studio/people
Archived
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

(dimail) allow la regie to request a token for another user

Browse Source 
allow la regie to request a token for another dimail user,
to better track who created/modified which ressource.
This commit is contained in:
Marie PUPO JEAMMET
2024-09-20 16:31:41 +02:00
committed by Marie
parent 55d7e846d8
commit 01abc66e59
4 changed files with 22 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
CHANGELOG.md
View File

@@ -13,7 +13,7 @@ and this project adheres to
- ✨(domains) add endpoint to list and retrieve domain accesses #404
- 🍱(dev) embark dimail-api as container #366
- ✨(dimail) allow la regie to request a token for another user #416
### Changed

2
src/backend/mailbox_manager/api/serializers.py
View File

@@ -22,7 +22,7 @@ class MailboxSerializer(serializers.ModelSerializer):
Override create function to fire a request on mailbox creation.
"""
client = DimailAPIClient()
client.send_mailbox_request(validated_data)
client.send_mailbox_request(validated_data, self.context["request"].user.sub)
return models.Mailbox.objects.create(**validated_data)

11
src/backend/mailbox_manager/tests/api/mailboxes/test_api_mailboxes_create.py
View File

@@ -496,7 +496,8 @@ def test_api_mailboxes__handling_dimail_unexpected_error():
@mock.patch.object(Logger, "info")
def test_api_mailboxes__send_correct_logger_infos(mock_info, mock_error):
"""
Upon requesting mailbox creation, things are correctly logged
Upon requesting mailbox creation, la régie should impersonate
querying user in dimail and log things correctly.
"""
access = factories.MailDomainAccessFactory(role=enums.MailDomainRoleChoices.OWNER)
@@ -536,6 +537,9 @@ def test_api_mailboxes__send_correct_logger_infos(mock_info, mock_error):
)
assert response.status_code == status.HTTP_201_CREATED
# user sub is sent to payload as a parameter
assert rsps.calls[0].request.params == {"username": access.user.sub}
# Logger
assert not mock_error.called
assert mock_info.call_count == 3
@@ -543,6 +547,7 @@ def test_api_mailboxes__send_correct_logger_infos(mock_info, mock_error):
"Token succesfully granted by mail-provisioning API.",
)
assert mock_info.call_args_list[1][0] == (
"Mailbox successfully created on domain %s",
access.domain.name,
"Mailbox successfully created on domain %s by user %s",
str(access.domain),
access.user.sub,
)

16
src/backend/mailbox_manager/utils/dimail.py
View File

@@ -31,16 +31,23 @@ class DimailAPIClient:
API_URL = settings.MAIL_PROVISIONING_API_URL
API_CREDENTIALS = settings.MAIL_PROVISIONING_API_CREDENTIALS
def get_headers(self):
def get_headers(self, user_sub=None):
"""
Build headers dictionary. Requires MAIL_PROVISIONING_API_CREDENTIALS setting,
to get a token from dimail /token/ endpoint.
If provided, request user' sub is used for la regie to log in as this user,
thus allowing for more precise logs.
"""
headers = {"Content-Type": "application/json"}
params = None
if user_sub:
params = {"username": str(user_sub)}
response = requests.get(
f"{self.API_URL}/token/",
headers={"Authorization": f"Basic {self.API_CREDENTIALS}"},
params=params,
timeout=20,
)
@@ -60,7 +67,7 @@ class DimailAPIClient:
return self.pass_dimail_unexpected_response(response)
def send_mailbox_request(self, mailbox):
def send_mailbox_request(self, mailbox, user_sub=None):
"""Send a CREATE mailbox request to mail provisioning API."""
payload = {
@@ -68,7 +75,7 @@ class DimailAPIClient:
"surName": mailbox["last_name"],
"displayName": f"{mailbox['first_name']} {mailbox['last_name']}",
}
headers = self.get_headers()
headers = self.get_headers(user_sub)
try:
response = session.post(
@@ -92,8 +99,9 @@ class DimailAPIClient:
# from OX servers but their prod is not ready.
# In the meantime, we log mailbox info (including password !)
logger.info(
"Mailbox successfully created on domain %s",
"Mailbox successfully created on domain %s by user %s",
str(mailbox["domain"]),
user_sub,
extra=extra,
)
return response