mirror/Warracker
1
0
Fork 0
mirror of https://github.com/sassanix/Warracker.git synced 2025-12-31 18:49:39 -06:00
Code Issues Packages Projects Releases Wiki Activity
Files
renovate/python-packages
Warracker/backend/audit_logger.py
sassanix 286aa2b88a Introduced a new Administrator Audit Trail system for enhanced accountability and visibility of administrative changes. 
- Added new `audit_log` table with supporting migration (048)
- Implemented centralized `create_audit_log` helper to record key admin actions
- Logged events include:
  - Site setting changes (sensitive data masked)
  - User updates and deletions
- Added API endpoint `GET /api/admin/audit-trail` for viewing recent audit entries
- Created new frontend section in Settings for viewing the Audit Trail
  - Displays timestamp, user, action, and details with safe HTML escaping
- Updated backend structure for better modularity and security

Files:
`backend/migrations/048_create_audit_log_table.sql`,
`backend/audit_logger.py`,
`backend/admin_routes.py`,
`frontend/settings-new.html`,
`frontend/settings-new.js`
2025-10-19 22:28:16 -03:00

38 lines
1.1 KiB
Python
Raw Permalink Blame History

from flask import request
from .db_handler import get_db_connection, release_db_connection
import logging
logger = logging.getLogger(__name__)
def create_audit_log(action, target_type=None, target_id=None, details=None):
"""Helper function to insert a new record into the audit log."""
user_id = None
username = 'System'
ip_address = None
if request:
ip_address = request.remote_addr
if hasattr(request, 'user') and request.user:
user_id = request.user.get('id')
username = request.user.get('username')
conn = None
try:
conn = get_db_connection()
with conn.cursor() as cur:
cur.execute("""
INSERT INTO audit_log (user_id, username, action, target_type, target_id, details, ip_address)
VALUES (%s, %s, %s, %s, %s, %s, %s)
""", (user_id, username, action, target_type, str(target_id), details, ip_address))
conn.commit()
except Exception as e:
logger.error(f'Failed to create audit log: {e}')
if conn:
conn.rollback()
finally:
if conn:
release_db_connection(conn)
Reference in New Issue View Git Blame Copy Permalink