audit_log: Log acting_user in do_change_avatar_fields.

2020-06-29 16:17:44 +05:30 · 2020-06-29 16:17:44 +05:30 · 653928bdfe
parent 2279fef316
commit 653928bdfe
11 changed files with 20 additions and 19 deletions
--- a/tools/generate-integration-docs-screenshot
+++ b/tools/generate-integration-docs-screenshot
@ -79,7 +79,7 @@ def create_integration_bot(integration: WebhookIntegration, bot_name: Optional[s
            if os.path.isfile(bot_avatar_path):
                with open(bot_avatar_path, "rb") as f:
                    upload_avatar_image(f, owner, bot)
-                    do_change_avatar_fields(bot, UserProfile.AVATAR_FROM_USER)
+                    do_change_avatar_fields(bot, UserProfile.AVATAR_FROM_USER, acting_user=owner)

    return bot

--- a/zerver/lib/actions.py
+++ b/zerver/lib/actions.py
@ -826,7 +826,7 @@ def do_scrub_realm(realm: Realm, acting_user: Optional[UserProfile]=None) -> Non
    users = UserProfile.objects.filter(realm=realm)
    for user in users:
        do_delete_messages_by_sender(user)
-        do_delete_avatar_image(user)
+        do_delete_avatar_image(user, acting_user=acting_user)
        user.full_name = f"Scrubbed {generate_key()[:15]}"
        scrubbed_email = f"scrubbed-{generate_key()[:15]}@{realm.host}"
        user.email = scrubbed_email
@ -3330,7 +3330,7 @@ def notify_avatar_url_change(user_profile: UserProfile) -> None:
               active_user_ids(user_profile.realm_id))

 def do_change_avatar_fields(user_profile: UserProfile, avatar_source: str,
-                            skip_notify: bool=False) -> None:
+                            skip_notify: bool=False, acting_user: Optional[UserProfile]=None) -> None:
    user_profile.avatar_source = avatar_source
    user_profile.avatar_version += 1
    user_profile.save(update_fields=["avatar_source", "avatar_version"])
@ -3338,13 +3338,13 @@ def do_change_avatar_fields(user_profile: UserProfile, avatar_source: str,
    RealmAuditLog.objects.create(realm=user_profile.realm, modified_user=user_profile,
                                 event_type=RealmAuditLog.USER_AVATAR_SOURCE_CHANGED,
                                 extra_data={'avatar_source': avatar_source},
-                                 event_time=event_time)
+                                 event_time=event_time, acting_user=acting_user)

    if not skip_notify:
        notify_avatar_url_change(user_profile)

-def do_delete_avatar_image(user: UserProfile) -> None:
-    do_change_avatar_fields(user, UserProfile.AVATAR_FROM_GRAVATAR)
+def do_delete_avatar_image(user: UserProfile, acting_user: Optional[UserProfile]=None) -> None:
+    do_change_avatar_fields(user, UserProfile.AVATAR_FROM_GRAVATAR, acting_user=acting_user)
    delete_avatar_image(user)

 def do_change_icon_source(realm: Realm, icon_source: str, log: bool=True) -> None:
--- a/zerver/lib/create_user.py
+++ b/zerver/lib/create_user.py
@ -40,7 +40,7 @@ def copy_user_settings(source_profile: UserProfile, target_profile: UserProfile)
    if source_profile.avatar_source == UserProfile.AVATAR_FROM_USER:
        from zerver.lib.actions import do_change_avatar_fields
        do_change_avatar_fields(target_profile, UserProfile.AVATAR_FROM_USER,
-                                skip_notify=True)
+                                skip_notify=True, acting_user=target_profile)
        copy_avatar(source_profile, target_profile)

    copy_hotpots(source_profile, target_profile)
--- a/zerver/lib/import_realm.py
+++ b/zerver/lib/import_realm.py
@ -751,7 +751,7 @@ def import_uploads(realm: Realm, import_dir: Path, processes: int, processing_av
                        user_profile.id,
                    )
                    # Delete the record of the avatar to avoid 404s.
-                    do_change_avatar_fields(user_profile, UserProfile.AVATAR_FROM_GRAVATAR)
+                    do_change_avatar_fields(user_profile, UserProfile.AVATAR_FROM_GRAVATAR, acting_user=None)
            return 0

        if processes == 1:
--- a/zerver/tests/test_audit_log.py
+++ b/zerver/tests/test_audit_log.py
@ -115,8 +115,9 @@ class TestRealmAuditLog(ZulipTestCase):
        now = timezone_now()
        user = self.example_user('hamlet')
        avatar_source = 'G'
-        do_change_avatar_fields(user, avatar_source)
+        do_change_avatar_fields(user, avatar_source, acting_user=user)
        self.assertEqual(RealmAuditLog.objects.filter(event_type=RealmAuditLog.USER_AVATAR_SOURCE_CHANGED,
+                                                      modified_user=user, acting_user=user,
                                                      event_time__gte=now).count(), 1)
        self.assertEqual(avatar_source, user.avatar_source)

--- a/zerver/tests/test_events.py
+++ b/zerver/tests/test_events.py
@ -1308,7 +1308,7 @@ class NormalActionsTest(BaseAction):
            ])),
        ])
        events = self.verify_action(
-            lambda: do_change_avatar_fields(self.user_profile, UserProfile.AVATAR_FROM_USER),
+            lambda: do_change_avatar_fields(self.user_profile, UserProfile.AVATAR_FROM_USER, acting_user=self.user_profile),
        )
        schema_checker('events[0]', events[0])

