Metadata-Version: 2.4
Name: collective.auditlog
Version: 3.0.0
Summary: Provides extra conditions and triggers for all content actions
Home-page: https://github.com/collective/collective.auditlog/
Author: rain2o
Author-email: Joel@rain2odesigns.com
License: GPL
Project-URL: PyPI, https://pypi.org/project/collective.auditlog/
Project-URL: Source, https://github.com/collective/collective.auditlog
Project-URL: Tracker, https://github.com/collective/collective.auditlog/issues
Keywords: Plone Audit Log
Classifier: Development Status :: 5 - Production/Stable
Classifier: Framework :: Plone
Classifier: Framework :: Plone :: 5.2
Classifier: Framework :: Plone :: 6.0
Classifier: Framework :: Plone :: Addon
Classifier: Framework :: Zope
Classifier: Framework :: Zope :: 4
Classifier: Framework :: Zope :: 5
Classifier: License :: OSI Approved :: GNU General Public License (GPL)
Classifier: Programming Language :: Python
Classifier: Programming Language :: Python :: 3.7
Classifier: Programming Language :: Python :: 3.8
Classifier: Operating System :: OS Independent
Requires-Python: >=3.7
Requires-Dist: setuptools
Requires-Dist: sqlalchemy<2,>=1.4
Requires-Dist: plone.app.contentrules
Provides-Extra: celery
Requires-Dist: collective.celery; extra == "celery"
Provides-Extra: test
Requires-Dist: plone.app.testing; extra == "test"
Requires-Dist: plone.app.contenttypes; extra == "test"
Requires-Dist: pysqlite; python_version < "3" and extra == "test"
Dynamic: author
Dynamic: author-email
Dynamic: classifier
Dynamic: description
Dynamic: home-page
Dynamic: keywords
Dynamic: license
Dynamic: project-url
Dynamic: provides-extra
Dynamic: requires-dist
Dynamic: requires-python
Dynamic: summary

Introduction
============

The package allows you to audit actions being done on your site.
It accomplishes this by using configurable content rules.

By default, after you activate this package,
it will create all the content rules
that can be used for auditing with only the Page type to audit OOTB.
If you want to audit more types of objects,
you will need to configure the content rules.

The audits are stored into a relational database.
Once installed and called for the first time
it will create a table called "audit" if it does not already exist,
so there is no need to create the table manually.

AuditLog attempts to use plone.app.async or collective.celery to
perform the store actions, but if that fails it will finish the task
directly. The advantage of this is to allow an individual 'worker'
client to run Async and handle all of these request.
If there is a lot of activity it will not get backed up.
Async queues the job up and handles it as it can
while the users request finishes and moves on
avoiding sacrifices in performance.
Refer to the collective.async pypi page
for instructions on setting it up if you use it.
Async is NOT required for AuditLog to work,
however it is advised, especially for high traffic sites.


Installation
============

Download the package from GitHub and extract into your src directory.
Add 'collective.auditlog' to your eggs and zcml slugs in buildout.
Include the location (src/collective.auditlog) in development slugs too.
Run buildout

In Site Setup -> Add-ons, active Audit Log.
Once it is installed you will see "AuditLog" under Add-on Configuration.
This is where you can configuration the relational database.
The configuration string needs to be a valid SQLAlchemy connection string.
The control panel also allows you to enable/disable
tracking of actions performed on working copies.

All that is left is to configure the new Content Rules
to track the content types and actions you desire.

Upgrading
=========

If you are upgrading from an older version, you will need to run the
upgrade steps from the add-ons control panel.

USAGE
=====
For now, collective.auditlog uses SQLAlchemy for storing data. To use
postgres, it's necessary to add the 'psycopg2' egg to the buildout. Once
the product is installed, add the correct connection URL to the product
setup. Example::

    postgresql://enfold:enfold@localhost/auditlog

By default, collective.auditlog uses content rules to define which events
to capture. An additional mechanism has been added that allows the site to
automatically log the various events supported by collective.auditlog.
Simply choose from the picklist in the config for this to work. If no
events are selected, no logging will occur.

