You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@allura.apache.org by gc...@apache.org on 2022/09/02 17:43:01 UTC
[allura] branch master updated (75a2dacd4 -> 24a300e1f)
This is an automated email from the ASF dual-hosted git repository.
gcruz pushed a change to branch master
in repository https://gitbox.apache.org/repos/asf/allura.git
from 75a2dacd4 test fix
new 1547b6492 [#8458] audit log - record blog external feed modifications
new 384e84583 [#8458] audit log - log general tool POST /configure options to audit log
new dd92026cc [#8458] audit log - discussion - log forum admin actions to auditlog
new ed36da805 [#8458] auditlog: record unblocking user from permission
new bea08d4a7 [#8458] auditlog: record wiki delete/undelete/rename
new 24a300e1f [#8458] auditlog: record screenshots add/update/delete/reorder
The 6 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
Allura/allura/app.py | 20 +++++++++++++---
Allura/allura/ext/admin/admin_main.py | 19 +++++++++++----
Allura/allura/tests/functional/test_admin.py | 2 +-
ForgeBlog/forgeblog/main.py | 14 +++++++++++
ForgeDiscussion/forgediscussion/forum_main.py | 27 ++++++++++++++--------
.../tests/functional/test_forum_admin.py | 10 ++++----
ForgeWiki/forgewiki/wiki_main.py | 22 ++++++++++++++++--
7 files changed, 89 insertions(+), 25 deletions(-)
[allura] 06/06: [#8458] auditlog: record screenshots add/update/delete/reorder
Posted by gc...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
gcruz pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/allura.git
commit 24a300e1fa535e5ea63bd081a7dd5f72b546cff8
Author: Dillon Walls <di...@slashdotmedia.com>
AuthorDate: Thu Sep 1 15:11:25 2022 +0000
[#8458] auditlog: record screenshots add/update/delete/reorder
---
Allura/allura/ext/admin/admin_main.py | 19 ++++++++++++++-----
Allura/allura/tests/functional/test_admin.py | 2 +-
2 files changed, 15 insertions(+), 6 deletions(-)
diff --git a/Allura/allura/ext/admin/admin_main.py b/Allura/allura/ext/admin/admin_main.py
index f3466d943..d40d9b9b0 100644
--- a/Allura/allura/ext/admin/admin_main.py
+++ b/Allura/allura/ext/admin/admin_main.py
@@ -489,7 +489,8 @@ class ProjectAdminController(BaseController):
screenshot.filename = re.sub(r'(.*)\.(.*)', r'\1-' + str(randint(1000,9999)) + r'.\2', screenshot.filename)
# if filename already exists append a random number
break
- M.AuditLog.log('add screenshot')
+ M.AuditLog.log('screenshots: added screenshot {} with caption "{}"'.format(
+ screenshot.filename, caption))
sort = 1 + max([ss.sort or 0 for ss in screenshots] or [0])
M.ProjectFile.save_image(
screenshot.filename, screenshot.file, content_type=screenshot.type,
@@ -515,9 +516,13 @@ class ProjectAdminController(BaseController):
``kw`` is a mapping of (screenshot._id, sort_order) pairs.
"""
- for s in c.project.get_screenshots():
+ screenshots = c.project.get_screenshots()
+ for s in screenshots:
if str(s._id) in kw:
s.sort = int(kw[str(s._id)])
+ M.AuditLog.log('screenshots: reordered screenshots {}'.format(
+ ", ".join(s.filename for s in sorted(screenshots, key=lambda s: s.sort))
+ ))
g.post_event('project_updated')
@expose()
@@ -525,7 +530,8 @@ class ProjectAdminController(BaseController):
def delete_screenshot(self, id=None, **kw):
require_access(c.project, 'update')
if id is not None and id != '':
- M.AuditLog.log('remove screenshot')
+ screenshot = M.ProjectFile.query.get(project_id=c.project._id, _id=ObjectId(id))
+ M.AuditLog.log('screenshots: deleted screenshot {}'.format(screenshot.filename))
M.ProjectFile.query.remove(
dict(project_id=c.project._id, _id=ObjectId(id)))
g.post_event('project_updated')
@@ -536,8 +542,11 @@ class ProjectAdminController(BaseController):
def edit_screenshot(self, id=None, caption=None, **kw):
require_access(c.project, 'update')
if id is not None and id != '':
- M.ProjectFile.query.get(
- project_id=c.project._id, _id=ObjectId(id)).caption = caption
+ screenshot = M.ProjectFile.query.get(
