Kitos
ec65991ac1
Implements all database models for the Aegis platform with full Alembic migration support. Models created: - User: Authentication with role-based access control - Technique: MITRE ATT&CK techniques with coverage status tracking - Test: Security tests with validation workflow (draft/review/validated) - Evidence: File metadata for test evidence (stored in MinIO) - IntelItem: Threat intelligence items linked to techniques - AuditLog: System-wide audit trail with JSONB details Enumerations: - TechniqueStatus: not_evaluated, in_progress, validated, partial, etc. - TestState: draft, in_review, validated, rejected - TestResult: detected, not_detected, partially_detected Services: - audit_service.py: log_action() helper for audit logging All models include proper foreign key relationships and PostgreSQL enum types are managed correctly in migrations (create/drop).
34 lines
911 B
Python
34 lines
911 B
Python
from sqlalchemy.orm import Session
|
|
|
|
from app.models.audit import AuditLog
|
|
|
|
|
|
def log_action(
|
|
db: Session,
|
|
user_id,
|
|
action: str,
|
|
entity_type: str = None,
|
|
entity_id: str = None,
|
|
details: dict = None
|
|
):
|
|
"""
|
|
Log an action to the audit log.
|
|
|
|
Args:
|
|
db: Database session
|
|
user_id: UUID of the user performing the action (can be None for system actions)
|
|
action: Description of the action (e.g., "create_test", "validate_technique")
|
|
entity_type: Type of entity affected (e.g., "technique", "test", "user")
|
|
entity_id: ID of the entity affected
|
|
details: Additional details as a dictionary (stored as JSONB)
|
|
"""
|
|
log = AuditLog(
|
|
user_id=user_id,
|
|
action=action,
|
|
entity_type=entity_type,
|
|
entity_id=str(entity_id) if entity_id else None,
|
|
details=details,
|
|
)
|
|
db.add(log)
|
|
db.commit()
|