Bug 1602136

Summary: [RFE] Raise event in CloudForms when new external logins are auto-created for the first time
Product: Red Hat CloudForms Management Engine Reporter: Jason Frey <jfrey>
Component: ControlAssignee: Julian Cheal <jcheal>
Status: CLOSED ERRATA QA Contact: Mike Shriver <mshriver>
Severity: medium Docs Contact:
Priority: medium    
Version: 5.10.0CC: gblomqui, jfrey, jocarter, lavenel, mshriver, obarenbo, simaishi, smallamp
Target Milestone: GAKeywords: FutureFeature, RFE
Target Release: 5.10.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: 5.10.0.24 Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-02-07 23:03:30 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: CFME Core Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1555371    

Description Jason Frey 2018-07-17 20:48:24 UTC 
Split off from https://bugzilla.redhat.com/show_bug.cgi?id=1318353, as this was a second event requested in the comments.

When external authentication is used upon first login we CloudForms creates a new CloudForms user record.  When that record is created, we would raise an event, allowing the admin to configure an event handler as they see fit.
Comment 2 Dave Johnson 2018-07-17 21:01:49 UTC 
Please assess the impact of this issue and update the severity accordingly.  Please refer to https://bugzilla.redhat.com/page.cgi?id=fields.html#bug_severity for a reminder on each severity's definition.

If it's something like a tracker bug where it doesn't matter, please set the severity to Low.
Comment 3 Jason Frey 2018-07-31 18:46:35 UTC 
This one is a little complicated because it's not clear where each of the authenticators actually creates the record.  From what I can tell, the best place we can do this is here [1], but only when `user.new_record?`.  I haven't looked at the other Authenticators like Amazon, as that has to be included as well, but it may end up at that same line.

[1] https://github.com/ManageIQ/manageiq/blob/0afd317c6a8d5370427afb405d4a2257a130ffb3/app/models/authenticator/base.rb#L139-L140
Comment 4 Julian Cheal 2018-08-14 19:08:07 UTC 
PR for BZ https://github.com/ManageIQ/manageiq/pull/17852
Comment 5 Julian Cheal 2018-09-26 15:36:29 UTC 
Speaking with Mike Shriver we realised we create an audit message, but never create an event. Will create a follow up PR to do that.
Comment 6 Mike Shriver 2018-09-26 15:39:21 UTC 
Thanks Julian, I can confirm that I see audit log messages in my testing, but have no event that I can use to create alerts which was the original intent of the BZ.
Comment 7 Julian Cheal 2018-10-03 14:00:19 UTC 
PR to add MIQ Event for new user creation https://github.com/ManageIQ/manageiq/pull/18052
Comment 8 CFME Bot 2018-11-08 17:19:25 UTC 
New commit detected on ManageIQ/manageiq/hammer:

https://github.com/ManageIQ/manageiq/commit/3c2d5cbb3df34668ca51ca11ece0a5a18e733c85
commit 3c2d5cbb3df34668ca51ca11ece0a5a18e733c85
Author:     Brandon Dunne <brandondunne>
AuthorDate: Tue Nov  6 11:05:25 2018 -0500
Commit:     Brandon Dunne <brandondunne>
CommitDate: Tue Nov  6 11:05:25 2018 -0500

    Merge pull request #18052 from juliancheal/raise_event_new_login

    Raise event on new user creation

    (cherry picked from commit d952e0896e02ee754d29754e7a20a43125c965fb)

    https://bugzilla.redhat.com/show_bug.cgi?id=1602136

 app/models/authenticator/base.rb | 4 +-
 db/fixtures/miq_event_definitions.csv | 3 +
 spec/models/authenticator/database_spec.rb | 1 +
 spec/models/authenticator/ldap_spec.rb | 15 +
 4 files changed, 22 insertions(+), 1 deletion(-)
Comment 9 CFME Bot 2018-11-08 17:21:38 UTC 
New commit detected on ManageIQ/manageiq/hammer:

https://github.com/ManageIQ/manageiq/commit/3c2d5cbb3df34668ca51ca11ece0a5a18e733c85
commit 3c2d5cbb3df34668ca51ca11ece0a5a18e733c85
Author:     Brandon Dunne <brandondunne>
AuthorDate: Tue Nov  6 11:05:25 2018 -0500
Commit:     Brandon Dunne <brandondunne>
CommitDate: Tue Nov  6 11:05:25 2018 -0500

    Merge pull request #18052 from juliancheal/raise_event_new_login

    Raise event on new user creation

    (cherry picked from commit d952e0896e02ee754d29754e7a20a43125c965fb)

    https://bugzilla.redhat.com/show_bug.cgi?id=1602136

 app/models/authenticator/base.rb | 4 +-
 db/fixtures/miq_event_definitions.csv | 3 +
 spec/models/authenticator/database_spec.rb | 1 +
 spec/models/authenticator/ldap_spec.rb | 15 +
 4 files changed, 22 insertions(+), 1 deletion(-)
Comment 10 Mike Shriver 2018-11-27 14:51:34 UTC 
Tested in CFME 5.10.0.25.20181120211723_d2fd659

An event was raised when the new user was created via successful external authentication.


-- evm.log

[----] I, [2018-11-27T09:13:02.862483 #14382:6c6f74]  INFO -- : MIQ(MiqEvent#process_evm_event) Event Raised [user_created]


-- Classic UI Control -> Log

[----] I, [2018-11-27T09:13:02.863802 #14382:6c6f74]  INFO -- : MIQ(policy-enforce_policy): Event: [user_created], To: []
Comment 11 errata-xmlrpc 2019-02-07 23:03:30 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2019:0212