CGM_Public/pretix_cgo
1
0
Fork 0
forked from CGM_Public/pretix_original
Code Pull Requests Actions Activity

Device security profiles: Improve logging

Browse Source
This commit is contained in:
Raphael Michel
2023-02-08 13:33:02 +01:00
parent 289e0096e8
commit ac16adba4c
1 changed files with 10 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/pretix/api/auth/devicesecurity.py
View File

@@ -19,9 +19,12 @@
# You should have received a copy of the GNU Affero General Public License along with this program. If not, see # You should have received a copy of the GNU Affero General Public License along with this program. If not, see
# <https://www.gnu.org/licenses/>. # <https://www.gnu.org/licenses/>.
# #
import logging
from django.utils.translation import gettext_lazy as _ from django.utils.translation import gettext_lazy as _
logger = logging.getLogger(__name__)
class FullAccessSecurityProfile: class FullAccessSecurityProfile:
identifier = 'full' identifier = 'full'
@@ -36,7 +39,13 @@ class AllowListSecurityProfile:
def is_allowed(self, request): def is_allowed(self, request):
key = (request.method, f"{request.resolver_match.namespace}:{request.resolver_match.url_name}") key = (request.method, f"{request.resolver_match.namespace}:{request.resolver_match.url_name}")
return key in self.allowlist if key in self.allowlist:
return True
else:
logger.info(
f'Request {key} not allowed in profile {self.identifier}'
)
return False
class PretixScanSecurityProfile(AllowListSecurityProfile): class PretixScanSecurityProfile(AllowListSecurityProfile):