Merge pull request #39351 from owncloud/provisioning-api-last-login-2…

…0211013 [full-ci] added last_login to getUser()
owncloud · Nov 3, 2021 · c52c62f · c52c62f
2 parents 41925f3 + 1c5e02c
commit c52c62f
Show file tree

Hide file tree

Showing 7 changed files with 79 additions and 1 deletion.
diff --git a/apps/provisioning_api/lib/Users.php b/apps/provisioning_api/lib/Users.php
@@ -224,6 +224,7 @@ public function getUser($parameters) {
 		$data['displayname'] = $targetUserObject->getDisplayName();
 		$data['home'] = $targetUserObject->getHome();
 		$data['two_factor_auth_enabled'] = $this->twoFactorAuthManager->isTwoFactorAuthenticated($targetUserObject) ? 'true' : 'false';
+		$data['last_login'] = $targetUserObject->getLastLogin();
 
 		return new Result($data);
 	}

diff --git a/apps/provisioning_api/tests/UsersTest.php b/apps/provisioning_api/tests/UsersTest.php
@@ -729,6 +729,10 @@ public function testGetUserAsAdmin() {
 			->expects($this->once())
 			->method('isEnabled')
 			->willReturn('true');
+		$targetUser
+			->expects($this->once())
+			->method('getLastLogin')
+			->willReturn('1618230656');
 
 		$expected = new Result(
 			[
@@ -738,6 +742,7 @@ public function testGetUserAsAdmin() {
 				'displayname' => 'Demo User',
 				'home' => '/var/ocdata/UserToGet',
 				'two_factor_auth_enabled' => 'false',
+				'last_login' => '1618230656'
 			]
 		);
 		$this->assertEquals($expected, $this->api->getUser(['userid' => 'UserToGet']));
@@ -796,6 +801,10 @@ public function testGetUserAsSubAdminAndUserIsAccessible() {
 			->expects($this->once())
 			->method('isEnabled')
 			->willReturn('true');
+		$targetUser
+			->expects($this->once())
+			->method('getLastLogin')
+			->willReturn('1618230656');
 
 		$expected = new Result(
 			[
@@ -804,7 +813,8 @@ public function testGetUserAsSubAdminAndUserIsAccessible() {
 				'email' => 'demo@owncloud.com',
 				'home' => '/var/ocdata/UserToGet',
 				'displayname' => 'Demo User',
-				'two_factor_auth_enabled' => 'false'
+				'two_factor_auth_enabled' => 'false',
+				'last_login' => '1618230656'
 			]
 		);
 		$this->assertEquals($expected, $this->api->getUser(['userid' => 'UserToGet']));
@@ -897,13 +907,18 @@ public function testGetUserAsSubAdminSelfLookup() {
 			->expects($this->once())
 			->method('getEMailAddress')
 			->will($this->returnValue('subadmin@owncloud.com'));
+		$targetUser
+			->expects($this->once())
+			->method('getLastLogin')
+			->willReturn('1618230656');
 
 		$expected = new Result([
 			'quota' => ['DummyValue', 'definition' => null],
 			'email' => 'subadmin@owncloud.com',
 			'displayname' => 'Subadmin User',
 			'home' => '/var/ocdata/UserToGet',
 			'two_factor_auth_enabled' => 'false',
+			'last_login' => '1618230656'
 		]);
 		$this->assertEquals($expected, $this->api->getUser(['userid' => 'subadmin']));
 	}

diff --git a/changelog/unreleased/39351 b/changelog/unreleased/39351
@@ -0,0 +1,7 @@
+Enhancement: Add last_login to Provisioning API get user response
+
+The response to a Provisioning API GET request to the cloud/users/username
+endpoint now includes the last_login time in the response.
+The value is a Unix timestamp in seconds.
+
+https://github.com/owncloud/core/pull/38351
diff --git a/tests/acceptance/features/apiProvisioning-v1/getUser.feature b/tests/acceptance/features/apiProvisioning-v1/getUser.feature
@@ -17,6 +17,7 @@ Feature: get user
     And the HTTP status code should be "200"
     And the display name returned by the API should be "Brand New User"
     And the quota definition returned by the API should be "default"
+    And the last login returned by the API should be a current Unix timestamp
 
   @skipOnOcV10.3
   Scenario Outline: admin gets an existing user with special characters in the username
@@ -29,11 +30,13 @@ Feature: get user
     And the display name returned by the API should be "<displayname>"
     And the email address returned by the API should be "<email>"
     And the quota definition returned by the API should be "default"
+    And the last login returned by the API should be a current Unix timestamp
     Examples:
       | username | displayname  | email               |
       | a@-+_.b  | A weird b    | a.b@example.com     |
       | a space  | A Space Name | a.space@example.com |
 
+
   Scenario: admin gets an existing user, providing uppercase username in the URL
     Given these users have been created with default attributes and without skeleton files:
       | username       | displayname    |
@@ -43,6 +46,8 @@ Feature: get user
     And the HTTP status code should be "200"
     And the display name returned by the API should be "Brand New User"
     And the quota definition returned by the API should be "default"
+    And the last login returned by the API should be a current Unix timestamp
+
 
