✨ Add some improvements to the auditlog module.

backend/src/app/config.clj

@@ -270,8 +270,9 @@
                    ::tenant]))
 
 (defn- parse-flags
-  [{:keys [flags]}]
+  [config]
-  (flags/parse flags flags/default))
+  (-> (:flags config)
+      (flags/parse flags/default)))
 
 (defn read-env
   [prefix]

backend/src/app/loggers/audit.clj

@@ -36,6 +36,7 @@
   [profile]
   (-> profile
       (select-keys [:is-active :is-muted :auth-backend :email :default-team-id :default-project-id :fullname :lang])
+      (merge (:props profile))
       (d/without-nils)))
 
 (defn clean-props

backend/src/app/rpc.clj

@@ -119,7 +119,8 @@
                                (::audit/profile-id resultm))
                 props      (d/merge params' (::audit/props resultm))]
             (audit :cmd :submit
-                   :type (::type cfg)
+                   :type (or (::audit/type resultm)
+                             (::type cfg))
                    :name (or (::audit/name resultm)
                              (::sv/name mdata))
                    :profile-id profile-id

backend/src/app/rpc/mutations/profile.clj

@@ -197,7 +197,6 @@
               ptoken (tokens :generate-predefined
                              {:iss :profile-identity
                               :profile-id (:id profile)})]
-
           (eml/send! {::eml/conn conn
                       ::eml/factory eml/register
                       :public-uri (:public-uri cfg)
@@ -351,11 +350,14 @@
 
 (defn- update-profile
   [conn {:keys [id fullname lang theme] :as params}]
-  (db/update! conn :profile
+  (let [profile (db/update! conn :profile
-              {:fullname fullname
+                            {:fullname fullname
-               :lang lang
+                             :lang lang
-               :theme theme}
+                             :theme theme}
-              {:id id}))
+                            {:id id})]
+    (-> profile
+        (profile/decode-profile-row)
+        (profile/strip-private-attrs))))
 
 (s/def ::update-profile
   (s/keys :req-un [::id ::fullname]
@@ -364,8 +366,9 @@
 (sv/defmethod ::update-profile
   [{:keys [pool] :as cfg} params]
   (db/with-atomic [conn pool]
-    (update-profile conn params)
+    (let [profile (update-profile conn params)]
-    nil))
+      (with-meta profile
+        {::audit/props (audit/profile->props profile)}))))
 
 ;; --- MUTATION: Update Password
 

backend/src/app/rpc/mutations/verify_token.clj

@@ -9,6 +9,7 @@
    [app.common.exceptions :as ex]
    [app.common.spec :as us]
    [app.db :as db]
+   [app.loggers.audit :as audit]
    [app.metrics :as mtx]
    [app.rpc.mutations.teams :as teams]
    [app.rpc.queries.profile :as profile]
@@ -63,7 +64,10 @@
 
     (with-meta claims
       {:transform-response ((:create session) profile-id)
-       :before-complete (annotate-profile-activation metrics)})))
+       :before-complete (annotate-profile-activation metrics)
+       ::audit/name "verify-profile-email"
+       ::audit/props (audit/profile->props profile)
+       ::audit/profile-id (:id profile)})))
 
 (defmethod process-token :auth
   [{:keys [conn] :as cfg} _params {:keys [profile-id] :as claims}]
@@ -116,8 +120,7 @@
     ;; user is already logged in with some account.
     (and (uuid? profile-id)
          (uuid? member-id))
-    (do
+    (let [profile (accept-invitation cfg claims)]
-      (accept-invitation cfg claims)
       (if (= member-id profile-id)
         ;; If the current session is already matches the invited
         ;; member, then just return the token and leave the frontend
@@ -131,27 +134,44 @@
         ;; account.
         (with-meta
           (assoc claims :state :created)
-          {:transform-response ((:create session) member-id)})))
+          {:transform-response ((:create session) member-id)
+           ::audit/name "accept-team-invitation"
+           ::audit/props (merge
+                          (audit/profile->props profile)
+                          {:team-id (:team-id claims)
+                           :role (:role claims)})
+           ::audit/profile-id profile-id})))
 
     ;; This happens when member-id is not filled in the invitation but
     ;; the user already has an account (probably with other mail) and
     ;; is already logged-in.
     (and (uuid? profile-id)
          (nil? member-id))
-    (do
+    (let [profile (accept-invitation cfg (assoc claims :member-id profile-id))]
-      (accept-invitation cfg (assoc claims :member-id profile-id))
+      (with-meta
-      (assoc claims :state :created))
+        (assoc claims :state :created)
+        {::audit/name "accept-team-invitation"
+         ::audit/props (merge
+                        (audit/profile->props profile)
+                        {:team-id (:team-id claims)
+                         :role (:role claims)})
+         ::audit/profile-id profile-id}))
 
     ;; This happens when member-id is filled but the accessing user is
     ;; not logged-in. In this case we proceed to accept invitation and
     ;; leave the user logged-in.
     (and (nil? profile-id)
          (uuid? member-id))
-    (do
+    (let [profile (accept-invitation cfg claims)]
-      (accept-invitation cfg claims)
       (with-meta
         (assoc claims :state :created)
-        {:transform-response ((:create session) member-id)}))
+        {:transform-response ((:create session) member-id)
+         ::audit/name "accept-team-invitation"
+         ::audit/props (merge
+                        (audit/profile->props profile)
+                        {:team-id (:team-id claims)
+                         :role (:role claims)})
+         ::audit/profile-id member-id}))
 
     ;; In this case, we wait until frontend app redirect user to
     ;; registeration page, the user is correctly registered and the

backend/test/app/services_profile_test.clj

@@ -89,7 +89,7 @@
 
         ;; (th/print-result! out)
         (t/is (nil? (:error out)))
-        (t/is (nil? (:result out)))))
+        (t/is (map? (:result out)))))
 
     (t/testing "query profile after update"
       (let [data {::th/type :profile