0002-journal-add-user-profile-management-events-58554.patch
src/authentic2/journal_event_types.py | ||
---|---|---|
378 | 378 |
new_email = event.get_data('email') |
379 | 379 |
old_email = event.get_data('old_email') |
380 | 380 |
return _('email address changed from "{0}" to "{1}"').format(old_email, new_email) |
381 | ||
382 | ||
383 |
class UserProfileAdd(EventTypeDefinition): |
|
384 |
name = 'user.profile.add' |
|
385 |
label = _('user profile creation') |
|
386 | ||
387 |
@classmethod |
|
388 |
def record(cls, user, profile): |
|
389 |
profile_type = '' |
|
390 |
if profile.profile_type is not None: |
|
391 |
profile_type = profile.profile_type.name or profile.profile_type.slug |
|
392 |
data = { |
|
393 |
'profile_type': profile_type, |
|
394 |
'object_user': profile.user.get_full_name(), |
|
395 |
'identifier': profile.identifier, |
|
396 |
} |
|
397 |
super().record(user=user, data=data) |
|
398 | ||
399 |
@classmethod |
|
400 |
def get_message(cls, event, context): |
|
401 |
profile_type = event.get_data('profile_type') |
|
402 |
object_user = event.get_data('object_user') |
|
403 |
identifier = event.get_data('identifier') |
|
404 |
if identifier: |
|
405 |
msg = _(f'profile "{identifier}" of type "{profile_type}" created for user "{object_user}"') |
|
406 |
else: |
|
407 |
msg = _(f'profile of type "{profile_type}" created for user "{object_user}"') |
|
408 |
return msg |
|
409 | ||
410 | ||
411 |
class UserProfileUpdate(EventTypeDefinition): |
|
412 |
name = 'user.profile.update' |
|
413 |
label = _('user profile update') |
|
414 | ||
415 |
@classmethod |
|
416 |
def record(cls, user, profile): |
|
417 |
profile_type = '' |
|
418 |
if profile.profile_type is not None: |
|
419 |
profile_type = profile.profile_type.name or profile.profile_type.slug |
|
420 |
data = { |
|
421 |
'profile_type': profile_type, |
|
422 |
'object_user': profile.user.get_full_name(), |
|
423 |
'identifier': profile.identifier, |
|
424 |
} |
|
425 |
super().record(user=user, data=data) |
|
426 | ||
427 |
@classmethod |
|
428 |
def get_message(cls, event, context): |
|
429 |
profile_type = event.get_data('profile_type') |
|
430 |
object_user = event.get_data('object_user') |
|
431 |
identifier = event.get_data('identifier') |
|
432 |
if identifier: |
|
433 |
msg = _(f'profile "{identifier}" of type "{profile_type}" updated for user "{object_user}"') |
|
434 |
else: |
|
435 |
msg = _(f'profile of type "{profile_type}" updated for user "{object_user}"') |
|
436 |
return msg |
|
437 | ||
438 | ||
439 |
class UserProfileDelete(EventTypeDefinition): |
|
440 |
name = 'user.profile.delete' |
|
441 |
label = _('user profile deletion') |
|
442 | ||
443 |
@classmethod |
|
444 |
def record(cls, user, profile): |
|
445 |
profile_type = '' |
|
446 |
if profile.profile_type is not None: |
|
447 |
profile_type = profile.profile_type.name or profile.profile_type.slug |
|
448 |
data = { |
|
449 |
'profile_type': profile_type, |
|
450 |
'object_user': profile.user.get_full_name(), |
|
451 |
'identifier': profile.identifier, |
|
452 |
} |
|
453 |
super().record(user=user, data=data) |
|
454 | ||
455 |
@classmethod |
|
456 |
def get_message(cls, event, context): |
|
457 |
profile_type = event.get_data('profile_type') |
|
458 |
object_user = event.get_data('object_user') |
|
459 |
identifier = event.get_data('identifier') |
|
460 |
if identifier: |
|
461 |
msg = _(f'profile "{identifier}" of type "{profile_type}" deleted for user "{object_user}"') |
|
462 |
else: |
|
463 |
msg = _(f'profile of type "{profile_type}" deleted for user "{object_user}"') |
|
464 |
return msg |
tests/test_manager_journal.py | ||
---|---|---|
24 | 24 |
from authentic2.a2_rbac.models import Role |
