Simon/MClogger
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

modified: web/blueprints/auth.py

Browse Source 
modified:   web/blueprints/group_admin.py
	modified:   web/blueprints/site_admin.py
	modified:   web/config.py
	modified:   web/panel_db.py
	modified:   web/templates/admin/audit_log.html
This commit is contained in:
simon
2026-04-15 10:48:37 +02:00
parent 6a6e0fc4b3
commit 179a0e1042
6 changed files with 125 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
web/blueprints/auth.py
View File

@@ -85,6 +85,10 @@ def admin_login():
@auth.route("/logout", methods=["POST"])
def logout():
user_id = session.get("user_id")
username = session.get("username")
if user_id:
log_audit_event(user_id, username, "session.logout", ip_address=request.remote_addr)
session.clear()
return redirect(url_for("auth.login"))

14
web/blueprints/group_admin.py
View File

@@ -345,6 +345,12 @@ def database():
)
test_conn.close()
db.set_group_db_creds(group_id, host, int(port), user, password, database_name)
db.log_audit_event(
session["user_id"], session["username"], "db.credentials_changed",
entity_type="group", entity_id=group_id,
details={"host": host, "port": port, "database": database_name},
group_id=group_id, ip_address=request.remote_addr,
)
flash("Database connection saved and tested ✓", "success")
return redirect(url_for("group_admin.database"))
except Exception as e:
@@ -357,6 +363,12 @@ def database():
@group_admin.route("/database/delete", methods=["POST"])
@group_admin_required
def database_delete():
db.delete_group_db_creds(session["group_id"])
group_id = session["group_id"]
db.delete_group_db_creds(group_id)
db.log_audit_event(
session["user_id"], session["username"], "db.credentials_deleted",
entity_type="group", entity_id=group_id,
group_id=group_id, ip_address=request.remote_addr,
)
flash("Database connection removed.", "success")
return redirect(url_for("group_admin.database"))

29
web/blueprints/site_admin.py
View File

@@ -216,6 +216,11 @@ def group_delete(group_id):
@site_admin.route("/groups/<int:group_id>/members")
@admin_required
def group_members(group_id):
db.log_audit_event(
session["user_id"], session["username"], "admin.view_group_members",
entity_type="group", entity_id=group_id,
ip_address=request.remote_addr,
)
group = db.get_group_by_id(group_id)
members = db.get_group_members(group_id)
pending_invites = db.list_active_group_invites(group_id)
@@ -424,6 +429,10 @@ def group_invite_resend(group_id, invite_id):
@site_admin.route("/users")
@admin_required
def users():
db.log_audit_event(
session["user_id"], session["username"], "admin.view_users",
ip_address=request.remote_addr,
)
return render_template(
"admin/users.html",
users=db.list_all_users(),
@@ -597,6 +606,12 @@ def user_edit(user_id):
db.update_user(user_id, username, email, is_site_admin)
if new_password:
db.change_password(user_id, new_password)
db.log_audit_event(
session["user_id"], session["username"], "user.password_changed",
entity_type="user", entity_id=user_id,
details={"target": username},
ip_address=request.remote_addr,
)
flash("Password changed.", "info")
db.log_audit_event(
session["user_id"], session["username"], "user.updated",
@@ -715,4 +730,18 @@ def audit_log():
actor_filter=actor_f or "",
all_groups=all_groups,
actions=actions,
retention_days=Config.AUDIT_LOG_RETENTION_DAYS,
)
@site_admin.route("/audit/purge", methods=["POST"])
@admin_required
def audit_purge():
deleted = db.purge_old_audit_events(Config.AUDIT_LOG_RETENTION_DAYS)
db.log_audit_event(
session["user_id"], session["username"], "audit.purged",
details={"deleted_count": deleted, "retention_days": Config.AUDIT_LOG_RETENTION_DAYS},
ip_address=request.remote_addr,
)
flash(f"Purged {deleted} audit log entries older than {Config.AUDIT_LOG_RETENTION_DAYS} days.", "success")
return redirect(url_for("site_admin.audit_log"))