Merge pull request #310 from strongdm/feat/add-whoami-profile-details

Add SDM account tags and Azure AD alternative emails in the whoami command
strongdm · Oct 26, 2022 · ebdf225 · ebdf225
2 parents 5bebf8c + 2e6cb39
commit ebdf225
Show file tree

Hide file tree

Showing 8 changed files with 155 additions and 26 deletions.
diff --git a/e2e/ms-teams/test_accessbot_ms_teams_whoami.py b/e2e/ms-teams/test_accessbot_ms_teams_whoami.py
@@ -1,22 +1,28 @@
 # pylint: disable=invalid-name
+from unittest.mock import MagicMock
+
 import pytest
 import sys
 
 sys.path.append('plugins/sdm')
 sys.path.append('e2e')
+sys.path.append('errbot-backend-botframework')
 
-from test_common import create_config, ErrBotExtraTestSettings, admin_default_email
+from test_common import create_config, MSTeamsErrBotExtraTestSettings, admin_default_email, DummyAccount, \
+    callback_message_fn
+from botframework import ChannelIdentifier, Identifier
 
 pytest_plugins = ["errbot.backends.test"]
 
 override_email = "[email protected]"
 email_with_subaddress = "gbin+01@localhost"
+alternative_email = "[email protected]"
 
-class Test_whoami(ErrBotExtraTestSettings):
+class Test_whoami(MSTeamsErrBotExtraTestSettings):
     @pytest.fixture
-    def mocked_testbot(self, testbot):
+    def mocked_testbot_with_sdm_account_tags(self, testbot):
         config = create_config()
-        return inject_mocks(testbot, config)
+        return inject_mocks(testbot, config, sdm_account=DummyAccount(override_email, {'tagA': 'valueA', 'tagB': 'valueB'}))
 
     @pytest.fixture
     def mocked_testbot_with_email_override(self, testbot):
@@ -41,23 +47,32 @@ def mocked_testbot_with_all_email_features(self, testbot):
         mocked_testbot.bot.plugin_manager.plugins['AccessBot'].config['SENDER_EMAIL_OVERRIDE'] = override_email
         return mocked_testbot
 
+    @pytest.fixture
+    def mocked_testbot_with_alternative_emails(self, testbot):
+        config = create_config()
+        testbot._bot.callback_message = MagicMock(side_effect=callback_message_fn(
+            testbot._bot
+        ))
+        testbot._bot.build_identifier = MagicMock(return_value=get_mocked_identifier())
+        return inject_mocks(testbot, config, use_alternative_emails=True, alternative_emails=[alternative_email])
+
     def test_whoami_command_when_and_override_email_enabled(self, mocked_testbot_with_email_override):
         mocked_testbot_with_email_override.push_message("whoami")
         message = mocked_testbot_with_email_override.pop_message()
-        assert "person" in message
+        assert "email" in message
         assert override_email in message
 
     def test_whoami_command_when_and_email_subaddress_enabled(self, mocked_testbot_with_email_subaddress):
         mocked_testbot_with_email_subaddress.push_message("whoami")
         message = mocked_testbot_with_email_subaddress.pop_message()
-        assert "person" in message
+        assert "email" in message
         assert email_with_subaddress in message
 
     def test_whoami_command_when_all_email_features_enabled(self, mocked_testbot_with_all_email_features):
         accessbot = mocked_testbot_with_all_email_features.bot.plugin_manager.plugins['AccessBot']
         mocked_testbot_with_all_email_features.push_message("whoami")
         message = mocked_testbot_with_all_email_features.pop_message()
-        assert "person" in message
+        assert "email" in message
         assert override_email in message
         accessbot.config['SENDER_EMAIL_OVERRIDE'] = None
         mocked_testbot_with_all_email_features.push_message("whoami")
@@ -68,10 +83,38 @@ def test_whoami_command_when_all_email_features_enabled(self, mocked_testbot_wit
         message = mocked_testbot_with_all_email_features.pop_message()
         assert admin_default_email in message
 
