diff --git a/backend/src/event/EVENT_ADMIN_USER_DELETE.ts b/backend/src/event/EVENT_ADMIN_USER_DELETE.ts new file mode 100644 index 000000000..bfd5be740 --- /dev/null +++ b/backend/src/event/EVENT_ADMIN_USER_DELETE.ts @@ -0,0 +1,6 @@ +import { User as DbUser } from '@entity/User' +import { Event as DbEvent } from '@entity/Event' +import { Event, EventType } from './Event' + +export const EVENT_ADMIN_USER_DELETE = async (user: DbUser, moderator: DbUser): Promise => + Event(EventType.ADMIN_USER_DELETE, user, moderator).save() diff --git a/backend/src/event/EVENT_ADMIN_USER_ROLE_SET.ts b/backend/src/event/EVENT_ADMIN_USER_ROLE_SET.ts new file mode 100644 index 000000000..3be825ad4 --- /dev/null +++ b/backend/src/event/EVENT_ADMIN_USER_ROLE_SET.ts @@ -0,0 +1,8 @@ +import { User as DbUser } from '@entity/User' +import { Event as DbEvent } from '@entity/Event' +import { Event, EventType } from './Event' + +export const EVENT_ADMIN_USER_ROLE_SET = async ( + user: DbUser, + moderator: DbUser, +): Promise => Event(EventType.ADMIN_USER_ROLE_SET, user, moderator).save() diff --git a/backend/src/event/EVENT_ADMIN_USER_UNDELETE.ts b/backend/src/event/EVENT_ADMIN_USER_UNDELETE.ts new file mode 100644 index 000000000..eb861dbf1 --- /dev/null +++ b/backend/src/event/EVENT_ADMIN_USER_UNDELETE.ts @@ -0,0 +1,8 @@ +import { User as DbUser } from '@entity/User' +import { Event as DbEvent } from '@entity/Event' +import { Event, EventType } from './Event' + +export const EVENT_ADMIN_USER_UNDELETE = async ( + user: DbUser, + moderator: DbUser, +): Promise => Event(EventType.ADMIN_USER_UNDELETE, user, moderator).save() diff --git a/backend/src/event/EVENT_EMAIL_FORGOT_PASSWORD.ts b/backend/src/event/EVENT_EMAIL_FORGOT_PASSWORD.ts index 4160ce244..f7e328369 100644 --- a/backend/src/event/EVENT_EMAIL_FORGOT_PASSWORD.ts +++ b/backend/src/event/EVENT_EMAIL_FORGOT_PASSWORD.ts @@ -3,4 +3,4 @@ import { Event as DbEvent } from '@entity/Event' import { Event, EventType } from './Event' export const EVENT_EMAIL_FORGOT_PASSWORD = async (user: DbUser): Promise => - Event(EventType.EMAIL_FORGOT_PASSWORD, user, user).save() + Event(EventType.EMAIL_FORGOT_PASSWORD, user, { id: 0 } as DbUser).save() diff --git a/backend/src/event/Event.ts b/backend/src/event/Event.ts index 60da91b70..901bc33ff 100644 --- a/backend/src/event/Event.ts +++ b/backend/src/event/Event.ts @@ -47,6 +47,9 @@ export { EVENT_ADMIN_CONTRIBUTION_LINK_DELETE } from './EVENT_ADMIN_CONTRIBUTION export { EVENT_ADMIN_CONTRIBUTION_LINK_UPDATE } from './EVENT_ADMIN_CONTRIBUTION_LINK_UPDATE' export { EVENT_ADMIN_CONTRIBUTION_MESSAGE_CREATE } from './EVENT_ADMIN_CONTRIBUTION_MESSAGE_CREATE' export { EVENT_ADMIN_SEND_CONFIRMATION_EMAIL } from './EVENT_ADMIN_SEND_CONFIRMATION_EMAIL' +export { EVENT_ADMIN_USER_DELETE } from './EVENT_ADMIN_USER_DELETE' +export { EVENT_ADMIN_USER_UNDELETE } from './EVENT_ADMIN_USER_UNDELETE' +export { EVENT_ADMIN_USER_ROLE_SET } from './EVENT_ADMIN_USER_ROLE_SET' export { EVENT_CONTRIBUTION_CREATE } from './EVENT_CONTRIBUTION_CREATE' export { EVENT_CONTRIBUTION_DELETE } from './EVENT_CONTRIBUTION_DELETE' export { EVENT_CONTRIBUTION_UPDATE } from './EVENT_CONTRIBUTION_UPDATE' @@ -63,3 +66,4 @@ export { EVENT_TRANSACTION_RECEIVE } from './EVENT_TRANSACTION_RECEIVE' export { EVENT_TRANSACTION_LINK_CREATE } from './EVENT_TRANSACTION_LINK_CREATE' export { EVENT_TRANSACTION_LINK_DELETE } from './EVENT_TRANSACTION_LINK_DELETE' export { EVENT_TRANSACTION_LINK_REDEEM } from './EVENT_TRANSACTION_LINK_REDEEM' +export { EVENT_USER_INFO_UPDATE } from './EVENT_USER_INFO_UPDATE' diff --git a/backend/src/event/EventType.ts b/backend/src/event/EventType.ts index cc277e589..58d03c84b 100644 --- a/backend/src/event/EventType.ts +++ b/backend/src/event/EventType.ts @@ -11,6 +11,9 @@ export enum EventType { ADMIN_CONTRIBUTION_LINK_UPDATE = 'ADMIN_CONTRIBUTION_LINK_UPDATE', ADMIN_CONTRIBUTION_MESSAGE_CREATE = 'ADMIN_CONTRIBUTION_MESSAGE_CREATE', ADMIN_SEND_CONFIRMATION_EMAIL = 'ADMIN_SEND_CONFIRMATION_EMAIL', + ADMIN_USER_DELETE = 'ADMIN_USER_DELETE', + ADMIN_USER_UNDELETE = 'ADMIN_USER_UNDELETE', + ADMIN_USER_ROLE_SET = 'ADMIN_USER_ROLE_SET', CONTRIBUTION_CREATE = 'CONTRIBUTION_CREATE', CONTRIBUTION_DELETE = 'CONTRIBUTION_DELETE', CONTRIBUTION_UPDATE = 'CONTRIBUTION_UPDATE', diff --git a/backend/src/graphql/resolver/UserResolver.ts b/backend/src/graphql/resolver/UserResolver.ts index 196110a31..f51d0fdac 100644 --- a/backend/src/graphql/resolver/UserResolver.ts +++ b/backend/src/graphql/resolver/UserResolver.ts @@ -60,6 +60,9 @@ import { EVENT_LOGOUT, EVENT_EMAIL_FORGOT_PASSWORD, EVENT_USER_INFO_UPDATE, + EVENT_USER_ROLE_SET, + EVENT_ADMIN_USER_ROLE_SET, + EVENT_ADMIN_USER_DELETE, } from '@/event/Event' import { getUserCreations } from './util/creations' import { isValidPassword } from '@/password/EncryptorUtils' @@ -585,7 +588,6 @@ export class UserResolver { await queryRunner.release() } logger.info('updateUserInfos() successfully finished...') - await EVENT_USER_INFO_UPDATE(user) return true @@ -713,8 +715,8 @@ export class UserResolver { throw new LogError('Could not find user with given ID', userId) } // administrator user changes own role? - const moderatorUser = getUser(context) - if (moderatorUser.id === userId) { + const moderator = getUser(context) + if (moderator.id === userId) { throw new LogError('Administrator can not change his own role') } // change isAdmin @@ -735,6 +737,7 @@ export class UserResolver { break } await user.save() + await EVENT_ADMIN_USER_ROLE_SET(user, moderator) const newUser = await DbUser.findOne({ id: userId }) return newUser ? newUser.isAdmin : null } @@ -751,19 +754,20 @@ export class UserResolver { throw new LogError('Could not find user with given ID', userId) } // moderator user disabled own account? - const moderatorUser = getUser(context) - if (moderatorUser.id === userId) { + const moderator = getUser(context) + if (moderator.id === userId) { throw new LogError('Moderator can not delete his own account') } // soft-delete user await user.softRemove() + await EVENT_ADMIN_USER_DELETE(user, moderator) const newUser = await DbUser.findOne({ id: userId }, { withDeleted: true }) return newUser ? newUser.deletedAt : null } @Authorized([RIGHTS.ADMIN_UNDELETE_USER]) @Mutation(() => Date, { nullable: true }) - async unDeleteUser(@Arg('userId', () => Int) userId: number): Promise { + async unDeleteUser(@Arg('userId', () => Int) userId: number, @Ctx() context: Context,): Promise { const user = await DbUser.findOne({ id: userId }, { withDeleted: true }) if (!user) { throw new LogError('Could not find user with given ID', userId) @@ -772,6 +776,7 @@ export class UserResolver { throw new LogError('User is not deleted') } await user.recover() + await EVENT_ADMIN_USER_UNDELETE(user, getUser(context)) return null }