25 | 25 |
from authentic2.a2_rbac.utils import get_default_ou |
26 | 26 |
from authentic2.apps.journal.models import Event, _registry |
27 |
from authentic2.custom_user.models import User |
|
27 |
from authentic2.custom_user.models import Profile, ProfileType, User
|
|
28 | 28 |
from authentic2.journal import journal |
29 | 29 |
from authentic2.models import Service |
30 | 30 | |
... | ... | |
50 | 50 |
user = User.objects.create( |
51 | 51 |
username="user", email="user@example.com", ou=ou, uuid="1" * 32, first_name='Johnny', last_name='doe' |
52 | 52 |
) |
53 |
profile_type = ProfileType.objects.create(name='One Type', slug='one-type') |
|
54 |
profile = Profile.objects.create(user=user, profile_type=profile_type, identifier='aaa') |
|
53 | 55 |
agent = User.objects.create(username="agent", email="agent@example.com", ou=ou, uuid="2" * 32) |
54 | 56 |
role_user = Role.objects.create(name="role1", ou=ou) |
55 | 57 |
role_agent = Role.objects.create(name="role2", ou=ou) |
... | ... | |
270 | 272 |
make("user.service.sso.refusal", user=user, session=session1, service=service) |
271 | 273 |
make("user.service.sso.denial", user=user, session=session1, service=service) |
272 | 274 | |
275 |
make( |
|
276 |
'user.profile.add', |
|
277 |
user=agent, |
|
278 |
profile=profile, |
|
279 |
) |
|
280 |
make( |
|
281 |
'user.profile.update', |
|
282 |
user=agent, |
|
283 |
profile=profile, |
|
284 |
) |
|
285 |
make( |
|
286 |
'user.profile.delete', |
|
287 |
user=agent, |
|
288 |
profile=profile, |
|
289 |
) |
|
290 | ||
273 | 291 |
# verify we created at least one event for each type |
274 | 292 |
assert set(Event.objects.values_list("type__name", flat=True)) == set(_registry) |
275 | 293 | |
... | ... | |
598 | 616 |
'type': 'user.service.sso.denial', |
599 | 617 |
'user': 'Johnny doe', |
600 | 618 |
}, |
619 |
{ |
|
620 |
'timestamp': 'Jan. 2, 2020, 10 p.m.', |
|
621 |
'type': 'user.profile.add', |
|
622 |
'user': 'agent', |
|
623 |
'message': 'profile "aaa" of type "One Type" created for user "Johnny doe"', |
|
624 |
}, |
|
625 |
{ |
|
626 |
'timestamp': 'Jan. 2, 2020, 11 p.m.', |
|
627 |
'type': 'user.profile.update', |
|
628 |
'user': 'agent', |
|
629 |
'message': 'profile "aaa" of type "One Type" updated for user "Johnny doe"', |
|
630 |
}, |
|
631 |
{ |
|
632 |
'timestamp': 'Jan. 3, 2020, midnight', |
|
633 |
'type': 'user.profile.delete', |
|
634 |
'user': 'agent', |
|
635 |
'message': 'profile "aaa" of type "One Type" deleted for user "Johnny doe"', |
|
636 |
}, |
|
601 | 637 |
] |
602 | 638 | |
603 | 639 |
agent_page = response.click('agent', index=1) |
... | ... | |
1097 | 1133 | |
1098 | 1134 |
table_content = [text_content(p) for p in response.pyquery('tbody td.journal-list--message-column')] |
1099 | 1135 |
assert table_content == [ |
1136 |
'profile "aaa" of type "One Type" deleted for user "Johnny doe"', |
|
1137 |
'profile "aaa" of type "One Type" updated for user "Johnny doe"', |
|
1138 |
'profile "aaa" of type "One Type" created for user "Johnny doe"', |
|
1100 | 1139 |
'automatic activation of user "Johnny doe" because the associated LDAP account reappeared', |
1101 | 1140 |
'automatic deactivation of user "Johnny doe" because the associated LDAP source has been deleted', |
1102 | 1141 |
'automatic deactivation of user "Johnny doe" because the associated LDAP account does not exist' |
... | ... | |
1115 | 1154 |
'password reset request with email "user@example.com"', |
1116 | 1155 |
'user deletion', |
1117 | 1156 |
'profile edit (first name)', |
1118 |
'password change', |
|
1119 | 1157 |
] |
1120 | 1158 | |
1121 | 1159 |
response.form['event_type'].select(text='Role management') |
1122 |
- |