[allura] 01/02: [#8451] record blocking users in audit log

[dill0wn]

This is an automated email from the ASF dual-hosted git repository.

dill0wn pushed a commit to branch dw/8451
in repository https://gitbox.apache.org/repos/asf/allura.git

commit 73fdcca61aabdf68aed6dc5a39938bb06dcd6ea4
Author: Dillon Walls <dillon.wa...@slashdotmedia.com>
AuthorDate: Fri Aug 5 19:05:44 2022 +0000

    [#8451] record blocking users in audit log
---
 Allura/allura/app.py                         | 7 +++++--
 Allura/allura/tests/functional/test_admin.py | 8 +++++++-
 2 files changed, 12 insertions(+), 3 deletions(-)

diff --git a/Allura/allura/app.py b/Allura/allura/app.py
index e2e34db0d..fef1e6e37 100644
--- a/Allura/allura/app.py
+++ b/Allura/allura/app.py
@@ -868,10 +868,13 @@ class DefaultAdminController(BaseController, 
AdminControllerMixin):
         user = model.User.by_username(username)
         if not user:
             return dict(error='User "%s" not found' % username)
-        ace = model.ACE.deny(
-            model.ProjectRole.by_user(user, upsert=True)._id, perm, reason)
+        ace = model.ACE.deny(model.ProjectRole.by_user(user, upsert=True)._id, 
perm, reason)
         if not model.ACL.contains(ace, self.app.acl):
             self.app.acl.append(ace)
+            model.AuditLog.log('blocked user "{}" from {} for reason: 
"{}"'.format(
+                username,
+                self.app.config.options['mount_point'],
+                reason))
             return dict(user_id=str(user._id), username=user.username, 
reason=reason)
         return dict(error='User "%s" already blocked' % user.username)
 
diff --git a/Allura/allura/tests/functional/test_admin.py 
b/Allura/allura/tests/functional/test_admin.py
index 3a300e8c1..8237bf332 100644
--- a/Allura/allura/tests/functional/test_admin.py
+++ b/Allura/allura/tests/functional/test_admin.py
@@ -211,9 +211,15 @@ class TestProjectAdmin(TestController):
             r.json, dict(user_id=str(user._id), username='test-admin', 
reason='Comment'))
         user = M.User.by_username('test-admin')
         admin_role = M.ProjectRole.by_user(user)
-        app = M.Project.query.get(shortname='test').app_instance('wiki')
+        project = M.Project.query.get(shortname='test')
+        app = project.app_instance('wiki')
         ace = M.ACL.contains(M.ACE.deny(admin_role._id, 'read'), app.acl)
         assert_equals(ace.reason, 'Comment')
+        audit_log = M.AuditLog.query.find(
+            {'project_id': project._id}).sort('_id', -1).first()
+        assert 'blocked user "test-admin"' in audit_log.message
+        assert 'for reason: "Comment"' in audit_log.message
+
         r = self.app.get('/admin/wiki/permissions')
         assert '<input type="checkbox" name="user_id" value="%s">test-admin 
(Comment)' % user._id in r