Models

Below are the models of the audit app.

AuditUrlLog

Model that records the urls visited by the user.

  class AuditUrlLog(TimeStampedModel):
      actor = models.ForeignKey(
          to=CustomUser,
          on_delete=models.SET_NULL,
          blank=True,
          null=True,
          related_name="audit_url_actor",
      )
      url = models.CharField(max_length=150, blank=True, null=True)
      method = models.CharField(max_length=15, blank=True, null=True)
      params = models.TextField(blank=True, null=True)
      ip = models.CharField(max_length=30, blank=True, null=True)
      user_agent = models.CharField(max_length=250, blank=True, null=True)

      @classmethod
      def create_url_log(cls, path, method, params, device, ip, user: None):
          obj = cls()

          global_settings = GlobalSettings.objects.first()
          if global_settings and global_settings.active_audit:
              if isinstance(user, CustomUser):
                  obj.actor = user
              obj.url = path
              obj.method = method
              obj.params = params
              obj.user_agent = device
              obj.ip = ip
              obj.save()

          return obj

The main fields are:

  • actor: Related to the CustomUser model to record the user who has visited the url. This field can be null, in case there is no authenticated user.

  • url: The visited path is stored.

  • method: Registers the request method (GET, POST, DELETE, UPDATE, among others).

  • params: A text in json format with additional parameters to the model fields.

  • ip: Stores the user’s IP address.

  • user_agent: Registers the user’s device.

The methods of this model are:

  • create_url_log: Method created to register a new url log. It does not require to instantiate the model.

UrlListLog

Model to store the list of urls of the application and activate its verification in the system.

  class UrlListLog(TimeStampedModel):
      path = models.CharField(max_length=150, blank=True, null=True)
      is_active = models.BooleanField(default=False)

      @classmethod
      def create_register(cls, path: str):
          if bool(UrlListLog.objects.filter(path=path)):
              return None

          obj = cls()
          obj.path = path
          obj.save()

          return obj

The main fields are:

  • path: Path of the url.

  • is_active: Boolean field that tells the system if the path should be recorded in the log when it is visited by the user.

The methods of this model are:

  • create_register: Method to register a new Url. It does not require to instantiate the model.

ModelListLog

Model to store the list of System Models. To do this, in each model.py file there must be an object called apps_audit_models whose key is the name of the model and the value is the model (an example can be seen at the end of the models section of accounts).

  class ModelListLog(TimeStampedModel):
    model = models.CharField(max_length=100, blank=True, null=True)
    model_name = models.CharField(max_length=100, blank=True, null=True)
    is_active = models.BooleanField(default=False)

    @classmethod
    def create_register(cls, model: str, model_name: str):
        if bool(ModelListLog.objects.filter(model_name=model_name)):
            return None

        obj = cls()
        obj.model = model
        obj.model_name = model_name
        obj.save()

        return obj

The main fields are:

  • model: The model declared in the models.py files

  • model_name: Model identification name.

  • is_active: Boolean field that tells the system if the model should be registered in the log when an event is generated in it.

The methods of this model are:

  • create_register: Method to register a new model. It does not require to be instantiated.

To record the events generated in the models, the auditlog3 package is used in its version 1.0.1

AuditEventLog

Model to register custom events in the system. This allows the developer to have a personalized log of a specific point in the flow of the application.

  class AuditEventLog(TimeStampedModel):
    actor = models.ForeignKey(
        to=CustomUser,
        on_delete=models.SET_NULL,
        blank=True,
        null=True,
        related_name="audit_event_actor",
    )
    activity_text = models.CharField(max_length=255, blank=True, null=True)
    params = models.TextField(blank=True, null=True)

    @classmethod
    def create_register(cls, activity_text, extra_params, user=None):
        obj = cls()

        global_settings = GlobalSettings.objects.first()
        if global_settings and global_settings.active_audit:
            if isinstance(user, CustomUser):
                obj.actor = user
            obj.activity_text = activity_text
            obj.params = extra_params
            obj.save()

        return obj

The main fields are:

  • actor: A relationship to the CustomUser model to register the user at the time the event is executed. This field can be null, in case there is no authenticated user.

  • activity_text: Explanatory text of the registered event.

  • params: Boolean field that tells the system if the model should be registered in the log when an event is generated in it.

The methods of this model are:

  • create_register: Method that allows to register a new event. It does not require to instantiate the model.

AuditSettings

Model that stores the Log storage strategy in the audit app. At the moment it only includes strategies for url logs, associated with the UrlListLog and AuditUrlLog models.

  class AuditSettings(models.Model):
    NOTHING, EVERYTHING = 1, 2
    ONLY_WHITELIST, EXCEPT_WHITELIST = 3, 4

    STRATEGIES = (
        (NOTHING, ("Do nothing")),
        (EVERYTHING, ("Log everything")),
        (ONLY_WHITELIST, ("Log only whitelisted")),
        (EXCEPT_WHITELIST, ("Log everything except whitelisted")),
    )

    urls_log_strategy = models.IntegerField(choices=STRATEGIES, default=NOTHING)

    def save(self, *args, **kwargs):
        self.pk = 1
        super(AuditSettings, self).save(*args, **kwargs)

    def delete(self, *args, **kwargs):
        pass

    @classmethod
    def load(cls):
        obj, created = cls.objects.get_or_create(pk=1)
        return obj

The main fields are:

  • STRATEGIES: Tuple with the possible strategies for recording logs.

  • urls_log_strategy: To record the selected strategy for url log recording.

The methods of this model are:

  • save: Override of the save method to only allow storing a single record in the model.

  • delete: Override of the delete method to not allow deletion of the stored record, if any.

  • load: To get the record stored in the model; if there is a record, one is created. It does not require to instantiate the model.