Rename audit internals to cmmc_audit
This commit is contained in:
parent
18d8fb7f1a
commit
73bf84e651
15 changed files with 54 additions and 54 deletions
|
|
@ -1,6 +1,6 @@
|
|||
# CMMC Audit Plugin
|
||||
|
||||
The in-tree package is named `coldfront.plugins.cmmc_audit`, the Django app label remains `carc_audit` for migration compatibility, and the user-facing Django admin label is **CMMC Audit**.
|
||||
The in-tree package is named `coldfront.plugins.cmmc_audit`, the Django app label remains `cmmc_audit` for migration compatibility, and the user-facing Django admin label is **CMMC Audit**.
|
||||
|
||||
This plugin records append-only operational evidence for ColdFront workflows. It keeps raw forensic data such as `old_values`, `new_values`, target type/id, request path, IP address, source, and source id while adding CMMC-oriented admin columns for reviewers.
|
||||
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@ from .models import AuditEvent
|
|||
from .utils import log_event
|
||||
|
||||
|
||||
PATCH_MARKER = "_carc_audit_admin_log_patch_installed"
|
||||
PATCH_MARKER = "_cmmc_audit_admin_log_patch_installed"
|
||||
|
||||
|
||||
def _message_to_text(message):
|
||||
|
|
|
|||
|
|
@ -7,7 +7,7 @@ from .resolvers import allocation_label
|
|||
from .utils import log_event
|
||||
|
||||
|
||||
PATCH_MARKER = "_carc_audit_allocation_workflow_patch_installed"
|
||||
PATCH_MARKER = "_cmmc_audit_allocation_workflow_patch_installed"
|
||||
|
||||
|
||||
def _date_value(value):
|
||||
|
|
|
|||
2
apps.py
2
apps.py
|
|
@ -4,7 +4,7 @@ from django.apps import AppConfig
|
|||
class CmmcAuditConfig(AppConfig):
|
||||
default_auto_field = 'django.db.models.BigAutoField'
|
||||
name = 'coldfront.plugins.cmmc_audit'
|
||||
label = 'carc_audit'
|
||||
label = 'cmmc_audit'
|
||||
verbose_name = 'CMMC Audit'
|
||||
|
||||
def ready(self):
|
||||
|
|
|
|||
|
|
@ -28,11 +28,11 @@ class Migration(migrations.Migration):
|
|||
('message', models.TextField(blank=True)),
|
||||
('request_path', models.CharField(blank=True, max_length=255)),
|
||||
('ip_address', models.GenericIPAddressField(blank=True, null=True)),
|
||||
('actor', models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='carc_audit_events', to=settings.AUTH_USER_MODEL)),
|
||||
('actor', models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='cmmc_audit_events', to=settings.AUTH_USER_MODEL)),
|
||||
],
|
||||
options={
|
||||
'ordering': ['-timestamp'],
|
||||
'indexes': [models.Index(fields=['timestamp'], name='carc_audit__timesta_8969da_idx'), models.Index(fields=['action'], name='carc_audit__action_80997f_idx'), models.Index(fields=['actor'], name='carc_audit__actor_i_6096a0_idx'), models.Index(fields=['target_type', 'target_id'], name='carc_audit__target__4e5508_idx')],
|
||||
'indexes': [models.Index(fields=['timestamp'], name='cmmc_audit__timesta_8969da_idx'), models.Index(fields=['action'], name='cmmc_audit__action_80997f_idx'), models.Index(fields=['actor'], name='cmmc_audit__actor_i_6096a0_idx'), models.Index(fields=['target_type', 'target_id'], name='cmmc_audit__target__4e5508_idx')],
|
||||
},
|
||||
),
|
||||
]
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@ from django.db import migrations, models
|
|||
class Migration(migrations.Migration):
|
||||
|
||||
dependencies = [
|
||||
('carc_audit', '0001_initial'),
|
||||
('cmmc_audit', '0001_initial'),
|
||||
]
|
||||
|
||||
operations = [
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@ from django.db import migrations, models
|
|||
class Migration(migrations.Migration):
|
||||
|
||||
dependencies = [
|
||||
('carc_audit', '0002_alter_auditevent_action'),
|
||||
('cmmc_audit', '0002_alter_auditevent_action'),
|
||||
]
|
||||
|
||||
operations = [
