Merge branch 'graphql_log_user_last_activity_on' into 'master'

Log user last activity on in GraphQL See merge request gitlab-org/gitlab!23063

Merge branch 'graphql_log_user_last_activity_on' into 'master'
Log user last activity on in GraphQL See merge request gitlab-org/gitlab!23063
41b1755f · Heinrich Lee Yu · 6016ebad · 68b60a0f · 41b1755f · 41b1755f
Commit 41b1755f authored May 14, 2020 by Heinrich Lee Yu
5 changed files
--- a/app/controllers/graphql_controller.rb
+++ b/app/controllers/graphql_controller.rb
@@ -19,6 +19,7 @@ class GraphqlController < ApplicationController

  before_action :authorize_access_api!
  before_action(only: [:execute]) { authenticate_sessionless_user!(:api) }
+  before_action :set_user_last_activity

  # Since we deactivate authentication from the main ApplicationController and
  # defer it to :authorize_access_api!, we need to override the bypass session
@@ -47,6 +48,12 @@ class GraphqlController < ApplicationController

  private

+  def set_user_last_activity
+    return unless current_user
+
+    Users::ActivityService.new(current_user).execute
+  end
+
  def execute_multiplex
    GitlabSchema.multiplex(multiplex_queries, context: context)
  end

--- a/changelogs/unreleased/graphql_log_user_last_activity_on.yml
+++ b/changelogs/unreleased/graphql_log_user_last_activity_on.yml
+---
+title: Add user last_activity logging in GraphQL
+merge_request: 23063
+author:
+type: fixed
--- a/doc/api/users.md
+++ b/doc/api/users.md
@@ -1409,6 +1409,7 @@ The activities that update the timestamp are:
 - User logging in into GitLab
 - User visiting pages related to Dashboards, Projects, Issues, and Merge Requests ([introduced](https://gitlab.com/gitlab-org/gitlab-foss/issues/54947) in GitLab 11.8)
 - User using the API
+- User using the GraphQL API

 By default, it shows the activity for all users in the last 6 months, but this can be
 amended by using the `from` parameter.

--- a/doc/user/instance_statistics/user_cohorts.md
+++ b/doc/user/instance_statistics/user_cohorts.md
@@ -26,3 +26,4 @@ How do we measure the activity of users? GitLab considers a user active if:
 - The user has Git activity (whether push or pull).
 - The user visits pages related to Dashboards, Projects, Issues, and Merge Requests ([introduced](https://gitlab.com/gitlab-org/gitlab-foss/issues/54947) in GitLab 11.8).
 - The user uses the API
+- The user uses the GraphQL API
--- a/spec/controllers/graphql_controller_spec.rb
+++ b/spec/controllers/graphql_controller_spec.rb
@@ -32,7 +32,7 @@ describe GraphqlController do

  describe 'POST #execute' do
    context 'when user is logged in' do
-      let(:user) { create(:user) }
+      let(:user) { create(:user, last_activity_on: Date.yesterday) }

      before do
        sign_in(user)
@@ -56,6 +56,19 @@ describe GraphqlController do
        expect(response).to have_gitlab_http_status(:forbidden)
        expect(response).to render_template('errors/access_denied')
      end
+
+      it 'updates the users last_activity_on field' do
+        expect { post :execute }.to change { user.reload.last_activity_on }
+      end
+    end
+
+    context 'when user uses an API token' do
+      let(:user) { create(:user, last_activity_on: Date.yesterday) }
+      let(:token) { create(:personal_access_token, user: user, scopes: [:api]) }
+
+      it 'updates the users last_activity_on field' do
+        expect { post :execute, params: { access_token: token.token } }.to change { user.reload.last_activity_on }
+      end
    end

    context 'when user is not logged in' do