Mirror/app-MAIL-temp
1
0
Fork 0
mirror of https://github.com/simple-login/app.git synced 2024-11-16 08:58:30 +01:00
Code Issues Projects Releases Packages Wiki Activity

chore: emit some missing contact audit logs (#2269)

Browse source 
* chore: emit some missing contact audit logs

* chore: improve alias change mailboxes audit message
This commit is contained in:
Carlos Quintana 2024-10-17 09:55:04 +02:00 committed by GitHub
parent 35f6e67053
commit 2cd6ee777f
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 18 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
app/alias_mailbox_utils.py
View file

@ -53,9 +53,9 @@ def set_mailboxes_for_alias(
AliasMailbox.create(alias_id=alias.id, mailbox_id=mailbox.id) AliasMailbox.create(alias_id=alias.id, mailbox_id=mailbox.id)
emit_alias_audit_log( emit_alias_audit_log(
alias, alias=alias,
AliasAuditLogAction.ChangedMailboxes, action=AliasAuditLogAction.ChangedMailboxes,
message=",".join(map(str, mailbox_ids)), message=",".join([f"{mailbox.id} ({mailbox.email})" for mailbox in mailboxes]),
) )
return None return None

15
app/api/views/alias.py
View file

@ -1,3 +1,5 @@
from typing import Optional
from deprecated import deprecated from deprecated import deprecated
from flask import g from flask import g
from flask import jsonify from flask import jsonify
@ -29,6 +31,7 @@ from app.errors import (
from app.extensions import limiter from app.extensions import limiter
from app.log import LOG from app.log import LOG
from app.models import Alias, Contact, Mailbox, AliasDeleteReason from app.models import Alias, Contact, Mailbox, AliasDeleteReason
from app.user_audit_log_utils import emit_user_audit_log, UserAuditLogAction
@deprecated @deprecated
@ -447,11 +450,16 @@ def delete_contact(contact_id):
200 200
""" """
user = g.user user = g.user
contact = Contact.get(contact_id) contact: Optional[Contact] = Contact.get(contact_id)
if not contact or contact.alias.user_id != user.id: if not contact or contact.alias.user_id != user.id:
return jsonify(error="Forbidden"), 403 return jsonify(error="Forbidden"), 403
emit_user_audit_log(
user=user,
action=UserAuditLogAction.DeleteContact,
message=f"Deleted contact {contact_id} ({contact.email})",
)
Contact.delete(contact_id) Contact.delete(contact_id)
Session.commit() Session.commit()
@ -475,6 +483,11 @@ def toggle_contact(contact_id):
return jsonify(error="Forbidden"), 403 return jsonify(error="Forbidden"), 403
contact.block_forward = not contact.block_forward contact.block_forward = not contact.block_forward
emit_user_audit_log(
user=user,
action=UserAuditLogAction.UpdateContact,
message=f"Set contact state {contact.id} {contact.email} -> {contact.website_email} to blocked {contact.block_forward}",
)
Session.commit() Session.commit()
return jsonify(block_forward=contact.block_forward), 200 return jsonify(block_forward=contact.block_forward), 200

2
tests/test_alias_mailbox_utils.py
View file

@ -67,4 +67,4 @@ def test_set_mailboxes_for_alias_mailbox_success():
assert len(audit_logs) == 2 assert len(audit_logs) == 2
assert audit_logs[0].action == AliasAuditLogAction.CreateAlias.value assert audit_logs[0].action == AliasAuditLogAction.CreateAlias.value
assert audit_logs[1].action == AliasAuditLogAction.ChangedMailboxes.value assert audit_logs[1].action == AliasAuditLogAction.ChangedMailboxes.value
assert audit_logs[1].message == f"{mb1.id},{mb2.id}" assert audit_logs[1].message == f"{mb1.id} ({mb1.email}),{mb2.id} ({mb2.email})"