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@ from django.db import migrations, models
|
|||
class Migration(migrations.Migration):
|
||||
|
||||
dependencies = [
|
||||
('carc_audit', '0003_alter_auditevent_action'),
|
||||
('cmmc_audit', '0003_alter_auditevent_action'),
|
||||
]
|
||||
|
||||
operations = [
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@ from django.db import migrations, models
|
|||
class Migration(migrations.Migration):
|
||||
|
||||
dependencies = [
|
||||
('carc_audit', '0004_alter_auditevent_action'),
|
||||
('cmmc_audit', '0004_alter_auditevent_action'),
|
||||
]
|
||||
|
||||
operations = [
|
||||
|
|
|
|||
|
|
@ -33,7 +33,7 @@ ACTION_EVIDENCE_MAP = {
|
|||
|
||||
|
||||
def backfill_cmmc_fields(apps, schema_editor):
|
||||
AuditEvent = apps.get_model("carc_audit", "AuditEvent")
|
||||
AuditEvent = apps.get_model("cmmc_audit", "AuditEvent")
|
||||
for event in AuditEvent.objects.all().iterator():
|
||||
evidence_category, control_family, source = ACTION_EVIDENCE_MAP.get(event.action, ("", "", "runtime"))
|
||||
event.event_time = event.timestamp
|
||||
|
|
@ -53,14 +53,14 @@ def backfill_cmmc_fields(apps, schema_editor):
|
|||
class Migration(migrations.Migration):
|
||||
|
||||
dependencies = [
|
||||
('carc_audit', '0005_alter_auditevent_action'),
|
||||
('cmmc_audit', '0005_alter_auditevent_action'),
|
||||
migrations.swappable_dependency(settings.AUTH_USER_MODEL),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.RemoveIndex(
|
||||
model_name='auditevent',
|
||||
name='carc_audit__timesta_8969da_idx',
|
||||
name='cmmc_audit__timesta_8969da_idx',
|
||||
),
|
||||
migrations.AddField(
|
||||
model_name='auditevent',
|
||||
|
|
@ -95,14 +95,14 @@ class Migration(migrations.Migration):
|
|||
migrations.RunPython(backfill_cmmc_fields, migrations.RunPython.noop),
|
||||
migrations.AddIndex(
|
||||
model_name='auditevent',
|
||||
index=models.Index(fields=['event_time'], name='carc_audit__event_t_752462_idx'),
|
||||
index=models.Index(fields=['event_time'], name='cmmc_audit__event_t_752462_idx'),
|
||||
),
|
||||
migrations.AddIndex(
|
||||
model_name='auditevent',
|
||||
index=models.Index(fields=['evidence_category'], name='carc_audit__evidenc_404a75_idx'),
|
||||
index=models.Index(fields=['evidence_category'], name='cmmc_audit__evidenc_404a75_idx'),
|
||||
),
|
||||
migrations.AddIndex(
|
||||
model_name='auditevent',
|
||||
index=models.Index(fields=['source'], name='carc_audit__source_21deb0_idx'),
|
||||
index=models.Index(fields=['source'], name='cmmc_audit__source_21deb0_idx'),
|
||||
),
|
||||
]
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@ from django.db import migrations, models
|
|||
class Migration(migrations.Migration):
|
||||
|
||||
dependencies = [
|
||||
('carc_audit', '0006_add_cmmc_evidence_fields'),
|
||||
('cmmc_audit', '0006_add_cmmc_evidence_fields'),
|
||||
]
|
||||
|
||||
operations = [
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@ from django.db import migrations, models
|
|||
class Migration(migrations.Migration):
|
||||
|
||||
dependencies = [
|
||||
('carc_audit', '0007_backfillrun_alter_auditevent_source'),
|
||||
('cmmc_audit', '0007_backfillrun_alter_auditevent_source'),
|
||||
]
|
||||
|
||||
operations = [
|
||||
|
|
|
|||
|
|
@ -93,7 +93,7 @@ class AuditEvent(models.Model):
|
|||
null=True,
|
||||
blank=True,
|
||||
on_delete=models.SET_NULL,
|
||||
related_name="carc_audit_events",
|
||||
related_name="cmmc_audit_events",
|
||||
)
|
||||
|
||||
action = models.CharField(max_length=64, choices=Action.choices)
|
||||
|
|
|
|||
|
|
@ -9,7 +9,7 @@ from .resolvers import project_label, project_review_label
|
|||
from .utils import log_event
|
||||
|
||||
|
||||
PATCH_MARKER = "_carc_audit_project_review_patch_installed"