   Scenario: admin tries to get a nonexistent user
     When the administrator retrieves the information of user "not-a-user" using the provisioning API
@@ -64,6 +69,7 @@ Feature: get user
     And the HTTP status code should be "200"
     And the display name returned by the API should be "New User"
     And the quota definition returned by the API should be "default"
+    And the last login returned by the API should be a current Unix timestamp
 
   @notToImplementOnOCIS
   Scenario: a subadmin tries to get information of a user not in their group
@@ -78,6 +84,7 @@ Feature: get user
     And the HTTP status code should be "401"
     And the API should not return any data
 
+
   Scenario: a normal user tries to get information of another user
     Given these users have been created with default attributes and without skeleton files:
       | username         |
@@ -98,6 +105,8 @@ Feature: get user
     And the HTTP status code should be "200"
     And the display name returned by the API should be "New User"
     And the quota definition returned by the API should be "default"
+    And the last login returned by the API should be a current Unix timestamp
+
 
   Scenario: a normal user gets their own information, providing uppercase username as authentication
     Given these users have been created with default attributes and without skeleton files:
@@ -108,6 +117,7 @@ Feature: get user
     And the HTTP status code should be "200"
     And the display name returned by the API should be "New User"
     And the quota definition returned by the API should be "default"
+    And the last login returned by the API should be a current Unix timestamp
 
   @skipOnOcV10.3
   Scenario: a normal user gets their own information, providing uppercase username in the URL
@@ -119,6 +129,7 @@ Feature: get user
     And the HTTP status code should be "200"
     And the display name returned by the API should be "New User"
     And the quota definition returned by the API should be "default"
+    And the last login returned by the API should be a current Unix timestamp
 
   @skipOnOcV10.3
   Scenario: a mixed-case normal user gets their own information, providing lowercase username in the URL
@@ -130,6 +141,8 @@ Feature: get user
     And the HTTP status code should be "200"
     And the display name returned by the API should be "New User"
     And the quota definition returned by the API should be "default"
+    And the last login returned by the API should be a current Unix timestamp
+
 
   Scenario: a mixed-case normal user gets their own information, providing the mixed-case username in the URL
     Given these users have been created with default attributes and without skeleton files:
@@ -140,6 +153,8 @@ Feature: get user
     And the HTTP status code should be "200"
     And the display name returned by the API should be "New User"
     And the quota definition returned by the API should be "default"
+    And the last login returned by the API should be a current Unix timestamp
+
 
   Scenario: admin gets information of a user with admin permissions
     Given these users have been created with default attributes and without skeleton files:
@@ -151,6 +166,8 @@ Feature: get user
     And the HTTP status code should be "200"
     And the display name returned by the API should be "Admin Alice"
     And the quota definition returned by the API should be "default"
+    And the last login returned by the API should be a current Unix timestamp
+
   @notToImplementOnOCIS
   Scenario: a subadmin should be able to get information of a user with subadmin permissions in their group
     Given these users have been created with default attributes and without skeleton files:
@@ -166,6 +183,8 @@ Feature: get user
     And the HTTP status code should be "200"
     And the display name returned by the API should be "Regular User"
     And the quota definition returned by the API should be "default"
+    And the last login returned by the API should be a current Unix timestamp
+
   @notToImplementOnOCIS
   Scenario: a subadmin should not be able to get information of another subadmin of same group
     Given these users have been created with default attributes and without skeleton files:

diff --git a/tests/acceptance/features/apiProvisioning-v2/getUser.feature b/tests/acceptance/features/apiProvisioning-v2/getUser.feature
@@ -17,6 +17,7 @@ Feature: get user
     And the HTTP status code should be "200"
     And the display name returned by the API should be "Brand New User"
     And the quota definition returned by the API should be "default"
+    And the last login returned by the API should be a current Unix timestamp
 
   @skipOnOcV10.3
   Scenario Outline: admin gets an existing user with special characters in the username
@@ -29,11 +30,13 @@ Feature: get user
     And the display name returned by the API should be "<displayname>"
     And the email address returned by the API should be "<email>"
     And the quota definition returned by the API should be "default"
+    And the last login returned by the API should be a current Unix timestamp
     Examples:
       | username | displayname  | email               |
       | a@-+_.b  | A weird b    | a.b@example.com     |
       | a space  | A Space Name | a.space@example.com |
 
+
   Scenario: admin gets an existing user, providing uppercase username in the URL
     Given these users have been created with default attributes and without skeleton files:
       | username       | displayname    |
@@ -43,6 +46,8 @@ Feature: get user
     And the HTTP status code should be "200"
     And the display name returned by the API should be "Brand New User"
     And the quota definition returned by the API should be "default"
+    And the last login returned by the API should be a current Unix timestamp
+
 
