From 1f218a4f962f2fcb702d6b691b23e714f3d5c167 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Adolfo=20G=C3=B3mez?= Date: Fri, 1 Feb 2013 10:08:49 +0000 Subject: [PATCH] * Adding logs to users & authenticators --- server/src/uds/core/util/log.py | 2 +- server/src/uds/xmlrpc/auths/AdminAuth.py | 29 ++++++++++++++++++++---- 2 files changed, 26 insertions(+), 5 deletions(-) diff --git a/server/src/uds/core/util/log.py b/server/src/uds/core/util/log.py index 343773d87..8b7d79cb7 100644 --- a/server/src/uds/core/util/log.py +++ b/server/src/uds/core/util/log.py @@ -39,7 +39,7 @@ useLogger = logging.getLogger('useLog') OTHER,DEBUG,INFO,WARN,ERROR,FATAL = (10000*(x+1) for x in xrange(6)) # Logging sources -INTERNAL, ACTOR, TRANSPORT, OSMANAGER, UNKNOWN, WEB = ('internal', 'actor', 'transport', 'osmanager', 'unknown', 'web') +INTERNAL, ACTOR, TRANSPORT, OSMANAGER, UNKNOWN, WEB, ADMIN = ('internal', 'actor', 'transport', 'osmanager', 'unknown', 'web', 'admin') OTHERSTR, DEBUGSTR, INFOSTR, WARNSTR, ERRORSTR, FATALSTR = ('OTHER', 'DEBUG', 'INFO', 'WARN', 'ERROR', 'FATAL') diff --git a/server/src/uds/xmlrpc/auths/AdminAuth.py b/server/src/uds/xmlrpc/auths/AdminAuth.py index d32a7e3f9..0286262f2 100644 --- a/server/src/uds/xmlrpc/auths/AdminAuth.py +++ b/server/src/uds/xmlrpc/auths/AdminAuth.py @@ -34,9 +34,10 @@ from django.utils.translation import ugettext as _, activate from django.contrib.sessions.backends.db import SessionStore from uds.models import Authenticator -from ..util.Exceptions import AuthException +from uds.xmlrpc.util.Exceptions import AuthException from uds.core.util.Config import GlobalConfig -from uds.core.auths.auth import authenticate +from uds.core.util import log +from uds.core.auths.auth import authenticate, getIp from functools import wraps from django.conf import settings import logging @@ -75,6 +76,7 @@ class Credentials(object): return '' try: a = Authenticator.objects.get(pk=self.idAuth).getInstance() + log.doLog(self.user, log.INFO, 'Logged out from administration', log.WEB) return a.logout(self.user) except Exception: logger.exception('Exception at logout (managed)') @@ -154,7 +156,9 @@ def login(username, password, idAuth, locale, request): ''' Validates the user/password credentials, assign to it the specified locale for this session and returns a credentials response ''' - + + getIp(request) + logger.info("Validating user {0} with authenticator {1} with locale {2}".format(username, idAuth, locale)) activate(locale) if idAuth == ADMIN_AUTH: @@ -167,8 +171,25 @@ def login(username, password, idAuth, locale, request): user = authenticate(username, password, auth) except Exception: raise AuthException(_('Invalid authenticator')) - if user is None or user.staff_member is False: + + if user is None: + log.doLog(auth, log.ERROR, 'Invalid credentials for {0} from {1}'.format(username, request.ip), log.ADMIN) + try: + user = auth.users.get(name=username) + log.doLog(user, log.ERROR, 'Invalid credentials from {0}'.format(request.ip), log.ADMIN) + except: + pass raise AuthException(_('Access denied')) + + if user.staff_member is False: + log.doLog(auth, log.ERROR, 'Access denied from {1}. User {0} is not membef of staff'.format(username, request.ip), log.ADMIN) + log.doLog(user, log.ERROR, 'Access denied from {0}. This user is not membef of staff'.format(request.ip), log.ADMIN) + + raise AuthException(_('Access denied')) + + log.doLog(auth, log.INFO, 'Access granted to user {0} from {1} to administration'.format(username, request.ip), log.ADMIN) + log.doLog(user, log.INFO, 'Access granted from {0} to administration'.format(request.ip), log.ADMIN) + return makeCredentials(idAuth, username, locale, user.is_admin)