aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorChocobozzz <me@florianbigard.com>2021-01-04 09:54:48 +0100
committerChocobozzz <me@florianbigard.com>2021-01-04 09:54:48 +0100
commit2dbc170da35c9f88770653cd3114f4c59d482094 (patch)
tree0befce119e2fe3a750b000cb8b971d12e41550a3
parentafd4ee86ddb97f8d49585fddd318bedcd3ad55b8 (diff)
downloadPeerTube-2dbc170da35c9f88770653cd3114f4c59d482094.tar.gz
PeerTube-2dbc170da35c9f88770653cd3114f4c59d482094.tar.zst
PeerTube-2dbc170da35c9f88770653cd3114f4c59d482094.zip
Add missing audit log if the user deletes its account
-rw-r--r--server/controllers/api/users/index.ts4
-rw-r--r--server/controllers/api/users/me.ts9
-rw-r--r--server/tests/api/users/users-verification.ts2
3 files changed, 11 insertions, 4 deletions
diff --git a/server/controllers/api/users/index.ts b/server/controllers/api/users/index.ts
index d743a9912..c3190e731 100644
--- a/server/controllers/api/users/index.ts
+++ b/server/controllers/api/users/index.ts
@@ -305,10 +305,10 @@ async function listUsers (req: express.Request, res: express.Response) {
305async function removeUser (req: express.Request, res: express.Response) { 305async function removeUser (req: express.Request, res: express.Response) {
306 const user = res.locals.user 306 const user = res.locals.user
307 307
308 await user.destroy()
309
310 auditLogger.delete(getAuditIdFromRes(res), new UserAuditView(user.toFormattedJSON())) 308 auditLogger.delete(getAuditIdFromRes(res), new UserAuditView(user.toFormattedJSON()))
311 309
310 await user.destroy()
311
312 Hooks.runAction('action:api.user.deleted', { user }) 312 Hooks.runAction('action:api.user.deleted', { user })
313 313
314 return res.sendStatus(HttpStatusCode.NO_CONTENT_204) 314 return res.sendStatus(HttpStatusCode.NO_CONTENT_204)
diff --git a/server/controllers/api/users/me.ts b/server/controllers/api/users/me.ts
index 3d2a325fe..b786d7f59 100644
--- a/server/controllers/api/users/me.ts
+++ b/server/controllers/api/users/me.ts
@@ -1,6 +1,8 @@
1import 'multer' 1import 'multer'
2import * as express from 'express' 2import * as express from 'express'
3import { auditLoggerFactory, getAuditIdFromRes, UserAuditView } from '@server/helpers/audit-logger'
3import { UserUpdateMe, UserVideoRate as FormattedUserVideoRate, VideoSortField } from '../../../../shared' 4import { UserUpdateMe, UserVideoRate as FormattedUserVideoRate, VideoSortField } from '../../../../shared'
5import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes'
4import { UserVideoQuota } from '../../../../shared/models/users/user-video-quota.model' 6import { UserVideoQuota } from '../../../../shared/models/users/user-video-quota.model'
5import { createReqFiles } from '../../../helpers/express-utils' 7import { createReqFiles } from '../../../helpers/express-utils'
6import { getFormattedObjects } from '../../../helpers/utils' 8import { getFormattedObjects } from '../../../helpers/utils'
@@ -28,7 +30,8 @@ import { AccountVideoRateModel } from '../../../models/account/account-video-rat
28import { UserModel } from '../../../models/account/user' 30import { UserModel } from '../../../models/account/user'
29import { VideoModel } from '../../../models/video/video' 31import { VideoModel } from '../../../models/video/video'
30import { VideoImportModel } from '../../../models/video/video-import' 32import { VideoImportModel } from '../../../models/video/video-import'
31import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes' 33
34const auditLogger = auditLoggerFactory('users')
32 35
33const reqAvatarFile = createReqFiles([ 'avatarfile' ], MIMETYPES.IMAGE.MIMETYPE_EXT, { avatarfile: CONFIG.STORAGE.TMP_DIR }) 36const reqAvatarFile = createReqFiles([ 'avatarfile' ], MIMETYPES.IMAGE.MIMETYPE_EXT, { avatarfile: CONFIG.STORAGE.TMP_DIR })
34 37
@@ -159,7 +162,9 @@ async function getUserVideoRating (req: express.Request, res: express.Response)
159} 162}
160 163
161async function deleteMe (req: express.Request, res: express.Response) { 164async function deleteMe (req: express.Request, res: express.Response) {
162 const user = res.locals.oauth.token.User 165 const user = await UserModel.loadByIdWithChannels(res.locals.oauth.token.User.id)
166
167 auditLogger.delete(getAuditIdFromRes(res), new UserAuditView(user.toFormattedJSON()))
163 168
164 await user.destroy() 169 await user.destroy()
165 170
diff --git a/server/tests/api/users/users-verification.ts b/server/tests/api/users/users-verification.ts
index e05acdd72..1a9a519a0 100644
--- a/server/tests/api/users/users-verification.ts
+++ b/server/tests/api/users/users-verification.ts
@@ -104,6 +104,8 @@ describe('Test users account verification', function () {
104 }) 104 })
105 105
106 it('Should be able to change the user email', async function () { 106 it('Should be able to change the user email', async function () {
107 this.timeout(10000)
108
107 let updateVerificationString: string 109 let updateVerificationString: string
108 110
109 { 111 {