Organizations: show audit logs #8588
Conversation
stsewd
force-pushed
the
expose-org-audit-log
branch
from
99dbdf3 to
80963c9
Compare
stsewd
force-pushed
the
expose-org-audit-log
branch
3 times, most recently
from
0233b15 to
9ad62c0
Compare
| @@ -21,4 +21,18 @@ class UserSecurityLogFilter(FilterSet): | |||
|
|
|||
| class Meta: | |||
| model = AuditLog | |||
| fields = ['ip', 'project', 'action'] | |||
| fields = [] | |||
There was a problem hiding this comment.
this wasn't needed, as these values are defined as attributes, but you still need to declare fields
stsewd
force-pushed
the
expose-org-audit-log
branch
from
9ad62c0 to
5bd1f63
Compare
readthedocs/organizations/templates/organizations/security_log.html
Outdated
Show resolved
Hide resolved
| {% block edit_content %} | ||
|
|
||
| {% if not enabled %} | ||
| {% include 'projects/includes/feature_disabled.html' with organization=organization %} |
There was a problem hiding this comment.
Should we be passing in something like plan=Pro in order to clarify what plan is required?
There was a problem hiding this comment.
I think we could pass the feature type and check from the other template what plan is required?
There was a problem hiding this comment.
Yea, not a huge priority though. 👍
readthedocs/organizations/templates/organizations/security_log.html
Outdated
Show resolved
Hide resolved
| ('IP', 'ip'), | ||
| ('Browser', 'browser'), | ||
| ] | ||
| data = self._get_queryset().values_list(*[value for _, value in values]) |
There was a problem hiding this comment.
This could potentially be huge for a user with pageviews. We are likely going to need something async that emails this to users, or uploads it to storage, or something. We can worry about that later though.
|
@ericholscher I have added some docs and filtering by dates (
|
Awesome! I looked over it, and it seems good to me.
I think it's fine for now that we don't document them. I do think we should probably make them work with a GET arg though.
I think so. I think otherwise some users won't be able to download anything because the view will time out, and it will be confusing to filter the data and not have the download respect that.
Yea -- I think updating the export/download link is probably the easiest way to handle this. |
| User security log | ||
| ----------------- | ||
|
|
||
| We store user security logs from the last 90 days, and track the following events: |
There was a problem hiding this comment.
Does this vary by plan on .com? If so, we should probably put this in a small table comparing each site. I dislike having the tabs where you have to click to see the Commercial one, so a small table seems best?
There was a problem hiding this comment.
User securtiy logs are 90 days for both, we could respect the max period set by the organizations they belong on .com, but I have some questions if that happens, should we show those type of logs to org owners as well? #8620 (comment)
| days_ago = timezone.now() - timezone.timedelta(days=retention_limit) | ||
| return creation_date | ||
| start_date = timezone.now().date() - timezone.timedelta(days=retention_limit) | ||
| # The max we can go back is to the creation of the organization. |
| @@ -189,9 +187,17 @@ def get(self, request, *args, **kwargs): | |||
| return self._get_csv_data() | |||
| return super().get(request, *args, **kwargs) | |||
|
|
|||
| def _get_start_date(self): | |||
There was a problem hiding this comment.
Seems like we want to get the request.GET.start_date here?
There was a problem hiding this comment.
That's already handled by the filter, the filter acts on top of this query.
Co-authored-by: Eric Holscher <[email protected]>
|
Download button now uses the current filters. But had to use a link instead of a form, as the form removes all query args from the forms'
|
|
Fixed :D
|
Similar to the user security logs, but from all the organization and according to their plan.
I was able to re-use the listing from the user security log :D.
Didn't want to overload the UI with all the information from each record (but you can get everything with the download button), still you can see some information when hovering over some places.