2017-04-15 04:03:56 +02:00
|
|
|
from django.utils.timezone import now as timezone_now
|
2017-02-15 04:35:10 +01:00
|
|
|
|
|
|
|
|
from zerver.lib.actions import do_create_user, do_deactivate_user, \
|
2017-03-14 06:06:56 +01:00
|
|
|
do_activate_user, do_reactivate_user, do_change_password, \
|
2018-08-02 08:47:13 +02:00
|
|
|
do_change_user_delivery_email, do_change_avatar_fields, do_change_bot_owner, \
|
2019-02-02 23:53:44 +01:00
|
|
|
do_regenerate_api_key, do_change_tos_version, \
|
2019-10-05 02:36:16 +02:00
|
|
|
bulk_add_subscriptions, bulk_remove_subscriptions, get_streams_traffic, \
|
2020-05-21 00:13:06 +02:00
|
|
|
do_change_user_role, do_deactivate_realm, do_reactivate_realm
|
2017-02-15 04:35:10 +01:00
|
|
|
from zerver.lib.test_classes import ZulipTestCase
|
2019-10-05 02:36:16 +02:00
|
|
|
from zerver.models import RealmAuditLog, get_client, get_realm, UserProfile
|
2018-08-16 18:23:52 +02:00
|
|
|
from analytics.models import StreamCount
|
2017-02-15 04:35:10 +01:00
|
|
|
|
|
|
|
|
from datetime import timedelta
|
2017-03-14 06:07:14 +01:00
|
|
|
from django.contrib.auth.password_validation import validate_password
|
2017-02-15 04:35:10 +01:00
|
|
|
|
2019-10-05 02:36:16 +02:00
|
|
|
from typing import Any, Dict
|
2017-04-07 07:28:28 +02:00
|
|
|
import ujson
|
|
|
|
|
|
2017-04-05 21:53:14 +02:00
|
|
|
class TestRealmAuditLog(ZulipTestCase):
|
2019-10-05 02:36:16 +02:00
|
|
|
def check_role_count_schema(self, role_counts: Dict[str, Any]) -> None:
|
|
|
|
|
for key in [UserProfile.ROLE_REALM_ADMINISTRATOR,
|
|
|
|
|
UserProfile.ROLE_MEMBER,
|
2020-05-26 15:50:24 +02:00
|
|
|
UserProfile.ROLE_GUEST,
|
|
|
|
|
UserProfile.ROLE_REALM_OWNER]:
|
2019-10-05 02:36:16 +02:00
|
|
|
# str(key) since json keys are always strings, and ujson.dumps will have converted
|
|
|
|
|
# the UserProfile.role values into strings
|
|
|
|
|
self.assertTrue(isinstance(role_counts[RealmAuditLog.ROLE_COUNT_HUMANS][str(key)], int))
|
|
|
|
|
self.assertTrue(isinstance(role_counts[RealmAuditLog.ROLE_COUNT_BOTS], int))
|
|
|
|
|
|
2017-11-05 10:51:25 +01:00
|
|
|
def test_user_activation(self) -> None:
|
2017-02-15 04:35:10 +01:00
|
|
|
realm = get_realm('zulip')
|
2017-04-15 04:03:56 +02:00
|
|
|
now = timezone_now()
|
2017-02-15 04:35:10 +01:00
|
|
|
user = do_create_user('email', 'password', realm, 'full_name', 'short_name')
|
|
|
|
|
do_deactivate_user(user)
|
|
|
|
|
do_activate_user(user)
|
|
|
|
|
do_deactivate_user(user)
|
|
|
|
|
do_reactivate_user(user)
|
|
|
|
|
self.assertEqual(RealmAuditLog.objects.filter(event_time__gte=now).count(), 5)
|
|
|
|
|
event_types = list(RealmAuditLog.objects.filter(
|
|
|
|
|
realm=realm, acting_user=None, modified_user=user, modified_stream=None,
|
|
|
|
|
event_time__gte=now, event_time__lte=now+timedelta(minutes=60))
|
|
|
|
|
.order_by('event_time').values_list('event_type', flat=True))
|
2019-10-05 02:36:16 +02:00
|
|
|
self.assertEqual(event_types, [RealmAuditLog.USER_CREATED, RealmAuditLog.USER_DEACTIVATED,
|
|
|
|
|
RealmAuditLog.USER_ACTIVATED, RealmAuditLog.USER_DEACTIVATED,
|
|
|
|
|
RealmAuditLog.USER_REACTIVATED])
|
|
|
|
|
for event in RealmAuditLog.objects.filter(
|
|
|
|
|
realm=realm, acting_user=None, modified_user=user, modified_stream=None,