It is possible to log custom events from application code by using the
AuditableActionPerformedEvent, like this::

    from zope event import notify
    from collective.auditlog.interfaces import AuditableActionPerformedEvent
    notify(AuditableActionPerformedEvent(obj, request, "action", "note"))

'obj', refers to the affected content object; 'request' is the current zope
request, 'action' and 'note' correspond to the logged action and its
description, respectively. All parameters are required, but everything
except obj can be set to None if no value is available.

In addition to control panel configuration, connection parameters can be
set using the zope-conf-additional directive in the buildout. Note that
this will take precedence over any control panel configuration. Example::

    zope-conf-additional =
        <product-config collective.auditlog>
            audit-connection-string postgres://enfold:enfold@localhost/auditlog
            audit-connection-params {"pool_recycle": 3600, "echo": true}
        </product-config>

There is now a view for the audit log entries, located at @@auditlog-view.
There is no link to it from the control panel at the moment. The view uses
infinite scrollong rather than pagination for looking at the logs.

Searching the audit log
=======================

Audit logs are stored in a SQL table, so you can use any SQL database tool
to analyse the audit log. However, sometimes you may need to query the logs
in the context of the Plone objects that generated them, for which the
information stored in SQL is not enough. For this purpose,
collective.auditlog offers a catalog based mechanism which can be used to
query the logs using any Plone based indexes available at the time of
logging. This can be used, for example, to develop a portlet that shows the
latest documents that have been modified.

To enable catalog-based logging, choose sql+zodb storage in the audit log
control panel. Information will still be stored in the SQL database, but
a special catalog will be enabled to store plone indexing information as
well.

Once this storage is enabled, you can search the logs using a catalog-like
query::

    from datetime import datetime
    from collective.auditlog.catalog import searchAudited

    from = datatime(2018,6,1)
    to = datetime(2018,12,31)
    query = {'portal_type': 'Document',
            'review_state': 'published'}
    audited = searchAudited(from_date=from,
                            to_date=to,
                            actions=['added', 'modified'],
                            **query)

All of the parameters are optional, but an empty query will return all
indexed objects, so use with care.

Note that the query will return catalog records, and any documents that have
multiple actions performed in the selected date range, will only appear once
in the list. There are also catalog records for deleted items, so a query
can be made to look for those even if they are gone from Plone.


Celery Integration
==================
The collective.celery package requires adding the celery and
collective.celery eggs to the mian buildout section eggs. Example::

    eggs =
        celery
        Plone
        collective.celery

We still use the celery-broker part, for clarity. The celery part is
still required, but is simpler::

    [celery-broker]
    host = 127.0.0.1
    port = 6379

    [celery]
    recipe = zc.recipe.egg
    environment-vars = ${buildout:environment-vars}
    eggs =
        ${buildout:eggs}
        flower
    scripts = pcelery flower

The celery part depends on having some variables added to the main
environment-vars section::

    environment-vars =
        CELERY_BROKER_URL redis://${celery-broker:host}:${celery-broker:port}
        CELERY_RESULT_BACKEND redis://${celery-broker:host}:${celery-broker:port}
        CELERY_TASKS collective.es.index.tasks

Additional Zope configuration
-----------------------------

There's now a hook in collective.celery for carrying out additional zope
configuration before running the tasks. If the tasks module contains an
'extra_config' method, it is passed the zope startup object at worker
initialization time. This is used by collective.es.index to run the
elasticsearch configuration method.