+    def test_whoami_command_when_sdm_account_has_tags(self, mocked_testbot_with_sdm_account_tags):
+        mocked_testbot_with_sdm_account_tags.push_message("whoami")
+        message = mocked_testbot_with_sdm_account_tags.pop_message()
+        assert "SDM Account tags" in message
+        assert "tagA: valueA" in message
+        assert "tagB: valueB" in message
+
+    def test_whoami_command_when_alternative_emails_is_enabled(self, mocked_testbot_with_alternative_emails):
+        mocked_testbot_with_alternative_emails.push_message("whoami")
+        message = mocked_testbot_with_alternative_emails.pop_message()
+        assert "Azure AD alternative emails" in message
+        assert alternative_email in message
+
 
 # pylint: disable=dangerous-default-value
-def inject_mocks(testbot, config):
+def inject_mocks(testbot, config, sdm_account=None, use_alternative_emails=False, alternative_emails=[]):
     accessbot = testbot.bot.plugin_manager.plugins['AccessBot']
     config['SENDER_EMAIL_OVERRIDE'] = None
     accessbot.config = config
+    accessbot.get_sdm_account = MagicMock(return_value=sdm_account)
+    accessbot._bot.azure_active_directory_is_configured = MagicMock(return_value=use_alternative_emails)
+    accessbot._bot.get_other_emails_by_aad_id = MagicMock(return_value=alternative_emails)
     return testbot
+
+def get_mocked_identifier():
+    identifier = Identifier({
+        'room': ChannelIdentifier(
+            {
+                'id': '19:ccc',
+                'displayName': 'channel',
+                'team': {'id': '19:ttt', 'displayName': 'team'}
+            }
+        )
+    })
+    return identifier
diff --git a/e2e/slack/test_accessbot_slack_whoami.py b/e2e/slack/test_accessbot_slack_whoami.py
@@ -6,7 +6,7 @@
 sys.path.append('plugins/sdm')
 sys.path.append('e2e')
 
-from test_common import create_config, ErrBotExtraTestSettings, admin_default_email
+from test_common import create_config, ErrBotExtraTestSettings, admin_default_email, DummyAccount
 
 pytest_plugins = ["errbot.backends.test"]
 
@@ -52,35 +52,58 @@ def mocked_testbot_with_all_email_features(self, testbot):
         mocked_testbot.bot.plugin_manager.plugins['AccessBot'].config['SENDER_EMAIL_OVERRIDE'] = override_email
         return mocked_testbot
 
+    @pytest.fixture
+    def mocked_testbot_with_sdm_account_tags(self, testbot):
+        config = create_config()
+        return inject_mocks(testbot, config, sdm_account=DummyAccount(override_email, {'tagA': 'valueA', 'tagB': 'valueB'}))
+
+    @pytest.fixture
+    def mocked_testbot_without_sdm_account(self, testbot):
+        config = create_config()
+        mocked_bot = inject_mocks(testbot, config, sdm_account=DummyAccount(None, {}))
+        accessbot = testbot.bot.plugin_manager.plugins['AccessBot']
+        accessbot.get_sdm_account = MagicMock(side_effect=Exception())
+        return mocked_bot
+
+    @pytest.fixture
+    def mocked_testbot_with_sdm_account(self, testbot):
+        config = create_config()
+        return inject_mocks(testbot, config, sdm_account=DummyAccount(None, {}))
+
+    @pytest.fixture
+    def mocked_testbot_with_suspended_sdm_account(self, testbot):
+        config = create_config()
+        return inject_mocks(testbot, config, sdm_account=DummyAccount(None, {}, suspended=True))
+
     def test_whoami_command_when_email_slack_field_disabled(self, mocked_testbot):
         mocked_testbot.push_message("whoami")
         message = mocked_testbot.pop_message()
-        assert "person" in message
+        assert "email" in message
         assert admin_default_email in message
 
     def test_whoami_command_when_email_slack_field_enabled(self, mocked_testbot_with_email_slack_field):
         mocked_testbot_with_email_slack_field.push_message("whoami")
         message = mocked_testbot_with_email_slack_field.pop_message()
-        assert "person" in message
+        assert "email" in message
         assert sdm_email in message
 
