Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Audit logs #5646

Merged
merged 81 commits into from
Feb 18, 2023
Merged

Audit logs #5646

merged 81 commits into from
Feb 18, 2023

Conversation

azhavoro
Copy link
Contributor

Motivation and context

How has this been tested?

Checklist

  • I submit my changes into the develop branch
  • I have added a description of my changes into the CHANGELOG file
  • I have updated the documentation accordingly
  • I have added tests to cover my changes
  • I have linked related issues (see GitHub docs)
  • I have increased versions of npm packages if it is necessary
    (cvat-canvas,
    cvat-core,
    cvat-data and
    cvat-ui)

License

  • I submit my code changes under the same MIT License that covers the project.
    Feel free to contact the maintainers if that's a concern.

@azhavoro azhavoro changed the title [WIP] Audit logs Audit logs Feb 3, 2023
bsekachev
bsekachev approved these changes Feb 16, 2023
View reviewed changes
cvat-ui/src/utils/controls-logger.ts
Comment on lines +31 to +32
text: element.innerText,
classes: element.className,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Need to think what kind of information we are going to record about pressed buttons. Maybe need to add descriptive class name to all the buttons. Now not everything has it and it is not always clear what button has been pressed.

cvat-ui/src/utils/controls-logger.ts
}

private isEventToBeRecorded(node: HTMLElement, filter: string[]): boolean {
return filter.some((cssClass: string) => node.classList.contains(cssClass));
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For now the implementation is allright, but in the future we probably need to generalize it somehow

nmanovic
nmanovic reviewed Feb 16, 2023
View reviewed changes
cvat/requirements/base.txt
@@ -53,3 +53,5 @@ dnspython==2.2.0
setuptools==65.5.1
django-health-check==3.17.0
psutil==5.9.4
clickhouse-connect==0.5.10
django-crum==0.7.9
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The app isn't supported for 2 years already: https://github.com/ninemoreminutes/django-crum

nmanovic
nmanovic reviewed Feb 16, 2023
View reviewed changes
cvat/apps/events/serializers.py
task_id = serializers.IntegerField(required=False, allow_null=True)
job_id = serializers.IntegerField(required=False, allow_null=True)
user_id = serializers.IntegerField(required=False, allow_null=True)
org_id = serializers.IntegerField(required=False, allow_null=True)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's add org_slug

nmanovic
nmanovic reviewed Feb 17, 2023
View reviewed changes
Copy link
Contributor

@nmanovic nmanovic left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please look for kibana word and cleanup

nmanovic
nmanovic reviewed Feb 17, 2023
View reviewed changes
cvat/apps/events/export.py Outdated
writer.writerows(result.result_rows)

archive_ctime = os.path.getctime(output_filename)
scheduler = django_rq.get_scheduler(settings.CVAT_QUEUES.IMPORT_DATA.value)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why IMPORT_DATA queue?

nmanovic
nmanovic reviewed Feb 18, 2023
View reviewed changes
cvat/settings/base.py
@@ -217,6 +218,7 @@ def add_ssh_keys():
# FIXME
# 'corsheaders.middleware.CorsPostCsrfMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'crum.CurrentRequestUserMiddleware',
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We will need to remove the extension. It isn't well supported. Let's think how to do that.

nmanovic
nmanovic reviewed Feb 18, 2023
View reviewed changes
cvat/apps/events/handlers.py
return get_current_user()

def user_id(instance):
current_user = _get_current_user(instance)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why do we need to call _get_current_user? We handle a request. The request has an authentication user. Why should we get a user from job.segment.task.owner?

nmanovic
nmanovic approved these changes Feb 18, 2023
View reviewed changes
Copy link
Contributor

@nmanovic nmanovic left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's merge the PR. I will propose to discuss some tricky moments on Monday.

@nmanovic nmanovic merged commit 27224f2 into develop Feb 18, 2023
@nmanovic nmanovic deleted the az/audit_logs branch February 18, 2023 20:35
mikhail-treskin pushed a commit to retailnext/cvat that referenced this pull request Jul 1, 2023
@azhavoro @mikhail-treskin
Audit logs (cvat-ai#5646)
6d25648
@bsekachev bsekachev mentioned this pull request Jul 20, 2023
Closed
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bsekachev bsekachev bsekachev approved these changes

@nmanovic nmanovic nmanovic approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@azhavoro @bsekachev @nmanovic @sizov-kirill @klakhov