From bfb6a127f0c1dfb30d8a6e1c146d04a6dcf74af3 Mon Sep 17 00:00:00 2001 From: augustin64 Date: Wed, 28 Feb 2024 23:38:14 +0100 Subject: [PATCH] logging: Add "password change" and "account deletion" events --- default_config.py | 2 +- partitioncloud/modules/logging.py | 20 ++++++++++++++++++-- partitioncloud/modules/settings.py | 11 +++++++++++ partitioncloud/templates/settings/index.html | 2 +- 4 files changed, 31 insertions(+), 4 deletions(-) diff --git a/default_config.py b/default_config.py index 36ee21c..5a47fdb 100644 --- a/default_config.py +++ b/default_config.py @@ -26,7 +26,7 @@ MAX_AGE=31 INSTANCE_PATH="instance" # Events to log -ENABLED_LOGS=["NEW_GROUPE", "NEW_ALBUM", "NEW_PARTITION", "NEW_USER", "SERVER_RESTART", "FAILED_LOGIN"] +ENABLED_LOGS=["NEW_GROUPE", "NEW_ALBUM", "NEW_PARTITION", "NEW_USER", "PASSWORD_CHANGE", "DELETE_ACCOUNT", "SERVER_RESTART", "FAILED_LOGIN"] # Available languages LANGUAGES=['en', 'fr'] diff --git a/partitioncloud/modules/logging.py b/partitioncloud/modules/logging.py index 54bc370..af51e0b 100644 --- a/partitioncloud/modules/logging.py +++ b/partitioncloud/modules/logging.py @@ -12,8 +12,10 @@ class LogEntry(Enum): NEW_ALBUM = 3 NEW_PARTITION = 4 NEW_USER = 5 - SERVER_RESTART = 6 - FAILED_LOGIN = 7 + PASSWORD_CHANGE = 6 + DELETE_ACCOUNT = 7 + SERVER_RESTART = 8 + FAILED_LOGIN = 9 def from_string(entry: str): mapping = { @@ -22,6 +24,8 @@ class LogEntry(Enum): "NEW_ALBUM": LogEntry.NEW_ALBUM, "NEW_PARTITION": LogEntry.NEW_PARTITION, "NEW_USER": LogEntry.NEW_USER, + "PASSWORD_CHANGE": LogEntry.PASSWORD_CHANGE, + "DELETE_ACCOUNT": LogEntry.DELETE_ACCOUNT, "SERVER_RESTART": LogEntry.SERVER_RESTART, "FAILED_LOGIN": LogEntry.FAILED_LOGIN } @@ -61,6 +65,18 @@ def log(content: list[Union[str, bool, int]], log_type: LogEntry) -> None: else: description = f"New user {content[0]}[{content[1]}] added by {content[3]}" + case LogEntry.PASSWORD_CHANGE: # content = (user.name, user.id, admin.name if relevant) + if len(content) == 2: + description = f"New password for {content[0]}[{content[1]}]" + else: + description = f"New password for {content[0]}[{content[1]}], changed by {content[2]}" + + case LogEntry.DELETE_ACCOUNT: # content = (user.name, user.id, admin.name if relevant) + if len(content) == 2: + description = f"Account deleted {content[0]}[{content[1]}]" + else: + description = f"Account deleted {content[0]}[{content[1]}], by {content[2]}" + case LogEntry.SERVER_RESTART: # content = () description = "Server just restarted" diff --git a/partitioncloud/modules/settings.py b/partitioncloud/modules/settings.py index 8878610..cf7fcb2 100644 --- a/partitioncloud/modules/settings.py +++ b/partitioncloud/modules/settings.py @@ -11,6 +11,7 @@ from flask_babel import _ from .db import get_db from .auth import login_required from .utils import User +from . import logging bp = Blueprint("settings", __name__, url_prefix="/settings") @@ -33,6 +34,7 @@ def index(): @bp.route("/delete-account", methods=["POST"]) @login_required def delete_account(): + log_data = None if "user_id" not in request.form: flash(_("Missing user id.")) return redirect(request.referrer) @@ -42,12 +44,16 @@ def delete_account(): mod_user = User(user_id=user_id) if cur_user.access_level != 1: + log_data = [mod_user.username, mod_user.id] if cur_user.id != mod_user.id: flash(_("Missing rights.")) return redirect(request.referrer) + else: + log_data = [mod_user.username, mod_user.id, cur_user.username] mod_user.delete() flash(_("User successfully deleted.")) + logging.log(log_data, logging.LogEntry.DELETE_ACCOUNT) if cur_user.id == mod_user.id: return redirect("/") return redirect("/admin") @@ -56,6 +62,7 @@ def delete_account(): @bp.route("/change-password", methods=["POST"]) @login_required def change_password(): + log_data = None if "user_id" not in request.form: flash(_("Missing user id.")) return redirect(request.referrer) @@ -65,6 +72,7 @@ def change_password(): mod_user = User(user_id=user_id) if cur_user.access_level != 1: + log_data = [mod_user.username, mod_user.id] if cur_user.id != mod_user.id: flash(_("Missing rights.")) return redirect(request.referrer) @@ -76,6 +84,8 @@ def change_password(): if not check_password_hash(mod_user.password, request.form["old_password"]): flash(_("Incorrect password.")) return redirect(request.referrer) + else: + log_data = [mod_user.username, mod_user.id, cur_user.username] if "new_password" not in request.form or "confirm_new_password" not in request.form: flash(_("Missing password.")) @@ -87,4 +97,5 @@ def change_password(): mod_user.update_password(request.form["new_password"]) flash(_("Successfully updated password.")) + logging.log(log_data, logging.LogEntry.PASSWORD_CHANGE) return redirect(request.referrer) diff --git a/partitioncloud/templates/settings/index.html b/partitioncloud/templates/settings/index.html index 98c4a8a..5de2603 100644 --- a/partitioncloud/templates/settings/index.html +++ b/partitioncloud/templates/settings/index.html @@ -24,7 +24,7 @@ {% block content %} -{{ _("User %(username)s has %(album_count)s albums"), username=inspected_user.username, album_count=len(inspected_user.get_albums()) }} +{{ _("User %(username)s has %(album_count)s albums", username=inspected_user.username, album_count=(inspected_user.get_albums() | length)) }}

{{ _("Change password") }}

{% if not skip_old_password %}