Track grant history

backend/api/grants/mutations.py

@@ -10,6 +10,10 @@
 from api.permissions import IsAuthenticated
 from api.types import BaseErrorType
 from conferences.models.conference import Conference
+from custom_admin.audit import (
+    create_addition_admin_log_entry,
+    create_change_admin_log_entry,
+)
 from grants.models import Grant as GrantModel
 from grants.tasks import get_name, notify_new_grant_reply_slack
 from notifications.models import EmailTemplate, EmailTemplateIdentifier
@@ -279,11 +283,14 @@ def send_grant(self, info: Info, input: SendGrantInput) -> SendGrantResult:
             },
         )
 
+        create_addition_admin_log_entry(request.user, instance, "Grant created.")
+
         # hack because we return django models
         instance.__strawberry_definition__ = Grant.__strawberry_definition__
         return instance
 
     @strawberry.mutation(permission_classes=[IsAuthenticated])
+    @transaction.atomic
     def update_grant(self, info: Info, input: UpdateGrantInput) -> UpdateGrantResult:
         request = info.context.request
 
@@ -299,8 +306,11 @@ def update_grant(self, info: Info, input: UpdateGrantInput) -> UpdateGrantResult
 
         for attr, value in asdict(input).items():
             setattr(instance, attr, value)
+
         instance.save()
 
+        create_change_admin_log_entry(request.user, instance, "Grant updated.")
+
         Participant.objects.update_or_create(
             user_id=request.user.id,
             conference=instance.conference,
@@ -335,6 +345,10 @@ def send_grant_reply(
         grant.status = input.status.to_grant_status()
         grant.save()
 
+        create_change_admin_log_entry(
+            request.user, grant, f"Grantee has replied with status {grant.status}."
+        )
+
         admin_url = request.build_absolute_uri(grant.get_admin_url())
         notify_new_grant_reply_slack.delay(grant_id=grant.id, admin_url=admin_url)
 

backend/api/grants/tests/test_send_grant.py

@@ -1,4 +1,5 @@
 import pytest
+from django.contrib.admin.models import LogEntry
 
 from conferences.tests.factories import ConferenceFactory
 from grants.models import Grant
@@ -119,6 +120,14 @@ def test_send_grant(
         user=user, conference=conference, privacy_policy="grant"
     ).exists()
 
+    # Verify a log entry is created for the grant creation
+    assert LogEntry.objects.count() == 1
+    log_entry = LogEntry.objects.first()
+    assert log_entry.user_id == user.id
+    assert log_entry.user == user
+    assert log_entry.object_id == str(grant.id)
+    assert log_entry.change_message == "Grant created."
+
     # Verify that the correct email template was used and email was sent
     emails_sent = sent_emails()
     assert emails_sent.count() == 1

backend/api/grants/tests/test_send_grant_reply.py

@@ -1,9 +1,10 @@
 from unittest.mock import ANY
 
-from grants.tests.factories import GrantFactory
 import pytest
+from django.contrib.admin.models import LogEntry
 
 from grants.models import Grant
+from grants.tests.factories import GrantFactory
 from users.tests.factories import UserFactory
 
 pytestmark = pytest.mark.django_db
@@ -85,6 +86,13 @@ def test_status_is_updated_when_reply_is_confirmed(graphql_client, user):
     grant.refresh_from_db()
     assert grant.status == Grant.Status.confirmed
 
+    # Verify audit log entry was created correctly
+    assert LogEntry.objects.filter(
+        user=user,
+        object_id=grant.id,
+        change_message="Grantee has replied with status confirmed.",
+    ).exists()
+
 
 def test_status_is_updated_when_reply_is_refused(graphql_client, user):
     graphql_client.force_login(user)
@@ -97,6 +105,13 @@ def test_status_is_updated_when_reply_is_refused(graphql_client, user):
     grant.refresh_from_db()
     assert grant.status == Grant.Status.refused
 
