add access logs and disable logs from pycasbin logger with bool operation

jessecooper · jessecooper · commit 1c1c91f0967f · 2020-11-19T12:31:28.000-06:00
diff --git a/flask_authz/casbin_enforcer.py b/flask_authz/casbin_enforcer.py
@@ -24,7 +24,7 @@ def __init__(self, app, adapter, watcher=None):
         """
         self.app = app
         self.adapter = adapter
-        self.e = casbin.Enforcer(app.config.get("CASBIN_MODEL"), self.adapter, True)
+        self.e = casbin.Enforcer(app.config.get("CASBIN_MODEL"), self.adapter)
         if watcher:
             self.e.set_watcher(watcher)
         self._owner_loader = None
@@ -93,6 +93,13 @@ def wrapper(*args, **kwargs):
                         if self.user_name_headers and header in self.user_name_headers:
                             owner_audit = owner
                         if self.e.enforce(owner, uri, request.method):
+                            self.app.logger.info(
+                                "access granted: method: %s resource: %s%s" % (
+                                    request.method,
+                                    uri,
+                                    "" if not self.user_name_headers and owner_audit != "" else " to user: %s" % owner_audit
+                                )
+                            )
                             return func(*args, **kwargs)
                     else:
                         # Split header by ',' in case of groups when groups are
@@ -109,6 +116,13 @@ def wrapper(*args, **kwargs):
                             if self.e.enforce(
                                 owner.strip('"'), uri, request.method
                             ):
+                                self.app.logger.info(
+                                    "access granted: method: %s resource: %s%s" % (
+                                        request.method,
+                                        uri,
+                                        "" if not self.user_name_headers and owner_audit != "" else " to user: %s" % owner_audit
+                                    )
+                                )
                                 return func(*args, **kwargs)
             else:
                 self.app.logger.error(