     def test_whoami_command_when_override_email_enabled(self, mocked_testbot_with_email_override):
         mocked_testbot_with_email_override.push_message("whoami")
         message = mocked_testbot_with_email_override.pop_message()
-        assert "person" in message
+        assert "email" in message
         assert override_email in message
 
     def test_whoami_command_when_email_subaddress_enabled(self, mocked_testbot_with_email_subaddress):
         mocked_testbot_with_email_subaddress.push_message("whoami")
         message = mocked_testbot_with_email_subaddress.pop_message()
-        assert "person" in message
+        assert "email" in message
         assert email_with_subaddress in message
 
     def test_whoami_command_when_all_email_features_enabled(self, mocked_testbot_with_all_email_features):
         accessbot = mocked_testbot_with_all_email_features.bot.plugin_manager.plugins['AccessBot']
         mocked_testbot_with_all_email_features.push_message("whoami")
         message = mocked_testbot_with_all_email_features.pop_message()
-        assert "person" in message
+        assert "email" in message
         assert override_email in message
         accessbot.config['SENDER_EMAIL_OVERRIDE'] = None
         mocked_testbot_with_all_email_features.push_message("whoami")
@@ -95,11 +118,34 @@ def test_whoami_command_when_all_email_features_enabled(self, mocked_testbot_wit
         message = mocked_testbot_with_all_email_features.pop_message()
         assert admin_default_email in message
 
+    def test_whoami_command_when_sdm_account_has_tags(self, mocked_testbot_with_sdm_account_tags):
+        mocked_testbot_with_sdm_account_tags.push_message("whoami")
+        message = mocked_testbot_with_sdm_account_tags.pop_message()
+        assert "SDM Account tags" in message
+        assert 'tagA: valueA' in message
+        assert 'tagB: valueB' in message
+
+    def test_whoami_command_when_sdm_account_was_not_found(self, mocked_testbot_without_sdm_account):
+        mocked_testbot_without_sdm_account.push_message("whoami")
+        message = mocked_testbot_without_sdm_account.pop_message()
+        assert 'SDM Account status: NOT FOUND' in message
+
+    def test_whoami_command_when_sdm_account_is_active(self, mocked_testbot_with_sdm_account):
+        mocked_testbot_with_sdm_account.push_message("whoami")
+        message = mocked_testbot_with_sdm_account.pop_message()
+        assert 'SDM Account status: ACTIVE' in message
+
+    def test_whoami_command_when_sdm_account_is_suspended(self, mocked_testbot_with_suspended_sdm_account):
+        mocked_testbot_with_suspended_sdm_account.push_message("whoami")
+        message = mocked_testbot_with_suspended_sdm_account.pop_message()
+        assert 'SDM Account status: SUSPENDED' in message
+
 
 # pylint: disable=dangerous-default-value
-def inject_mocks(testbot, config):
+def inject_mocks(testbot, config, sdm_account=None):
     accessbot = testbot.bot.plugin_manager.plugins['AccessBot']
     config['SENDER_EMAIL_OVERRIDE'] = None
     accessbot.config = config
-    accessbot.get_sdm_email_from_profile = MagicMock(return_value = sdm_email)
+    accessbot.get_sdm_email_from_profile = MagicMock(return_value=sdm_email)
+    accessbot.get_sdm_account = MagicMock(return_value=sdm_account)
     return testbot
diff --git a/e2e/test_common.py b/e2e/test_common.py
@@ -88,9 +88,10 @@ def create_config():
 
 
 class DummyAccount:
-    def __init__(self, name, tags):
+    def __init__(self, name, tags, suspended=False):
         self.name = name
         self.tags = tags
+        self.suspended = suspended
 
     def to_dict(self):
         return {

diff --git a/plugins/sdm/accessbot.py b/plugins/sdm/accessbot.py
@@ -485,5 +485,8 @@ def __get_account_alternative_emails(self, frm):
     def user_is_member_of_channel(self, user, channel):
         return self.__platform.user_is_member_of_channel(user, channel)
 
