Mirror/app-MAIL-temp
1
0
Fork 0
mirror of https://github.com/simple-login/app.git synced 2024-11-16 08:58:30 +01:00
Code Issues Projects Releases Packages Wiki Activity

fix: make contact audit logs belong to alias (#2270)

Browse source
This commit is contained in:
Carlos Quintana 2024-10-17 15:42:54 +02:00 committed by GitHub
parent 3c13f1ce20
commit ada297ecb6
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
6 changed files with 33 additions and 28 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
app/alias_audit_log_utils.py
View file

@ -9,11 +9,17 @@ class AliasAuditLogAction(Enum):
ChangeAliasStatus = "change_status" ChangeAliasStatus = "change_status"
DeleteAlias = "delete" DeleteAlias = "delete"
UpdateAlias = "update" UpdateAlias = "update"
InitiateTransferAlias = "initiate_transfer_alias" InitiateTransferAlias = "initiate_transfer_alias"
AcceptTransferAlias = "accept_transfer_alias" AcceptTransferAlias = "accept_transfer_alias"
TransferredAlias = "transferred_alias" TransferredAlias = "transferred_alias"
ChangedMailboxes = "changed_mailboxes" ChangedMailboxes = "changed_mailboxes"
CreateContact = "create_contact"
UpdateContact = "update_contact"
DeleteContact = "delete_contact"
def emit_alias_audit_log( def emit_alias_audit_log(
alias: Alias, alias: Alias,

15
app/api/views/alias.py
View file

@ -31,7 +31,6 @@ from app.errors import (
from app.extensions import limiter from app.extensions import limiter
from app.log import LOG from app.log import LOG
from app.models import Alias, Contact, Mailbox, AliasDeleteReason from app.models import Alias, Contact, Mailbox, AliasDeleteReason
from app.user_audit_log_utils import emit_user_audit_log, UserAuditLogAction
@deprecated @deprecated
@ -455,9 +454,9 @@ def delete_contact(contact_id):
if not contact or contact.alias.user_id != user.id: if not contact or contact.alias.user_id != user.id:
return jsonify(error="Forbidden"), 403 return jsonify(error="Forbidden"), 403
emit_user_audit_log( emit_alias_audit_log(
user=user, alias=contact.alias,
action=UserAuditLogAction.DeleteContact, action=AliasAuditLogAction.DeleteContact,
message=f"Deleted contact {contact_id} ({contact.email})", message=f"Deleted contact {contact_id} ({contact.email})",
) )
Contact.delete(contact_id) Contact.delete(contact_id)
@ -477,15 +476,15 @@ def toggle_contact(contact_id):
200 200
""" """
user = g.user user = g.user
contact = Contact.get(contact_id) contact: Optional[Contact] = Contact.get(contact_id)
if not contact or contact.alias.user_id != user.id: if not contact or contact.alias.user_id != user.id:
return jsonify(error="Forbidden"), 403 return jsonify(error="Forbidden"), 403
contact.block_forward = not contact.block_forward contact.block_forward = not contact.block_forward
emit_user_audit_log( emit_alias_audit_log(
user=user, alias=contact.alias,
action=UserAuditLogAction.UpdateContact, action=AliasAuditLogAction.UpdateContact,
message=f"Set contact state {contact.id} {contact.email} -> {contact.website_email} to blocked {contact.block_forward}", message=f"Set contact state {contact.id} {contact.email} -> {contact.website_email} to blocked {contact.block_forward}",
) )
Session.commit() Session.commit()

14
app/contact_utils.py
View file

@ -4,12 +4,12 @@ from typing import Optional
from sqlalchemy.exc import IntegrityError from sqlalchemy.exc import IntegrityError
from app.alias_audit_log_utils import emit_alias_audit_log, AliasAuditLogAction
from app.db import Session from app.db import Session
from app.email_utils import generate_reply_email, parse_full_address from app.email_utils import generate_reply_email, parse_full_address
from app.email_validation import is_valid_email from app.email_validation import is_valid_email
from app.log import LOG from app.log import LOG
from app.models import Contact, Alias from app.models import Contact, Alias
from app.user_audit_log_utils import emit_user_audit_log, UserAuditLogAction
from app.utils import sanitize_email from app.utils import sanitize_email
@ -101,10 +101,14 @@ def create_contact(
invalid_email=email == "", invalid_email=email == "",
commit=True, commit=True,
) )
emit_user_audit_log( if automatic_created:
user=alias.user, trail = ". Automatically created"
action=UserAuditLogAction.CreateContact, else:
message=f"Created contact {contact.id} ({contact.email})", trail = ". Created by user action"
emit_alias_audit_log(
alias=alias,
action=AliasAuditLogAction.CreateContact,
message=f"Created contact {contact.id} ({contact.email}){trail}",
commit=True, commit=True,
) )
LOG.d( LOG.d(

