journal: log user deletion for inactivity (#63470)

src/authentic2/journal_event_types.py

@@ -277,6 +277,23 @@ class UserDeletion(EventTypeWithService):
         super().record(user=user, session=session, service=service)
 
 
+class UserDeletionForInactivity(EventTypeWithService):
+    name = 'user.deletion.inactivity'
+    label = _('user deletion for inactivity')
+
+    @classmethod
+    def record(cls, *, user, days_of_inactivity):
+        super().record(user=user, data={'days_of_inactivity': days_of_inactivity, 'email': user.email})
+
+    @classmethod
+    def get_message(cls, event, context):
+        days_of_inactivity = event.get_data('days_of_inactivity')
+        email = event.get_data('email')
+        return _(
+            f'user deletion after {days_of_inactivity} days of inactivity, notification sent to "{email}".'
+        )
+
+
 class UserServiceSSO(EventTypeWithHow):
     name = 'user.service.sso'
     label = _('service single sign on')

src/authentic2/management/commands/clean-unused-accounts.py

@@ -30,7 +30,7 @@ from authentic2 import app_settings
 from authentic2.a2_rbac.models import OrganizationalUnit
 from authentic2.backends import get_user_queryset
 from authentic2.backends.ldap_backend import LDAPBackend
-from authentic2.journal_event_types import UserNotificationInactivity
+from authentic2.journal_event_types import UserDeletionForInactivity, UserNotificationInactivity
 from authentic2.utils.misc import send_templated_mail
 
 logger = logging.getLogger(__name__)
@@ -107,7 +107,7 @@ class Command(BaseCommand):
                     user,
                     ou.clean_unused_accounts_deletion,
                 )
-                self.delete_user(user)
+                self.delete_user(user, days_of_inactivity=deletion_delay.days)
 
     def send_alert(self, user, days_to_deletion, days_of_inactivity):
         ctx = {
@@ -136,9 +136,10 @@ class Command(BaseCommand):
 
                 transaction.on_commit(send_mail)
 
-    def delete_user(self, user):
+    def delete_user(self, user, days_of_inactivity):
         ctx = {'user': user}
         with transaction.atomic():
             self.send_mail('authentic2/unused_account_delete', user, ctx)
             if not self.fake:
+                UserDeletionForInactivity.record(user=user, days_of_inactivity=days_of_inactivity)
                 user.delete()

tests/test_commands.py

@@ -77,7 +77,12 @@ def test_clean_unused_account(db, simple_user, mailoutbox, freezer, settings):
 
     assert User.objects.count() == 3
     assert len(mailoutbox) == 1
-    assert Event.objects.filter(type__name='user.notification.inactivity', user=simple_user).count() == 1
+    assert (
+        Event.objects.filter(
+            type__name='user.notification.inactivity', user=simple_user, data__email=simple_user.email
+        ).count()
+        == 1
+    )
 
     freezer.move_to('2018-01-01 12:00:00')
     # no new mail, no deletion
@@ -92,6 +97,12 @@ def test_clean_unused_account(db, simple_user, mailoutbox, freezer, settings):
     assert deleted_user.old_user_id == simple_user.id
     assert len(mailoutbox) == 2
     assert mailoutbox[-1].to == [email]
+    assert (
+        Event.objects.filter(
+            type__name='user.deletion.inactivity', user=simple_user, data__email=simple_user.email
+        ).count()
+        == 1
+    )
 
 
 def test_clean_unused_account_user_logs_in(app, db, simple_user, mailoutbox, freezer):

tests/test_manager_journal.py

@@ -288,6 +288,7 @@ def events(db, freezer):
         profile=profile,
     )
     make('user.notification.inactivity', user=user, days_of_inactivity=120, days_to_deletion=20)
+    make('user.deletion.inactivity', user=user, days_of_inactivity=140)
 
     # verify we created at least one event for each type
     assert set(Event.objects.values_list("type__name", flat=True)) == set(_registry)
@@ -642,6 +643,13 @@ def test_global_journal(app, superuser, events):
             'type': 'user.notification.inactivity',
             'user': 'Johnny doe',
         },
+        {
+            'message': 'user deletion after 140 days of inactivity, notification sent to '
+            '"user@example.com".',
+            'timestamp': 'Jan. 3, 2020, 2 a.m.',
+            'type': 'user.deletion.inactivity',
+            'user': 'Johnny doe',
+        },
     ]
 
     agent_page = response.click('agent', index=1)
@@ -869,6 +877,13 @@ def test_user_journal(app, superuser, events):
             'type': 'user.notification.inactivity',
             'user': 'Johnny doe',
         },
+        {
+            'message': 'user deletion after 140 days of inactivity, notification sent to '
+            '"user@example.com".',
+            'timestamp': 'Jan. 3, 2020, 2 a.m.',
+            'type': 'user.deletion.inactivity',
+            'user': 'Johnny doe',
+        },
     ]
 
 
@@ -1148,6 +1163,7 @@ def test_search(app, superuser, events):
 
     table_content = [text_content(p) for p in response.pyquery('tbody td.journal-list--message-column')]
     assert table_content == [
+        'user deletion after 140 days of inactivity, notification sent to "user@example.com".',
         'profile "aaa" of type "One Type" deleted for user "Johnny doe"',
         'profile "aaa" of type "One Type" updated for user "Johnny doe"',
         'profile "aaa" of type "One Type" created for user "Johnny doe"',
@@ -1168,11 +1184,10 @@ def test_search(app, superuser, events):
         'password reset failure with email "USER@example.com"',
         'password reset request with email "user@example.com"',
         'user deletion',
-        'profile edit (first name)',
     ]
     response = response.click('Previous')
     table_content = [text_content(p) for p in response.pyquery('tbody td.journal-list--message-column')]
-    assert table_content[-2:] == ['profile edit (first name)', 'password change']
+    assert table_content[-3:] == ['user deletion', 'profile edit (first name)', 'password change']
 
     response.form['event_type'].select(text='Role management')
     response = response.form.submit()