+    def get_platform_whoami_user_info(self, identifier):
+        return self.__platform.get_whoami_user_info(identifier)
+
     def get_platform(self):
         return self.__platform
diff --git a/plugins/sdm/lib/helper/whoami_helper.py b/plugins/sdm/lib/helper/whoami_helper.py
@@ -9,13 +9,34 @@ def execute(self, message):
             resp += "\n\n"
         resp += f"| key       | value\n"
         resp += f"| --------  | --------\n"
-        resp += f"| person    | `{frm.person}`\n"
-        resp += f"| nick      | `{frm.nick}`\n"
-        resp += f"| fullname  | `{frm.fullname}`\n"
-        resp += f"| client    | `{frm.client}`\n"
-        resp += f"| email     | `{self.__bot.get_sender_email(frm)}`\n"
-        if hasattr(frm, "room"):
-            resp += f"\n`room` is {frm.room}\n"
-        resp += f"\n\n- string representation is '{frm}'\n"
-        resp += f"- class is '{frm.__class__.__name__}'\n"
+        resp += f"| fullname  | {frm.fullname}\n"
+        resp += f"| nick      | {frm.nick}\n"
+        resp += f"| email     | {self.__bot.get_sender_email(frm)}\n\n"
+        resp += self.__get_sdm_account_info(message)
+        resp += self.__get_platform_info(message)
+        resp += f"- User string representation is '{frm}'\n"
+        if hasattr(frm, "room") and frm.room is not None:
+            resp += f"`- room` is {frm.room}\n"
+        resp += f"- User class is '{frm.__class__.__name__}'\n"
         return resp
+
+    def __get_sdm_account_info(self, message):
+        try:
+            sdm_account = self.__bot.get_sdm_account(message)
+            if sdm_account is None:
+                raise Exception('SDM Account not found')
+        except:
+            return '* SDM Account status: NOT FOUND\n'
+        info = ''
+        if sdm_account is not None and len(sdm_account.tags.keys()) > 0:
+            info += "* SDM Account tags: "
+            for index, (tag, value) in enumerate(sdm_account.tags.items()):
+                if index > 0:
+                    info += ", "
+                info += f"`{tag}: {value}`"
+            info += "\n"
+        info += f"* SDM Account status: {'SUSPENDED' if sdm_account.suspended else 'ACTIVE'}\n"
+        return info
+
+    def __get_platform_info(self, message):
+        return self.__bot.get_platform_whoami_user_info(message.frm)
diff --git a/plugins/sdm/lib/platform/base_platform.py b/plugins/sdm/lib/platform/base_platform.py
@@ -87,3 +87,7 @@ def format_user_handle(self, identifier):
     @abstractmethod
     def user_is_member_of_channel(self, user, channel):
         pass
+
+    @abstractmethod
+    def get_whoami_user_info(self, identifier):
+        pass
diff --git a/plugins/sdm/lib/platform/ms_teams_platform.py b/plugins/sdm/lib/platform/ms_teams_platform.py
@@ -105,3 +105,11 @@ def format_user_handle(self, identifier):
     def user_is_member_of_channel(self, user, channel):
         channel_members = self._bot._bot.conversation_members(channel)
         return user.userid in map(lambda identifier: identifier.userid, channel_members)
+
+    def get_whoami_user_info(self, identifier):
+        if not self.use_alternative_emails():
+            return ''
+        info = '- Azure AD alternative emails: '
+        info += ', '.join(self._bot._bot.get_other_emails_by_aad_id(identifier.useraadid))
+        info += '\n'
+        return info
diff --git a/plugins/sdm/lib/platform/slack_platform.py b/plugins/sdm/lib/platform/slack_platform.py
@@ -85,3 +85,6 @@ def format_user_handle(self, identifier):
     def user_is_member_of_channel(self, user, channel):
         channel_members = self._bot._bot.conversation_members(channel)
         return user.userid in channel_members
+
+    def get_whoami_user_info(self, _):
+        return ''