date': x.created, 'level': x.level, 'source': x.source, 'message': x.data} for x in reversed(qs.order_by('-created')[:limit])]
|
||||
|
||||
@ -101,17 +106,18 @@ class LogManager(object):
|
||||
'''
|
||||
Clears all logs related to user service
|
||||
'''
|
||||
from uds.models import Log
|
||||
|
||||
Log.objects.filter(owner_id = owner_id, owner_type = owner_type).delete()
|
||||
|
||||
|
||||
|
||||
def doLog(self, wichObject, level, message, source = log.UNKNOWN):
|
||||
def doLog(self, wichObject, level, message, source):
|
||||
'''
|
||||
Do the logging for the requested object.
|
||||
|
||||
If the object provided do not accepts associated loggin, it simply ignores the request
|
||||
'''
|
||||
|
||||
if type(level) is not int:
|
||||
level = log.logLevelFromStr(level)
|
||||
|
||||
@ -122,7 +128,7 @@ class LogManager(object):
|
||||
logger.debug('Requested doLog for a type of object not covered: {0}'.format(wichObject))
|
||||
|
||||
|
||||
def getLogs(self, wichObject, limit = GlobalConfig.MAX_LOGS_PER_ELEMENT.getInt()):
|
||||
def getLogs(self, wichObject, limit):
|
||||
'''
|
||||
Get the logs associated with "wichObject", limiting to "limit" (default is GlobalConfig.MAX_LOGS_PER_ELEMENT)
|
||||
'''
|
||||
|
||||
@ -39,9 +39,9 @@ useLogger = logging.getLogger('useLog')
|
||||
OTHER,DEBUG,INFO,WARN,ERROR,FATAL = (10000*(x+1) for x in xrange(6))
|
||||
|
||||
# Logging sources
|
||||
INTERNAL,ACTOR,TRANSPORT, OSMANAGER, UNKNOWN, WEB = ('internal', 'actor', 'transport', 'osmanager', 'unknown', 'web')
|
||||
INTERNAL, ACTOR, TRANSPORT, OSMANAGER, UNKNOWN, WEB = ('internal', 'actor', 'transport', 'osmanager', 'unknown', 'web')
|
||||
|
||||
OTHERSTR,DEBUGSTR,INFOSTR,WARNSTR,ERRORSTR,FATALSTR = ('OTHER', 'DEBUG', 'INFO', 'WARN', 'ERROR', 'FATAL')
|
||||
OTHERSTR, DEBUGSTR, INFOSTR, WARNSTR, ERRORSTR, FATALSTR = ('OTHER', 'DEBUG', 'INFO', 'WARN', 'ERROR', 'FATAL')
|
||||
|
||||
# Names for defined log levels
|
||||
__nameLevels = {
|
||||
@ -68,4 +68,28 @@ def logStrFromLevel(level):
|
||||
|
||||
def useLog(type_, serviceUniqueId, serviceIp, username):
|
||||
useLogger.info('|'.join([type_, serviceUniqueId, serviceIp, username]))
|
||||
|
||||
|
||||
|
||||
def doLog(wichObject, level, message, source = UNKNOWN):
|
||||
from uds.core.managers import logManager
|
||||
logManager().doLog(wichObject, level, message, source)
|
||||
|
||||
|
||||
def getLogs(wichObject, limit = None):
|
||||
'''
|
||||
Get the logs associated with "wichObject", limiting to "limit" (default is GlobalConfig.MAX_LOGS_PER_ELEMENT)
|
||||
'''
|
||||
from uds.core.managers import logManager
|
||||
from uds.core.util.Config import GlobalConfig
|
||||
|
||||
if limit is None:
|
||||
limit = GlobalConfig.MAX_LOGS_PER_ELEMENT.getInt()
|
||||
|
||||
return logManager().getLogs(wichObject, limit)
|
||||
|
||||
def clearLogs(wichObject):
|
||||
'''
|
||||
Clears the logs associated with the object using the logManager
|
||||
'''
|
||||
from uds.core.managers import logManager
|
||||
return logManager().clearLogs(wichObject)
|
||||
|
||||
@ -40,7 +40,6 @@ from uds.core.util.State import State
|
||||
from uds.core.util import log
|
||||
from uds.core.services.Exceptions import InvalidServiceException
|
||||
from datetime import datetime, timedelta
|
||||
from uds.core.managers import logManager
|
||||
