Merge pull request #1116 from haiwen/log-api

add admin log api

seahub/api2/endpoints/admin/file_audit.py

@@ -0,0 +1,59 @@
+from rest_framework.authentication import SessionAuthentication
+from rest_framework.permissions import IsAdminUser
+from rest_framework.response import Response
+from rest_framework.views import APIView
+from rest_framework import status
+
+from seaserv import seafile_api
+
+from .utils import check_time_period_valid, \
+    get_log_events_by_type_and_time
+
+from seahub.api2.authentication import TokenAuthentication
+from seahub.api2.throttling import UserRateThrottle
+from seahub.api2.utils import api_error
+
+from seahub.base.templatetags.seahub_tags import email2nickname
+from seahub.utils.timeutils import datetime_to_isoformat_timestr
+from seahub.utils import EVENTS_ENABLED
+
+class FileAudit(APIView):
+
+    authentication_classes = (TokenAuthentication, SessionAuthentication )
+    permission_classes = (IsAdminUser,)
+    throttle_classes = (UserRateThrottle,)
+
+    def get(self, request):
+
+        if not EVENTS_ENABLED:
+            error_msg = 'Feature disabled.'
+            return api_error(status.HTTP_403_FORBIDDEN, error_msg)
+
+        # check the date format, should be like '2015-10-10'
+        start = request.GET.get('start', None)
+        end = request.GET.get('end', None)
+
+        if not check_time_period_valid(start, end):
+            error_msg = 'start or end date invalid.'
+            return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
+
+        result = []
+        events = get_log_events_by_type_and_time('file_audit', start, end)
+        if events:
+            for ev in events:
+                tmp_repo = seafile_api.get_repo(ev.repo_id)
+                tmp_repo_name = tmp_repo.name if tmp_repo else ''
+
+                result.append({
+                    'repo_id': ev.repo_id,
+                    'repo_name': tmp_repo_name,
+                    'time': datetime_to_isoformat_timestr(ev.timestamp),
+                    'etype': ev.etype,
+                    'ip': ev.ip,
+                    'file_path': ev.file_path,
+                    'etype': ev.etype,
+                    'user_name': email2nickname(ev.user),
+                    'user_email': ev.user
+                })
+
+        return Response(result)

seahub/api2/endpoints/admin/file_update.py

@@ -0,0 +1,57 @@
+from rest_framework.authentication import SessionAuthentication
+from rest_framework.permissions import IsAdminUser
+from rest_framework.response import Response
+from rest_framework.views import APIView
+from rest_framework import status
+
+from seaserv import seafile_api
+
+from .utils import check_time_period_valid, \
+    get_log_events_by_type_and_time
+
+from seahub.api2.authentication import TokenAuthentication
+from seahub.api2.throttling import UserRateThrottle
+from seahub.api2.utils import api_error
+
+from seahub.base.templatetags.seahub_tags import email2nickname
+from seahub.utils.timeutils import datetime_to_isoformat_timestr
+from seahub.utils import EVENTS_ENABLED
+
+class FileUpdate(APIView):
+
+    authentication_classes = (TokenAuthentication, SessionAuthentication )
+    permission_classes = (IsAdminUser,)
+    throttle_classes = (UserRateThrottle,)
+
+    def get(self, request):
+
+        if not EVENTS_ENABLED:
+            error_msg = 'Feature disabled.'
+            return api_error(status.HTTP_403_FORBIDDEN, error_msg)
+
+        # check the date format, should be like '2015-10-10'
+        start = request.GET.get('start', None)
+        end = request.GET.get('end', None)
+
+        if not check_time_period_valid(start, end):
+            error_msg = 'start or end date invalid.'
+            return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
+
+        result = []
+        events = get_log_events_by_type_and_time('file_update', start, end)
+        if events:
+            for ev in events:
+                tmp_repo = seafile_api.get_repo(ev.repo_id)
+                tmp_repo_name = tmp_repo.name if tmp_repo else ''
+
+                result.append({
+                    'commit_id': ev.commit_id,
+                    'repo_id': ev.repo_id,
+                    'repo_name': tmp_repo_name,
+                    'time': datetime_to_isoformat_timestr(ev.timestamp),
+                    'file_operation': ev.file_oper,
+                    'user_name': email2nickname(ev.user),
+                    'user_email': ev.user
+                })
+
+        return Response(result)

