contentdb/app/blueprints/admin/audit.py

52 lines
1.8 KiB
Python
Raw Normal View History

2020-07-11 03:32:17 +02:00
# ContentDB
# Copyright (C) 2020 rubenwardy
#
# This program is free software: you can redistribute it and/or modify
2021-01-30 17:59:42 +01:00
# it under the terms of the GNU Affero General Public License as published by
2020-07-11 03:32:17 +02:00
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
2021-01-30 17:59:42 +01:00
# GNU Affero General Public License for more details.
2020-07-11 03:32:17 +02:00
#
2021-01-30 17:59:42 +01:00
# You should have received a copy of the GNU Affero General Public License
2020-07-11 03:32:17 +02:00
# along with this program. If not, see <https://www.gnu.org/licenses/>.
from flask import render_template, request, abort
from flask_login import current_user, login_required
from app.models import db, AuditLogEntry, UserRank, User, Permission
2020-12-04 00:43:05 +01:00
from app.utils import rank_required, get_int_or_abort
2020-07-11 03:32:17 +02:00
from . import bp
2020-07-11 03:32:17 +02:00
@bp.route("/admin/audit/")
@rank_required(UserRank.MODERATOR)
def audit():
2020-12-04 00:43:05 +01:00
page = get_int_or_abort(request.args.get("page"), 1)
num = min(40, get_int_or_abort(request.args.get("n"), 100))
query = AuditLogEntry.query.order_by(db.desc(AuditLogEntry.created_at))
if "username" in request.args:
user = User.query.filter_by(username=request.args.get("username")).first()
if not user:
abort(404)
query = query.filter_by(causer=user)
2023-04-23 22:49:53 +02:00
pagination = query.paginate(page=page, per_page=num)
2020-12-04 00:43:05 +01:00
return render_template("admin/audit.html", log=pagination.items, pagination=pagination)
2022-02-10 03:20:12 +01:00
@bp.route("/admin/audit/<int:id_>/")
@login_required
2022-01-26 20:12:42 +01:00
def audit_view(id_):
entry: AuditLogEntry = AuditLogEntry.query.get_or_404(id_)
if not entry.checkPerm(current_user, Permission.VIEW_AUDIT_DESCRIPTION):
abort(403)
return render_template("admin/audit_view.html", entry=entry)