mgr/dashboard_v2: Log script_name on unauthorized access

This commit also replaces double quotes with single quotes. Signed-off-by: Volker Theile <vtheile@suse.com>
2025-01-01 00:22:25 +00:00 · 2018-01-25 10:21:43 +01:00 · 2018-01-25 10:21:43 +01:00 · 654c35e3b0
commit 654c35e3b0
parent 01eeb84996
2 changed files with 11 additions and 10 deletions
--- a/src/pybind/mgr/dashboard_v2/auth.py
+++ b/src/pybind/mgr/dashboard_v2/auth.py
@ -53,24 +53,25 @@ class Auth(object):
            cherrypy.session.regenerate()
            cherrypy.session[Auth.SESSION_KEY] = username
            cherrypy.session[Auth.SESSION_KEY_TS] = now
-            self.log.debug("Login successful")
+            self.log.debug('Login successful')
            return {'username': username}
        else:
            cherrypy.response.status = 403
-            self.log.debug("Login fail")
+            self.log.debug('Login fail')
            return {'detail': 'Invalid credentials'}

    @cherrypy.expose
    @cherrypy.tools.allow(methods=['POST'])
    def logout(self):
-        self.log.debug("Logout successful")
+        self.log.debug('Logout successful')
        cherrypy.session[Auth.SESSION_KEY] = None
        cherrypy.session[Auth.SESSION_KEY_TS] = None

    def check_auth(self):
        username = cherrypy.session.get(Auth.SESSION_KEY)
        if not username:
-            self.log.debug("Unauthorized")
+            self.log.debug('Unauthorized access to {}'.format(cherrypy.url(
+                relative='server')))
            raise cherrypy.HTTPError(401, 'You are not authorized to access '
                                          'that resource')
        now = int(time.time())
@ -82,7 +83,7 @@ class Auth(object):
            if username_ts and username_ts < now - expires:
                cherrypy.session[Auth.SESSION_KEY] = None
                cherrypy.session[Auth.SESSION_KEY_TS] = None
-                self.log.debug("Session expired.")
+                self.log.debug('Session expired.')
                raise cherrypy.HTTPError(401,
                                         'Session expired. You are not '
                                         'authorized to access that resource')
--- a/src/pybind/mgr/dashboard_v2/restresource.py
+++ b/src/pybind/mgr/dashboard_v2/restresource.py
@ -17,7 +17,7 @@ def _takes_json(func):

 def _returns_json(func):
    def inner(*args, **kwargs):
-        cherrypy.serving.response.headers['Content-Type'] = "application/json"
+        cherrypy.serving.response.headers['Content-Type'] = 'application/json'
        ret = func(*args, **kwargs)
        return json.dumps(ret).encode('utf8')
    return inner
@ -53,16 +53,16 @@ class RESTResource(object):
    """

    _cp_config = {
-                  'request.error_page': {'default': json_error_page},
-                  }
+        'request.error_page': {'default': json_error_page},
+    }

    def _not_implemented(self, is_element):
        methods = [method
                   for ((method, _is_element), (meth, _))
                   in self._method_mapping.items()
                   if _is_element == is_element and hasattr(self, meth)]
-        cherrypy.response.headers["Allow"] = ",".join(methods)
-        raise cherrypy.HTTPError(405, "Method not implemented.")
+        cherrypy.response.headers['Allow'] = ','.join(methods)
+        raise cherrypy.HTTPError(405, 'Method not implemented.')

    _method_mapping = {
        ('GET', False): ('list', 200),