@ -1324,7 +1324,7 @@ class NormalActionsTest(BaseAction):
            ])),
        ])
        events = self.verify_action(
-            lambda: do_change_avatar_fields(self.user_profile, UserProfile.AVATAR_FROM_GRAVATAR),
+            lambda: do_change_avatar_fields(self.user_profile, UserProfile.AVATAR_FROM_GRAVATAR, acting_user=self.user_profile),
        )
        schema_checker('events[0]', events[0])

@ -1883,7 +1883,7 @@ class NormalActionsTest(BaseAction):

    def test_change_bot_avatar_source(self) -> None:
        bot = self.create_bot('test')
-        action = lambda: do_change_avatar_fields(bot, bot.AVATAR_FROM_USER)
+        action = lambda: do_change_avatar_fields(bot, bot.AVATAR_FROM_USER, acting_user=self.user_profile)
        events = self.verify_action(action, num_events=2)
        self.realm_bot_schema('avatar_url', check_string)('events[0]', events[0])
        self.assertEqual(events[1]['type'], 'realm_user')
--- a/zerver/tests/test_upload.py
+++ b/zerver/tests/test_upload.py
@ -1105,7 +1105,7 @@ class AvatarTest(UploadSerializeMixin, ZulipTestCase):
        self.assertTrue(os.path.isfile(avatar_original_path_id))
        self.assertTrue(os.path.isfile(avatar_medium_path_id))

-        zerver.lib.actions.do_delete_avatar_image(user)
+        zerver.lib.actions.do_delete_avatar_image(user, acting_user=user)

        self.assertEqual(user.avatar_source, UserProfile.AVATAR_FROM_GRAVATAR)
        self.assertFalse(os.path.isfile(avatar_path_id))
@ -1770,7 +1770,7 @@ class S3Test(ZulipTestCase):
        self.assertIsNotNone(bucket.Object(avatar_original_image_path_id))
        self.assertIsNotNone(bucket.Object(avatar_medium_path_id))

-        zerver.lib.actions.do_delete_avatar_image(user)
+        zerver.lib.actions.do_delete_avatar_image(user, acting_user=user)

        self.assertEqual(user.avatar_source, UserProfile.AVATAR_FROM_GRAVATAR)

--- a/zerver/views/user_settings.py
+++ b/zerver/views/user_settings.py
@ -247,7 +247,7 @@ def set_avatar_backend(request: HttpRequest, user_profile: UserProfile) -> HttpR
            settings.MAX_AVATAR_FILE_SIZE,
        ))
    upload_avatar_image(user_file, user_profile, user_profile)
-    do_change_avatar_fields(user_profile, UserProfile.AVATAR_FROM_USER)
+    do_change_avatar_fields(user_profile, UserProfile.AVATAR_FROM_USER, acting_user=user_profile)
    user_avatar_url = avatar_url(user_profile)

    json_result = dict(
@ -259,7 +259,7 @@ def delete_avatar_backend(request: HttpRequest, user_profile: UserProfile) -> Ht
    if avatar_changes_disabled(user_profile.realm) and not user_profile.is_realm_admin:
        return json_error(AVATAR_CHANGES_DISABLED_ERROR)

-    do_change_avatar_fields(user_profile, UserProfile.AVATAR_FROM_GRAVATAR)
+    do_change_avatar_fields(user_profile, UserProfile.AVATAR_FROM_GRAVATAR, acting_user=user_profile)
    gravatar_url = avatar_url(user_profile)

    json_result = dict(
--- a/zerver/views/users.py
+++ b/zerver/views/users.py
@ -275,7 +275,7 @@ def patch_bot_backend(
        user_file = list(request.FILES.values())[0]
        upload_avatar_image(user_file, user_profile, bot)
        avatar_source = UserProfile.AVATAR_FROM_USER
-        do_change_avatar_fields(bot, avatar_source)
+        do_change_avatar_fields(bot, avatar_source, acting_user=user_profile)
    else:
        return json_error(_("You may only upload one file at a time"))

--- a/zilencer/management/commands/add_mock_conversation.py
+++ b/zilencer/management/commands/add_mock_conversation.py
@ -38,7 +38,7 @@ From image editing program:

    def set_avatar(self, user: UserProfile, filename: str) -> None:
        upload_avatar_image(open(filename, 'rb'), user, user)
-        do_change_avatar_fields(user, UserProfile.AVATAR_FROM_USER)
+        do_change_avatar_fields(user, UserProfile.AVATAR_FROM_USER, acting_user=None)

    def add_message_formatting_conversation(self) -> None:
        realm = get_realm('zulip')
--- a/zproject/backends.py
+++ b/zproject/backends.py
@ -545,7 +545,7 @@ class ZulipLDAPAuthBackendBase(ZulipAuthMixin, LDAPBackend):
            content_type = magic.from_buffer(copy.deepcopy(io).read()[0:1024], mime=True)
            if content_type.startswith("image/"):
                upload_avatar_image(io, user, user, content_type=content_type)
-                do_change_avatar_fields(user, UserProfile.AVATAR_FROM_USER)
+                do_change_avatar_fields(user, UserProfile.AVATAR_FROM_USER, acting_user=None)
                # Update avatar hash.
                user.avatar_hash = user_avatar_content_hash(ldap_avatar)
                user.save(update_fields=["avatar_hash"])