Closed vincent-olivert-riera closed 8 months ago
I think we can't just do this as-is, because Sender can sometimes include sensitive information.
Audit.log() uses model_to_dict to dump all the information, and we need to ensure the value
field can not accidentally be logged.
I think we can't just do this as-is, because Sender can sometimes include sensitive information.
Audit.log() uses model_to_dict to dump all the information, and we need to ensure the
value
field can not accidentally be logged.
According to my tests, when the "alias" field has been populated, that is what is displayed in the logs. Otherwise the value is displayed.
Is that not good enough? If users do not set an alias, I guess we can assume they don't care if the value is displayed.
Try clicking the 'show' button to see all the details that are stored
Try clicking the 'show' button to see all the details that are stored
Oh, I didn't check that "Show" button. Thanks!
I fixed that issue in 5df5890.
LGTM. Rebase and I'll do a final check.
LGTM. Rebase and I'll do a final check.
Done.
We had a query for listing notifiers in views.py::AuditList, however, we never registered any logs from signals.py, therefore the result of that query was always empty.
This commit adds the necessary instructions for registering logs when creating, updating or deleting notifiers, so they will appear in the audit logs.