Merge pull request #15090 from overleaf/em-invite-audit-logs-2

Write audit logs when user leaves or is removed from a project

GitOrigin-RevId: 7c9cf025a0266099c1afa34035a8d8db38353193

services/web/app/src/Features/Collaborators/CollaboratorsController.js

@@ -12,6 +12,7 @@ const logger = require('@overleaf/logger')
 const { expressify } = require('../../util/promises')
 const { hasAdminAccess } = require('../Helpers/AdminAuthorizationHelper')
 const TokenAccessHandler = require('../TokenAccess/TokenAccessHandler')
+const ProjectAuditLogHandler = require('../Project/ProjectAuditLogHandler')
 
 module.exports = {
   removeUserFromProject: expressify(removeUserFromProject),
@@ -25,10 +26,20 @@ module.exports = {
 async function removeUserFromProject(req, res, next) {
   const projectId = req.params.Project_id
   const userId = req.params.user_id
+  const sessionUserId = SessionManager.getLoggedInUserId(req.session)
   await _removeUserIdFromProject(projectId, userId)
   EditorRealTimeController.emitToRoom(projectId, 'project:membership:changed', {
     members: true,
   })
+
+  ProjectAuditLogHandler.addEntryInBackground(
+    projectId,
+    'remove-collaborator',
+    sessionUserId,
+    req.ip,
+    { userId }
+  )
+
   res.sendStatus(204)
 }
 
@@ -36,6 +47,14 @@ async function removeSelfFromProject(req, res, next) {
   const projectId = req.params.Project_id
   const userId = SessionManager.getLoggedInUserId(req.session)
   await _removeUserIdFromProject(projectId, userId)
+
+  ProjectAuditLogHandler.addEntryInBackground(
+    projectId,
+    'leave-project',
+    userId,
+    req.ip
+  )
+
   res.sendStatus(204)
 }
 

services/web/test/unit/src/Collaborators/CollaboratorsControllerTests.js

@@ -54,6 +54,10 @@ describe('CollaboratorsController', function () {
       getRequestToken: sinon.stub().returns('access-token'),
     }
 
+    this.ProjectAuditLogHandler = {
+      addEntryInBackground: sinon.stub(),
+    }
+
     this.CollaboratorsController = SandboxedModule.require(MODULE_PATH, {
       requires: {
         mongodb: { ObjectId },
@@ -65,6 +69,7 @@ describe('CollaboratorsController', function () {
         '../Tags/TagsHandler': this.TagsHandler,
         '../Authentication/SessionManager': this.SessionManager,
         '../TokenAccess/TokenAccessHandler': this.TokenAccessHandler,
+        '../Project/ProjectAuditLogHandler': this.ProjectAuditLogHandler,
       },
     })
   })
@@ -105,6 +110,16 @@ describe('CollaboratorsController', function () {
         'project:membership:changed'
       )
     })
+
+    it('should write a project audit log', function () {
+      this.ProjectAuditLogHandler.addEntryInBackground.should.have.been.calledWith(
+        this.projectId,
+        'remove-collaborator',
+        this.user._id,
+        this.req.ip,
+        { userId: this.user._id }
+      )
+    })
   })
 
   describe('removeSelfFromProject', function () {
@@ -139,6 +154,15 @@ describe('CollaboratorsController', function () {
     it('should return a success code', function () {
       this.res.sendStatus.calledWith(204).should.equal(true)
     })
+
+    it('should write a project audit log', function () {
+      this.ProjectAuditLogHandler.addEntryInBackground.should.have.been.calledWith(
+        this.projectId,
+        'leave-project',
+        this.user._id,
+        this.req.ip
+      )
+    })
   })
 
   describe('getAllMembers', function () {