Automatic audit logging using SQLA events

2018-09-19 11:41:27 -04:00
parent b7a33de29d
commit ddc2e2fad7
27 changed files with 346 additions and 26 deletions
--- a/atst/domain/authz.py
+++ b/atst/domain/authz.py
@@ -43,3 +43,12 @@ class Authorization(object):
    def check_workspace_permission(cls, user, workspace, permission, message):
        if not Authorization.has_workspace_permission(user, workspace, permission):
            raise UnauthorizedError(user, message)
+
+    @classmethod
+    def check_atat_permission(cls, user, permission, message):
+        if not Authorization.has_atat_permission(user, permission):
+            raise UnauthorizedError(user, message)
+
+    @classmethod
+    def can_view_audit_log(cls, user):
+        return Authorization.has_atat_permission(user, Permissions.VIEW_AUDIT_LOG)