seahub/api2/endpoints/admin/login.py

@@ -0,0 +1,49 @@
+import logging
+
+from rest_framework.authentication import SessionAuthentication
+from rest_framework.permissions import IsAdminUser
+from rest_framework.response import Response
+from rest_framework.views import APIView
+from rest_framework import status
+
+from .utils import check_time_period_valid
+from seahub.base.templatetags.seahub_tags import email2nickname
+from seahub_extra.sysadmin_extra.models import UserLoginLog
+from seahub.utils.timeutils import datetime_to_isoformat_timestr
+from seahub.api2.authentication import TokenAuthentication
+from seahub.api2.throttling import UserRateThrottle
+from seahub.api2.utils import api_error
+
+logger = logging.getLogger(__name__)
+
+class Login(APIView):
+
+    authentication_classes = (TokenAuthentication, SessionAuthentication )
+    permission_classes = (IsAdminUser,)
+    throttle_classes = (UserRateThrottle,)
+
+    def get(self, request):
+
+        # check the date format, should be like '2015-10-10'
+        start = request.GET.get('start', None)
+        end = request.GET.get('end', None)
+
+        if not check_time_period_valid(start, end):
+            error_msg = 'start or end date invalid.'
+            return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
+
+        # Filtering a DateTimeField with dates won't include items on the last day,
+        # because the bounds are interpreted as '0am on the given date'.
+        end = end + ' 23:59:59'
+
+        result = []
+        logs = UserLoginLog.objects.filter(login_date__range=(start, end))
+        for log in logs:
+            result.append({
+                'login_time': datetime_to_isoformat_timestr(log.login_date),
+                'login_ip': log.login_ip,
+                'name': email2nickname(log.username),
+                'email':log.username
+            })
+
+        return Response(result)

seahub/api2/endpoints/admin/perm_audit.py

@@ -0,0 +1,58 @@
+from rest_framework.authentication import SessionAuthentication
+from rest_framework.permissions import IsAdminUser
+from rest_framework.response import Response
+from rest_framework.views import APIView
+from rest_framework import status
+
+from seaserv import seafile_api
+
+from .utils import check_time_period_valid, \
+    get_log_events_by_type_and_time
+
+from seahub.api2.authentication import TokenAuthentication
+from seahub.api2.throttling import UserRateThrottle
+from seahub.api2.utils import api_error
+
+from seahub.base.templatetags.seahub_tags import email2nickname
+from seahub.utils.timeutils import datetime_to_isoformat_timestr
+from seahub.utils import EVENTS_ENABLED
+
+class PermAudit(APIView):
+
+    authentication_classes = (TokenAuthentication, SessionAuthentication )
+    permission_classes = (IsAdminUser,)
+    throttle_classes = (UserRateThrottle,)
+
+    def get(self, request):
+
+        if not EVENTS_ENABLED:
+            error_msg = 'Feature disabled.'
+            return api_error(status.HTTP_403_FORBIDDEN, error_msg)
+        # check the date format, should be like '2015-10-10'
+        start = request.GET.get('start', None)
+        end = request.GET.get('end', None)
+
+        if not check_time_period_valid(start, end):
+            error_msg = 'start or end date invalid.'
+            return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
+
+        result = []
+        events = get_log_events_by_type_and_time('perm_audit', start, end)
+        if events:
+            for ev in events:
+                tmp_repo = seafile_api.get_repo(ev.repo_id)
+                tmp_repo_name = tmp_repo.name if tmp_repo else ''
+
+                result.append({
+                    'etype': ev.etype,
+                    'repo_id': ev.repo_id,
+                    'repo_name': tmp_repo_name,
+                    'permission': ev.permission,
+                    'time': datetime_to_isoformat_timestr(ev.timestamp),
+                    'file_path': ev.file_path,
+                    'from_name': email2nickname(ev.from_user),
+                    'from_email': ev.from_user,
+                    'to': ev.to
+                })
+
+        return Response(result)

