Add system settings, audit logging, user management, and dark mode fixes
System Settings: - Add SystemSettings.vue with Zabbix integration, SMTP/email config, SAML SSO settings - Add Setting model with key-value storage and typed values - Add settings API with caching Audit Logging: - Add AuditLog model tracking user, IP, action, entity changes - Add comprehensive audit logging to all CRUD operations: - Machines, Computers, Equipment, Network devices, VLANs, Subnets - Printers, USB devices (including checkout/checkin) - Applications, Settings, Users/Roles - Track old/new values for all field changes - Mask sensitive values (passwords, tokens) in logs User Management: - Add UsersList.vue with full user CRUD - Add Role management with granular permissions - Add 41 predefined permissions across 10 categories - Add users API with roles and permissions endpoints Reports: - Add TonerReport.vue for printer supply monitoring Dark Mode Fixes: - Fix map position section in PCForm, PrinterForm - Fix alert-warning in KnowledgeBaseDetail - All components now use CSS variables for theming CLI Commands: - Add flask seed permissions - Add flask seed settings Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
cproudlock
@@ -5,6 +5,7 @@ from flask_jwt_extended import jwt_required, get_jwt_identity
|
||||
from datetime import datetime
|
||||
|
||||
from shopdb.extensions import db
|
||||
from shopdb.core.models import AuditLog
|
||||
from shopdb.utils.responses import (
|
||||
success_response,
|
||||
error_response,
|
||||
@@ -140,6 +141,11 @@ def create_usb_device():
|
||||
)
|
||||
|
||||
db.session.add(device)
|
||||
db.session.flush()
|
||||
|
||||
AuditLog.log('created', 'USBDevice', entityid=device.usbdeviceid,
|
||||
entityname=device.label or device.serialnumber)
|
||||
|
||||
db.session.commit()
|
||||
|
||||
return success_response(device.to_dict(), message='Device created', http_code=201)
|
||||
@@ -184,13 +190,22 @@ def update_usb_device(device_id: int):
|
||||
|
||||
data = request.get_json() or {}
|
||||
|
||||
# Update allowed fields
|
||||
# Track changes for audit log
|
||||
changes = {}
|
||||
for field in ['label', 'assetnumber', 'usbdevicetypeid', 'capacitygb',
|
||||
'vendorid', 'productid', 'manufacturer', 'productname',
|
||||
'storagelocation', 'pin', 'notes']:
|
||||
if field in data:
|
||||
old_val = getattr(device, field)
|
||||
new_val = data[field]
|
||||
if old_val != new_val:
|
||||
changes[field] = {'old': old_val, 'new': new_val}
|
||||
setattr(device, field, data[field])
|
||||
|
||||
if changes:
|
||||
AuditLog.log('updated', 'USBDevice', entityid=device.usbdeviceid,
|
||||
entityname=device.label or device.serialnumber, changes=changes)
|
||||
|
||||
device.modifieddate = datetime.utcnow()
|
||||
db.session.commit()
|
||||
|
||||
@@ -219,6 +234,10 @@ def delete_usb_device(device_id: int):
|
||||
|
||||
device.isactive = False
|
||||
device.modifieddate = datetime.utcnow()
|
||||
|
||||
AuditLog.log('deleted', 'USBDevice', entityid=device.usbdeviceid,
|
||||
entityname=device.label or device.serialnumber)
|
||||
|
||||
db.session.commit()
|
||||
|
||||
return success_response(None, message='Device deleted')
|
||||
@@ -272,6 +291,11 @@ def checkout_device(device_id: int):
|
||||
device.modifieddate = datetime.utcnow()
|
||||
|
||||
db.session.add(checkout)
|
||||
|
||||
AuditLog.log('checked_out', 'USBDevice', entityid=device.usbdeviceid,
|
||||
entityname=device.label or device.serialnumber,
|
||||
changes={'checked_out_to': data['sso'], 'reason': data.get('checkoutreason')})
|
||||
|
||||
db.session.commit()
|
||||
|
||||
return success_response(checkout.to_dict(), message='Device checked out', http_code=201)
|
||||
@@ -311,12 +335,17 @@ def checkin_device(device_id: int):
|
||||
active_checkout.waswiped = data.get('waswiped', False)
|
||||
|
||||
# Update device status
|
||||
previous_user = device.currentuserid
|
||||
device.ischeckedout = False
|
||||
device.currentuserid = None
|
||||
device.currentusername = None
|
||||
device.currentcheckoutdate = None
|
||||
device.modifieddate = datetime.utcnow()
|
||||
|
||||
AuditLog.log('checked_in', 'USBDevice', entityid=device.usbdeviceid,
|
||||
entityname=device.label or device.serialnumber,
|
||||
changes={'returned_by': previous_user, 'wiped': data.get('waswiped', False)})
|
||||
|
||||
db.session.commit()
|
||||
|
||||
return success_response(
|
||||
|
||||
Reference in New Issue
Block a user