+    # Verify audit log entry was created correctly
+    assert LogEntry.objects.filter(
+        user=user,
+        object_id=grant.id,
+        change_message="Grantee has replied with status refused.",
+    ).exists()
+
 
 def test_call_notify_new_grant_reply(graphql_client, user, mocker):
     graphql_client.force_login(user)

backend/api/grants/tests/test_update_grant.py

@@ -1,4 +1,5 @@
 from users.tests.factories import UserFactory
+from django.contrib.admin.models import LogEntry
 from conferences.tests.factories import ConferenceFactory
 from grants.tests.factories import GrantFactory
 import pytest
@@ -129,6 +130,13 @@ def test_update_grant(graphql_client, user):
     assert participant.facebook_url == "http://facebook.com/pythonpizza"
     assert participant.linkedin_url == "http://linkedin.com/company/pythonpizza"
 
+    assert LogEntry.objects.count() == 1
+    log_entry = LogEntry.objects.first()
+    assert log_entry.user_id == user.id
+    assert log_entry.user == user
+    assert log_entry.object_id == str(grant.id)
+    assert log_entry.change_message == "Grant updated."
+
 
 def test_cannot_update_a_grant_if_user_is_not_owner(
     graphql_client,

backend/custom_admin/admin.py

@@ -6,6 +6,8 @@
 from django.contrib import admin
 from django.urls import path
 
+from custom_admin.audit import create_change_admin_log_entry
+
 SITE_NAME = "PyCon Italia"
 
 admin.site.site_header = SITE_NAME
@@ -58,15 +60,50 @@ def wrapper(modeladmin, request, queryset):
 @admin.action(description="Confirm pending status change")
 @validate_single_conference_selection
 def confirm_pending_status(modeladmin, request, queryset):
+    """
+    Efficiently bulk-update status with pending_status, and accurately log the change per object.
+    """
+    # Use values_list to fetch ids and old statuses before updating.
+    changed_objs_info = list(queryset.values_list("pk", "status", "pending_status"))
+
+    # Perform the bulk update.
     queryset.update(
         status=F("pending_status"),
         pending_status=None,
     )
 
+    model = queryset.model
+    for pk, old_status, pending_status in changed_objs_info:
+        obj = model.objects.get(pk=pk)
+        create_change_admin_log_entry(
+            request.user,
+            obj,
+            change_message=(
+                f"[Bulk Admin Action] Status changed from '{old_status}' to '{pending_status}'."
+            ),
+        )
+
 
 @admin.action(description="Reset pending status to status")
 @validate_single_conference_selection
 def reset_pending_status_back_to_status(modeladmin, request, queryset):
+    """
+    Efficiently bulk-reset pending_status to None, and accurately log the change per object.
+    """
+    changed_objs_info = list(queryset.values_list("pk", "pending_status"))
+
     queryset.update(
         pending_status=None,
     )
+
+    model = queryset.model
+    for pk, old_pending_status in changed_objs_info:
+        if old_pending_status is not None:
+            obj = model.objects.get(pk=pk)
+            create_change_admin_log_entry(
+                request.user,
+                obj,
+                change_message=(
+                    f"[Bulk Admin Action] pending_status reset from '{old_pending_status}' to None."
+                ),
+            )

backend/grants/admin.py

@@ -218,17 +218,32 @@ def send_reply_emails(modeladmin, request, queryset):
             grant.save()
             send_grant_reply_approved_email.delay(grant_id=grant.id, is_reminder=False)
 
+            create_change_admin_log_entry(
+                request.user,
+                grant,
+                change_message="Sent Approved reply email to applicant.",
+            )
             messages.info(request, f"Sent Approved reply email to {grant.name}")
 
         if (
             grant.status == Grant.Status.waiting_list
             or grant.status == Grant.Status.waiting_list_maybe
         ):
             send_grant_reply_waiting_list_email.delay(grant_id=grant.id)
+            create_change_admin_log_entry(
+                request.user,
+                grant,
+                change_message="Sent Waiting List reply email to applicant.",
+            )
             messages.info(request, f"Sent Waiting List reply email to {grant.name}")
 
         if grant.status == Grant.Status.rejected:
             send_grant_reply_rejected_email.delay(grant_id=grant.id)
+            create_change_admin_log_entry(
+                request.user,
+                grant,
+                change_message="Sent Rejected reply email to applicant.",
+            )
             messages.info(request, f"Sent Rejected reply email to {grant.name}")
 
 
@@ -252,6 +267,11 @@ def send_grant_reminder_to_waiting_for_confirmation(modeladmin, request, queryse
 
         send_grant_reply_approved_email.delay(grant_id=grant.id, is_reminder=True)
 