|
|
|
|
|
event_time__gte=now, event_time__lte=now+timedelta(minutes=60)):
|
|
|
|
|
extra_data = ujson.loads(event.extra_data)
|
|
|
|
|
self.check_role_count_schema(extra_data[RealmAuditLog.ROLE_COUNT])
|
|
|
|
|
self.assertNotIn(RealmAuditLog.OLD_VALUE, extra_data)
|
|
|
|
|
|
|
|
|
|
def test_change_role(self) -> None:
|
|
|
|
|
realm = get_realm('zulip')
|
|
|
|
|
now = timezone_now()
|
|
|
|
|
user_profile = self.example_user("hamlet")
|
2020-05-21 00:13:06 +02:00
|
|
|
do_change_user_role(user_profile, UserProfile.ROLE_REALM_ADMINISTRATOR)
|
|
|
|
|
do_change_user_role(user_profile, UserProfile.ROLE_MEMBER)
|
|
|
|
|
do_change_user_role(user_profile, UserProfile.ROLE_GUEST)
|
|
|
|
|
do_change_user_role(user_profile, UserProfile.ROLE_MEMBER)
|
2020-05-26 15:50:24 +02:00
|
|
|
do_change_user_role(user_profile, UserProfile.ROLE_REALM_OWNER)
|
|
|
|
|
do_change_user_role(user_profile, UserProfile.ROLE_MEMBER)
|
|
|
|
|
old_values_seen = set()
|
|
|
|
|
new_values_seen = set()
|
2019-10-05 02:36:16 +02:00
|
|
|
for event in RealmAuditLog.objects.filter(
|
|
|
|
|
event_type=RealmAuditLog.USER_ROLE_CHANGED,
|
|
|
|
|
realm=realm, modified_user=user_profile,
|
|
|
|
|
event_time__gte=now, event_time__lte=now+timedelta(minutes=60)):
|
|
|
|
|
extra_data = ujson.loads(event.extra_data)
|
|
|
|
|
self.check_role_count_schema(extra_data[RealmAuditLog.ROLE_COUNT])
|
|
|
|
|
self.assertIn(RealmAuditLog.OLD_VALUE, extra_data)
|
|
|
|
|
self.assertIn(RealmAuditLog.NEW_VALUE, extra_data)
|
2020-05-26 15:50:24 +02:00
|
|
|
old_values_seen.add(extra_data[RealmAuditLog.OLD_VALUE])
|
|
|
|
|
new_values_seen.add(extra_data[RealmAuditLog.NEW_VALUE])
|
|
|
|
|
self.assertEqual(old_values_seen, {UserProfile.ROLE_GUEST, UserProfile.ROLE_MEMBER,
|
|
|
|
|
UserProfile.ROLE_REALM_ADMINISTRATOR,
|
|
|
|
|
UserProfile.ROLE_REALM_OWNER})
|
|
|
|
|
self.assertEqual(old_values_seen, new_values_seen)
|
2017-03-14 06:07:14 +01:00
|
|
|
|
2017-11-05 10:51:25 +01:00
|
|
|
def test_change_password(self) -> None:
|
2017-04-15 04:03:56 +02:00
|
|
|
now = timezone_now()
|
2017-05-07 17:21:26 +02:00
|
|
|
user = self.example_user('hamlet')
|
2017-03-14 06:07:14 +01:00
|
|
|
password = 'test1'
|
|
|
|
|
do_change_password(user, password)
|
2018-07-22 18:31:13 +02:00
|
|
|
self.assertEqual(RealmAuditLog.objects.filter(event_type=RealmAuditLog.USER_PASSWORD_CHANGED,
|
2017-03-14 06:07:14 +01:00
|
|
|
event_time__gte=now).count(), 1)
|
|
|
|
|
self.assertIsNone(validate_password(password, user))
|
2017-03-14 06:06:56 +01:00
|
|
|
|
2017-11-05 10:51:25 +01:00
|
|
|
def test_change_email(self) -> None:
|
2017-04-15 04:03:56 +02:00
|
|
|
now = timezone_now()
|
2017-05-07 17:21:26 +02:00
|
|
|
user = self.example_user('hamlet')
|
2020-03-12 14:17:25 +01:00
|
|
|
new_email = 'test@example.com'
|
|
|
|
|
do_change_user_delivery_email(user, new_email)
|
2018-07-10 06:19:50 +02:00
|
|
|
self.assertEqual(RealmAuditLog.objects.filter(event_type=RealmAuditLog.USER_EMAIL_CHANGED,
|
2017-03-14 06:06:56 +01:00
|
|
|
event_time__gte=now).count(), 1)
|
2020-03-12 14:17:25 +01:00
|
|
|
self.assertEqual(new_email, user.delivery_email)
|
2017-03-23 22:02:35 +01:00
|
|
|
|
2017-09-22 16:09:37 +02:00
