journal: log user deletion for inactivity (#63470)
This commit is contained in:
parent
93c25750d2
commit
39fb242e44
|
@ -277,6 +277,23 @@ class UserDeletion(EventTypeWithService):
|
|||
super().record(user=user, session=session, service=service)
|
||||
|
||||
|
||||
class UserDeletionForInactivity(EventTypeWithService):
|
||||
name = 'user.deletion.inactivity'
|
||||
label = _('user deletion for inactivity')
|
||||
|
||||
@classmethod
|
||||
def record(cls, *, user, days_of_inactivity):
|
||||
super().record(user=user, data={'days_of_inactivity': days_of_inactivity, 'email': user.email})
|
||||
|
||||
@classmethod
|
||||
def get_message(cls, event, context):
|
||||
days_of_inactivity = event.get_data('days_of_inactivity')
|
||||
email = event.get_data('email')
|
||||
return _(
|
||||
f'user deletion after {days_of_inactivity} days of inactivity, notification sent to "{email}".'
|
||||
)
|
||||
|
||||
|
||||
class UserServiceSSO(EventTypeWithHow):
|
||||
name = 'user.service.sso'
|
||||
label = _('service single sign on')
|
||||
|
|
|
@ -30,7 +30,7 @@ from authentic2 import app_settings
|
|||
from authentic2.a2_rbac.models import OrganizationalUnit
|
||||
from authentic2.backends import get_user_queryset
|
||||
from authentic2.backends.ldap_backend import LDAPBackend
|
||||
from authentic2.journal_event_types import UserNotificationInactivity
|
||||
from authentic2.journal_event_types import UserDeletionForInactivity, UserNotificationInactivity
|
||||
from authentic2.utils.misc import send_templated_mail
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
@ -107,7 +107,7 @@ class Command(BaseCommand):
|
|||
user,
|
||||
ou.clean_unused_accounts_deletion,
|
||||
)
|
||||
self.delete_user(user)
|
||||
self.delete_user(user, days_of_inactivity=deletion_delay.days)
|
||||
|
||||
def send_alert(self, user, days_to_deletion, days_of_inactivity):
|
||||
ctx = {
|
||||
|
@ -136,9 +136,10 @@ class Command(BaseCommand):
|
|||
|
||||
transaction.on_commit(send_mail)
|
||||
|
||||
def delete_user(self, user):
|
||||
def delete_user(self, user, days_of_inactivity):
|
||||
ctx = {'user': user}
|
||||
with transaction.atomic():
|
||||
self.send_mail('authentic2/unused_account_delete', user, ctx)
|
||||
if not self.fake:
|
||||
UserDeletionForInactivity.record(user=user, days_of_inactivity=days_of_inactivity)
|
||||
user.delete()
|
||||
|
|
|
@ -77,7 +77,12 @@ def test_clean_unused_account(db, simple_user, mailoutbox, freezer, settings):
|
|||
|
||||
assert User.objects.count() == 3
|
||||
assert len(mailoutbox) == 1
|
||||
assert Event.objects.filter(type__name='user.notification.inactivity', user=simple_user).count() == 1
|
||||
assert (
|
||||
Event.objects.filter(
|
||||
type__name='user.notification.inactivity', user=simple_user, data__email=simple_user.email
|
||||
).count()
|
||||
== 1
|
||||
)
|
||||
|
||||
freezer.move_to('2018-01-01 12:00:00')
|
||||
# no new mail, no deletion
|
||||
|
@ -92,6 +97,12 @@ def test_clean_unused_account(db, simple_user, mailoutbox, freezer, settings):
|
|||
assert deleted_user.old_user_id == simple_user.id
|
||||
assert len(mailoutbox) == 2
|
||||
assert mailoutbox[-1].to == [email]
|
||||
assert (
|
||||
Event.objects.filter(
|
||||
type__name='user.deletion.inactivity', user=simple_user, data__email=simple_user.email
|
||||
).count()
|
||||
== 1
|
||||
)
|
||||
|
||||
|
||||
def test_clean_unused_account_user_logs_in(app, db, simple_user, mailoutbox, freezer):
|
||||
|
|
|
@ -288,6 +288,7 @@ def events(db, freezer):
|
|||
profile=profile,
|
||||
)
|
||||
make('user.notification.inactivity', user=user, days_of_inactivity=120, days_to_deletion=20)
|
||||
make('user.deletion.inactivity', user=user, days_of_inactivity=140)
|
||||
|
||||
# verify we created at least one event for each type
|
||||
assert set(Event.objects.values_list("type__name", flat=True)) == set(_registry)
|
||||
|
@ -642,6 +643,13 @@ def test_global_journal(app, superuser, events):
|
|||
'type': 'user.notification.inactivity',
|
||||
'user': 'Johnny doe',
|
||||
},
|
||||
{
|
||||
'message': 'user deletion after 140 days of inactivity, notification sent to '
|
||||
'"user@example.com".',
|
||||
'timestamp': 'Jan. 3, 2020, 2 a.m.',
|
||||
'type': 'user.deletion.inactivity',
|
||||
'user': 'Johnny doe',
|
||||
},
|
||||
]
|
||||
|
||||
agent_page = response.click('agent', index=1)
|
||||
|
@ -869,6 +877,13 @@ def test_user_journal(app, superuser, events):
|
|||
'type': 'user.notification.inactivity',
|
||||
'user': 'Johnny doe',
|
||||
},
|
||||
{
|
||||
'message': 'user deletion after 140 days of inactivity, notification sent to '
|
||||
'"user@example.com".',
|
||||
'timestamp': 'Jan. 3, 2020, 2 a.m.',
|
||||
'type': 'user.deletion.inactivity',
|
||||
'user': 'Johnny doe',
|
||||
},
|
||||
]
|
||||
|
||||
|
||||
|
@ -1148,6 +1163,7 @@ def test_search(app, superuser, events):
|
|||
|
||||
table_content = [text_content(p) for p in response.pyquery('tbody td.journal-list--message-column')]
|
||||
assert table_content == [
|
||||
'user deletion after 140 days of inactivity, notification sent to "user@example.com".',
|
||||
'profile "aaa" of type "One Type" deleted for user "Johnny doe"',
|
||||
'profile "aaa" of type "One Type" updated for user "Johnny doe"',
|
||||
'profile "aaa" of type "One Type" created for user "Johnny doe"',
|
||||
|
@ -1168,11 +1184,10 @@ def test_search(app, superuser, events):
|
|||
'password reset failure with email "USER@example.com"',
|
||||
'password reset request with email "user@example.com"',
|
||||
'user deletion',
|
||||
'profile edit (first name)',
|
||||
]
|
||||
response = response.click('Previous')
|
||||
table_content = [text_content(p) for p in response.pyquery('tbody td.journal-list--message-column')]
|
||||
assert table_content[-2:] == ['profile edit (first name)', 'password change']
|
||||
assert table_content[-3:] == ['user deletion', 'profile edit (first name)', 'password change']
|
||||
|
||||
response.form['event_type'].select(text='Role management')
|
||||
response = response.form.submit()
|
||||
|
|
Loading…
Reference in New Issue