|
||||
PATCH_MARKER = "_cmmc_audit_project_review_patch_installed"
|
||||
_state = threading.local()
|
||||
|
||||
|
||||
|
|
|
|||
68
signals.py
68
signals.py
|
|
@ -75,17 +75,17 @@ def _cache_old_instance(instance, attr_name):
|
|||
setattr(instance, attr_name, old_instance)
|
||||
|
||||
|
||||
@receiver(pre_save, sender=UserProfile, dispatch_uid="carc_audit_user_profile_pre_save")
|
||||
@receiver(pre_save, sender=UserProfile, dispatch_uid="cmmc_audit_user_profile_pre_save")
|
||||
def cache_user_profile(sender, instance, **kwargs):
|
||||
_cache_old_instance(instance, "_carc_audit_old")
|
||||
_cache_old_instance(instance, "_cmmc_audit_old")
|
||||
|
||||
|
||||
@receiver(post_save, sender=UserProfile, dispatch_uid="carc_audit_user_profile_post_save")
|
||||
@receiver(post_save, sender=UserProfile, dispatch_uid="cmmc_audit_user_profile_post_save")
|
||||
def audit_user_profile_pi_status(sender, instance, created, **kwargs):
|
||||
if created:
|
||||
return
|
||||
|
||||
old_instance = getattr(instance, "_carc_audit_old", None)
|
||||
old_instance = getattr(instance, "_cmmc_audit_old", None)
|
||||
if old_instance is None or old_instance.is_pi == instance.is_pi:
|
||||
return
|
||||
|
||||
|
|
@ -107,17 +107,17 @@ def audit_user_profile_pi_status(sender, instance, created, **kwargs):
|
|||
)
|
||||
|
||||
|
||||
@receiver(pre_save, sender=User, dispatch_uid="carc_audit_user_pre_save")
|
||||
@receiver(pre_save, sender=User, dispatch_uid="cmmc_audit_user_pre_save")
|
||||
def cache_user(sender, instance, **kwargs):
|
||||
_cache_old_instance(instance, "_carc_audit_old")
|
||||
_cache_old_instance(instance, "_cmmc_audit_old")
|
||||
|
||||
|
||||
@receiver(post_save, sender=User, dispatch_uid="carc_audit_user_post_save")
|
||||
@receiver(post_save, sender=User, dispatch_uid="cmmc_audit_user_post_save")
|
||||
def audit_user_admin_privileges(sender, instance, created, **kwargs):
|
||||
if created:
|
||||
return
|
||||
|
||||
old_instance = getattr(instance, "_carc_audit_old", None)
|
||||
old_instance = getattr(instance, "_cmmc_audit_old", None)
|
||||
if old_instance is None:
|
||||
return
|
||||
|
||||
|
|
@ -147,7 +147,7 @@ def audit_user_admin_privileges(sender, instance, created, **kwargs):
|
|||
)
|
||||
|
||||
|
||||
@receiver(allocation_new, dispatch_uid="carc_audit_allocation_new")
|
||||
@receiver(allocation_new, dispatch_uid="cmmc_audit_allocation_new")
|
||||
def audit_allocation_requested(sender, allocation_pk, **kwargs):
|
||||
allocation = Allocation.objects.select_related("project", "status").get(pk=allocation_pk)
|
||||
log_event(
|
||||
|
|
@ -166,7 +166,7 @@ def audit_allocation_requested(sender, allocation_pk, **kwargs):
|
|||
)
|
||||
|
||||
|
||||
@receiver(allocation_activate, dispatch_uid="carc_audit_allocation_activate")
|
||||
@receiver(allocation_activate, dispatch_uid="cmmc_audit_allocation_activate")
|
||||
def audit_allocation_activated(sender, allocation_pk, **kwargs):
|
||||
allocation = Allocation.objects.select_related("status").get(pk=allocation_pk)
|
||||
log_event(
|
||||
|
|
@ -179,7 +179,7 @@ def audit_allocation_activated(sender, allocation_pk, **kwargs):
|
|||
)
|
||||
|
||||
|
||||
@receiver(allocation_disable, dispatch_uid="carc_audit_allocation_disable")
|
||||
@receiver(allocation_disable, dispatch_uid="cmmc_audit_allocation_disable")
|
||||
def audit_allocation_disabled(sender, allocation_pk, **kwargs):
|
||||
allocation = Allocation.objects.select_related("status").get(pk=allocation_pk)
|
||||
status_name = _choice_name(allocation.status)
|
||||
|
|
@ -196,7 +196,7 @@ def audit_allocation_disabled(sender, allocation_pk, **kwargs):
|
|||
)
|
||||
|
||||
|
||||
@receiver(allocation_change_created, dispatch_uid="carc_audit_allocation_change_created")
|