+ project_id=c.project._id, _id=ObjectId(id))
+ screenshot.caption = caption
+ M.AuditLog.log('screenshots: updated screenshot {} with new caption "{}"'.format(
+ screenshot.filename, screenshot.caption))
g.post_event('project_updated')
redirect('screenshots')
diff --git a/Allura/allura/tests/functional/test_admin.py b/Allura/allura/tests/functional/test_admin.py
index 8237bf332..96138ffea 100644
--- a/Allura/allura/tests/functional/test_admin.py
+++ b/Allura/allura/tests/functional/test_admin.py
@@ -405,7 +405,7 @@ class TestProjectAdmin(TestController):
upload = ('screenshot', file_name, file_data)
self.app.get('/admin/')
- with audits('add screenshot'):
+ with audits('screenshots: added screenshot {}'.format(file_name)):
self.app.post('/admin/add_screenshot', params=dict(
caption='test me'),
upload_files=[upload])
[allura] 04/06: [#8458] auditlog: record unblocking user from permission
Posted by gc...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
gcruz pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/allura.git
commit ed36da8051d1e303168e4cf4191bf265e818d195
Author: Dillon Walls <di...@slashdotmedia.com>
AuthorDate: Thu Sep 1 13:35:40 2022 +0000
[#8458] auditlog: record unblocking user from permission
---
Allura/allura/app.py | 13 ++++++++++---
1 file changed, 10 insertions(+), 3 deletions(-)
diff --git a/Allura/allura/app.py b/Allura/allura/app.py
index 83ea1c94b..81ccd13e5 100644
--- a/Allura/allura/app.py
+++ b/Allura/allura/app.py
@@ -871,10 +871,12 @@ class DefaultAdminController(BaseController, AdminControllerMixin):
ace = model.ACE.deny(model.ProjectRole.by_user(user, upsert=True)._id, perm, reason)
if not model.ACL.contains(ace, self.app.acl):
self.app.acl.append(ace)
- model.AuditLog.log('blocked user "{}" from {} for reason: "{}"'.format(
- username,
+ model.AuditLog.log('{}: blocked user "{}" from permission "{}" for reason: "{}"'.format(
self.app.config.options['mount_point'],
- reason))
+ username,
+ ace.permission,
+ reason,
+ ))
return dict(user_id=str(user._id), username=user.username, reason=reason)
return dict(error='User "%s" already blocked' % user.username)
@@ -897,6 +899,11 @@ class DefaultAdminController(BaseController, AdminControllerMixin):
if ace:
self.app.acl.remove(ace)
unblocked.append(str(user._id))
+ model.AuditLog.log('{}: unblocked user "{}" from permission "{}"'.format(
+ self.app.config.options['mount_point'],
+ user.username,
+ ace.permission,
+ ))
return dict(unblocked=unblocked)
@expose('jinja:allura:templates/app_admin_permissions.html')
[allura] 05/06: [#8458] auditlog: record wiki delete/undelete/rename
Posted by gc...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
gcruz pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/allura.git
commit bea08d4a7ab289511a191e90d07926d8c25a9b31
Author: Dillon Walls <di...@slashdotmedia.com>
AuthorDate: Thu Sep 1 14:36:46 2022 +0000
[#8458] auditlog: record wiki delete/undelete/rename
---
ForgeWiki/forgewiki/wiki_main.py | 22 ++++++++++++++++++++--
1 file changed, 20 insertions(+), 2 deletions(-)
diff --git a/ForgeWiki/forgewiki/wiki_main.py b/ForgeWiki/forgewiki/wiki_main.py
index bd13c81a4..12306b292 100644
--- a/ForgeWiki/forgewiki/wiki_main.py
+++ b/ForgeWiki/forgewiki/wiki_main.py
@@ -652,6 +652,10 @@ class PageController(BaseController, FeedController):
@require_post()
def delete(self, **kw):
require_access(self.page, 'delete')
+ M.AuditLog.log('{}: deleted wiki page "{}"'.format(
+ c.app.config.options['mount_point'],
+ self.page.title,
+ ))
self.page.delete()
return dict(location='../' + self.page.title + '/?deleted=True')
@@ -661,6 +665,10 @@ class PageController(BaseController, FeedController):
def undelete(self, **kw):
require_access(self.page, 'delete')
self.page.deleted = False
+ M.AuditLog.log('{}: undeleted wiki page "{}"'.format(
+ c.app.config.options['mount_point'],
+ self.page.title,
+ ))
M.Shortlink.from_artifact(self.page)
return dict(location='./edit')
@@ -748,6 +756,10 @@ class PageController(BaseController, FeedController):