8
app/dashboard/views/alias_contact_manager.py
View file

@ -11,6 +11,7 @@ from wtforms import StringField, validators, ValidationError
# Need to import directly from config to allow modification from the tests # Need to import directly from config to allow modification from the tests
from app import config, parallel_limiter, contact_utils from app import config, parallel_limiter, contact_utils
from app.alias_audit_log_utils import emit_alias_audit_log, AliasAuditLogAction
from app.contact_utils import ContactCreateError from app.contact_utils import ContactCreateError
from app.dashboard.base import dashboard_bp from app.dashboard.base import dashboard_bp
from app.db import Session from app.db import Session
@ -23,7 +24,6 @@ from app.errors import (
) )
from app.log import LOG from app.log import LOG
from app.models import Alias, Contact, EmailLog from app.models import Alias, Contact, EmailLog
from app.user_audit_log_utils import emit_user_audit_log, UserAuditLogAction
from app.utils import CSRFValidationForm from app.utils import CSRFValidationForm
@ -200,9 +200,9 @@ def delete_contact(alias: Alias, contact_id: int):
flash("You cannot delete reverse-alias", "warning") flash("You cannot delete reverse-alias", "warning")
else: else:
delete_contact_email = contact.website_email delete_contact_email = contact.website_email
emit_user_audit_log( emit_alias_audit_log(
user=alias.user, alias=alias,
action=UserAuditLogAction.DeleteContact, action=AliasAuditLogAction.DeleteContact,
message=f"Delete contact {contact_id} ({contact.email})", message=f"Delete contact {contact_id} ({contact.email})",
) )
Contact.delete(contact_id) Contact.delete(contact_id)

14
app/dashboard/views/contact_detail.py
View file

@ -5,11 +5,11 @@ from flask_login import login_required, current_user
from flask_wtf import FlaskForm from flask_wtf import FlaskForm
from wtforms import StringField, validators from wtforms import StringField, validators
from app.alias_audit_log_utils import emit_alias_audit_log, AliasAuditLogAction
from app.dashboard.base import dashboard_bp from app.dashboard.base import dashboard_bp
from app.db import Session from app.db import Session
from app.models import Contact from app.models import Contact
from app.pgp_utils import PGPException, load_public_key_and_check from app.pgp_utils import PGPException, load_public_key_and_check
from app.user_audit_log_utils import emit_user_audit_log, UserAuditLogAction
class PGPContactForm(FlaskForm): class PGPContactForm(FlaskForm):
@ -53,9 +53,9 @@ def contact_detail_route(contact_id):
except PGPException: except PGPException:
flash("Cannot add the public key, please verify it", "error") flash("Cannot add the public key, please verify it", "error")
else: else:
emit_user_audit_log( emit_alias_audit_log(
user=current_user, alias=alias,
action=UserAuditLogAction.UpdateContact, action=AliasAuditLogAction.UpdateContact,
message=f"Added PGP key {contact.pgp_public_key} for contact {contact_id} ({contact.email})", message=f"Added PGP key {contact.pgp_public_key} for contact {contact_id} ({contact.email})",
) )
Session.commit() Session.commit()
@ -70,9 +70,9 @@ def contact_detail_route(contact_id):
) )
elif pgp_form.action.data == "remove": elif pgp_form.action.data == "remove":
# Free user can decide to remove contact PGP key # Free user can decide to remove contact PGP key
emit_user_audit_log( emit_alias_audit_log(
user=current_user, alias=alias,
action=UserAuditLogAction.UpdateContact, action=AliasAuditLogAction.UpdateContact,
message=f"Removed PGP key {contact.pgp_public_key} for contact {contact_id} ({contact.email})", message=f"Removed PGP key {contact.pgp_public_key} for contact {contact_id} ({contact.email})",
) )
contact.pgp_public_key = None contact.pgp_public_key = None

4
app/user_audit_log_utils.py
View file

@ -20,10 +20,6 @@ class UserAuditLogAction(Enum):
UpdateCustomDomain = "update_custom_domain" UpdateCustomDomain = "update_custom_domain"
DeleteCustomDomain = "delete_custom_domain" DeleteCustomDomain = "delete_custom_domain"
CreateContact = "create_contact"
UpdateContact = "update_contact"
DeleteContact = "delete_contact"
CreateDirectory = "create_directory" CreateDirectory = "create_directory"
UpdateDirectory = "update_directory" UpdateDirectory = "update_directory"
DeleteDirectory = "delete_directory" DeleteDirectory = "delete_directory"