Add auditable superuser mode (#824)

* Remove is_superuser everywhere * Session handling * List of sessions, relative timeout * Absolute timeout * Optionally pseudo-force audit comments * Fix failing tests * Add tests * Add docs * Rebsae migration * Typos * Fix tests
2018-03-28 14:16:58 +02:00
parent 558c920181
commit a284e0c2f7
56 changed files with 965 additions and 130 deletions
--- a/src/pretix/base/migrations/0087_auto_20180317_1952.py
+++ b/src/pretix/base/migrations/0087_auto_20180317_1952.py
@@ -0,0 +1,64 @@
+# -*- coding: utf-8 -*-
+# Generated by Django 1.11.10 on 2018-03-17 19:52
+from __future__ import unicode_literals
+
+from django.conf import settings
+from django.db import migrations, models
+
+
+def set_is_staff(apps, schema_editor):
+    User = apps.get_model('pretixbase', 'User')
+    User.objects.filter(is_superuser=True).update(is_staff=True)
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ('pretixbase', '0086_auto_20180320_1219'),
+    ]
+
+    operations = [
+        migrations.RunPython(
+            set_is_staff,
+            migrations.RunPython.noop,
+        ),
+        migrations.RemoveField(
+            model_name='user',
+            name='is_superuser',
+        ),
+        migrations.CreateModel(
+            name='StaffSession',
+            fields=[
+                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('date_start', models.DateTimeField(auto_now_add=True)),
+                ('date_end', models.DateTimeField(blank=True, null=True)),
+                ('session_key', models.CharField(max_length=255)),
+                ('comment', models.TextField()),
+            ],
+        ),
+        migrations.CreateModel(
+            name='StaffSessionAuditLog',
+            fields=[
+                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('datetime', models.DateTimeField(auto_now_add=True)),
+                ('url', models.CharField(max_length=255)),
+                ('session', models.ForeignKey(on_delete=models.deletion.CASCADE, related_name='logs', to='pretixbase.StaffSession')),
+            ],
+        ),
+        migrations.AddField(
+            model_name='staffsession',
+            name='user',
+            field=models.ForeignKey(default=None, on_delete=models.deletion.CASCADE, to=settings.AUTH_USER_MODEL),
+            preserve_default=False,
+        ),
+        migrations.AddField(
+            model_name='staffsessionauditlog',
+            name='impersonating',
+            field=models.ForeignKey(blank=True, null=True, on_delete=models.deletion.CASCADE, to=settings.AUTH_USER_MODEL),
+        ),
+        migrations.AddField(
+            model_name='staffsessionauditlog',
+            name='method',
+            field=models.CharField(default='GET', max_length=255),
+            preserve_default=False,
+        ),
+    ]