|
||||
import logging
|
||||
|
||||
@ -149,7 +148,7 @@ class Provider(models.Model):
|
||||
s.env().clearRelatedData()
|
||||
|
||||
# Clears related logs
|
||||
logManager().clearLogs(toDelete)
|
||||
log.clearLogs(toDelete)
|
||||
|
||||
logger.debug('Before delete service provider '.format(toDelete))
|
||||
|
||||
@ -239,7 +238,7 @@ class Service(models.Model):
|
||||
s.env().clearRelatedData()
|
||||
|
||||
# Clears related logs
|
||||
logManager().clearLogs(toDelete)
|
||||
log.clearLogs(toDelete)
|
||||
|
||||
logger.debug('Before delete service '.format(toDelete))
|
||||
|
||||
@ -624,7 +623,7 @@ class Authenticator(models.Model):
|
||||
s.env().clearRelatedData()
|
||||
|
||||
# Clears related logs
|
||||
logManager().clearLogs(toDelete)
|
||||
log.clearLogs(toDelete)
|
||||
|
||||
logger.debug('Before delete auth '.format(toDelete))
|
||||
|
||||
@ -731,7 +730,7 @@ class User(models.Model):
|
||||
toDelete.getManager().removeUser(toDelete.name)
|
||||
|
||||
# Remove related logs
|
||||
logManager().clearLogs(toDelete)
|
||||
log.clearLogs(toDelete)
|
||||
|
||||
# Removes all user services assigned to this user (unassign it and mark for removal)
|
||||
for us in toDelete.userServices.all():
|
||||
@ -788,7 +787,7 @@ class Group(models.Model):
|
||||
toDelete.getManager().removeGroup(toDelete.name)
|
||||
|
||||
# Clears related logs
|
||||
logManager().clearLogs(toDelete)
|
||||
log.clearLogs(toDelete)
|
||||
|
||||
logger.debug('Deleted group {0}'.format(toDelete))
|
||||
|
||||
@ -1029,7 +1028,7 @@ class DeployedService(models.Model):
|
||||
toDelete.getEnvironment().clearRelatedData()
|
||||
|
||||
# Clears related logs
|
||||
logManager().clearLogs(toDelete)
|
||||
log.clearLogs(toDelete)
|
||||
|
||||
logger.debug('Deleting Deployed Service {0}'.format(toDelete))
|
||||
|
||||
@ -1166,7 +1165,7 @@ class DeployedServicePublication(models.Model):
|
||||
# It's handled as "publish", and as so, it can be a multi-step process
|
||||
|
||||
# Clears related logs
|
||||
logManager().clearLogs(toDelete)
|
||||
log.clearLogs(toDelete)
|
||||
|
||||
|
||||
logger.debug('Deleted publication {0}'.format(toDelete))
|
||||
@ -1521,7 +1520,7 @@ class UserService(models.Model):
|
||||
toDelete.getEnvironment().clearRelatedData()
|
||||
|
||||
# Clear related logs to this user service
|
||||
logManager().clearLogs(toDelete)
|
||||
log.clearLogs(toDelete)
|
||||
|
||||
# TODO: Check if this invokation goes here
|
||||
#toDelete.getInstance()
|
||||
|
||||
@ -88,13 +88,12 @@ class WindowsOsManager(osmanagers.OSManager):
|
||||
|
||||
def doLog(self, service, data, origin = log.OSMANAGER):
|
||||
# Stores a log associated with this service
|
||||
from uds.core.managers import logManager
|
||||
try:
|
||||
|
||||
msg, level = data.split('\t')
|
||||
logManager().doLog(service, level, msg, origin)
|
||||
log.doLog(service, level, msg, origin)
|
||||
except:
|
||||
logManager().doLog(service, log.ERROR, "do not understand {0}".format(data), origin)
|
||||
log.doLog(service, log.ERROR, "do not understand {0}".format(data), origin)
|
||||
|
||||
|
||||
def process(self,service,msg, data):
|
||||
|
||||
@ -37,7 +37,7 @@ from django.shortcuts import render_to_response
|
||||
from django.template import RequestContext
|
||||
from django.utils.translation import ugettext as _
|
||||