if not self.page:
# the page doesn't exist yet, so create it
self.page = WM.Page.upsert(self.title)
+ M.AuditLog.log('{}: created new wiki page "{}"'.format(
+ c.app.config.options['mount_point'],
+ self.page.title,
+ ))
else:
require_access(self.page, 'edit')
activity_verb = 'modified'
@@ -761,6 +773,11 @@ class PageController(BaseController, FeedController):
if self.page.title == c.app.root_page_name:
WM.Globals.query.get(
app_config_id=c.app.config._id).root = title
+ M.AuditLog.log('{}: renamed wiki page "{}" => "{}"'.format(
+ c.app.config.options['mount_point'],
+ self.page.title,
+ title,
+ ))
self.page.title = title
activity_verb = 'renamed'
old_text = self.page.text
@@ -939,10 +956,11 @@ class WikiAdminController(DefaultAdminController):
mount_base = c.project.url() + \
self.app.config.options.mount_point + '/'
url = h.really_unicode(mount_base) + h.really_unicode(new_home) + '/'
- M.AuditLog.log('set home page: "{}" => "{}" for {}'.format(
+ M.AuditLog.log('{}: set home page "{}" => "{}"'.format(
+ self.app.config.options['mount_point'],
old_home,
new_home,
- self.app.config.options['mount_point']))
+ ))
redirect(h.urlquote(url))
@without_trailing_slash
[allura] 03/06: [#8458] audit log - discussion - log forum admin actions to auditlog
Posted by gc...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
gcruz pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/allura.git
commit dd92026ccbdadd666d90d80f837a476a009eafbf
Author: Dillon Walls <di...@slashdotmedia.com>
AuthorDate: Wed Aug 31 21:01:15 2022 +0000
[#8458] audit log - discussion - log forum admin actions to auditlog
---
ForgeDiscussion/forgediscussion/forum_main.py | 27 ++++++++++++++--------
.../tests/functional/test_forum_admin.py | 10 ++++----
2 files changed, 23 insertions(+), 14 deletions(-)
diff --git a/ForgeDiscussion/forgediscussion/forum_main.py b/ForgeDiscussion/forgediscussion/forum_main.py
index 262b5a196..db84bf62a 100644
--- a/ForgeDiscussion/forgediscussion/forum_main.py
+++ b/ForgeDiscussion/forgediscussion/forum_main.py
@@ -315,6 +315,15 @@ class ForumAdminController(DefaultAdminController):
def update_forums(self, forum=None, **kw):
if forum is None:
forum = []
+
+ mount_point = self.app.config.options['mount_point']
+
+ def set_value(forum, name, val):
+ if getattr(forum, name, None) != val:
+ M.AuditLog.log('{}: {} - set option "{}" {} => {}'.format(
+ mount_point, forum.name, name, getattr(forum, name, None), val))
+ setattr(forum, name, val)
+
for f in forum:
forum = DM.Forum.query.get(_id=ObjectId(str(f['id'])))
if f.get('delete'):
@@ -331,23 +340,23 @@ class ForumAdminController(DefaultAdminController):
if '.' in f['shortname'] or '/' in f['shortname'] or ' ' in f['shortname']:
flash('Shortname cannot contain space . or /', 'error')
redirect('.')
- forum.name = f['name']
- forum.shortname = f['shortname']
- forum.description = f['description']
- forum.monitoring_email = f['monitoring_email']
+ set_value(forum, 'name', f['name'])
+ set_value(forum, 'shortname', f['shortname'])
+ set_value(forum, 'description', f['description'])
+ set_value(forum, 'monitoring_email', f['monitoring_email'])
if 'members_only' in f:
if 'anon_posts' in f:
flash(
'You cannot have anonymous posts in a members only forum.', 'warning')
- forum.anon_posts = False
+ set_value(forum, 'anon_posts', False)
del f['anon_posts']
- forum.members_only = True
+ set_value(forum, 'members_only', True)
else:
- forum.members_only = False
+ set_value(forum, 'members_only', False)
if 'anon_posts' in f:
- forum.anon_posts = True
+ set_value(forum, 'anon_posts', True)
else:
- forum.anon_posts = False
+ set_value(forum, 'anon_posts', False)
role_anon = M.ProjectRole.anonymous()._id
if forum.members_only:
role_developer = M.ProjectRole.by_name('Developer')._id
diff --git a/ForgeDiscussion/forgediscussion/tests/functional/test_forum_admin.py b/ForgeDiscussion/forgediscussion/tests/functional/test_forum_admin.py