+        create_change_admin_log_entry(
+            request.user,
+            grant,
+            change_message="Sent Approved reminder email to applicant.",
+        )
         messages.info(request, f"Grant reminder sent to {grant.name}")
 
 
@@ -267,6 +287,11 @@ def send_reply_email_waiting_list_update(modeladmin, request, queryset):
 
     for grant in queryset:
         send_grant_reply_waiting_list_update_email.delay(grant_id=grant.id)
+        create_change_admin_log_entry(
+            request.user,
+            grant,
+            change_message="Sent Waiting List update reply email to applicant.",
+        )
         messages.info(request, f"Sent Waiting List update reply email to {grant.name}")
 
 
@@ -300,7 +325,7 @@ def create_grant_vouchers(modeladmin, request, queryset):
             create_addition_admin_log_entry(
                 request.user,
                 grant,
-                change_message="Created voucher for this grant",
+                change_message="Created voucher for this grant.",
             )
 
             vouchers_to_create.append(
@@ -321,12 +346,12 @@ def create_grant_vouchers(modeladmin, request, queryset):
             create_change_admin_log_entry(
                 request.user,
                 existing_voucher,
-                change_message="Upgraded Co-Speaker voucher to Grant voucher",
+                change_message="Upgraded Co-Speaker voucher to Grant voucher.",
             )
             create_change_admin_log_entry(
                 request.user,
                 grant,
-                change_message="Updated existing Co-Speaker voucher to grant",
+                change_message="Updated existing Co-Speaker voucher to grant.",
             )
             existing_voucher.voucher_type = ConferenceVoucher.VoucherType.GRANT
             vouchers_to_update.append(existing_voucher)
@@ -348,9 +373,16 @@ def mark_rejected_and_send_email(modeladmin, request, queryset):
     )
 
     for grant in queryset:
+        old_status = grant.status
         grant.status = Grant.Status.rejected
         grant.save()
 
+        create_change_admin_log_entry(
+            request.user,
+            grant,
+            change_message=f"Status changed from '{old_status}' to 'rejected' and rejection email sent.",
+        )
+
         send_grant_reply_rejected_email.delay(grant_id=grant.id)
         messages.info(request, f"Sent Rejected reply email to {grant.name}")
 
@@ -405,13 +437,29 @@ class GrantReimbursementAdmin(ConferencePermissionMixin, admin.ModelAdmin):
     search_fields = ("grant__full_name", "grant__email")
     autocomplete_fields = ("grant",)
 
+    def delete_model(self, request, obj):
+        create_change_admin_log_entry(
+            request.user,
+            obj.grant,
+            change_message=f"Reimbursement removed: {obj.category.name}.",
+        )
+        super().delete_model(request, obj)
+
 
 class GrantReimbursementInline(admin.TabularInline):
     model = GrantReimbursement
     extra = 0
     autocomplete_fields = ["category"]
     fields = ["category", "granted_amount"]
 
+    def delete_model(self, request, obj):
+        create_change_admin_log_entry(
+            request.user,
+            obj.grant,
+            change_message=f"Reimbursement removed: {obj.category.name}.",
+        )
+        super().delete_model(request, obj)
+
 
 @admin.register(Grant)
 class GrantAdmin(ExportMixin, ConferencePermissionMixin, admin.ModelAdmin):
@@ -516,6 +564,31 @@ class GrantAdmin(ExportMixin, ConferencePermissionMixin, admin.ModelAdmin):
         ),
     )
 
+    def save_model(self, request, obj, form, change):
+        """
+        Override to log admin actions when status is changed.
+        """
+        if change:
+            if obj.status != obj._original_status:
+                create_change_admin_log_entry(
+                    request.user,
+                    obj,
+                    change_message=f"Status changed from '{obj._original_status}' to '{obj.status}'.",
+                )
+            if obj.pending_status != obj._original_pending_status:
+                create_change_admin_log_entry(
+                    request.user,
+                    obj,
+                    change_message=f"Pending status changed from '{obj._original_pending_status}' to '{obj.pending_status}'.",
+                )
+        else:
+            create_addition_admin_log_entry(
+                request.user,
+                obj,
+                change_message="Grant created.",
+            )
+        super().save_model(request, obj, form, change)
+
     def change_view(self, request, object_id, form_url="", extra_context=None):
         extra_context = extra_context or {}
         grant = self.model.objects.get(id=object_id)