Skip to content

Deactivate users + store last cnx timestamp #2135

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

Deactivate users + store last cnx timestamp #2135

wants to merge 1 commit into from

Conversation

NicolasToussaint
Copy link
Member

There are two GDPR related features in this PR:

Description

Deactivate users:
New user status to prevent users from logging in (or using existing tokens) without removing the account altogether.
This is handy to block account left unused for a long time, or block users (for ex. because they left the company) while keeping decision history as it is.
If user is logged in wile being deactivated, s·he is not kicked out

Store the "last connection date" for each user as a timestamp in the database
This is necessary to detect accounts left unused for some time. As simple SQL script can then list all users who have not connected for 6 months for example.

Future features

  • Another anonymized user status might be handy to keep the users in the database while allowing the removal of their private data (username & email address)
  • automate the deactivation of users who have not logged in for a configurable time

Changes

  • Two new columns in the users database table
  • changes in the authentication code
  • changed in the user edition page

How to test

Create user test_a

No last_connection is stored, default status is active

fossology=# select user_pk,user_name,last_connection,user_status from users;
 user_pk |  user_name   |        last_connection        | user_status
---------+--------------+-------------------------------+-------------
       2 | Default User |                               | active
       3 | fossy        | 2021-12-29 14:05:56.671283+00 | active
       4 | test_a       |                               | active
(3 rows)

Generate a token and test REST API access:

$ curl --cacert ./ca-certificates.crt -s -S -H "Authorization:Bearer $FOSSOLOGY_TOKEN" -X GET  "$FOSSOLOGY_URL/folders"
[{"id":1,"name":"Software Repository","description":"Top Folder","parent":null}]%

Log in with user test_a

Its last_connection is updated

fossology=# select user_pk,user_name,last_connection,user_status from users;
 user_pk |  user_name   |        last_connection        | user_status
---------+--------------+-------------------------------+-------------
       2 | Default User |                               | active
       3 | fossy        | 2021-12-29 14:05:56.671283+00 | active
       4 | test_a       | 2021-12-29 14:08:02.522877+00 | active
(3 rows)

Log out and back in with fossy

The last_connection is updated

fossology=# select user_pk,user_name,last_connection,user_status from users;
 user_pk |  user_name   |        last_connection        | user_status
---------+--------------+-------------------------------+-------------
       2 | Default User |                               | active
       4 | test_a       | 2021-12-29 14:08:02.522877+00 | active
       3 | fossy        | 2021-12-29 14:08:21.474793+00 | active
(3 rows)

Deactivate user

image

Database is updated:

fossology=# select user_pk,user_name,last_connection,user_status from users;
 user_pk |  user_name   |        last_connection        | user_status
---------+--------------+-------------------------------+-------------
       2 | Default User |                               | active
       3 | fossy        | 2021-12-29 14:08:21.474793+00 | active
       4 | test_a       | 2021-12-29 14:08:02.522877+00 | inactive
(3 rows)

Check user cannot log back in & use token

image

curl --cacert ./ca-certificates.crt -s -S -H "Authorization:Bearer $FOSSOLOGY_TOKEN" -X GET  "$FOSSOLOGY_URL/folders"
{"code":403,"message":"User inactive.","type":"ERROR"}%

@NicolasToussaint NicolasToussaint marked this pull request as draft December 29, 2021 15:33
@NicolasToussaint
Copy link
Member Author

Closing for separate updated PR

@NicolasToussaint NicolasToussaint deleted the feat/deactivate-users_last-cnx-date branch December 29, 2021 16:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@GMishx GMishx Awaiting requested review from GMishx

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@NicolasToussaint