index ca14d1c37..19babaca5 100644
--- a/ForgeDiscussion/forgediscussion/tests/functional/test_forum_admin.py
+++ b/ForgeDiscussion/forgediscussion/tests/functional/test_forum_admin.py
@@ -15,11 +15,9 @@
# specific language governing permissions and limitations
# under the License.
-import os
-import allura
import logging
-import PIL
+import re
from alluratest.controller import TestController
from allura.lib import helpers as h
from allura import model as M
@@ -43,6 +41,8 @@ class TestForumAdmin(TestController):
form['add_forum.name'] = 'Test Forum'
r = form.submit().follow()
assert 'Test Forum' in r
+ audit_log = M.AuditLog.query.find({'project_id': project._id}).sort('_id', -1).first()
+ assert 'created forum "Test Forum"' in audit_log.message
h.set_context('test', 'Forum', neighborhood='Projects')
frm = FM.Forum.query.get(shortname='testforum')
r = self.app.post('/admin/discussion/update_forums',
@@ -52,8 +52,8 @@ class TestForumAdmin(TestController):
'forum-0.shortname': 'NewTestForum',
'forum-0.description': 'My desc',
'forum-0.monitoring_email': ''})
- audit_log = M.AuditLog.query.find({'project_id': project._id}).sort('_id', -1).first()
- assert 'created forum "Test Forum"' in audit_log.message
+ audit_logs = M.AuditLog.query.find({'project_id': project._id, 'message': re.compile(' set option ')}).all()
+ assert len(audit_logs) == 4
r = self.app.get('/admin/discussion/forums')
assert 'New Test Forum' in r
assert 'My desc' in r
[allura] 02/06: [#8458] audit log - log general tool POST /configure options to audit log
Posted by gc...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
gcruz pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/allura.git
commit 384e845836d333f6590e91adfe2fb3c5c71c38fe
Author: Dillon Walls <di...@slashdotmedia.com>
AuthorDate: Wed Aug 31 21:00:54 2022 +0000
[#8458] audit log - log general tool POST /configure options to audit log
---
Allura/allura/app.py | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/Allura/allura/app.py b/Allura/allura/app.py
index 49145ab2e..83ea1c94b 100644
--- a/Allura/allura/app.py
+++ b/Allura/allura/app.py
@@ -996,6 +996,13 @@ class DefaultAdminController(BaseController, AdminControllerMixin):
except fev.Invalid as e:
flash(f'{opt.name}: {str(e)}', 'error')
continue
+ if self.app.config.options[opt.name] != val:
+ M.AuditLog.log('{}: set option "{}" {} => {}'.format(
+ self.app.config.options['mount_point'],
+ opt.name,
+ self.app.config.options[opt.name],
+ val
+ ))
self.app.config.options[opt.name] = val
if is_admin:
# possibly moving admin mount point
[allura] 01/06: [#8458] audit log - record blog external feed modifications
Posted by gc...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
gcruz pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/allura.git
commit 1547b649229f2cc9a23900517dcdbe38257d37f9
Author: Dillon Walls <di...@slashdotmedia.com>
AuthorDate: Wed Aug 31 14:56:12 2022 +0000
[#8458] audit log - record blog external feed modifications
---
ForgeBlog/forgeblog/main.py | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/ForgeBlog/forgeblog/main.py b/ForgeBlog/forgeblog/main.py
index 59fe8e869..cfa079289 100644
--- a/ForgeBlog/forgeblog/main.py
+++ b/ForgeBlog/forgeblog/main.py
@@ -586,6 +586,20 @@ class BlogAdminController(DefaultAdminController):
except formencode.api.Invalid:
invalid_list.append(link)
+ added_feeds = set(exfeed_list).difference(self.app.external_feeds_list)
+ removed_feeds = set(self.app.external_feeds_list).difference(exfeed_list)
+
+ if added_feeds:
+ M.AuditLog.log('{}: external feed list - added: {}'.format(
+ self.app.config.options['mount_point'],
+ ', '.join(sorted(added_feeds))
+ ))
+ if removed_feeds:
+ M.AuditLog.log('{}: external feed list - removed: {}'.format(
+ self.app.config.options['mount_point'],
+ ', '.join(sorted(removed_feeds))
+ ))
+
self.app.external_feeds_list = exfeed_list
flash('External feeds updated')
if len(invalid_list) > 0: