Kobe/docupulse
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

logging auth, conversations, and contacts

Browse Source
This commit is contained in:
Kobe
2025-05-30 13:48:07 +02:00
parent 9159817947
commit 7723cd0d70
6 changed files with 309 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

128
routes/contacts.py
View File

@@ -5,6 +5,7 @@ from forms import UserForm
from flask import abort
from sqlalchemy import or_
from routes.auth import require_password_change
from utils import log_event
import json
import os
from werkzeug.utils import secure_filename
@@ -120,6 +121,22 @@ def new_contact():
user.set_password('changeme') # Set default password
db.session.add(user)
db.session.commit()
# Log user creation event
log_event(
event_type='user_create',
details={
'created_by': current_user.id,
'created_by_name': f"{current_user.username} {current_user.last_name}",
'user_id': user.id,
'user_name': f"{user.username} {user.last_name}",
'email': user.email,
'is_admin': user.is_admin,
'method': 'admin_creation'
}
)
db.session.commit()
flash('User created successfully! They will need to change their password on first login.', 'success')
return redirect(url_for('contacts.contacts_list'))
return render_template('contacts/form.html', form=form, title='New User', total_admins=total_admins)
@@ -138,6 +155,16 @@ def edit_profile():
flash('There must be at least one admin user in the system.', 'error')
return render_template('contacts/form.html', form=form, title='Edit Profile', total_admins=total_admins)
# Store old values for comparison
old_values = {
'user_name': f"{current_user.username} {current_user.last_name}",
'email': current_user.email,
'phone': current_user.phone,
'company': current_user.company,
'position': current_user.position,
'is_admin': current_user.is_admin
}
current_user.username = form.first_name.data
current_user.last_name = form.last_name.data
current_user.email = form.email.data
@@ -146,10 +173,39 @@ def edit_profile():
current_user.position = form.position.data
current_user.notes = form.notes.data
current_user.is_admin = form.is_admin.data
# Set password if provided
password_changed = False
if form.new_password.data:
current_user.set_password(form.new_password.data)
password_changed = True
db.session.commit()
# Log profile update event
log_event(
event_type='user_update',
details={
'user_id': current_user.id,
'user_name': f"{current_user.username} {current_user.last_name}",
'updated_by': current_user.id,
'updated_by_name': f"{current_user.username} {current_user.last_name}",
'old_values': old_values,
'new_values': {
'username': current_user.username,
'last_name': current_user.last_name,
'email': current_user.email,
'phone': current_user.phone,
'company': current_user.company,
'position': current_user.position,
'is_admin': current_user.is_admin
},
'password_changed': password_changed,
'method': 'self_update'
}
)
db.session.commit()
flash('Profile updated successfully!', 'success')
return redirect(url_for('contacts.contacts_list'))
@@ -220,6 +276,17 @@ def edit_contact(id):
if existing_user:
flash('A user with this email already exists.', 'error')
return render_template('contacts/form.html', form=form, title='Edit User', total_admins=total_admins, user=user)
# Store old values for comparison
old_values = {
'user_name': f"{user.username} {user.last_name}",
'email': user.email,
'phone': user.phone,
'company': user.company,
'position': user.position,
'is_admin': user.is_admin
}
user.username = form.first_name.data
user.last_name = form.last_name.data
user.email = form.email.data
@@ -228,10 +295,38 @@ def edit_contact(id):
user.position = form.position.data
user.notes = form.notes.data
user.is_admin = form.is_admin.data
# Set password if provided
password_changed = False
if form.new_password.data:
user.set_password(form.new_password.data)
password_changed = True
db.session.commit()
# Log user update event
log_event(
event_type='user_update',
details={
'user_id': user.id,
'user_name': f"{user.username} {user.last_name}",
'updated_by': current_user.id,
'updated_by_name': f"{current_user.username} {current_user.last_name}",
'old_values': old_values,
'new_values': {
'user_name': f"{user.username} {user.last_name}",
'email': user.email,
'phone': user.phone,
'company': user.company,
'position': user.position,
'is_admin': user.is_admin
},
'password_changed': password_changed,
'method': 'admin_update'
}
)
db.session.commit()
flash('User updated successfully!', 'success')
return redirect(url_for('contacts.contacts_list'))
return render_template('contacts/form.html', form=form, title='Edit User', total_admins=total_admins, user=user)
@@ -246,6 +341,21 @@ def delete_contact(id):
if user.email == current_user.email:
flash('You cannot delete your own account.', 'error')
return redirect(url_for('contacts.contacts_list'))
# Log user deletion event
log_event(
event_type='user_delete',
details={
'user_id': user.id,
'user_name': f"{user.username} {user.last_name}",
'deleted_by': current_user.id,
'deleted_by_name': f"{current_user.username} {current_user.last_name}",
'email': user.email,
'is_admin': user.is_admin
}
)
db.session.commit()
db.session.delete(user)
db.session.commit()
flash('User deleted successfully!', 'success')
@@ -261,7 +371,25 @@ def toggle_active(id):
if user.email == current_user.email:
flash('You cannot deactivate your own account.', 'error')
return redirect(url_for('contacts.contacts_list'))
old_status = user.is_active
user.is_active = not user.is_active
# Log status change event
log_event(
event_type='user_update',
details={
'user_id': user.id,
'user_name': f"{user.username} {user.last_name}",
'updated_by': current_user.id,
'updated_by_name': f"{current_user.username} {current_user.last_name}",
'update_type': 'status_change',
'old_status': old_status,
'new_status': user.is_active,
'email': user.email
}
)
db.session.commit()
flash(f'User marked as {"active" if user.is_active else "inactive"}!', 'success')
return redirect(url_for('contacts.contacts_list'))