VPN/remnawave-bedolaga-telegram-bot
1
0
Fork 0
mirror of https://github.com/BEDOLAGA-DEV/remnawave-bedolaga-telegram-bot.git synced 2026-03-05 05:13:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: add resource_type and request body to audit log entries

Browse Source
This commit is contained in:
Fringg
2026-02-25 05:11:43 +03:00
parent f6b6e22a95
commit 388fc7ee67
1 changed files with 22 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
app/cabinet/dependencies.py
View File

@@ -296,6 +296,13 @@ def require_permission(*permissions: str):
)
user_agent = request.headers.get('user-agent', '')
# Extract resource_type from the first permission (section before ':')
resource_type = None
if permissions:
first_perm = permissions[0]
if ':' in first_perm:
resource_type = first_perm.split(':', maxsplit=1)[0]
for perm in permissions:
allowed, reason = await PermissionService.check_permission(
db, user, perm, ip_address=ip_address,
@@ -305,6 +312,7 @@ def require_permission(*permissions: str):
db,
user_id=user.id,
action=perm,
resource_type=resource_type,
status='denied',
ip_address=ip_address,
user_agent=user_agent,
@@ -318,16 +326,30 @@ def require_permission(*permissions: str):
detail=f'Permission denied: {reason}',
)
# Capture request body for mutating methods
details: dict | None = None
if request.method in ('POST', 'PUT', 'PATCH', 'DELETE'):
try:
body = await request.body()
if body:
import json
details = {'request_body': json.loads(body)}
except Exception:
pass
# Log successful access with all requested permissions
await PermissionService.log_action(
db,
user_id=user.id,
action=','.join(permissions),
resource_type=resource_type,
status='success',
ip_address=ip_address,
user_agent=user_agent,
request_method=request.method,
request_path=str(request.url.path),
details=details,
)
await db.commit()
return user