Triplehx3/contentdb
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Allow approvers and editors to see the audit log (package events only)

Browse Source
This commit is contained in:
rubenwardy
2025-09-23 17:59:45 +01:00
parent feeed21b94
commit b88cc1366f
4 changed files with 9 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
app/blueprints/admin/audit.py
View File

@@ -35,7 +35,7 @@ class AuditForm(FlaskForm):
@bp.route("/admin/audit/")
@rank_required(UserRank.MODERATOR)
@rank_required(UserRank.APPROVER)
def audit():
page = get_int_or_abort(request.args.get("page"), 1)
num = min(40, get_int_or_abort(request.args.get("n"), 100))
@@ -56,6 +56,9 @@ def audit():
if url:
query = query.filter(AuditLogEntry.url.ilike(f"%{url}%"))
if not current_user.rank.at_least(UserRank.MODERATOR):
query = query.filter(AuditLogEntry.package)
pagination = query.paginate(page=page, per_page=num)
return render_template("admin/audit.html", log=pagination.items, pagination=pagination, form=form)

2
app/models/__init__.py
View File

@@ -124,7 +124,7 @@ class AuditLogEntry(db.Model):
raise Exception("Unknown permission given to AuditLogEntry.check_perm()")
if perm == Permission.VIEW_AUDIT_DESCRIPTION:
return user.rank.at_least(UserRank.APPROVER if self.package is not None else UserRank.MODERATOR)
return (self.package and user in self.package.maintainers) or user.rank.at_least(UserRank.APPROVER if self.package is not None else UserRank.MODERATOR)
else:
raise Exception("Permission {} is not related to audit log entries".format(perm.name))

6
app/templates/admin/list.html
View File

@@ -13,15 +13,15 @@
<div class="list-group">
<a class="list-group-item list-group-item-action" href="{{ url_for('users.list_all') }}">
<i class="fas fa-users me-2"></i>
User list
{{ _("User list") }}
</a>
{% if current_user.rank.at_least(current_user.rank.MODERATOR) %}
{% if current_user.rank.at_least(current_user.rank.APPROVER) %}
<a class="list-group-item list-group-item-action" href="{{ url_for('admin.audit') }}">
<i class="fas fa-user-clock me-2"></i>
{{ _("Audit Log") }}
</a>
{% endif %}
{% if current_user.rank.at_least(current_user.rank.MODERATOR) %}
{% if current_user.rank.at_least(current_user.rank.EDITOR) %}
<a class="list-group-item list-group-item-action" href="{{ url_for('report.list_all') }}">
<i class="fas fa-user-clock me-2"></i>
Reports

2
app/templates/report/list.html
View File

@@ -1,7 +1,7 @@
{% extends "base.html" %}
{% block title -%}
{{ _("Reports") }}
Reports
{%- endblock %}