From 8215ee19c6117581ba90aaf8bc685bb5bc7257ee Mon Sep 17 00:00:00 2001 From: Jens L Date: Mon, 8 May 2023 15:34:21 +0200 Subject: [PATCH] events: include event user in webhook notification (#5524) * events: include event user in webhook notification Signed-off-by: Jens Langhammer * update other transports Signed-off-by: Jens Langhammer --------- Signed-off-by: Jens Langhammer --- authentik/events/models.py | 19 ++++++++++++++++++- authentik/events/tests/test_transports.py | 3 +++ authentik/providers/oauth2/tests/utils.py | 1 - authentik/root/test_runner.py | 1 + tests/e2e/utils.py | 2 -- website/docs/events/transports.md | 8 ++++++-- 6 files changed, 28 insertions(+), 6 deletions(-) diff --git a/authentik/events/models.py b/authentik/events/models.py index ef4fd9081..50ec8a71b 100644 --- a/authentik/events/models.py +++ b/authentik/events/models.py @@ -353,6 +353,9 @@ class NotificationTransport(SerializerModel): "user_email": notification.user.email, "user_username": notification.user.username, } + if notification.event and notification.event.user: + default_body["event_user_email"] = notification.event.user.get("email", None) + default_body["event_user_username"] = notification.event.user.get("username", None) if self.webhook_mapping: default_body = sanitize_item( self.webhook_mapping.evaluate( @@ -391,6 +394,14 @@ class NotificationTransport(SerializerModel): }, ] if notification.event: + if notification.event.user: + fields.append( + { + "title": _("Event user"), + "value": str(notification.event.user.get("username")), + "short": True, + }, + ) for key, value in notification.event.context.items(): if not isinstance(value, str): continue @@ -429,7 +440,13 @@ class NotificationTransport(SerializerModel): def send_email(self, notification: "Notification") -> list[str]: """Send notification via global email configuration""" subject = "authentik Notification: " - key_value = {} + key_value = { + "user_email": notification.user.email, + "user_username": notification.user.username, + } + if notification.event and notification.event.user: + key_value["event_user_email"] = notification.event.user.get("email", None) + key_value["event_user_username"] = notification.event.user.get("username", None) if notification.event: subject += notification.event.action for key, value in notification.event.context.items(): diff --git a/authentik/events/tests/test_transports.py b/authentik/events/tests/test_transports.py index f1111e4b5..3633f1ed5 100644 --- a/authentik/events/tests/test_transports.py +++ b/authentik/events/tests/test_transports.py @@ -52,6 +52,8 @@ class TestEventTransports(TestCase): "severity": "alert", "user_email": self.user.email, "user_username": self.user.username, + "event_user_email": self.user.email, + "event_user_username": self.user.username, }, ) @@ -107,6 +109,7 @@ class TestEventTransports(TestCase): "value": self.user.username, "short": True, }, + {"short": True, "title": "Event user", "value": self.user.username}, {"title": "foo", "value": "bar,"}, ], "footer": f"authentik {get_full_version()}", diff --git a/authentik/providers/oauth2/tests/utils.py b/authentik/providers/oauth2/tests/utils.py index 18c1809f2..77bad3252 100644 --- a/authentik/providers/oauth2/tests/utils.py +++ b/authentik/providers/oauth2/tests/utils.py @@ -25,7 +25,6 @@ class OAuthTestCase(TestCase): def setUpClass(cls) -> None: cls.keypair = create_test_cert() super().setUpClass() - cls.maxDiff = None def assert_non_none_or_unset(self, container: dict, key: str): """Check that a key, if set, is not none""" diff --git a/authentik/root/test_runner.py b/authentik/root/test_runner.py index 4f3adbdc8..8f00ff85e 100644 --- a/authentik/root/test_runner.py +++ b/authentik/root/test_runner.py @@ -8,6 +8,7 @@ from authentik.lib.config import CONFIG from authentik.lib.sentry import sentry_init from tests.e2e.utils import get_docker_tag +# globally set maxDiff to none to show full assert error TestCase.maxDiff = None diff --git a/tests/e2e/utils.py b/tests/e2e/utils.py index 2638097c4..bcd8bf855 100644 --- a/tests/e2e/utils.py +++ b/tests/e2e/utils.py @@ -54,8 +54,6 @@ class SeleniumTestCase(StaticLiveServerTestCase): if IS_CI: print("::group::authentik Logs", file=stderr) super().setUp() - # pylint: disable=invalid-name - self.maxDiff = None self.wait_timeout = 60 self.driver = self._get_driver() self.driver.implicitly_wait(30) diff --git a/website/docs/events/transports.md b/website/docs/events/transports.md index 3a52be419..3e95fdc6e 100644 --- a/website/docs/events/transports.md +++ b/website/docs/events/transports.md @@ -12,8 +12,12 @@ This will send a POST request to the given URL with the following contents: { "body": "body of the notification message", "severity": "severity level as configured in the trigger", - "user_email": "user's email", - "user_username": "user's username" + // User that the notification was created for, i.e. a member of the group selected in the rule + "user_email": "notification user's email", + "user_username": "notification user's username", + // User that created the event + "event_user_email": "event user's email", + "event_user_username": "event user's username" } ```