diff --git a/backend/src/app/config.clj b/backend/src/app/config.clj index 643517bbe..39fa0499e 100644 --- a/backend/src/app/config.clj +++ b/backend/src/app/config.clj @@ -270,8 +270,9 @@ ::tenant])) (defn- parse-flags - [{:keys [flags]}] - (flags/parse flags flags/default)) + [config] + (-> (:flags config) + (flags/parse flags/default))) (defn read-env [prefix] diff --git a/backend/src/app/loggers/audit.clj b/backend/src/app/loggers/audit.clj index 7a41a7e46..e7e4368ab 100644 --- a/backend/src/app/loggers/audit.clj +++ b/backend/src/app/loggers/audit.clj @@ -36,6 +36,7 @@ [profile] (-> profile (select-keys [:is-active :is-muted :auth-backend :email :default-team-id :default-project-id :fullname :lang]) + (merge (:props profile)) (d/without-nils))) (defn clean-props diff --git a/backend/src/app/rpc.clj b/backend/src/app/rpc.clj index 6426116d0..2df73c131 100644 --- a/backend/src/app/rpc.clj +++ b/backend/src/app/rpc.clj @@ -119,7 +119,8 @@ (::audit/profile-id resultm)) props (d/merge params' (::audit/props resultm))] (audit :cmd :submit - :type (::type cfg) + :type (or (::audit/type resultm) + (::type cfg)) :name (or (::audit/name resultm) (::sv/name mdata)) :profile-id profile-id diff --git a/backend/src/app/rpc/mutations/profile.clj b/backend/src/app/rpc/mutations/profile.clj index 8c5e3a7ba..906ec83ad 100644 --- a/backend/src/app/rpc/mutations/profile.clj +++ b/backend/src/app/rpc/mutations/profile.clj @@ -197,7 +197,6 @@ ptoken (tokens :generate-predefined {:iss :profile-identity :profile-id (:id profile)})] - (eml/send! {::eml/conn conn ::eml/factory eml/register :public-uri (:public-uri cfg) @@ -351,11 +350,14 @@ (defn- update-profile [conn {:keys [id fullname lang theme] :as params}] - (db/update! conn :profile - {:fullname fullname - :lang lang - :theme theme} - {:id id})) + (let [profile (db/update! conn :profile + {:fullname fullname + :lang lang + :theme theme} + {:id id})] + (-> profile + (profile/decode-profile-row) + (profile/strip-private-attrs)))) (s/def ::update-profile (s/keys :req-un [::id ::fullname] @@ -364,8 +366,9 @@ (sv/defmethod ::update-profile [{:keys [pool] :as cfg} params] (db/with-atomic [conn pool] - (update-profile conn params) - nil)) + (let [profile (update-profile conn params)] + (with-meta profile + {::audit/props (audit/profile->props profile)})))) ;; --- MUTATION: Update Password diff --git a/backend/src/app/rpc/mutations/verify_token.clj b/backend/src/app/rpc/mutations/verify_token.clj index 61b5f9abb..1fa32b81d 100644 --- a/backend/src/app/rpc/mutations/verify_token.clj +++ b/backend/src/app/rpc/mutations/verify_token.clj @@ -9,6 +9,7 @@ [app.common.exceptions :as ex] [app.common.spec :as us] [app.db :as db] + [app.loggers.audit :as audit] [app.metrics :as mtx] [app.rpc.mutations.teams :as teams] [app.rpc.queries.profile :as profile] @@ -63,7 +64,10 @@ (with-meta claims {:transform-response ((:create session) profile-id) - :before-complete (annotate-profile-activation metrics)}))) + :before-complete (annotate-profile-activation metrics) + ::audit/name "verify-profile-email" + ::audit/props (audit/profile->props profile) + ::audit/profile-id (:id profile)}))) (defmethod process-token :auth [{:keys [conn] :as cfg} _params {:keys [profile-id] :as claims}] @@ -116,8 +120,7 @@ ;; user is already logged in with some account. (and (uuid? profile-id) (uuid? member-id)) - (do - (accept-invitation cfg claims) + (let [profile (accept-invitation cfg claims)] (if (= member-id profile-id) ;; If the current session is already matches the invited ;; member, then just return the token and leave the frontend @@ -131,27 +134,44 @@ ;; account. (with-meta (assoc claims :state :created) - {:transform-response ((:create session) member-id)}))) + {:transform-response ((:create session) member-id) + ::audit/name "accept-team-invitation" + ::audit/props (merge + (audit/profile->props profile) + {:team-id (:team-id claims) + :role (:role claims)}) + ::audit/profile-id profile-id}))) ;; This happens when member-id is not filled in the invitation but ;; the user already has an account (probably with other mail) and ;; is already logged-in. (and (uuid? profile-id) (nil? member-id)) - (do - (accept-invitation cfg (assoc claims :member-id profile-id)) - (assoc claims :state :created)) + (let [profile (accept-invitation cfg (assoc claims :member-id profile-id))] + (with-meta + (assoc claims :state :created) + {::audit/name "accept-team-invitation" + ::audit/props (merge + (audit/profile->props profile) + {:team-id (:team-id claims) + :role (:role claims)}) + ::audit/profile-id profile-id})) ;; This happens when member-id is filled but the accessing user is ;; not logged-in. In this case we proceed to accept invitation and ;; leave the user logged-in. (and (nil? profile-id) (uuid? member-id)) - (do - (accept-invitation cfg claims) + (let [profile (accept-invitation cfg claims)] (with-meta (assoc claims :state :created) - {:transform-response ((:create session) member-id)})) + {:transform-response ((:create session) member-id) + ::audit/name "accept-team-invitation" + ::audit/props (merge + (audit/profile->props profile) + {:team-id (:team-id claims) + :role (:role claims)}) + ::audit/profile-id member-id})) ;; In this case, we wait until frontend app redirect user to ;; registeration page, the user is correctly registered and the diff --git a/backend/test/app/services_profile_test.clj b/backend/test/app/services_profile_test.clj index 35d3990cf..b51bcd8c0 100644 --- a/backend/test/app/services_profile_test.clj +++ b/backend/test/app/services_profile_test.clj @@ -89,7 +89,7 @@ ;; (th/print-result! out) (t/is (nil? (:error out))) - (t/is (nil? (:result out))))) + (t/is (map? (:result out))))) (t/testing "query profile after update" (let [data {::th/type :profile