||||
@receiver(allocation_change_created, dispatch_uid="cmmc_audit_allocation_change_created")
|
||||
def audit_allocation_change_created(sender, allocation_pk, allocation_change_pk, **kwargs):
|
||||
allocation_change = AllocationChangeRequest.objects.select_related("allocation", "status").get(
|
||||
pk=allocation_change_pk
|
||||
|
|
@ -225,7 +225,7 @@ def audit_allocation_change_created(sender, allocation_pk, allocation_change_pk,
|
|||
)
|
||||
|
||||
|
||||
@receiver(allocation_change_approved, dispatch_uid="carc_audit_allocation_change_approved")
|
||||
@receiver(allocation_change_approved, dispatch_uid="cmmc_audit_allocation_change_approved")
|
||||
def audit_allocation_change_approved(sender, allocation_pk, allocation_change_pk, **kwargs):
|
||||
allocation_change = AllocationChangeRequest.objects.select_related("allocation", "status").get(
|
||||
pk=allocation_change_pk
|
||||
|
|
@ -269,7 +269,7 @@ def audit_allocation_change_approved(sender, allocation_pk, allocation_change_pk
|
|||
)
|
||||
|
||||
|
||||
@receiver(project_activate_user, dispatch_uid="carc_audit_project_activate_user")
|
||||
@receiver(project_activate_user, dispatch_uid="cmmc_audit_project_activate_user")
|
||||
def audit_project_user_added(sender, project_user_pk, **kwargs):
|
||||
project_user = ProjectUser.objects.select_related("project", "user", "role", "status").get(pk=project_user_pk)
|
||||
# Project.add_user() uses update_or_create(), but project_activate_user only
|
||||
|
|
@ -293,7 +293,7 @@ def audit_project_user_added(sender, project_user_pk, **kwargs):
|
|||
)
|
||||
|
||||
|
||||
@receiver(project_remove_user, dispatch_uid="carc_audit_project_remove_user")
|
||||
@receiver(project_remove_user, dispatch_uid="cmmc_audit_project_remove_user")
|
||||
def audit_project_user_removed(sender, project_user_pk, **kwargs):
|
||||
project_user = ProjectUser.objects.select_related("project", "user", "role", "status").get(pk=project_user_pk)
|
||||
log_event(
|
||||
|
|
@ -311,12 +311,12 @@ def audit_project_user_removed(sender, project_user_pk, **kwargs):
|
|||
)
|
||||
|
||||
|
||||
@receiver(pre_save, sender=Project, dispatch_uid="carc_audit_project_pre_save")
|
||||
@receiver(pre_save, sender=Project, dispatch_uid="cmmc_audit_project_pre_save")
|
||||
def cache_project(sender, instance, **kwargs):
|
||||
_cache_old_instance(instance, "_carc_audit_old")
|
||||
_cache_old_instance(instance, "_cmmc_audit_old")
|
||||
|
||||
|
||||
@receiver(post_save, sender=Project, dispatch_uid="carc_audit_project_post_save")
|
||||
@receiver(post_save, sender=Project, dispatch_uid="cmmc_audit_project_post_save")
|
||||
def audit_project_save(sender, instance, created, **kwargs):
|
||||
if created:
|
||||
log_event(
|
||||
|
|
@ -329,7 +329,7 @@ def audit_project_save(sender, instance, created, **kwargs):
|
|||
)
|
||||
return
|
||||
|
||||
old_instance = getattr(instance, "_carc_audit_old", None)
|
||||
old_instance = getattr(instance, "_cmmc_audit_old", None)
|
||||
if old_instance is None:
|
||||
return
|
||||
|
||||
|
|
@ -385,7 +385,7 @@ def audit_project_save(sender, instance, created, **kwargs):
|
|||
)
|
||||
|
||||
|
||||
@receiver(project_archive, dispatch_uid="carc_audit_project_archive")
|
||||
@receiver(project_archive, dispatch_uid="cmmc_audit_project_archive")
|
||||
def audit_project_archived_signal(sender, project_obj, **kwargs):
|
||||
if AuditEvent.objects.filter(
|
||||
action=AuditEvent.Action.PROJECT_ARCHIVED,
|
||||
|
|
@ -405,7 +405,7 @@ def audit_project_archived_signal(sender, project_obj, **kwargs):
|
|||
)
|
||||
|
||||
|
||||
@receiver(post_delete, sender=Project, dispatch_uid="carc_audit_project_post_delete")
|
||||
@receiver(post_delete, sender=Project, dispatch_uid="cmmc_audit_project_post_delete")
|