from django.core.urlresolvers import reverse
|
||||
from uds.core.auths.auth import getIp, webLogin, webLogout, webLoginRequired, authenticate, webPassword, authenticateViaCallback
|
||||
from uds.core.auths.auth import getIp, webLogin, webLogout, webLoginRequired, authenticate, webPassword, authenticateViaCallback, authLogLogin, authLogLogout
|
||||
from uds.models import Authenticator, DeployedService, Transport, UserService, Network
|
||||
from uds.web.forms.LoginForm import LoginForm
|
||||
from uds.core.managers.UserServiceManager import UserServiceManager
|
||||
@ -46,24 +46,22 @@ from uds.core.managers.DownloadsManager import DownloadsManager
|
||||
from uds.core.util.Config import GlobalConfig
|
||||
from uds.core.util.Cache import Cache
|
||||
from uds.core.util import OsDetector
|
||||
from uds.core.util import log
|
||||
|
||||
from transformers import transformId, scrambleId
|
||||
|
||||
|
||||
import errors
|
||||
import logging
|
||||
import random
|
||||
import string
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
authLogger = logging.getLogger('__authLog')
|
||||
|
||||
def __authLog(request, authenticator, userName, java, os, log):
|
||||
'''
|
||||
Logs authentication
|
||||
'''
|
||||
javaStr = java and 'Java' or 'No Java'
|
||||
authLogger.info('|'.join([authenticator.name, userName, javaStr, os['OS'], log, request.META['HTTP_USER_AGENT']]))
|
||||
|
||||
def login(request):
|
||||
#request.session.set_expiry(GlobalConfig.USER_SESSION_LENGTH.getInt())
|
||||
#request.session.set_expiry(GlobalConfig.USER_SESSION_LENGTH.getInt())
|
||||
getIp(request)
|
||||
if request.method == 'POST':
|
||||
if request.COOKIES.has_key('uds') is False:
|
||||
return errors.errorView(request, errors.COOKIES_NEEDED) # We need cookies to keep session data
|
||||
@ -81,7 +79,7 @@ def login(request):
|
||||
tries = 0
|
||||
if tries >= GlobalConfig.MAX_LOGIN_TRIES.getInt():
|
||||
form.add_form_error('Too many authentication errors. User temporarily blocked.')
|
||||
__authLog(request, authenticator, userName, java, os, 'Temporarily blocked')
|
||||
authLogLogin(request, authenticator, userName, java, os, 'Temporarily blocked')
|
||||
else:
|
||||
user = authenticate(userName, form.cleaned_data['password'], authenticator )
|
||||
|
||||
@ -90,7 +88,7 @@ def login(request):
|
||||
tries += 1
|
||||
cache.put(cacheKey, tries, GlobalConfig.LOGIN_BLOCK.getInt())
|
||||
form.add_form_error('Invalid credentials')
|
||||
__authLog(request, authenticator, userName, java, os, 'Invalid credentials')
|
||||
authLogLogin(request, authenticator, userName, java, os, 'Invalid credentials')
|
||||
else:
|
||||
cache.remove(cacheKey) # Valid login, remove cached tries
|
||||
response = HttpResponseRedirect(reverse('uds.web.views.index'))
|
||||
@ -99,7 +97,7 @@ def login(request):
|
||||
request.session['java'] = java
|
||||
request.session['OS'] = os
|
||||
logger.debug('Navigator supports java? {0}'.format(java))
|
||||
__authLog(request, authenticator, user.name, java, os, 'Logged in')
|
||||
authLogLogin(request, authenticator, user.name, java, os)
|
||||
return response
|
||||
else:
|
||||
form = LoginForm()
|
||||
@ -125,6 +123,7 @@ def customAuth(request, idAuth):
|
||||
|
||||
@webLoginRequired
|
||||
def logout(request):
|
||||
authLogLogout(request)
|
||||
