From a830b6ab23fef58ec94da5bc2096fe9da99cd246 Mon Sep 17 00:00:00 2001
From: Jeff Davis <jeff.davis@bc.libraries.coop>
Date: Wed, 1 May 2019 11:42:11 -0700
Subject: [PATCH] LP#1817645: track RemoteAuth user activity

Signed-off-by: Jeff Davis <jeff.davis@bc.libraries.coop>
Signed-off-by: Galen Charlton <gmc@equinoxinitiative.org>
---
 Open-ILS/examples/fm_IDL.xml                       |  2 ++
 .../src/perlmods/lib/OpenILS/WWW/RemoteAuth.pm     | 14 +++++++++-----
 .../live_t/29-lp1817645-remoteauth-patron-api.t    |  9 ++++++---
 Open-ILS/src/sql/Pg/150.remoteauth.sql             |  3 ++-
 Open-ILS/tests/datasets/sql/remoteauth.sql         |  8 ++++++--
 5 files changed, 25 insertions(+), 11 deletions(-)

diff --git a/Open-ILS/examples/fm_IDL.xml b/Open-ILS/examples/fm_IDL.xml
index dc236aeb55..f358b652c3 100644
--- a/Open-ILS/examples/fm_IDL.xml
+++ b/Open-ILS/examples/fm_IDL.xml
@@ -12951,10 +12951,12 @@ SELECT  usr,
 			<field name="allow_inactive" reporter:datatype="bool"/>
 			<field name="allow_expired" reporter:datatype="bool"/>
 			<field name="block_list" reporter:datatype="text"/>
+			<field name="usr_activity_type" reporter:datatype="link"/>
 		</fields>
 		<links>
 			<link field="context_org" reltype="has_a" key="id" map="" class="aou"/>
 			<link field="perm" reltype="has_a" key="id" map="" class="ppl"/>
+			<link field="usr_activity_type" reltype="has_a" key="id" map="" class="cuat"/>
 		</links>
 		<permacrud xmlns="http://open-ils.org/spec/opensrf/IDL/permacrud/v1">
 			<actions>
diff --git a/Open-ILS/src/perlmods/lib/OpenILS/WWW/RemoteAuth.pm b/Open-ILS/src/perlmods/lib/OpenILS/WWW/RemoteAuth.pm
index 7726429c34..82163160f1 100644
--- a/Open-ILS/src/perlmods/lib/OpenILS/WWW/RemoteAuth.pm
+++ b/Open-ILS/src/perlmods/lib/OpenILS/WWW/RemoteAuth.pm
@@ -77,7 +77,8 @@ sub handler {
         my $handler = $module->new;
         $stat = $handler->process($r);
     } catch Error with {
-        $logger->error("processing RemoteAuth handler failed: @_");
+        my $err = shift;
+        $logger->error("processing RemoteAuth handler failed: $err");
         $stat = Apache2::Const::HTTP_INTERNAL_SERVER_ERROR;
     };
 
@@ -123,15 +124,18 @@ sub do_patron_auth {
 
     return $self->backend_error unless $e->checkauth;
 
-    # XXX
     my $args = {
-        type => 'opac',
+        type => 'opac', # XXX
         org => $org_unit,
         identifier => $id,
-        password => $password,
-        agent => 'remoteauth'
+        password => $password
     };
 
+    my $cuat = $e->retrieve_config_usr_activity_type($config->usr_activity_type);
+    if ($cuat) {
+        $args->{agent} = $cuat->ewho;
+    }
+
     my $response = $U->simplereq(
         'open-ils.auth',
         'open-ils.auth.login', $args);
diff --git a/Open-ILS/src/perlmods/live_t/29-lp1817645-remoteauth-patron-api.t b/Open-ILS/src/perlmods/live_t/29-lp1817645-remoteauth-patron-api.t
index 13a4a0e8f6..6732d6c15b 100644
--- a/Open-ILS/src/perlmods/live_t/29-lp1817645-remoteauth-patron-api.t
+++ b/Open-ILS/src/perlmods/live_t/29-lp1817645-remoteauth-patron-api.t
@@ -1,6 +1,6 @@
 #!perl
 
-use Test::More tests => 9; # XXX
+use Test::More tests => 10; # XXX
 
 diag("Tests RemoteAuth patron auth/retrieval");
 
@@ -37,6 +37,7 @@ my $staff_login = $U->simplereq(
 );
 is($staff_login->{textcode}, 'SUCCESS', 'Staff login OK');
 my $e = new_editor( authtoken => $staff_login->{payload}->{authtoken} );
+$e->init;
 
 my $client = LWP::UserAgent->new;
 $client->ssl_opts( verify_hostname => 0 );
@@ -135,6 +136,8 @@ is( $basic_external, '403', 'Basic request for external user correctly returned
 # - response: "+VALID" if auth succeeds
 
 
-# TODO: verify user activity based on the above tests
-
+# verify user activity based on the above tests
+my $user = $U->fetch_user_by_barcode( $valid->{barcode} );
+my $basic_activity = $e->search_actor_usr_activity([{usr => $user->id, etype => 1001}]);
+ok(scalar(@$basic_activity) > 0, 'Basic request for valid patron is recorded in user activity');
 
diff --git a/Open-ILS/src/sql/Pg/150.remoteauth.sql b/Open-ILS/src/sql/Pg/150.remoteauth.sql
index 0e7f823cb1..0b36c4991c 100644
--- a/Open-ILS/src/sql/Pg/150.remoteauth.sql
+++ b/Open-ILS/src/sql/Pg/150.remoteauth.sql
@@ -9,7 +9,8 @@ CREATE TABLE config.remoteauth_profile (
     restrict_to_org BOOLEAN NOT NULL DEFAULT TRUE,
     allow_inactive BOOL NOT NULL DEFAULT FALSE,
     allow_expired BOOL NOT NULL DEFAULT FALSE,
-    block_list TEXT
+    block_list TEXT,
+    usr_activity_type INT REFERENCES config.usr_activity_type(id) ON UPDATE CASCADE ON DELETE RESTRICT DEFERRABLE INITIALLY DEFERRED
 );
 
 CREATE OR REPLACE FUNCTION actor.permit_remoteauth (profile_name TEXT, userid BIGINT) RETURNS TEXT AS $func$
diff --git a/Open-ILS/tests/datasets/sql/remoteauth.sql b/Open-ILS/tests/datasets/sql/remoteauth.sql
index be0c7998c5..f967efb090 100644
--- a/Open-ILS/tests/datasets/sql/remoteauth.sql
+++ b/Open-ILS/tests/datasets/sql/remoteauth.sql
@@ -1,7 +1,11 @@
+INSERT INTO config.usr_activity_type (id, ewho, ewhat, ehow, egroup, label) VALUES
+ ( 1001, 'basicauth', 'login', 'apache', 'authen',
+    oils_i18n_gettext(1001, 'RemoteAuth Login: HTTP Basic Authentication', 'cuat', 'label'));
+
 -- config for Basic HTTP Authentication (SYS1)
 INSERT INTO config.remoteauth_profile
     (name, description, context_org, enabled, perm,
-        restrict_to_org, allow_inactive, allow_expired, block_list)
+        restrict_to_org, allow_inactive, allow_expired, block_list, usr_activity_type)
     VALUES ('Basic', 'Basic HTTP Authentication for SYS1', 2, TRUE, 1,
-        TRUE, FALSE, FALSE, NULL);
+        TRUE, FALSE, FALSE, NULL, 1001);
 
-- 
2.43.2