From 3b2b3dd3c25e072f7a32b16dd6428b760fb4e3f7 Mon Sep 17 00:00:00 2001
From: Ferry Boender <ferry.boender@gmail.com>
Date: Fri, 24 Apr 2015 19:58:50 +0200
Subject: [PATCH] Log script invocation for auditing purposes

---
 src/scriptform.py | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/src/scriptform.py b/src/scriptform.py
index 38f15ce..ee2416a 100755
--- a/src/scriptform.py
+++ b/src/scriptform.py
@@ -244,6 +244,7 @@ class FormConfig:
         self.title = title
         self.users = users
         self.forms = forms
+        self.log = logging.getLogger('FORMCONFIG')
 
         # Validate scripts
         for form_def in self.forms:
@@ -288,6 +289,11 @@ class FormConfig:
         """
         form = self.get_form_def(form_name)
 
+        # Log the callback and its parameters for auditing purposes.
+        self.log.info("Calling script {0}".format(form.script))
+        self.log.info("User: {0}".format(getattr(request, 'username', 'None')))
+        self.log.info("Variables: {0}".format(dict(form_values.items())))
+
         os.chdir(os.path.dirname(form.script))
 
         # Pass form values to the script through the environment as strings.
@@ -608,6 +614,7 @@ class ScriptFormWebApp(WebAppHandler):
                 if username in form_config.users and \
                    pw_hash == form_config.users[username]:
                     self.username = username
+                    print self.username
                     authorized = True
 
             if not authorized: