From f7bb394236eb11a2b203c9de8eff88f187b9d737 Mon Sep 17 00:00:00 2001 From: Philipp Hofer Date: Sat, 17 May 2025 09:48:45 +0200 Subject: [PATCH] remove more logs w/ activities --- src/model/activity.rs | 68 ++++++++++++++++++++++++++--- src/model/user/mod.rs | 67 +++++++++------------------- src/tera/admin/user.rs | 8 +++- src/tera/auth.rs | 4 +- templates/admin/user/view.html.tera | 6 ++- 5 files changed, 94 insertions(+), 59 deletions(-) diff --git a/src/model/activity.rs b/src/model/activity.rs index 5a83180..5586892 100644 --- a/src/model/activity.rs +++ b/src/model/activity.rs @@ -17,10 +17,31 @@ pub struct Activity { pub keep_until: Option, } +#[derive(Serialize, Deserialize, Debug)] +pub struct ActivityWithDetails { + #[serde(flatten)] + pub(crate) activity: Activity, + keep_until_days: Option, +} + +impl From for ActivityWithDetails { + fn from(activity: Activity) -> Self { + let keep_until_days = activity.keep_until.map(|keep_until| { + let now = Utc::now().naive_utc(); + let duration = keep_until.signed_duration_since(now); + duration.num_days() + }); + + Self { + keep_until_days, + activity, + } + } +} + // TODO: add `reason` as additional db field, to be able to query and show this to the users pub enum Reason<'a> { - // `User` tried to login with `String` as UserAgent - SuccLogin(&'a User, String), + Auth(ReasonAuth<'a>), // `User` changed the data of `User`, explanation in `String` UserDataChange(&'a ManageUserUser, &'a User, String), // New Note for User @@ -30,11 +51,7 @@ pub enum Reason<'a> { impl From> for ActivityBuilder { fn from(value: Reason<'_>) -> Self { match value { - Reason::SuccLogin(user, agent) => { - Self::new(&format!("{user} hat sich eingeloggt (User-Agent: {agent})")) - .relevant_for_user(user) - .keep_until_days(7) - } + Reason::Auth(auth) => auth.into(), Reason::UserDataChange(changed_by, changed_user, explanation) => Self::new(&format!( "{changed_by} hat die Daten von {changed_user} aktualisiert: {explanation}" )) @@ -46,6 +63,43 @@ impl From> for ActivityBuilder { } } +pub enum ReasonAuth<'a> { + // `User` tried to login with `String` as UserAgent + SuccLogin(&'a User, String), + // `User` tried to login which was already deleted + DeletedUserLogin(&'a User), + // `User` tried to login, supplied wrong PW + WrongPw(&'a User), +} + +impl<'a> From> for Reason<'a> { + fn from(auth_reason: ReasonAuth<'a>) -> Self { + Reason::Auth(auth_reason) + } +} + +impl From> for ActivityBuilder { + fn from(value: ReasonAuth<'_>) -> Self { + match value { + ReasonAuth::SuccLogin(user, agent) => { + Self::new(&format!("{user} hat sich eingeloggt (User-Agent: {agent})")) + .relevant_for_user(user) + .keep_until_days(7) + } + ReasonAuth::DeletedUserLogin(user) => Self::new(&format!( + "User {user} wollte sich einloggen, klappte jedoch nicht weil er gelöscht wurde." + )) + .relevant_for_user(user) + .keep_until_days(30), + ReasonAuth::WrongPw(user) => Self::new(&format!( + "User {user} wollte sich einloggen, hat jedoch das falsche Passwort angegeben." + )) + .relevant_for_user(user) + .keep_until_days(7), + } + } +} + pub struct ActivityBuilder { text: String, relevant_for: String, diff --git a/src/model/user/mod.rs b/src/model/user/mod.rs index 34fed45..a94b996 100644 --- a/src/model/user/mod.rs +++ b/src/model/user/mod.rs @@ -13,7 +13,7 @@ use rocket::{ use serde::{Deserialize, Serialize}; use sqlx::{FromRow, Sqlite, SqlitePool, Transaction}; -use super::activity::ActivityBuilder; +use super::activity::{ActivityBuilder, ReasonAuth}; use super::{ log::Log, logbook::Logbook, @@ -465,51 +465,27 @@ ASKÖ Ruderverein Donau Linz", self.name), pub async fn login(db: &SqlitePool, name: &str, pw: &str) -> Result { let name = name.trim().to_lowercase(); // just to make sure... let Some(user) = User::find_by_name(db, &name).await else { - if ![ - "n-sageder", - "p-hofer", - "marie-birner", - "daniel-kortschak", - "rudernlinz", - "m-birner", - "s-sollberger", - "d-kortschak", - "wwwadmin", - "wadminw", - "admin", - "m sageder", - "d kortschak", - "a almousa", - "p hofer", - "s sollberger", - "n sageder", - "wp-system", - "s.sollberger", - "m.birner", - "m-sageder", - "a-almousa", - "m.sageder", - "n.sageder", - "a.almousa", - "p.hofer", - "philipp-hofer", - "d.kortschak", - "[login]", - ] - .contains(&name.as_str()) - { - Log::create(db, format!("Username ({name}) not found (tried to login)")).await; - } + Log::create(db, format!("Username ({name}) not found (tried to login)")).await; return Err(LoginError::InvalidAuthenticationCombo); // Username not found }; if user.deleted { - ActivityBuilder::new(&format!( + if let Some(board) = Role::find_by_name(db, "Vorstand").await { + Notification::create_for_role( + db, + &board, + &format!( "User {user} wollte sich einloggen, klappte jedoch nicht weil er gelöscht wurde." - )) - .relevant_for_user(&user) - .save(db) - .await; + ), + "Fehlgeschlagener Login", + None, + None, + ) + .await; + } + ActivityBuilder::from(ReasonAuth::DeletedUserLogin(&user)) + .save(db) + .await; return Err(LoginError::InvalidAuthenticationCombo); //User existed sometime ago; has //been deleted } @@ -519,12 +495,9 @@ ASKÖ Ruderverein Donau Linz", self.name), if password_hash == user_pw { return Ok(user); } - ActivityBuilder::new(&format!( - "User {user} wollte sich einloggen, hat jedoch das falsche Passwort angegeben." - )) - .relevant_for_user(&user) - .save(db) - .await; + ActivityBuilder::from(ReasonAuth::WrongPw(&user)) + .save(db) + .await; Err(LoginError::InvalidAuthenticationCombo) } else { info!("User {name} has no PW set"); diff --git a/src/tera/admin/user.rs b/src/tera/admin/user.rs index 9e61844..17246a3 100644 --- a/src/tera/admin/user.rs +++ b/src/tera/admin/user.rs @@ -1,6 +1,6 @@ use crate::{ model::{ - activity::Activity, + activity::{Activity, ActivityWithDetails}, family::Family, log::Log, logbook::Logbook, @@ -141,7 +141,11 @@ async fn view( let member = Member::from(db, user.clone()).await; let fee = user.fee(db).await; - let activities = Activity::for_user(db, &user).await; + let activities: Vec = Activity::for_user(db, &user) + .await + .into_iter() + .map(Into::into) + .collect(); let financial = Role::all_cluster(db, "financial").await; let user_financial = user.financial(db).await; let skill = Role::all_cluster(db, "skill").await; diff --git a/src/tera/auth.rs b/src/tera/auth.rs index 425ce22..8a2340c 100644 --- a/src/tera/auth.rs +++ b/src/tera/auth.rs @@ -14,7 +14,7 @@ use rocket_dyn_templates::{context, tera, Template}; use sqlx::SqlitePool; use crate::model::{ - activity::{self, ActivityBuilder}, + activity::{self, ActivityBuilder, ReasonAuth}, log::Log, user::{LoginError, User}, }; @@ -83,7 +83,7 @@ async fn login( cookies.add_private(Cookie::new("loggedin_user", format!("{}", user.id))); - ActivityBuilder::from(activity::Reason::SuccLogin(&user, agent.0)) + ActivityBuilder::from(ReasonAuth::SuccLogin(&user, agent.0)) .save(db) .await; diff --git a/templates/admin/user/view.html.tera b/templates/admin/user/view.html.tera index ce1e54e..52b7014 100644 --- a/templates/admin/user/view.html.tera +++ b/templates/admin/user/view.html.tera @@ -411,7 +411,11 @@
    {% for activity in activities %}
  • - {{ activity.created_at | date(format="%d. %m. %Y") }}: {{ activity.text }} + {{ activity.created_at | date(format="%d. %m. %Y") }}: {{ activity.text }} + {% if activity.keep_until_days %} + (⏳ {{ activity.keep_until_days }} Tage) + {% endif %} +
    • {% else %}
  • Noch keine Aktivität... Stay tuned 😆