   Scenario: admin tries to get a nonexistent user
     When the administrator retrieves the information of user "not-a-user" using the provisioning API
@@ -64,6 +69,7 @@ Feature: get user
     And the HTTP status code should be "200"
     And the display name returned by the API should be "New User"
     And the quota definition returned by the API should be "default"
+    And the last login returned by the API should be a current Unix timestamp
 
   @notToImplementOnOCIS
   Scenario: a subadmin tries to get information of a user not in their group
@@ -99,6 +105,8 @@ Feature: get user
     And the HTTP status code should be "200"
     And the display name returned by the API should be "New User"
     And the quota definition returned by the API should be "default"
+    And the last login returned by the API should be a current Unix timestamp
+
 
   Scenario: a normal user gets their own information, providing uppercase username as authentication
     Given these users have been created with default attributes and without skeleton files:
@@ -109,6 +117,7 @@ Feature: get user
     And the HTTP status code should be "200"
     And the display name returned by the API should be "New User"
     And the quota definition returned by the API should be "default"
+    And the last login returned by the API should be a current Unix timestamp
 
   @skipOnOcV10.3
   Scenario: a normal user gets their own information, providing uppercase username in the URL
@@ -120,6 +129,7 @@ Feature: get user
     And the HTTP status code should be "200"
     And the display name returned by the API should be "New User"
     And the quota definition returned by the API should be "default"
+    And the last login returned by the API should be a current Unix timestamp
 
   @skipOnOcV10.3
   Scenario: a mixed-case normal user gets their own information, providing lowercase username in the URL
@@ -131,6 +141,8 @@ Feature: get user
     And the HTTP status code should be "200"
     And the display name returned by the API should be "New User"
     And the quota definition returned by the API should be "default"
+    And the last login returned by the API should be a current Unix timestamp
+
 
   Scenario: a mixed-case normal user gets their own information, providing the mixed-case username in the URL
     Given these users have been created with default attributes and without skeleton files:
@@ -141,6 +153,8 @@ Feature: get user
     And the HTTP status code should be "200"
     And the display name returned by the API should be "New User"
     And the quota definition returned by the API should be "default"
+    And the last login returned by the API should be a current Unix timestamp
+
   @notToImplementOnOCIS
   Scenario: admin gets information of a user with admin permissions
     Given these users have been created with default attributes and without skeleton files:
@@ -152,6 +166,8 @@ Feature: get user
     And the HTTP status code should be "200"
     And the display name returned by the API should be "Admin Alice"
     And the quota definition returned by the API should be "default"
+    And the last login returned by the API should be a current Unix timestamp
+
   @notToImplementOnOCIS
   Scenario: a subadmin should be able to get information of a user with subadmin permissions in their group
     Given these users have been created with default attributes and without skeleton files:
@@ -167,6 +183,8 @@ Feature: get user
     And the HTTP status code should be "200"
     And the display name returned by the API should be "Regular User"
     And the quota definition returned by the API should be "default"
+    And the last login returned by the API should be a current Unix timestamp
+
   @notToImplementOnOCIS
   Scenario: a subadmin should not be able to get information of another subadmin of same group
     Given these users have been created with default attributes and without skeleton files:

diff --git a/tests/acceptance/features/bootstrap/FeatureContext.php b/tests/acceptance/features/bootstrap/FeatureContext.php
@@ -49,6 +49,11 @@ class FeatureContext extends BehatVariablesContext {
 	use Sharing;
 	use WebDav;
 
+	/**
+	 * @var int Unix timestamp seconds
+	 */
+	private $scenarioStartTime;
+
 	/**
 	 * @var string
 	 */
@@ -3284,6 +3289,7 @@ public function theAdministratorTriesToSyncUserUsingPasswordAndTheOcsApi(?string
 	 * @throws Exception
 	 */
 	public function before(BeforeScenarioScope $scope):void {
+		$this->scenarioStartTime = \time();
 		// Get the environment
 		$environment = $scope->getEnvironment();
 		// registers context in every suite, as every suite has FeatureContext

diff --git a/tests/acceptance/features/bootstrap/Provisioning.php b/tests/acceptance/features/bootstrap/Provisioning.php
@@ -4912,6 +4912,18 @@ public function theQuotaDefinitionOfUserShouldBe(string $user, string $expectedQ
 		$this->theQuotaDefinitionReturnedByTheApiShouldBe($expectedQuotaDefinition);
 	}
 
+	/**
+	 * @Then /^the last login returned by the API should be a current Unix timestamp$/
+	 *
+	 * @return void
+	 * @throws Exception
+	 */
+	public function theLastLoginReturnedByTheApiShouldBe():void {
+		$responseLastLogin = (string) $this->getResponseXml(null, __METHOD__)->data[0]->last_login;
+		Assert::assertIsNumeric($responseLastLogin);
+		Assert::assertGreaterThan($this->scenarioStartTime, (int) $responseLastLogin);
+	}
+
 	/**
 	 * Parses the xml answer to get the array of users returned.
 	 *