3pp-mirror/penpot
1
0
Fork 0
mirror of https://github.com/penpot/penpot.git synced 2025-08-06 11:08:29 +02:00
Code Issues Projects Releases Packages Wiki Activity

Add proper audit log for invitations

Browse source
This commit is contained in:
Andrey Antukh 2023-02-23 16:26:31 +01:00
parent 475b6ff6e0
commit f0c0e5e43a
8 changed files with 105 additions and 95 deletions
Download patch file Download diff file Expand all files Collapse all files

19
backend/src/app/rpc/commands/verify_token.clj
View file

@ -158,11 +158,10 @@
(let [profile (accept-invitation cfg claims invitation profile)]
(-> (assoc claims :state :created)
(rph/with-meta {::audit/name "accept-team-invitation"
::audit/props (merge
(audit/profile->props profile)
{:team-id (:team-id claims)
:role (:role claims)})
::audit/profile-id profile-id})))
::audit/profile-id (:id profile)
::audit/props {:team-id (:team-id claims)
:role (:role claims)
:invitation-id (:id invitation)}})))
(ex/raise :type :validation
:code :invalid-token
@ -181,12 +180,10 @@
(-> (assoc claims :state :created)
(rph/with-transform (session/create-fn session (:id profile)))
(rph/with-meta {::audit/name "accept-team-invitation"
::audit/props (merge
(audit/profile->props profile)
{:team-id (:team-id claims)
:role (:role claims)})
::audit/profile-id member-id})))
::audit/profile-id (:id profile)
::audit/props {:team-id (:team-id claims)
:role (:role claims)
:invitation-id (:id invitation)}})))
{:invitation-token token
:iss :team-invitation
:redirect-to :auth-register