3535#################################################################
3636
3737API_ENDPOINT = "/api"
38+ SENSITIVE_KEYS = {"authorization" , "cookie" , "x-api-key" , "x-odoo-session-id" }
3839
3940
4041def create_api_log (func ):
@@ -43,6 +44,7 @@ def wrapper(self, *args, **kwargs):
4344 # Request Log
4445 path = kwargs .get ("path" )
4546 request_id = kwargs .get ("request_id" , False )
47+ namespace = kwargs .get ("namespace" , False )
4648 if not request_id :
4749 raise werkzeug .exceptions .HTTPException (
4850 response = error_response (400 , "Bad Request" , "request_id is required." )
@@ -52,19 +54,46 @@ def wrapper(self, *args, **kwargs):
5254 response = error_response (400 , "Bad Request" , "request_id is already taken." )
5355 )
5456
57+ namespace_id = False
58+ if namespace :
59+ version = kwargs .get ("version" )
60+ search_domain = [("name" , "=" , namespace )]
61+ if version :
62+ search_domain .append (("version_name" , "=" , version ))
63+ namespace_id = request .env ["spp_api.namespace" ].search (search_domain , limit = 1 )
64+
5565 initial_val = {
5666 "method" : path .method ,
5767 "model" : path .model ,
5868 "request" : http .request .httprequest .full_path ,
69+ "namespace_id" : namespace_id .id if namespace_id else False ,
5970 }
6071
6172 request_log_val = initial_val .copy ()
6273 request_log_val ["http_type" ] = "request"
6374 request_log_val ["request_id" ] = request_id
64- if path .method in ["get" ]:
65- request_log_val ["request_parameter" ] = kwargs
75+
76+ request_log_val ["request_parameter" ] = request .httprequest .query_string .decode ("utf-8" , errors = "replace" )
77+
78+ # Try to get parsed JSON first
79+ # silent=True prevents Werkzeug from raising a 400 error on bad JSON
80+ json_payload = request .httprequest .get_json (silent = True )
81+
82+ if json_payload is not None :
83+ request_data = json .dumps (json_payload )
6684 else :
67- request_log_val ["request_data" ] = kwargs
85+ # Fallback to raw data if not JSON
86+ # errors='replace' inserts a character instead of crashing on bad bytes
87+ request_data = request .httprequest .get_data ().decode ("utf-8" , errors = "replace" )
88+
89+ request_log_val ["request_data" ] = request_data
90+
91+ # Sanitize headers
92+ safe_headers = {
93+ key : "REDACTED" if key .lower () in SENSITIVE_KEYS else value
94+ for key , value in request .httprequest .headers .items ()
95+ }
96+ request_log_val ["headers" ] = json .dumps (safe_headers )
6897
6998 request .env ["spp_api.log" ].create (request_log_val )
7099 del request_log_val
0 commit comments