Commit 41b1755f authored by Heinrich Lee Yu's avatar Heinrich Lee Yu

Merge branch 'graphql_log_user_last_activity_on' into 'master'

Log user last activity on in GraphQL

See merge request gitlab-org/gitlab!23063
parents 6016ebad 68b60a0f
...@@ -19,6 +19,7 @@ class GraphqlController < ApplicationController ...@@ -19,6 +19,7 @@ class GraphqlController < ApplicationController
before_action :authorize_access_api! before_action :authorize_access_api!
before_action(only: [:execute]) { authenticate_sessionless_user!(:api) } before_action(only: [:execute]) { authenticate_sessionless_user!(:api) }
before_action :set_user_last_activity
# Since we deactivate authentication from the main ApplicationController and # Since we deactivate authentication from the main ApplicationController and
# defer it to :authorize_access_api!, we need to override the bypass session # defer it to :authorize_access_api!, we need to override the bypass session
...@@ -47,6 +48,12 @@ class GraphqlController < ApplicationController ...@@ -47,6 +48,12 @@ class GraphqlController < ApplicationController
private private
def set_user_last_activity
return unless current_user
Users::ActivityService.new(current_user).execute
end
def execute_multiplex def execute_multiplex
GitlabSchema.multiplex(multiplex_queries, context: context) GitlabSchema.multiplex(multiplex_queries, context: context)
end end
......
---
title: Add user last_activity logging in GraphQL
merge_request: 23063
author:
type: fixed
...@@ -1409,6 +1409,7 @@ The activities that update the timestamp are: ...@@ -1409,6 +1409,7 @@ The activities that update the timestamp are:
- User logging in into GitLab - User logging in into GitLab
- User visiting pages related to Dashboards, Projects, Issues, and Merge Requests ([introduced](https://gitlab.com/gitlab-org/gitlab-foss/issues/54947) in GitLab 11.8) - User visiting pages related to Dashboards, Projects, Issues, and Merge Requests ([introduced](https://gitlab.com/gitlab-org/gitlab-foss/issues/54947) in GitLab 11.8)
- User using the API - User using the API
- User using the GraphQL API
By default, it shows the activity for all users in the last 6 months, but this can be By default, it shows the activity for all users in the last 6 months, but this can be
amended by using the `from` parameter. amended by using the `from` parameter.
......
...@@ -26,3 +26,4 @@ How do we measure the activity of users? GitLab considers a user active if: ...@@ -26,3 +26,4 @@ How do we measure the activity of users? GitLab considers a user active if:
- The user has Git activity (whether push or pull). - The user has Git activity (whether push or pull).
- The user visits pages related to Dashboards, Projects, Issues, and Merge Requests ([introduced](https://gitlab.com/gitlab-org/gitlab-foss/issues/54947) in GitLab 11.8). - The user visits pages related to Dashboards, Projects, Issues, and Merge Requests ([introduced](https://gitlab.com/gitlab-org/gitlab-foss/issues/54947) in GitLab 11.8).
- The user uses the API - The user uses the API
- The user uses the GraphQL API
...@@ -32,7 +32,7 @@ describe GraphqlController do ...@@ -32,7 +32,7 @@ describe GraphqlController do
describe 'POST #execute' do describe 'POST #execute' do
context 'when user is logged in' do context 'when user is logged in' do
let(:user) { create(:user) } let(:user) { create(:user, last_activity_on: Date.yesterday) }
before do before do
sign_in(user) sign_in(user)
...@@ -56,6 +56,19 @@ describe GraphqlController do ...@@ -56,6 +56,19 @@ describe GraphqlController do
expect(response).to have_gitlab_http_status(:forbidden) expect(response).to have_gitlab_http_status(:forbidden)
expect(response).to render_template('errors/access_denied') expect(response).to render_template('errors/access_denied')
end end
it 'updates the users last_activity_on field' do
expect { post :execute }.to change { user.reload.last_activity_on }
end
end
context 'when user uses an API token' do
let(:user) { create(:user, last_activity_on: Date.yesterday) }
let(:token) { create(:personal_access_token, user: user, scopes: [:api]) }
it 'updates the users last_activity_on field' do
expect { post :execute, params: { access_token: token.token } }.to change { user.reload.last_activity_on }
end
end end
context 'when user is not logged in' do context 'when user is not logged in' do
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment