-
Notifications
You must be signed in to change notification settings - Fork 26
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[EPIC] [MU] List inactive users #1298
Comments
key could be the |
Please detail the webadmin route |
Cc @guimard |
Could be something like:
|
No lets actually just expose what is stored. We can add further per user info as: ip, mail user agent Often that's very usefull for audit. We shall separate IMAP and SMTP How about:
Then filters:
And of course per user queries:
|
I move this into TODO as this is needed for MU Cc @guimard for review. Cc @PatrickPereiraLinagora for review. |
If the data structure is just key-value, redis could be good option. However, the json document show that it is quite more complicated. Therefore, I suggest we save data in a new cassandra table. |
Nope no Cassandra table for this, it's the worst option really. We dont want to create yet an other table. The description of the ticket seems clear enough to me about Redis choice. |
With the fact that we need to store different kind of infos (protocol, last connection date, ip, user agent), better to use either I think HSET https://redis.io/docs/latest/commands/hset/ or JSON.SET https://redis.io/docs/latest/commands/json.set/ |
I prefer json.set : will look less hacky at describing an object |
Alright I reviewed the ticket again as the initial proposition was relying on storing only the last connection date, and not extra data like protocol, ip address or user agent. So I feel like by overriding the Authenticator we would not have those info, thus the description is outdated IMO. However this is what I believe we could do (and if I'm wrong please correct me):
WDYT? Also for storing last login info on Redis, do we make it mandatory (of course if we use Redis), or configurable (enable/disable)? |
No lemon do. |
I'm against code specific to Tmail code.
Proposal 1 What's wrong with the proposal of getting those infos through the MDC / context? I bet it would be doable. A bit hacky but we coult still rely on Code snippet:
James side i might just cost os to propagate the MDC upon line countinuations and login. Proposal 2 How about defining an API triggered upon authentication succees / failures? We could then make it configuration-loadable with user defined code as an extension mechanism. We could then |
Not too sure honestly to fully get the 2nd proposal but I suggest we talk about this and have the final decision with the team on the kanban meeting next monday, I think it fits? |
@Team: Should cut it down to smaller tasks. Quickly here, but can rediscuss it:
|
Tickets created. Please help review and dont hesitate to comment if you think it's necessary |
Why
MU requires us the ability to report the inactive users list for example the users who have not used our services in the last 3 months.
We need to record the users's login activity.
Today we have user login activity using
AuditTrail
with login logs stored in Loki. However upon large data size (TMail produces a lot of logs), Loki strips a part of the logs to give an in-time response, which makes the users activity analysis not reliable.We need to store that piece of information somewhere else rather than Loki.
How
Storage
Redis seems to be the suitable storage for the need: famous for session data use case, fast write, AOF seems reasonable for data backup (could accept a bit of data lag for user activity use case).
Code change
We likely could override
Authenticator
e.g. write aTMailUserRepositoryAuthenticator
that injectsUserRepositoryAuthenticator
with the Redis part to publish the user login information.For Redis data structure, we can likely use SET:
We would need a webadmin route to list:
We would need to have a module chooser to enable the user login recording module.
DoD
Integration tests + docs.
Could be another task to deploy the work on MU after careful testing.
The text was updated successfully, but these errors were encountered: