Skip to content

[11.0][ADD] auditlog_security #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
thomaspaulb wants to merge 30 commits into
base: 11.0
Choose a base branch
from
Open

[11.0][ADD] auditlog_security #1

thomaspaulb wants to merge 30 commits into from

Conversation

@thomaspaulb
Copy link

@thomaspaulb thomaspaulb commented Jun 2, 2022

No description provided.

@thomaspaulb thomaspaulb mentioned this pull request Jun 2, 2022
Closed
thomaspaulb
thomaspaulb commented Jun 2, 2022
View reviewed changes
@gfcapalbo
Copy link

gfcapalbo commented Jun 7, 2022

@thomaspaulb linted XML and added many2many_tags widget to the fields in treeview.
I think that covers it all.

KKamaa
KKamaa reviewed Jul 5, 2022
View reviewed changes
KKamaa
KKamaa reviewed Jul 5, 2022
View reviewed changes
KKamaa
KKamaa reviewed Jul 5, 2022
View reviewed changes
@thomaspaulb
Copy link
Author

thomaspaulb commented Jul 19, 2022

@KKamaa TODO here:

  • All users can now see "View Logs" and "View Log Lines", whereas most users should just see "View Log Lines" ---> I propose to create a new security group "View Auditlog logs" that people can have, which allows them to see the "View Logs" button, and we just disable that for most (if not all) people.

  • I see that the auditlog security rules have a "name" field, but it's not editable on the form view and I don't think it makes sense so we could remove it.

thomaspaulb
thomaspaulb commented Jul 19, 2022
View reviewed changes
thomaspaulb
thomaspaulb commented Jul 19, 2022
View reviewed changes
thomaspaulb
thomaspaulb commented Jul 19, 2022
View reviewed changes
@gfcapalbo gfcapalbo force-pushed the 11.0-auditlog_extension branch from eab1c5f to 57cb6b0 Compare July 20, 2022 16:50
@gfcapalbo gfcapalbo force-pushed the 11.0-auditlog_extension branch from 57cb6b0 to 42a3b7e Compare July 20, 2022 16:56
thomaspaulb
thomaspaulb commented Jul 21, 2022
View reviewed changes
thomaspaulb
thomaspaulb commented Jul 21, 2022
View reviewed changes
thomaspaulb
thomaspaulb commented Jul 21, 2022
View reviewed changes
thomaspaulb
thomaspaulb commented Jul 25, 2022
View reviewed changes
auditlog_security/models/auditlog_line_access_rule.py
# return with context key so that deletion will not be forbidden
return self.env["ir.rule"].search(
[("auditlog_line_access_rule_id", "in", self.ids)]
)
Copy link
Author

@thomaspaulb thomaspaulb Jul 25, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

TBH why is this a function, we could just make it into a One2many field definition of ir_rule_ids ?

Copy link

@gfcapalbo gfcapalbo Jul 26, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I like this more, this is the access for 1 rule the function is readable. leaving pending.

thomaspaulb
thomaspaulb commented Jul 25, 2022
View reviewed changes
thomaspaulb
thomaspaulb commented Jul 25, 2022
View reviewed changes
thomaspaulb
thomaspaulb commented Jul 25, 2022
View reviewed changes
thomaspaulb
thomaspaulb commented Jul 25, 2022
View reviewed changes
thomaspaulb
thomaspaulb commented Jul 26, 2022
View reviewed changes
Pieter Paulussen and others added 2 commits July 26, 2022 13:33
@StefanRijnhart @gfcapalbo
[IMP] auditlog: prevent cascading delete of logs when models or field…
df143e6 
…s are unlinked

When a field or a model is unlinked, keep the related audit logs. Denormalize
the field and model info on the logs and log lines so that the information
is still available after the deletion of the related data model.

Also, to improve the performance of the deletion of fields and models,
add indexes on the log's model_id and log line's field_id.

Co-Authored-By: Stefan Rijnhart <stefan@opener.am>
@gfcapalbo
fixup! [IMP] auditlog: prevent cascading delete of logs when models o…
568c754 
…r fields are unlinked
@gfcapalbo gfcapalbo force-pushed the 11.0-auditlog_extension branch from d968cf6 to 92b0afb Compare July 26, 2022 12:47
@gfcapalbo gfcapalbo force-pushed the 11.0-auditlog_extension branch from c533770 to c3fb342 Compare July 26, 2022 16:06
thomaspaulb
thomaspaulb commented Jul 27, 2022
View reviewed changes
thomaspaulb
thomaspaulb commented Jul 27, 2022
View reviewed changes
@gfcapalbo gfcapalbo force-pushed the 11.0-auditlog_extension branch from e447224 to d031f6a Compare July 28, 2022 14:29
@gfcapalbo
Copy link

gfcapalbo commented Jul 28, 2022

@thomaspaulb I have implemented what we discussed.
I cannot be sure if there are some "perfoemance degradation bombs" I have not thought about, but i have verified that the ormcache clear is trigger when we change auditlog_line_access_rule_ids.

@gfcapalbo gfcapalbo force-pushed the 11.0-auditlog_extension branch from 4885b60 to b09f5b8 Compare July 28, 2022 16:53
Tom Blauwendraat and others added 5 commits August 19, 2022 13:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gfcapalbo gfcapalbo gfcapalbo left review comments

@KKamaa KKamaa KKamaa left review comments

+1 more reviewer

@capalbog capalbog capalbog left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

7 participants

@thomaspaulb @gfcapalbo @capalbog @KKamaa @Kiplangatdan @renzo-brown