studio/people
Archived
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

(dimail) allow la regie to request a token for another user

Browse Source 
allow la regie to request a token for another dimail user,
to better track who created/modified which ressource.
This commit is contained in:
Marie PUPO JEAMMET
2024-09-20 16:31:41 +02:00
committed by Marie
parent 55d7e846d8
commit 01abc66e59
4 changed files with 22 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
CHANGELOG.md
View File

@@ -13,7 +13,7 @@ and this project adheres to
- ✨(domains) add endpoint to list and retrieve domain accesses #404 - ✨(domains) add endpoint to list and retrieve domain accesses #404
- 🍱(dev) embark dimail-api as container #366 - 🍱(dev) embark dimail-api as container #366
- ✨(dimail) allow la regie to request a token for another user #416
### Changed ### Changed

2
src/backend/mailbox_manager/api/serializers.py
View File

@@ -22,7 +22,7 @@ class MailboxSerializer(serializers.ModelSerializer):
Override create function to fire a request on mailbox creation. Override create function to fire a request on mailbox creation.
""" """
client = DimailAPIClient() client = DimailAPIClient()
client.send_mailbox_request(validated_data) client.send_mailbox_request(validated_data, self.context["request"].user.sub)
return models.Mailbox.objects.create(**validated_data) return models.Mailbox.objects.create(**validated_data)

11
src/backend/mailbox_manager/tests/api/mailboxes/test_api_mailboxes_create.py
View File

@@ -496,7 +496,8 @@ def test_api_mailboxes__handling_dimail_unexpected_error():
@mock.patch.object(Logger, "info") @mock.patch.object(Logger, "info")
def test_api_mailboxes__send_correct_logger_infos(mock_info, mock_error): def test_api_mailboxes__send_correct_logger_infos(mock_info, mock_error):
""" """
Upon requesting mailbox creation, things are correctly logged Upon requesting mailbox creation, la régie should impersonate
querying user in dimail and log things correctly.
""" """
access = factories.MailDomainAccessFactory(role=enums.MailDomainRoleChoices.OWNER) access = factories.MailDomainAccessFactory(role=enums.MailDomainRoleChoices.OWNER)
@@ -536,6 +537,9 @@ def test_api_mailboxes__send_correct_logger_infos(mock_info, mock_error):
) )
assert response.status_code == status.HTTP_201_CREATED assert response.status_code == status.HTTP_201_CREATED
# user sub is sent to payload as a parameter
assert rsps.calls[0].request.params == {"username": access.user.sub}
# Logger # Logger
assert not mock_error.called assert not mock_error.called
assert mock_info.call_count == 3 assert mock_info.call_count == 3
@@ -543,6 +547,7 @@ def test_api_mailboxes__send_correct_logger_infos(mock_info, mock_error):
"Token succesfully granted by mail-provisioning API.", "Token succesfully granted by mail-provisioning API.",
) )
assert mock_info.call_args_list[1][0] == ( assert mock_info.call_args_list[1][0] == (
"Mailbox successfully created on domain %s", "Mailbox successfully created on domain %s by user %s",
access.domain.name, str(access.domain),
access.user.sub,
) )

16
src/backend/mailbox_manager/utils/dimail.py
View File

@@ -31,16 +31,23 @@ class DimailAPIClient:
API_URL = settings.MAIL_PROVISIONING_API_URL API_URL = settings.MAIL_PROVISIONING_API_URL
API_CREDENTIALS = settings.MAIL_PROVISIONING_API_CREDENTIALS API_CREDENTIALS = settings.MAIL_PROVISIONING_API_CREDENTIALS
def get_headers(self): def get_headers(self, user_sub=None):
""" """
Build headers dictionary. Requires MAIL_PROVISIONING_API_CREDENTIALS setting, Build headers dictionary. Requires MAIL_PROVISIONING_API_CREDENTIALS setting,
to get a token from dimail /token/ endpoint. to get a token from dimail /token/ endpoint.
If provided, request user' sub is used for la regie to log in as this user,
thus allowing for more precise logs.
""" """
headers = {"Content-Type": "application/json"} headers = {"Content-Type": "application/json"}
params = None
if user_sub:
params = {"username": str(user_sub)}
response = requests.get( response = requests.get(
f"{self.API_URL}/token/", f"{self.API_URL}/token/",
headers={"Authorization": f"Basic {self.API_CREDENTIALS}"}, headers={"Authorization": f"Basic {self.API_CREDENTIALS}"},
params=params,
timeout=20, timeout=20,
) )
@@ -60,7 +67,7 @@ class DimailAPIClient:
return self.pass_dimail_unexpected_response(response) return self.pass_dimail_unexpected_response(response)
def send_mailbox_request(self, mailbox): def send_mailbox_request(self, mailbox, user_sub=None):
"""Send a CREATE mailbox request to mail provisioning API.""" """Send a CREATE mailbox request to mail provisioning API."""
payload = { payload = {
@@ -68,7 +75,7 @@ class DimailAPIClient:
"surName": mailbox["last_name"], "surName": mailbox["last_name"],
"displayName": f"{mailbox['first_name']} {mailbox['last_name']}", "displayName": f"{mailbox['first_name']} {mailbox['last_name']}",
} }
headers = self.get_headers() headers = self.get_headers(user_sub)
try: try:
response = session.post( response = session.post(
@@ -92,8 +99,9 @@ class DimailAPIClient:
# from OX servers but their prod is not ready. # from OX servers but their prod is not ready.
# In the meantime, we log mailbox info (including password !) # In the meantime, we log mailbox info (including password !)
logger.info( logger.info(
"Mailbox successfully created on domain %s", "Mailbox successfully created on domain %s by user %s",
str(mailbox["domain"]), str(mailbox["domain"]),
user_sub,
extra=extra, extra=extra,
) )
return response return response