Monitoring celery tasks
-----------------------

Celery needs to be started as an independent process. It's recommended to
use supervisord for this. To try it out from the command line, you can run
use supervisord for this. To try it out from the command line, you can run
"bin/pcelery worker" from the buildout directory. Note that the script is
now named 'pcelery' and it needs a path to the zope configuration. Example::

    $ bin/pcelery worker parts/client1/etc/zope.conf

Flower is included in this setup. Run "bin/flower" from the buildout
directory and consult the dashboard at http://localhost:5555 using a
browser. Note that the broker is now a required parameter::

    $ bin/flower --broker redis://127.0.0.1:6379

Dependencies
============

All dependencies are installed automatically
when installing collective.auditlog.
Here is just a list of those for reference:

- setuptools
- sqlalchemy
- five.globalrequest
- plone.app.async [OPTIONAL]
- collective.celery [OPTIONAL]

Authors
=======

- Joel Rainwater, initial author
- Nathan van Gheem, Async integration, bug fixes, optimization.
- Alessandro Pisa, bug fixing, testing
- Enfold Systems, celery integration and audit view


3.0.0 (2026-05-22)
------------------

Bug fixes:


- editorconfig: Don't use inline comments.
  Inline comments are invalid since editorconfig v0.15.0.
  [thet]


3.0.0a2 (2023-11-03)
--------------------

Breaking changes:


- Complete the removal of Archetypes code: ``is_portal_factory`` and ``WorkingCopyRelation`` are gone for good.
  [ale-rt] (#33)


3.0.0a1 (2023-06-01)
--------------------

Internal:


- Update configuration files.
  [plone devs] (53dc5b4c)


3.0.0a1 (unreleased)
--------------------

- Drop Python 2.7
- Use SQLAlchemy 1.4
  [ale-rt]

2.0.0 (2023-05-31)
------------------

- Re-release 2.0.0a2 as 2.0.0.
  This will be the last release supporting Python2.7.
  [ale-rt]


2.0.0a2 (2020-03-19)
--------------------

- Fix request not having an environment attribute in instance scripts
  [ale-rt]


2.0.0a1 (2020-03-11)
--------------------

- Remove inconsistent passing of ``request`` parameter and use zope.globalrequest instead.
  [thet]

- Remove deprecations.
  action.canExecute is renamed to ``can_execute``, takes no parameters and is a property.
  [thet]

- Python 3 compatibility.
  [thet]

- Remove support for plone.app.async.
  Due to  ``async`` being a reserved word, this cannot made Python 3 compatible.
  Use collective.celeries instead.
  [thet]

- Drop support for Archetypes.
  [thet]

- Plone 5.2 compatibility.
  Drop Support for Plone 5.0 and 4.3 (Both are missing zope.interface.interfaces.IObjectEvent).
  [thet]

- Make Arhcetype a soft dependency.
  [ale-rt]

- Align with Plone code style: black, isort.
  [thet]

- Fix soft dependency on formlib (#22)
  [ale-rt]

- Speed up rule retrieval
  [ale-rt]

- Added some memoized properties and methods to the `AuditActionExecutor` class
  for easier customization
  [ale-rt]

- collective.celery integration
  [enfold]

- @@auditlog-view allows viewing/sorting/searching audit log entries
  [enfold]

- add login & logout audits
  [enfold]

- ability to specify the sqlalchemy DSN in config file
  [enfold]

- Notify an event before storing audit log entry.
  [enfold]

- Use custom permission for viewing audit log.
  [enfold]

- Fix tests.
  [enfold]

- Fix db connection leak.
  [enfold]

- Use valid json in info field.
  [enfold]


1.3.3 (2018-07-12)
------------------

- Factored out getObjectInfo and addLogEntry.
  [reinhardt]


1.3.2 (2018-07-11)
------------------

- Skip retrieving rule when audit log is disabled completely.
  Improves performance.
  [reinhardt]


1.3.1 (2017-04-13)
------------------

- Fix upgrade step title.
  [ale-rt]


1.3.0 (2017-04-13)
------------------

- The engine parameters (like pool_recycle, echo, ...)
  can be specified through a registry record
  [ale-rt]


1.2.2 (2016-06-06)
------------------

- Make action more robust on IActionSucceededEvent
  [ale-rt]


1.2.1 (2016-05-10)
------------------

- Fix unicode issues
- Tests are working again
  [ale-rt]


1.2.0 (2016-05-03)
------------------

- First public release