|
|
|
# Test the RealmAuditLog stringification
|
2018-07-10 06:19:50 +02:00
|
|
|
audit_entry = RealmAuditLog.objects.get(event_type=RealmAuditLog.USER_EMAIL_CHANGED, event_time__gte=now)
|
2020-03-12 14:17:25 +01:00
|
|
|
self.assertTrue(str(audit_entry).startswith("<RealmAuditLog: <UserProfile: %s %s> %s " % (user.email, user.realm, RealmAuditLog.USER_EMAIL_CHANGED)))
|
2017-09-22 16:09:37 +02:00
|
|
|
|
2017-11-05 10:51:25 +01:00
|
|
|
def test_change_avatar_source(self) -> None:
|
2017-04-15 04:03:56 +02:00
|
|
|
now = timezone_now()
|
2017-05-07 17:21:26 +02:00
|
|
|
user = self.example_user('hamlet')
|
2020-04-09 21:51:58 +02:00
|
|
|
avatar_source = 'G'
|
2017-03-23 22:02:35 +01:00
|
|
|
do_change_avatar_fields(user, avatar_source)
|
2018-07-22 18:31:13 +02:00
|
|
|
self.assertEqual(RealmAuditLog.objects.filter(event_type=RealmAuditLog.USER_AVATAR_SOURCE_CHANGED,
|
2017-03-23 22:02:35 +01:00
|
|
|
event_time__gte=now).count(), 1)
|
|
|
|
|
self.assertEqual(avatar_source, user.avatar_source)
|
2017-03-31 17:27:08 +02:00
|
|
|
|
2017-11-05 10:51:25 +01:00
|
|
|
def test_change_full_name(self) -> None:
|
2017-04-07 07:28:28 +02:00
|
|
|
start = timezone_now()
|
|
|
|
|
new_name = 'George Hamletovich'
|
2020-03-06 18:40:46 +01:00
|
|
|
self.login('iago')
|
2017-04-07 07:28:28 +02:00
|
|
|
req = dict(full_name=ujson.dumps(new_name))
|
2018-05-17 19:36:33 +02:00
|
|
|
result = self.client_patch('/json/users/{}'.format(self.example_user("hamlet").id), req)
|
2017-04-07 07:28:28 +02:00
|
|
|
self.assertTrue(result.status_code == 200)
|
2018-07-10 06:18:54 +02:00
|
|
|
query = RealmAuditLog.objects.filter(event_type=RealmAuditLog.USER_FULL_NAME_CHANGED,
|
2017-04-07 07:28:28 +02:00
|
|
|
event_time__gte=start)
|
|
|
|
|
self.assertEqual(query.count(), 1)
|
|
|
|
|
|
2017-11-05 10:51:25 +01:00
|
|
|
def test_change_tos_version(self) -> None:
|
2017-04-07 07:29:29 +02:00
|
|
|
now = timezone_now()
|
|
|
|
|
user = self.example_user("hamlet")
|
|
|
|
|
tos_version = 'android'
|
|
|
|
|
do_change_tos_version(user, tos_version)
|
2018-07-10 06:24:03 +02:00
|
|
|
self.assertEqual(RealmAuditLog.objects.filter(event_type=RealmAuditLog.USER_TOS_VERSION_CHANGED,
|
2017-04-07 07:29:29 +02:00
|
|
|
event_time__gte=now).count(), 1)
|
|
|
|
|
self.assertEqual(tos_version, user.tos_version)
|
|
|
|
|
|
2017-11-05 10:51:25 +01:00
|
|
|
def test_change_bot_owner(self) -> None:
|
2017-04-15 04:03:56 +02:00
|
|
|
now = timezone_now()
|
2017-05-07 17:21:26 +02:00
|
|
|
admin = self.example_user('iago')
|
2017-05-08 17:42:50 +02:00
|
|
|
bot = self.notification_bot()
|
2017-05-07 17:21:26 +02:00
|
|
|
bot_owner = self.example_user('hamlet')
|
2017-03-31 17:27:08 +02:00
|
|
|
do_change_bot_owner(bot, bot_owner, admin)
|
2018-07-22 18:31:13 +02:00
|
|
|
self.assertEqual(RealmAuditLog.objects.filter(event_type=RealmAuditLog.USER_BOT_OWNER_CHANGED,
|
2017-03-31 17:27:08 +02:00
|
|
|
event_time__gte=now).count(), 1)
|
|
|
|
|
self.assertEqual(bot_owner, bot.bot_owner)
|
2017-04-06 12:27:58 +02:00
|
|
|
|
2017-11-05 10:51:25 +01:00
|
|
|
def test_regenerate_api_key(self) -> None:
|
2017-04-06 12:27:58 +02:00
|
|
|
now = timezone_now()
|
2017-05-07 17:21:26 +02:00
|
|
|
