django-auditlog/src/auditlog/middleware.py

from __future__ import unicode_literals

import threading
import time

from django.conf import settings
from django.db.models.signals import pre_save
from django.utils.functional import curry
from django.apps import apps
from auditlog.models import LogEntry

# Use MiddlewareMixin when present (Django >= 1.10)
try:
    from django.utils.deprecation import MiddlewareMixin
except ImportError:
    MiddlewareMixin = object


threadlocal = threading.local()


class AuditlogMiddleware(MiddlewareMixin):
    """
    Middleware to couple the request's user to log items. This is accomplished by currying the signal receiver with the
    user from the request (or None if the user is not authenticated).
    """

    def process_request(self, request):
        """
        Gets the current user from the request and prepares and connects a signal receiver with the user already
        attached to it.
        """
        # Initialize thread local storage
        threadlocal.auditlog = {
            'signal_duid': (self.__class__, time.time()),
            'remote_addr': request.META.get('REMOTE_ADDR'),
        }

        # In case of proxy, set 'original' address
        if request.META.get('HTTP_X_FORWARDED_FOR'):
            threadlocal.auditlog['remote_addr'] = request.META.get('HTTP_X_FORWARDED_FOR').split(',')[0]

        # Connect signal for automatic logging
        if hasattr(request, 'user') and hasattr(request.user, 'is_authenticated') and request.user.is_authenticated():
            set_actor = curry(self.set_actor, user=request.user, signal_duid=threadlocal.auditlog['signal_duid'])
            pre_save.connect(set_actor, sender=LogEntry, dispatch_uid=threadlocal.auditlog['signal_duid'], weak=False)

    def process_response(self, request, response):
        """
        Disconnects the signal receiver to prevent it from staying active.
        """
        if hasattr(threadlocal, 'auditlog'):
            pre_save.disconnect(sender=LogEntry, dispatch_uid=threadlocal.auditlog['signal_duid'])

        return response

    def process_exception(self, request, exception):
        """
        Disconnects the signal receiver to prevent it from staying active in case of an exception.
        """
        if hasattr(threadlocal, 'auditlog'):
            pre_save.disconnect(sender=LogEntry, dispatch_uid=threadlocal.auditlog['signal_duid'])

        return None

    @staticmethod
    def set_actor(user, sender, instance, signal_duid, **kwargs):
        """
        Signal receiver with an extra, required 'user' kwarg. This method becomes a real (valid) signal receiver when
        it is curried with the actor.
        """
        if signal_duid != threadlocal.auditlog['signal_duid']:
            return
        try:
            app_label, model_name = settings.AUTH_USER_MODEL.split('.')
            auth_user_model = apps.get_model(app_label, model_name)
        except ValueError:
            auth_user_model = apps.get_model('auth', 'user')
        if sender == LogEntry and isinstance(user, auth_user_model) and instance.actor is None:
            instance.actor = user
        if hasattr(threadlocal, 'auditlog'):
            instance.remote_addr = threadlocal.auditlog['remote_addr']
First try at making Auditlog work with Python 3 Issue #15 2015-02-16 21:17:22 +00:00			`from __future__ import unicode_literals`

Use threadlocals to store middleware data instead of the request 2015-06-03 14:29:40 +00:00			`import threading`
ensure signal disconnection 2014-02-07 19:59:16 +00:00			`import time`

Make LogEntry and middleware compatible with custom user models 2013-10-20 17:24:33 +00:00			`from django.conf import settings`
First implementation 2013-10-20 13:25:48 +00:00			`from django.db.models.signals import pre_save`
			`from django.utils.functional import curry`
Changed import to use the new apps module for get_model, this removes the Django warning: site-packages/auditlog/middleware.py:9: RemovedInDjango19Warning: The utilities in django.db.models.loading are deprecated in favor of the new application loading system. from django.db.models.loading import get_model 2015-08-20 18:49:22 +00:00			`from django.apps import apps`
First implementation 2013-10-20 13:25:48 +00:00			`from auditlog.models import LogEntry`

Update middleware for Django 1.10 2016-08-17 20:45:02 +00:00			`# Use MiddlewareMixin when present (Django >= 1.10)`
			`try:`
			`from django.utils.deprecation import MiddlewareMixin`
			`except ImportError:`
			`MiddlewareMixin = object`

First implementation 2013-10-20 13:25:48 +00:00
Use threadlocals to store middleware data instead of the request 2015-06-03 14:29:40 +00:00			`threadlocal = threading.local()`


Update middleware for Django 1.10 2016-08-17 20:45:02 +00:00			`class AuditlogMiddleware(MiddlewareMixin):`
First implementation 2013-10-20 13:25:48 +00:00			`"""`
			`Middleware to couple the request's user to log items. This is accomplished by currying the signal receiver with the`
			`user from the request (or None if the user is not authenticated).`
			`"""`

