From 601ca1c655fb221d8dac9a5dd1cb081b730f4a7e Mon Sep 17 00:00:00 2001 From: dandds Date: Fri, 22 Mar 2019 11:48:59 -0400 Subject: [PATCH] fix access logs and add request method --- atst/domain/authz/decorator.py | 8 ++++---- tests/domain/test_authz.py | 3 +++ 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/atst/domain/authz/decorator.py b/atst/domain/authz/decorator.py index a10e3d77..4c240ac3 100644 --- a/atst/domain/authz/decorator.py +++ b/atst/domain/authz/decorator.py @@ -34,16 +34,16 @@ def user_can_access_decorator(permission, message=None, exception=None): try: check_access(permission, message, exception, *args, **kwargs) app.logger.info( - "[access] User {} accessed {}".format( - g.current_user.id, g.current_user.dod_id, request.path + "[access] User {} accessed {} {}".format( + g.current_user.id, request.method, request.path ) ) return f(*args, **kwargs) except UnauthorizedError as err: app.logger.warning( - "[access] User {} denied access to {}".format( - g.current_user.id, g.current_user.dod_id, request.path + "[access] User {} denied access {} {}".format( + g.current_user.id, request.method, request.path ) ) diff --git a/tests/domain/test_authz.py b/tests/domain/test_authz.py index 4d6c88c0..13349c2a 100644 --- a/tests/domain/test_authz.py +++ b/tests/domain/test_authz.py @@ -176,6 +176,7 @@ def test_user_can_access_decorator_logs_access( _do_something() assert len(mock_logger.messages) == 1 assert "accessed" in mock_logger.messages[0] + assert "GET" in mock_logger.messages[0] def _unauthorized(*a, **k): raise UnauthorizedError(user, "do something") @@ -183,5 +184,7 @@ def test_user_can_access_decorator_logs_access( monkeypatch.setattr("atst.domain.authz.decorator.check_access", _unauthorized) with pytest.raises(UnauthorizedError): _do_something() + assert len(mock_logger.messages) == 2 assert "denied access" in mock_logger.messages[1] + assert "GET" in mock_logger.messages[1]