user = self.example_user('hamlet')
|
2017-04-06 12:27:58 +02:00
|
|
|
do_regenerate_api_key(user, user)
|
2018-07-10 06:29:08 +02:00
|
|
|
self.assertEqual(RealmAuditLog.objects.filter(event_type=RealmAuditLog.USER_API_KEY_CHANGED,
|
2017-04-06 12:27:58 +02:00
|
|
|
event_time__gte=now).count(), 1)
|
|
|
|
|
self.assertTrue(user.api_key)
|
2017-07-12 17:28:27 +02:00
|
|
|
|
2018-08-16 18:23:52 +02:00
|
|
|
def test_get_streams_traffic(self) -> None:
|
|
|
|
|
realm = get_realm('zulip')
|
|
|
|
|
stream_name = 'whatever'
|
|
|
|
|
stream = self.make_stream(stream_name, realm)
|
2018-08-16 18:37:28 +02:00
|
|
|
stream_ids = {stream.id}
|
|
|
|
|
|
|
|
|
|
result = get_streams_traffic(stream_ids)
|
2018-08-16 18:23:52 +02:00
|
|
|
self.assertEqual(result, {})
|
|
|
|
|
|
|
|
|
|
StreamCount.objects.create(
|
|
|
|
|
realm=realm,
|
|
|
|
|
stream=stream,
|
|
|
|
|
property='messages_in_stream:is_bot:day',
|
|
|
|
|
end_time=timezone_now(),
|
|
|
|
|
value=999,
|
|
|
|
|
)
|
|
|
|
|
|
2018-08-16 18:37:28 +02:00
|
|
|
result = get_streams_traffic(stream_ids)
|
2018-08-16 18:23:52 +02:00
|
|
|
self.assertEqual(result, {stream.id: 999})
|
|
|
|
|
|
2017-11-05 10:51:25 +01:00
|
|
|
def test_subscriptions(self) -> None:
|
2017-07-12 17:28:27 +02:00
|
|
|
now = timezone_now()
|
|
|
|
|
user = [self.example_user('hamlet')]
|
|
|
|
|
stream = [self.make_stream('test_stream')]
|
|
|
|
|
|
|
|
|
|
bulk_add_subscriptions(stream, user)
|
2018-07-10 06:54:06 +02:00
|
|
|
subscription_creation_logs = RealmAuditLog.objects.filter(event_type=RealmAuditLog.SUBSCRIPTION_CREATED,
|
2017-07-12 17:28:27 +02:00
|
|
|
event_time__gte=now)
|
|
|
|
|
self.assertEqual(subscription_creation_logs.count(), 1)
|
2017-09-17 19:53:38 +02:00
|
|
|
self.assertEqual(subscription_creation_logs[0].modified_stream.id, stream[0].id)
|
2017-07-12 17:28:27 +02:00
|
|
|
self.assertEqual(subscription_creation_logs[0].modified_user, user[0])
|
|
|
|
|
|
2018-03-14 00:13:21 +01:00
|
|
|
bulk_remove_subscriptions(user, stream, get_client("website"))
|
2018-07-10 06:56:58 +02:00
|
|
|
subscription_deactivation_logs = RealmAuditLog.objects.filter(event_type=RealmAuditLog.SUBSCRIPTION_DEACTIVATED,
|
2017-07-12 17:28:27 +02:00
|
|
|
event_time__gte=now)
|
|
|
|
|
self.assertEqual(subscription_deactivation_logs.count(), 1)
|
2017-09-17 19:53:38 +02:00
|
|
|
self.assertEqual(subscription_deactivation_logs[0].modified_stream.id, stream[0].id)
|
2017-07-12 17:28:27 +02:00
|
|
|
self.assertEqual(subscription_deactivation_logs[0].modified_user, user[0])
|
2019-10-08 06:05:22 +02:00
|
|
|
|
|
|
|
|
def test_realm_activation(self) -> None:
|
|
|
|
|
realm = get_realm('zulip')
|
|
|
|
|
do_deactivate_realm(realm)
|
|
|
|
|
log_entry = RealmAuditLog.objects.get(realm=realm, event_type=RealmAuditLog.REALM_DEACTIVATED)
|
|
|
|
|
extra_data = ujson.loads(log_entry.extra_data)
|
|
|
|
|
self.check_role_count_schema(extra_data[RealmAuditLog.ROLE_COUNT])
|
|
|
|
|
|
|
|
|
|
do_reactivate_realm(realm)
|
|
|
|
|
log_entry = RealmAuditLog.objects.get(realm=realm, event_type=RealmAuditLog.REALM_REACTIVATED)
|
|
|
|
|
extra_data = ujson.loads(log_entry.extra_data)
|
|
|
|
|
self.check_role_count_schema(extra_data[RealmAuditLog.ROLE_COUNT])
|