return webLogout(request, request.user.logout())
|
||||
|
||||
@webLoginRequired
|
||||
@ -265,11 +264,8 @@ def sernotify(request, idUserService, notification):
|
||||
message = request.GET.get('message', None)
|
||||
level = request.GET.get('level', None)
|
||||
if message is not None and level is not None:
|
||||
from uds.core.util import log
|
||||
from uds.core.managers import logManager
|
||||
|
||||
us = UserService.objects.get(pk=idUserService)
|
||||
logManager().doLog(us, level, message, log.TRANSPORT)
|
||||
log.doLog(us, level, message, log.TRANSPORT)
|
||||
else:
|
||||
return HttpResponse('Invalid request!', 'text/plain')
|
||||
except Exception as e:
|
||||
@ -313,7 +309,7 @@ def authCallback(request, authName):
|
||||
os = OsDetector.getOsFromUA(request.META['HTTP_USER_AGENT'])
|
||||
|
||||
if user is None:
|
||||
__authLog(request, authenticator, '{0}'.format(params), False, os, 'Invalid at auth callback')
|
||||
authLogLogin(request, authenticator, '{0}'.format(params), False, os, 'Invalid at auth callback')
|
||||
raise auths.Exceptions.InvalidUserException()
|
||||
|
||||
# Redirect to main page through java detection process, so UDS know the availability of java
|
||||
@ -371,7 +367,7 @@ def authJava(request, idAuth, hasJava):
|
||||
try:
|
||||
authenticator = Authenticator.objects.get(pk=idAuth)
|
||||
os = request.session['OS']
|
||||
__authLog(request, authenticator, request.user.name, request.session['java'], os, 'Logged in')
|
||||
authLogLogin(request, authenticator, request.user.name, request.session['java'], os)
|
||||
return HttpResponseRedirect(reverse('uds.web.views.index'))
|
||||
|
||||
except Exception as e:
|
||||
|
||||
@ -34,8 +34,11 @@
|
||||
from django.utils.translation import ugettext as _
|
||||
from ..auths.AdminAuth import needs_credentials
|
||||
from ..util.Exceptions import FindException
|
||||
from uds.core.managers import logManager
|
||||
from uds.core.util import log
|
||||
|
||||
from uds.models import UserService
|
||||
from uds.models import User
|
||||
from uds.models import Authenticator
|
||||
|
||||
import logging
|
||||
|
||||
@ -43,13 +46,31 @@ logger = logging.getLogger(__name__)
|
||||
|
||||
@needs_credentials
|
||||
def getUserServiceLogs(credentials, id):
|
||||
logger.debug('getUserServiceLogs called')
|
||||
try:
|
||||
us = UserService.objects.get(pk=id)
|
||||
return logManager().getLogs(us)
|
||||
except Exception:
|
||||
return log.getLogs(us)
|
||||
except:
|
||||
raise FindException(_('Service does not exists'))
|
||||
|
||||
@needs_credentials
|
||||
def getUserLogs(credentials, id):
|
||||
try:
|
||||
user = User.objects.get(pk=id)
|
||||
return log.getLogs(user)
|
||||
except:
|
||||
raise FindException('User does not exists')
|
||||
|
||||
@needs_credentials
|
||||
def getAuthLogs(credentials, id):
|
||||
try:
|
||||
auth = Authenticator.objects.get(pk=id)
|
||||
return log.getLogs(auth)
|
||||
except:
|
||||
raise FindException('Authenticator does not exists')
|
||||
|
||||
|
||||
# Registers XML RPC Methods
|
||||
def registerLogFunctions(dispatcher):
|
||||
dispatcher.register_function(getUserServiceLogs, 'getUserServiceLogs')
|
||||
dispatcher.register_function(getUserLogs, 'getUserLogs')
|
||||
dispatcher.register_function(getAuthLogs, 'getAuthLogs')
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user