Force logging of /auth/password in operation log

Normally the operation log doesn't include operations performed by users that are not logged in, but we want to make an exception for the change user password form, which is used for changing expired passwords, that doesn't log the user in, but we still want to have it logged. Also, update the default value of mask_fields to include the field names used in that form. Change-Id: Ib07efeda9eecd78b91f8f13624578264282c3f89
2024-08-19 17:55:04 +02:00 · 2024-08-19 17:55:04 +02:00 · 079eceb2c2
commit 079eceb2c2
parent f713010976
3 changed files with 11 additions and 8 deletions
--- a/doc/source/configuration/settings.rst
+++ b/doc/source/configuration/settings.rst
@ -752,7 +752,8 @@ Default:
 .. code-block:: python

    {
-        'mask_fields': ['password'],
+        'mask_fields': ['password', 'current_password', 'original_password',
+                        'new_password', 'confirm_password'],
        'target_methods': ['POST'],
        'ignored_urls': ['/js/', '/static/', '^/api/'],
        'format': ("[%(domain_name)s] [%(domain_id)s] [%(project_name)s]"
--- a/horizon/defaults.py
+++ b/horizon/defaults.py
@ -73,7 +73,7 @@ DEFAULT_THEME = 'default'

 OPERATION_LOG_ENABLED = False
 OPERATION_LOG_OPTIONS = {
-    'mask_fields': ['password', 'current_password',
+    'mask_fields': ['password', 'current_password', 'original_password',
                    'new_password', 'confirm_password'],
    'target_methods': ['POST'],
    'ignore_urls': ['/js/', '/static/', '^/api/'],
--- a/horizon/middleware/operation_log.py
+++ b/horizon/middleware/operation_log.py
@ -115,15 +115,17 @@ class OperationLogMiddleware(object):

    def _get_log_format(self, request):
        """Return operation log format."""
-        user = getattr(request, 'user', None)
-        if not user:
-            return
-        if not request.user.is_authenticated:
-            return
+        request_url = parse.unquote(request.path)
+        # Log the /auth/password/ form even when user is not logged in.
+        if '/auth/password/' not in request_url:
+            user = getattr(request, 'user', None)
+            if not user:
+                return
+            if not request.user.is_authenticated:
+                return
        method = request.method.upper()
        if not (method in self.target_methods):
            return
-        request_url = parse.unquote(request.path)
        for rule in self._ignored_urls:
            if rule.search(request_url):
                return