Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Log contains now username when user gets deleted #4222

Merged
merged 2 commits into from
Oct 7, 2024
+16 −3
Merged

Log contains now username when user gets deleted #4222

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
ca6de5c
Log contains now username when user gets deleted
Gepardgame Oct 7, 2024
ddf097f
Added test for Oidc user deletion
Gepardgame Oct 7, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 3 additions & 3 deletions src/main/java/org/dependencytrack/resources/v1/UserResource.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -453,7 +453,7 @@ public Response deleteLdapUser(LdapUser jsonUser) {
if (user != null) {
final LdapUser detachedUser = qm.getPersistenceManager().detachCopy(user);
qm.delete(user);
super.logSecurityEvent(LOGGER, SecurityMarkers.SECURITY_AUDIT, "LDAP user deleted: " + detachedUser);
super.logSecurityEvent(LOGGER, SecurityMarkers.SECURITY_AUDIT, "LDAP user deleted: " + detachedUser.getUsername());
Notification.dispatch(new Notification()
.scope(NotificationScope.SYSTEM)
.group(NotificationGroup.USER_DELETED)
Expand Down Expand Up @@ -593,7 +593,7 @@ public Response deleteManagedUser(ManagedUser jsonUser) {
if (user != null) {
final ManagedUser detachedUser = qm.getPersistenceManager().detachCopy(user);
qm.delete(user);
super.logSecurityEvent(LOGGER, SecurityMarkers.SECURITY_AUDIT, "Managed user deleted: " +detachedUser);
super.logSecurityEvent(LOGGER, SecurityMarkers.SECURITY_AUDIT, "Managed user deleted: " + detachedUser.getUsername());
Notification.dispatch(new Notification()
.scope(NotificationScope.SYSTEM)
.group(NotificationGroup.USER_DELETED)
Expand Down Expand Up @@ -670,7 +670,7 @@ public Response deleteOidcUser(final OidcUser jsonUser) {
if (user != null) {
final OidcUser detachedUser = qm.getPersistenceManager().detachCopy(user);
qm.delete(user);
super.logSecurityEvent(LOGGER, SecurityMarkers.SECURITY_AUDIT, "OpenID Connect user deleted: " + detachedUser);
super.logSecurityEvent(LOGGER, SecurityMarkers.SECURITY_AUDIT, "OpenID Connect user deleted: " + detachedUser.getUsername());
Notification.dispatch(new Notification()
.scope(NotificationScope.SYSTEM)
.group(NotificationGroup.USER_DELETED)
Expand Down
13 changes: 13 additions & 0 deletions src/test/java/org/dependencytrack/resources/v1/UserResourceAuthenticatedTest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -499,6 +499,19 @@ public void createOidcUserDuplicateUsernameTest() {
Assert.assertEquals("A user with the same username already exists. Cannot create new user.", body);
}

@Test
public void deleteOidcUserTest() {
qm.createOidcUser("blackbeard");
OidcUser user = new OidcUser();
user.setUsername("blackbeard");
Response response = jersey.target(V1_USER + "/oidc").request()
.header(X_API_KEY, apiKey)
.property(ClientProperties.SUPPRESS_HTTP_COMPLIANCE_VALIDATION, true) // HACK
.method("DELETE", Entity.entity(user, MediaType.APPLICATION_JSON)); // HACK
// Hack: Workaround to https://github.com/eclipse-ee4j/jersey/issues/3798
Assert.assertEquals(204, response.getStatus(), 0);
}

@Test
public void addTeamToUserTest() {
qm.createManagedUser("blackbeard", "Captain BlackBeard", "blackbeard@example.com", TEST_USER_PASSWORD_HASH, false, false, false);
Expand Down
Loading