Merge branch 'develop' into oy2-31834

Enterprise-CMCS · Dec 19, 2024 · eca777e · eca777e
2 parents 26d9800 + 05ac99d
commit eca777e
Show file tree

Hide file tree

Showing 4 changed files with 30 additions and 3 deletions.
diff --git a/services/app-api/getMyUserList.js b/services/app-api/getMyUserList.js
@@ -8,6 +8,7 @@ import {
   getActiveTerritories,
 } from "cmscommonlib";
 import { getUser } from "./getUser";
+import { logAttempt } from "./utils/logAttempt";
 
 export const buildParams = (role, territory) => {
   const startParams = {
@@ -52,15 +53,18 @@ export const buildParams = (role, territory) => {
 };
 
 export const getMyUserList = async (event) => {
+  const ipAddress = event.requestContext.identity.sourceIp;
   try {
     // get the rest of the details about the current user
     const doneBy = await getUser(event.queryStringParameters.email);
 
     if (!doneBy) {
+      logAttempt("getMyUserList", false, ipAddress);
       return RESPONSE_CODE.USER_NOT_FOUND;
     }
 
     if (!getUserRoleObj(doneBy?.roleList).canAccessUserManagement) {
+      logAttempt("getMyUserList", false, ipAddress, doneBy);
       return RESPONSE_CODE.USER_NOT_AUTHORIZED;
     }
 
@@ -76,6 +80,7 @@ export const getMyUserList = async (event) => {
       buildParams(umRole, territories.shift())
     );
 
+    logAttempt("getMyUserList", true, ipAddress, doneBy);
     return listResult.Items;
   } catch (e) {
     console.log("getMyUserList exception? ", e);

diff --git a/services/app-api/getUser.js b/services/app-api/getUser.js
@@ -2,13 +2,15 @@ import handler from "./libs/handler-lib";
 import dynamoDb from "./libs/dynamodb-lib";
 
 import { getUserRoleObj } from "cmscommonlib";
+import { logAttempt } from "./utils/logAttempt";
 
 /**
  * returns the User Table entry who's id is this email
  * @param {String} userEmail User to return
+ * @param {String} ipAddress users ip address
  * @returns {Object} the User json object
  */
-export const getUser = async (userEmail) => {
+export const getUser = async (userEmail, ipAddress) => {
   const cParams = {
     TableName: process.env.oneMacTableName,
     // 'Key' defines the partition key and sort key of the item to be retrieved
@@ -20,6 +22,7 @@ export const getUser = async (userEmail) => {
     ProjectionExpression: "email, fullName, phoneNumber",
   };
 
+  console.log("cParams", cParams);
   const params = {
     TableName: process.env.oneMacTableName,
     // 'Key' defines the partition key and sort key of the item to be retrieved
@@ -48,6 +51,7 @@ export const getUser = async (userEmail) => {
     }
   } catch (dbError) {
     console.log(`Error happened while reading from DB:  ${dbError}`);
+    logAttempt("getUser", false, ipAddress);
     throw dbError;
   }
 
@@ -63,13 +67,17 @@ export const getUser = async (userEmail) => {
   const returnUser = cResult.Item;
   returnUser.roleList = result.Items;
   console.log(`Selected User ${userEmail}: ${JSON.stringify(returnUser)}`);
+  logAttempt("getUser", true, ipAddress);
   return returnUser;
 };
 
 // Gets owns user data from User DynamoDB table
 export const main = handler(async (event) => {
-  const userItem = (await getUser(event.queryStringParameters.email)) ?? {};
+  const userItem =
+    (await getUser(
+      event.queryStringParameters.email,
+      event.requestContext.identity.sourceIp
+    )) ?? {};
   userItem.validRoutes = getUserRoleObj(userItem.roleList).getAccesses();
-
   return userItem;
 });
diff --git a/services/app-api/updateUserStatus.js b/services/app-api/updateUserStatus.js
@@ -13,6 +13,7 @@ import { saveEmail } from "./utils/saveEmail";
 import { getUser } from "./getUser";
 import { changeUserStatus } from "./utils/changeUserStatus";
 import { getMyApprovers } from "./getMyApprovers";
+import { logAttempt } from "./utils/logAttempt";
 
 const statusLabels = {
   [USER_STATUS.ACTIVE]: "granted",
@@ -84,10 +85,12 @@ export const doUpdate = async (body, doneBy, doneTo) => {
 export const updateUserStatus = async (event) => {
   let body;
   const rightNowNormalized = Date.now();
+  const ipAddress = event.requestContext.identity.sourceIp;
 
   try {
     body = JSON.parse(event.body);
   } catch (e) {
+    logAttempt("updateUserStatus", false, ipAddress);
     console.error("Failed to parse body", e);
     return RESPONSE_CODE.USER_SUBMISSION_FAILED;
   }
@@ -100,6 +103,7 @@ export const updateUserStatus = async (event) => {
       getUser(body.email),
     ]);
   } catch (e) {
+    logAttempt("updateUserStatus", false, ipAddress);
     console.error("Could not fetch relevant user info", e);
     return RESPONSE_CODE.USER_NOT_FOUND;
   }
@@ -155,9 +159,11 @@ export const updateUserStatus = async (event) => {
       );
     }
   } catch (e) {
+    logAttempt("updateUserStatus", false, ipAddress, body.user);
     console.log("failed to send email: ", e);
   }
 
+  logAttempt("updateUserStatus", true, ipAddress, body.user);
   return RESPONSE_CODE.USER_SUBMITTED;
 };
 

diff --git a/services/app-api/utils/logAttempt.js b/services/app-api/utils/logAttempt.js
@@ -0,0 +1,8 @@
+export const logAttempt = (functionName, attemptType, ipAddress, user) => {
+  const currentTimeStamp = new Date().toISOString();
+  ipAddress = ipAddress ?? "Not found";
+  const attemptStatus = attemptType ? "success" : "failure";
+  const role = user ? user.role : "Not found";
+  const message = `attempts ${functionName}: ${attemptStatus} | request timestamp: ${currentTimeStamp} | userRole: ${role} | IP address: ${ipAddress}`;
+  console.log(message);
+};