docs(auditlog): add audit logging to the project readme

KK-1113
City-of-Helsinki · Dec 4, 2024 · c2274ad · c2274ad
1 parent 2ed46e5
commit c2274ad
Showing 1 changed file with 47 additions and 28 deletions.
diff --git a/README.md b/README.md
@@ -13,17 +13,18 @@
   - [Installing Python requirements](#installing-python-requirements)
   - [Database](#database)
   - [Notification import](#notification-import)
-  - [Cron jobs](#cron-jobs)
-    - [Reminder notifications](#reminder-notifications)
-    - [Feedback notifications](#feedback-notifications)
-    - [Queued email sending](#queued-email-sending)
-    - [SMS notifications](#sms-notifications)
   - [Daily running, Debugging](#daily-running-debugging)
 - [Authorization](#authorization)
+- [Cron jobs](#cron-jobs)
+  - [Reminder notifications](#reminder-notifications)
+  - [Feedback notifications](#feedback-notifications)
+  - [Queued email sending](#queued-email-sending)
+  - [SMS notifications](#sms-notifications)
 - [GDPR API data export](#gdpr-api-data-export)
 - [GraphQL API Documentation](#graphql-api-documentation)
 - [Report API](#report-api)
 - [QR-code ticket verification](#qr-code-ticket-verification)
+- [Audit logging](#audit-logging)
 - [Keeping Python requirements up to date](#keeping-python-requirements-up-to-date)
 - [Code linting & formatting](#code-linting--formatting)
   - [Pre-commit hooks](#pre-commit-hooks)
@@ -93,11 +94,29 @@ The emails notifications that Kukkuu sends can be imported from a Google Sheets
 1. run `python manage.py import_notifications` to import and update all the notifications, or
 2. use actions in Django admin UI's notification list view to have finer control on which notifications to update and create
 
-### Cron jobs
+### Daily running, Debugging
+
+- Create `.env` file: `touch .env`
+- Set the `DEBUG` environment variable to `1`.
+- Run `python manage.py migrate`
+- Run `python manage.py runserver localhost:8081`
+- The project is now running at [localhost:8081](http://localhost:8081)
+
+## Authorization
+
+The user profiles authenticates themselves in a centralized authentication server of the city of Helsinki. For long it has been [Tunnistamo](https://github.com/City-of-Helsinki/tunnistamo), but in the summer of the year 2024, it should be changed to a Keycloak service of the [Helsinki-Profile](https://github.com/City-of-Helsinki/open-city-profile) service environment.
+
+The Tunnistamo can be configured to be used [locally](./docs/setup-tunnistamo.md#use-a-local-tunnistamo) or from the [test environment](./docs/setup-tunnistamo.md#use-the-public-test-tunnistamo).
+
+The Keycloak test environment can also be configured to be used [locally](./docs/setup-keycloak.md).
+
+> NOTE: Also check the [GDPR API documentation](./gdpr/README.md) because there is much more detailed instructions how to setup the Tunnistamo and the Helsinki-Profile!
+
+## Cron jobs
 
 `cron` is required for sending reminder notifications, and for sending emails queued (optional).
 
-#### Reminder notifications
+### Reminder notifications
 
 To send reminder notifications on time, `send_reminder_notifications` management command needs to be executed (at least) daily.
 
@@ -106,7 +125,7 @@ Example crontab for sending reminder notifications every day at 12am:
     0 12 * * * (/path/to/your/python path/to/your/app/manage.py send_reminder_notifications > /var/log/cron.log 2>&1)
     # An empty line is required at the end of this file for a valid cron file.
 
-#### Feedback notifications
+### Feedback notifications
 
 To send notifications asking for feedback of recently ended events occurrences, `send_feedback_notifications` management command needs to be executed periodically.
 
@@ -117,7 +136,7 @@ Example crontab for sending feedback notifications:
     1,16,31,46 * * * * (/path/to/your/python path/to/your/app/manage.py send_reminder_notifications > /var/log/cron.log 2>&1)
     # An empty line is required at the end of this file for a valid cron file.
 
-#### Queued email sending
+### Queued email sending
 
 By default email sending is queued, which means that you need to set `send_mail` and `retry_deferred` to be executed periodically to get emails actually sent.
 
@@ -131,7 +150,7 @@ Example crontab for queued emails (includes reminder notification sending as wel
 
 It is also possible to get emails sent right away without any cronjobs by setting `ILMOITIN_QUEUE_NOTIFICATIONS` to `False`, which can be convenient in development. **CAUTION** do not use this in production!
 
-#### SMS notifications
+### SMS notifications
 
 To use the SMS notification functionality, you have to acquire the API_KEY from [Notification Service API](https://github.com/City-of-Helsinki/notification-service-api). The following environment variables are needed:
 
@@ -140,24 +159,6 @@ To use the SMS notification functionality, you have to acquire the API_KEY from
         NOTIFICATION_SERVICE_API_URL=notification_service_end_point
         ```
 
-### Daily running, Debugging
-
-- Create `.env` file: `touch .env`
-- Set the `DEBUG` environment variable to `1`.
-- Run `python manage.py migrate`
-- Run `python manage.py runserver localhost:8081`
-- The project is now running at [localhost:8081](http://localhost:8081)
-
-## Authorization
-
-The user profiles authenticates themselves in a centralized authentication server of the city of Helsinki. For long it has been [Tunnistamo](https://github.com/City-of-Helsinki/tunnistamo), but in the summer of the year 2024, it should be changed to a Keycloak service of the [Helsinki-Profile](https://github.com/City-of-Helsinki/open-city-profile) service environment.
-
-The Tunnistamo can be configured to be used [locally](./docs/setup-tunnistamo.md#use-a-local-tunnistamo) or from the [test environment](./docs/setup-tunnistamo.md#use-the-public-test-tunnistamo).
-
-The Keycloak test environment can also be configured to be used [locally](./docs/setup-keycloak.md).
-
-> NOTE: Also check the [GDPR API documentation](./gdpr/README.md) because there is much more detailed instructions how to setup the Tunnistamo and the Helsinki-Profile!
-
 ## GDPR API data export
 
 The [GDPR API data export and API tester documentation](./gdpr/README.MD).
@@ -187,6 +188,24 @@ KUKKUU_HASHID_SALT=ULGd5YeRv6yVtvoj
 KUKKUU_TICKET_VERIFICATION_URL=http://localhost:3000/check-ticket-validity/{reference_id}
 ```
 
+## Audit logging
+
+Audit logging is implemented with `django-auditlog`, but it has some extended features applied with [hel_django_auditlog_extra](./hel_django_auditlog_extra/) -app. To see documentation related to that, read it's [README](./hel_django_auditlog_extra/README.md) and [FAQ](./hel_django_auditlog_extra/docs/FAQ.md).
+
+The configuration to define which models are in the scope of the audit logging can be found from [auditlog_settings.py](./kukkuu/auditlog_settings.py).
+
+The GraphQL and admin site views can be logged by using the mixins and decorators that the `hel_django_auditlog_extra` provides (see: [README](./hel_django_auditlog_extra/README.md#features)).
+
+**References**:
+
+- Django-auditlog
+
+  > PyPi: https://pypi.org/project/django-auditlog/.
+  >
+  > Github: https://github.com/jazzband/django-auditlog.
+  >
+  > Docs: https://django-auditlog.readthedocs.io/en/latest/index.html.
+
 ## Keeping Python requirements up to date
 
 1. Install `pip-tools`: