[web2py] Tracking/Tracing actions

Thu, 29 Mar 2012 08:10:51 -0700 

Hello,

I am working on a "secure" documentation system that should support file 
uploads but also to give the ability to trace user actions like 
download/upload of files. This should be integrated in the portal itself so 
that the administrator doesn't need to parse web log files and trace users 
and IP's. Example:

user Malkovich submitted a file: report.docx with hash: 102310239123123 at 
2012.03.27 10:12:45 (GMT)
user BigFatCat downloaded the file: report.docx (id: 1201010121) 
at 2012.03.27 12:11:05 (GMT)
...

So, I just said what I have and I want, so now let me tell have I done 
about this:

in the model:

...
db.define_table('attachment',
    Field('name', requires=IS_NOT_EMPTY()),
    Field('filename'),
    Field('description'),
    Field('doc_type', 
requires=IS_IN_SET(['text','report','image','other']), default='other'),
    Field('hash', 'string'),
    Field('file','upload'),
    format='%(name)s')

db.define_table('logs',
    Field('message','string', requires=IS_NOT_EMPTY()),
    Field('full_description','text'),
    Field('action', 'string', 
requires=IS_IN_SET(['create','remove','download','upload', 
'edit','other']),default='download'),
    Field('attachments', 'list:reference attachment', notnull=False),
    Field('user', 'list:reference auth_user'),
    Field('happened_on','datetime', default=datetime.datetime.now()))
...

in the controller:

def hash(file):
    return hashlib.md5(open(file).read()).hexdigest()

@auth.requires_login()
def insert_file():
    form = SQLFORM(db.attachment, upload=URL('download'), fields=['name', 
'description', 'file'])
    if request.vars.file!=None:
        form.vars.filename = request.vars.file.filename # not sure about 
this one...
        form.vars.hash = hash(file)
    if form.process().accepted:
        db.logs.insert(message='file submitted', 
full_description=forn.vars.hash, action='upload', attachments='', 
user=auth.user.id, happened_on=request.now)        
        response.flash = 'form accepted'    
    elif form.errors:
        response.flash = 'something went wrong, try harder'
    record = db.attachment(request.args(0)) or redirect(URL('index'))
    return dict(form=form)
...

This is not yet working but don't think I am on the right track? Tips?

Thank you

Reply via email to