||||
def audit_project_delete(sender, instance, **kwargs):
|
||||
log_event(
|
||||
AuditEvent.Action.PROJECT_DELETED,
|
||||
|
|
@ -417,17 +417,17 @@ def audit_project_delete(sender, instance, **kwargs):
|
|||
)
|
||||
|
||||
|
||||
@receiver(pre_save, sender=ProjectReview, dispatch_uid="carc_audit_project_review_pre_save")
|
||||
@receiver(pre_save, sender=ProjectReview, dispatch_uid="cmmc_audit_project_review_pre_save")
|
||||
def cache_project_review(sender, instance, **kwargs):
|
||||
_cache_old_instance(instance, "_carc_audit_old")
|
||||
_cache_old_instance(instance, "_cmmc_audit_old")
|
||||
|
||||
|
||||
@receiver(post_save, sender=ProjectReview, dispatch_uid="carc_audit_project_review_post_save")
|
||||
@receiver(post_save, sender=ProjectReview, dispatch_uid="cmmc_audit_project_review_post_save")
|
||||
def audit_project_review_status_changed(sender, instance, created, **kwargs):
|
||||
if created or is_project_review_status_suppressed(instance.pk):
|
||||
return
|
||||
|
||||
old_instance = getattr(instance, "_carc_audit_old", None)
|
||||
old_instance = getattr(instance, "_cmmc_audit_old", None)
|
||||
if old_instance is None:
|
||||
return
|
||||
|
||||
|
|
@ -447,17 +447,17 @@ def audit_project_review_status_changed(sender, instance, created, **kwargs):
|
|||
)
|
||||
|
||||
|
||||
@receiver(pre_save, sender=ProjectUser, dispatch_uid="carc_audit_project_user_role_pre_save")
|
||||
@receiver(pre_save, sender=ProjectUser, dispatch_uid="cmmc_audit_project_user_role_pre_save")
|
||||
def cache_project_user(sender, instance, **kwargs):
|
||||
_cache_old_instance(instance, "_carc_audit_old")
|
||||
_cache_old_instance(instance, "_cmmc_audit_old")
|
||||
|
||||
|
||||
@receiver(post_save, sender=ProjectUser, dispatch_uid="carc_audit_project_user_role_post_save")
|
||||
@receiver(post_save, sender=ProjectUser, dispatch_uid="cmmc_audit_project_user_role_post_save")
|
||||
def audit_project_user_role_change(sender, instance, created, **kwargs):
|
||||
if created:
|
||||
return
|
||||
|
||||
old_instance = getattr(instance, "_carc_audit_old", None)
|
||||
old_instance = getattr(instance, "_cmmc_audit_old", None)
|
||||
if old_instance is None:
|
||||
return
|
||||
|
||||
|
|
@ -480,12 +480,12 @@ def audit_project_user_role_change(sender, instance, created, **kwargs):
|
|||
)
|
||||
|
||||
|
||||
@receiver(pre_save, sender=Resource, dispatch_uid="carc_audit_resource_pre_save")
|
||||
@receiver(pre_save, sender=Resource, dispatch_uid="cmmc_audit_resource_pre_save")
|
||||
def cache_resource(sender, instance, **kwargs):
|
||||
_cache_old_instance(instance, "_carc_audit_old")
|
||||
_cache_old_instance(instance, "_cmmc_audit_old")
|
||||
|
||||
|
||||
@receiver(post_save, sender=Resource, dispatch_uid="carc_audit_resource_post_save")
|
||||
@receiver(post_save, sender=Resource, dispatch_uid="cmmc_audit_resource_post_save")
|
||||
def audit_resource_save(sender, instance, created, **kwargs):
|
||||
if created:
|
||||
log_event(
|
||||
|
|
@ -498,7 +498,7 @@ def audit_resource_save(sender, instance, created, **kwargs):
|
|||
)
|
||||
return
|
||||
|
||||
old_instance = getattr(instance, "_carc_audit_old", None)
|
||||
old_instance = getattr(instance, "_cmmc_audit_old", None)
|
||||
if old_instance is None:
|
||||
return
|
||||
|
||||
|
|
@ -526,7 +526,7 @@ def audit_resource_save(sender, instance, created, **kwargs):
|
|||
)
|
||||
|
||||
|
||||
@receiver(post_delete, sender=Resource, dispatch_uid="carc_audit_resource_post_delete")
|
||||
@receiver(post_delete, sender=Resource, dispatch_uid="cmmc_audit_resource_post_delete")
|
||||
def audit_resource_delete(sender, instance, **kwargs):
|
||||
log_event(
|
||||
AuditEvent.Action.RESOURCE_DELETED,
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue