Log script invocation for auditing purposes

pull/7/head
Ferry Boender 10 years ago
parent 2dfa35a29b
commit 3b2b3dd3c2
  1. 7
      src/scriptform.py

@ -244,6 +244,7 @@ class FormConfig:
self.title = title self.title = title
self.users = users self.users = users
self.forms = forms self.forms = forms
self.log = logging.getLogger('FORMCONFIG')
# Validate scripts # Validate scripts
for form_def in self.forms: for form_def in self.forms:
@ -288,6 +289,11 @@ class FormConfig:
""" """
form = self.get_form_def(form_name) form = self.get_form_def(form_name)
# Log the callback and its parameters for auditing purposes.
self.log.info("Calling script {0}".format(form.script))
self.log.info("User: {0}".format(getattr(request, 'username', 'None')))
self.log.info("Variables: {0}".format(dict(form_values.items())))
os.chdir(os.path.dirname(form.script)) os.chdir(os.path.dirname(form.script))
# Pass form values to the script through the environment as strings. # Pass form values to the script through the environment as strings.
@ -608,6 +614,7 @@ class ScriptFormWebApp(WebAppHandler):
if username in form_config.users and \ if username in form_config.users and \
pw_hash == form_config.users[username]: pw_hash == form_config.users[username]:
self.username = username self.username = username
print self.username
authorized = True authorized = True
if not authorized: if not authorized:

Loading…
Cancel
Save