Audit: log project deletions and capture IP/browser for async deletes#12870
Draft
ericholscher wants to merge 4 commits intomainfrom
Draft
Audit: log project deletions and capture IP/browser for async deletes#12870ericholscher wants to merge 4 commits intomainfrom
ericholscher wants to merge 4 commits intomainfrom
Conversation
Member
Author
|
I looked over this, and it seemed pretty self-explanatory. |
ericholscher
force-pushed
the
eric/audit-project-delete
branch
from
c269f28 to
2013e30
Compare
stsewd
reviewed
Apr 6, 2026
Comment on lines
+102
to
+106
| from simple_history.models import HistoricalRecords | ||
|
|
||
| from readthedocs.audit.models import AuditLog | ||
| from readthedocs.organizations.models import Organization | ||
| from readthedocs.projects.models import Project |
Member
There was a problem hiding this comment.
Do we need these to be imported here? I don't think we'll hit a circular import with these.
| # personal security log, not just the user who deleted it. | ||
| for project in projects_to_log: | ||
| for admin in project.users.all(): | ||
| AuditLog.objects.create( |
Member
There was a problem hiding this comment.
This is better done in a pre_delete signal on the Project model.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
PROJECT_DELETEaudit log action so project deletions are tracked in both user and organization security logsdelete_objectCelery task, so both theAuditLogentry and the django-simple-historyHistoricalProjectrecord capture this informationdatafield records who performed the deletion.Closes #11001
Context
A support request revealed that when a project is deleted by one maintainer, other maintainers have no visibility into what happened. The existing
AuditLogonly tracks authentication, page views, downloads, and invitation events -- project deletions were not audited.Additionally, because project deletion goes through an async Celery task (
delete_object), the django-simple-history record was missing IP and browser information since there is no HTTP request available in the task context.Changes
readthedocs/audit/models.py: AddPROJECT_DELETEactionreadthedocs/audit/filters.py: AddPROJECT_DELETEto both user and organization security log filtersreadthedocs/core/mixins.py:AsyncDeleteViewWithMessagenow passesipandbrowserto the Celery taskreadthedocs/core/tasks.py:delete_objectacceptsip/browser, sets them onHistoricalRecords.context, and createsAuditLogentries for project deletionsreadthedocs/core/signals.py:add_extra_historical_fieldsfalls back to readingip/browserdirectly fromHistoricalRecords.contextwhen no HTTP request is available0009_add_project_delete_actionTest plan