seahub/api2/endpoints/admin/utils.py

@@ -0,0 +1,28 @@
+import re
+import datetime
+import time
+
+from seahub.utils import get_log_events_by_time
+
+def check_time_period_valid(start, end):
+    if not start or not end:
+        return False
+
+    # check the date format, should be like '2015-10-10'
+    date_re = re.compile(r'^(\d{4})\-([1-9]|0[1-9]|1[012])\-([1-9]|0[1-9]|[12]\d|3[01])$')
+    if not date_re.match(start) or not date_re.match(end):
+        return False
+
+    return True
+
+def get_log_events_by_type_and_time(log_type, start, end):
+    start_struct_time = datetime.datetime.strptime(start, "%Y-%m-%d")
+    start_timestamp = time.mktime(start_struct_time.timetuple())
+
+    end_struct_time = datetime.datetime.strptime(end, "%Y-%m-%d")
+    end_timestamp = time.mktime(end_struct_time.timetuple())
+    end_timestamp += 24 * 60 * 60
+
+    events = get_log_events_by_time(log_type, start_timestamp, end_timestamp)
+    events = events if events else []
+    return events

seahub/urls.py

@@ -24,6 +24,10 @@ from seahub.api2.endpoints.upload_links import UploadLinks, UploadLink
 from seahub.api2.endpoints.file import FileView
 from seahub.api2.endpoints.dir import DirView
 from seahub.api2.endpoints.repo_set_password import RepoSetPassword
+from seahub.api2.endpoints.admin.login import Login
+from seahub.api2.endpoints.admin.file_audit import FileAudit
+from seahub.api2.endpoints.admin.file_update import FileUpdate
+from seahub.api2.endpoints.admin.perm_audit import PermAudit
 
 # Uncomment the next two lines to enable the admin:
 #from django.contrib import admin
@@ -302,13 +306,20 @@ if getattr(settings, 'ENABLE_SYSADMIN_EXTRA', False):
         sys_log_file_update_export_excel, sys_log_perm_audit_export_excel, \
         sys_log_email_audit
     urlpatterns += patterns('',
+        url(r'^api/v2.1/admin/login/$', Login.as_view(), name='api-v2.1-admin-login'),
         url(r'^sys/loginadmin/$', sys_login_admin, name='sys_login_admin'),
         url(r'^sys/loginadmin/export-excel/$', sys_login_admin_export_excel, name='sys_login_admin_export_excel'),
+
+        url(r'^api/v2.1/admin/file-audit/$', FileAudit.as_view(), name='api-v2.1-admin-file-audit'),
         url(r'^sys/log/fileaudit/$', sys_log_file_audit, name='sys_log_file_audit'),
         url(r'^sys/log/emailaudit/$', sys_log_email_audit, name='sys_log_email_audit'),
         url(r'^sys/log/fileaudit/export-excel/$', sys_log_file_audit_export_excel, name='sys_log_file_audit_export_excel'),
+
+        url(r'^api/v2.1/admin/file-update/$', FileUpdate.as_view(), name='api-v2.1-admin-file-update'),
         url(r'^sys/log/fileupdate/$', sys_log_file_update, name='sys_log_file_update'),
         url(r'^sys/log/fileupdate/export-excel/$', sys_log_file_update_export_excel, name='sys_log_file_update_export_excel'),
+
+        url(r'^api/v2.1/admin/perm-audit/$', PermAudit.as_view(), name='api-v2.1-admin-perm-audit'),
         url(r'^sys/log/permaudit/$', sys_log_perm_audit, name='sys_log_perm_audit'),
         url(r'^sys/log/permaudit/export-excel/$', sys_log_perm_audit_export_excel, name='sys_log_perm_audit_export_excel'),
     )