Merge pull request #10732 from YevhenBondarenko/feature/activate-user-audit-log

Added login audit log when user is activated
2024-05-13 12:06:49 +03:00 · 2024-05-13 12:06:49 +03:00 · 150ea12735
commit 150ea12735
parent 42f5fe662e 814bc331ae
3 changed files with 9 additions and 9 deletions
--- a/application/src/main/java/org/thingsboard/server/controller/AuthController.java
+++ b/application/src/main/java/org/thingsboard/server/controller/AuthController.java
@ -256,7 +256,9 @@ public class AuthController extends BaseController {
            }
        }

-        return tokenFactory.createTokenPair(securityUser);
+        var tokenPair = tokenFactory.createTokenPair(securityUser);
+        systemSecurityService.logLoginAction(user, new RestAuthenticationDetails(request), ActionType.LOGIN, null);
+        return tokenPair;
    }

    @ApiOperation(value = "Reset password (resetPassword)",
--- a/application/src/test/java/org/thingsboard/server/controller/AuditLogControllerTest.java
+++ b/application/src/test/java/org/thingsboard/server/controller/AuditLogControllerTest.java
@ -122,7 +122,7 @@ public class AuditLogControllerTest extends AbstractControllerTest {
            }
        } while (pageData.hasNext());

-        Assert.assertEquals(11, loadedAuditLogs.size());
+        Assert.assertEquals(11 + 1, loadedAuditLogs.size());

        loadedAuditLogs = new ArrayList<>();
        pageLink = new TimePageLink(5);
@ -136,7 +136,7 @@ public class AuditLogControllerTest extends AbstractControllerTest {
            }
        } while (pageData.hasNext());

-        Assert.assertEquals(11, loadedAuditLogs.size());
+        Assert.assertEquals(11 + 1, loadedAuditLogs.size());

        loadedAuditLogs = new ArrayList<>();
        pageLink = new TimePageLink(5);
@ -150,7 +150,7 @@ public class AuditLogControllerTest extends AbstractControllerTest {
            }
        } while (pageData.hasNext());

-        Assert.assertEquals(11, loadedAuditLogs.size());
+        Assert.assertEquals(11 + 1, loadedAuditLogs.size());
    }

    @Test
--- a/application/src/test/java/org/thingsboard/server/controller/TwoFactorAuthTest.java
+++ b/application/src/test/java/org/thingsboard/server/controller/TwoFactorAuthTest.java
@ -298,15 +298,13 @@ public class TwoFactorAuthTest extends AbstractControllerTest {

        logInWithPreVerificationToken(username, password);
        await("async audit log saving").during(1, TimeUnit.SECONDS);
-        assertThat(getLogInAuditLogs()).isEmpty();
-        assertThat(userService.findUserById(tenantId, user.getId()).getAdditionalInfo()
-                .get("lastLoginTs")).isNull();

        doPost("/api/auth/2fa/verification/check?providerType=TOTP&verificationCode=incorrect")
                .andExpect(status().isBadRequest());

+        // there is the first login audit log after user activation
        await("async audit log saving").atMost(1, TimeUnit.SECONDS)
-                .until(() -> getLogInAuditLogs().size() == 1);
+                .until(() -> getLogInAuditLogs().size() == 2);
        assertThat(getLogInAuditLogs().get(0)).satisfies(failedLogInAuditLog -> {
            assertThat(failedLogInAuditLog.getActionStatus()).isEqualTo(ActionStatus.FAILURE);
            assertThat(failedLogInAuditLog.getActionFailureDetails()).containsIgnoringCase("verification code is incorrect");
@ -316,7 +314,7 @@ public class TwoFactorAuthTest extends AbstractControllerTest {
        doPost("/api/auth/2fa/verification/check?providerType=TOTP&verificationCode=" + getCorrectTotp(totpTwoFaAccountConfig))
                .andExpect(status().isOk());
        await("async audit log saving").atMost(1, TimeUnit.SECONDS)
-                .until(() -> getLogInAuditLogs().size() == 2);
+                .until(() -> getLogInAuditLogs().size() == 3);
        assertThat(getLogInAuditLogs().get(0)).satisfies(successfulLogInAuditLog -> {
            assertThat(successfulLogInAuditLog.getActionStatus()).isEqualTo(ActionStatus.SUCCESS);
            assertThat(successfulLogInAuditLog.getUserName()).isEqualTo(username);