			`def process_request(self, request):`
Extend inline documentation 2013-11-06 19:48:16 +00:00			`"""`
			`Gets the current user from the request and prepares and connects a signal receiver with the user already`
			`attached to it.`
			`"""`
Use threadlocals to store middleware data instead of the request 2015-06-03 14:29:40 +00:00			`# Initialize thread local storage`
			`threadlocal.auditlog = {`
			`'signal_duid': (self.__class__, time.time()),`
			`'remote_addr': request.META.get('REMOTE_ADDR'),`
			`}`

			`# In case of proxy, set 'original' address`
			`if request.META.get('HTTP_X_FORWARDED_FOR'):`
			`threadlocal.auditlog['remote_addr'] = request.META.get('HTTP_X_FORWARDED_FOR').split(',')[0]`

			`# Connect signal for automatic logging`
First implementation 2013-10-20 13:25:48 +00:00			`if hasattr(request, 'user') and hasattr(request.user, 'is_authenticated') and request.user.is_authenticated():`
implemented suggested fix in #72 2016-11-02 13:30:05 +00:00			`set_actor = curry(self.set_actor, user=request.user, signal_duid=threadlocal.auditlog['signal_duid'])`
Use threadlocals to store middleware data instead of the request 2015-06-03 14:29:40 +00:00			`pre_save.connect(set_actor, sender=LogEntry, dispatch_uid=threadlocal.auditlog['signal_duid'], weak=False)`
First implementation 2013-10-20 13:25:48 +00:00
			`def process_response(self, request, response):`
Extend inline documentation 2013-11-06 19:48:16 +00:00			`"""`
			`Disconnects the signal receiver to prevent it from staying active.`
			`"""`
Use threadlocals to store middleware data instead of the request 2015-06-03 14:29:40 +00:00			`if hasattr(threadlocal, 'auditlog'):`
			`pre_save.disconnect(sender=LogEntry, dispatch_uid=threadlocal.auditlog['signal_duid'])`
ensure signal disconnection 2014-02-07 19:59:16 +00:00
			`return response`

			`def process_exception(self, request, exception):`
			`"""`
			`Disconnects the signal receiver to prevent it from staying active in case of an exception.`
			`"""`
Use threadlocals to store middleware data instead of the request 2015-06-03 14:29:40 +00:00			`if hasattr(threadlocal, 'auditlog'):`
			`pre_save.disconnect(sender=LogEntry, dispatch_uid=threadlocal.auditlog['signal_duid'])`
Extend inline documentation 2013-11-06 19:48:16 +00:00
process_exception returns None 2014-02-07 20:02:03 +00:00			`return None`
First implementation 2013-10-20 13:25:48 +00:00
Make the set_actor method from the middleware static. Also, catch only the relevant exception. 2013-12-18 16:16:39 +00:00			`@staticmethod`
implemented suggested fix in #72 2016-11-02 13:30:05 +00:00			`def set_actor(user, sender, instance, signal_duid, **kwargs):`
Extend inline documentation 2013-11-06 19:48:16 +00:00			`"""`
			`Signal receiver with an extra, required 'user' kwarg. This method becomes a real (valid) signal receiver when`
			`it is curried with the actor.`
			`"""`
implemented suggested fix in #72 2016-11-02 13:30:05 +00:00			`if signal_duid != threadlocal.auditlog['signal_duid']:`
			`return`
make AUTH_USER_MODEL to work with 'app_label.model_name' format 2013-11-27 22:35:34 +00:00			`try:`
			`app_label, model_name = settings.AUTH_USER_MODEL.split('.')`
Changed import to use the new apps module for get_model, this removes the Django warning: site-packages/auditlog/middleware.py:9: RemovedInDjango19Warning: The utilities in django.db.models.loading are deprecated in favor of the new application loading system. from django.db.models.loading import get_model 2015-08-20 18:49:22 +00:00			`auth_user_model = apps.get_model(app_label, model_name)`
Make the set_actor method from the middleware static. Also, catch only the relevant exception. 2013-12-18 16:16:39 +00:00			`except ValueError:`
Changed import to use the new apps module for get_model, this removes the Django warning: site-packages/auditlog/middleware.py:9: RemovedInDjango19Warning: The utilities in django.db.models.loading are deprecated in favor of the new application loading system. from django.db.models.loading import get_model 2015-08-20 18:49:22 +00:00			`auth_user_model = apps.get_model('auth', 'user')`
make AUTH_USER_MODEL to work with 'app_label.model_name' format 2013-11-27 22:35:34 +00:00			`if sender == LogEntry and isinstance(user, auth_user_model) and instance.actor is None:`
First implementation 2013-10-20 13:25:48 +00:00			`instance.actor = user`
Only set remote_addr in set_actor method 2015-06-03 14:49:04 +00:00			`if hasattr(threadlocal, 'auditlog'):`
Fixes #31 2015-07-29 11:27:15 +00:00			`instance.remote_addr = threadlocal.auditlog['remote_addr']`