From eb54a11a579a1bb97c773598e54c627111803a2c Mon Sep 17 00:00:00 2001
From: root <stremovsky@gmail.com>
Date: Wed, 20 Jan 2021 19:49:51 +0000
Subject: [PATCH] send admin email on user request

---
 src/agreements_api.go |  2 +-
 src/conf.go           |  4 ++++
 src/email.go          | 20 ++++++++++++++++++++
 src/requests_db.go    |  8 +++++++-
 src/userapps_api.go   |  2 +-
 src/users_api.go      |  4 ++--
 6 files changed, 35 insertions(+), 5 deletions(-)

diff --git a/src/agreements_api.go b/src/agreements_api.go
index 3c5664a..40499ba 100644
--- a/src/agreements_api.go
+++ b/src/agreements_api.go
@@ -223,7 +223,7 @@ func (e mainEnv) agreementWithdraw(w http.ResponseWriter, r *http.Request, ps ht
 	}
 
 	if authResult == "login" && selfService == false {
-		rtoken, rstatus, err := e.db.saveUserRequest("agreement-withdraw", userTOKEN, "", brief, nil)
+		rtoken, rstatus, err := e.db.saveUserRequest("agreement-withdraw", userTOKEN, "", brief, nil, e.conf)
 		if err != nil {
 			returnError(w, r, "internal error", 405, err, event)
 			return
diff --git a/src/conf.go b/src/conf.go
index bbea06d..583ca93 100644
--- a/src/conf.go
+++ b/src/conf.go
@@ -58,6 +58,10 @@ func (e mainEnv) globalUserDelete(userTOKEN string) {
         // not implemented
 }
 
+func (dbobj dbcon) GetTenantAdmin(cfg Config) string {
+       return cfg.Generic.AdminEmail
+}
+
 func (e mainEnv) pluginUserDelete(pluginid string, userTOKEN string) {
 	// not implemented
 }
diff --git a/src/email.go b/src/email.go
index acee28b..684aade 100644
--- a/src/email.go
+++ b/src/email.go
@@ -24,3 +24,23 @@ func sendCodeByEmail(code int32, address string, cfg Config) {
   fmt.Println("Mail sent successfully!")
 }
 
+func adminEmailAlert(action string, adminEmail string, cfg Config) {
+  if len(adminEmail) == 0 {
+    return
+  }
+  Dest := []string{adminEmail}
+  Subject := "Data Subject request received"
+  bodyMessage := "Request: " + action
+    msg := "From: " + cfg.SMTP.Sender + "\n" +
+    "To: " + strings.Join(Dest, ",") + "\n" +
+    "Subject: " + Subject + "\n" + bodyMessage
+  auth := smtp.PlainAuth("", cfg.SMTP.User, cfg.SMTP.Pass, cfg.SMTP.Server)
+  err := smtp.SendMail(cfg.SMTP.Server+":"+cfg.SMTP.Port,
+    auth, cfg.SMTP.User, Dest, []byte(msg))
+  if err != nil {
+    fmt.Printf("smtp error: %s", err)
+    return
+  }
+  fmt.Println("Mail sent successfully!")
+}
+
diff --git a/src/requests_db.go b/src/requests_db.go
index 0906292..3d21302 100644
--- a/src/requests_db.go
+++ b/src/requests_db.go
@@ -24,7 +24,7 @@ type requestEvent struct {
 	Reason       string `json:"reason"`
 }
 
-func (dbobj dbcon) saveUserRequest(action string, token string, app string, brief string, change []byte) (string, string, error) {
+func (dbobj dbcon) saveUserRequest(action string, token string, app string, brief string, change []byte, cfg Config) (string, string, error) {
 	now := int32(time.Now().Unix())
 	bdoc := bson.M{}
 	bdoc["token"] = token
@@ -53,6 +53,12 @@ func (dbobj dbcon) saveUserRequest(action string, token string, app string, brie
 		bdoc["change"] = encodedStr
 	}
 	_, err = dbobj.store.CreateRecord(storage.TblName.Requests, &bdoc)
+	if err != nil {
+		adminEmail := dbobj.GetTenantAdmin(cfg)
+		if len(adminEmail) > 0 {
+			go adminEmailAlert(action, adminEmail, cfg)
+		}
+	}
 	return rtoken, "request-created", err
 }
 
diff --git a/src/userapps_api.go b/src/userapps_api.go
index d600124..4f6dd85 100644
--- a/src/userapps_api.go
+++ b/src/userapps_api.go
@@ -117,7 +117,7 @@ func (e mainEnv) userappChange(w http.ResponseWriter, r *http.Request, ps httpro
 			}
 		}
 	}
-	rtoken, rstatus, err := e.db.saveUserRequest("change-app-data", userTOKEN, appName, "", jsonData)
+	rtoken, rstatus, err := e.db.saveUserRequest("change-app-data", userTOKEN, appName, "", jsonData, e.conf)
 	if err != nil {
 		returnError(w, r, "internal error", 405, err, event)
 		return
diff --git a/src/users_api.go b/src/users_api.go
index 158b7c0..adfeefc 100644
--- a/src/users_api.go
+++ b/src/users_api.go
@@ -202,7 +202,7 @@ func (e mainEnv) userChange(w http.ResponseWriter, r *http.Request, ps httproute
 	if authResult == "login" {
 		event.Title = "user change-profile request"
 		if e.conf.SelfService.UserRecordChange == false || adminRecordChanged == true {
-			rtoken, rstatus, err := e.db.saveUserRequest("change-profile", userTOKEN, "", "", parsedData.jsonData)
+			rtoken, rstatus, err := e.db.saveUserRequest("change-profile", userTOKEN, "", "", parsedData.jsonData, e.conf)
 			if err != nil {
 				returnError(w, r, "internal error", 405, err, event)
 				return
@@ -266,7 +266,7 @@ func (e mainEnv) userDelete(w http.ResponseWriter, r *http.Request, ps httproute
 	if authResult == "login" {
 		event.Title = "user forget-me request"
 		if e.conf.SelfService.ForgetMe == false {
-			rtoken, rstatus, err := e.db.saveUserRequest("forget-me", userTOKEN, "", "", nil)
+			rtoken, rstatus, err := e.db.saveUserRequest("forget-me", userTOKEN, "", "", nil, e.conf)
 			if err != nil {
 				returnError(w, r, "internal error", 405, err, event)
 				return