diff --git a/src/eventlog.js b/src/eventlog.js index 0a9a397e5..20581a2b4 100644 --- a/src/eventlog.js +++ b/src/eventlog.js @@ -27,7 +27,8 @@ exports = module.exports = { ACTION_USER_ADD: 'user.add', ACTION_USER_LOGIN: 'user.login', ACTION_USER_REMOVE: 'user.remove', - ACTION_USER_UPDATE: 'user.update' + ACTION_USER_UPDATE: 'user.update', + ACTION_USER_TRANSFER: 'user.transfer', }; var assert = require('assert'), diff --git a/src/routes/users.js b/src/routes/users.js index 793a1afd8..b9896cbdd 100644 --- a/src/routes/users.js +++ b/src/routes/users.js @@ -166,7 +166,7 @@ function transferOwnership(req, res, next) { if (typeof req.body.ownerId !== 'string') return next(new HttpError(400, 'ownerId must be a string')); - users.transferOwnership(req.params.userId, req.body.ownerId, function (error) { + users.transferOwnership(req.params.userId, req.body.ownerId, auditSource(req), function (error) { if (error && error.reason === UsersError.NOT_FOUND) return next(new HttpError(404, 'No such user')); if (error) return next(new HttpError(500, error)); diff --git a/src/users.js b/src/users.js index 3946ae480..fdc9ebed7 100644 --- a/src/users.js +++ b/src/users.js @@ -645,15 +645,18 @@ function disableTwoFactorAuthentication(userId, callback) { }); } -function transferOwnership(oldOwnerId, newOwnerId, callback) { +function transferOwnership(oldOwnerId, newOwnerId, auditSource, callback) { assert.strictEqual(typeof oldOwnerId, 'string'); assert.strictEqual(typeof newOwnerId, 'string'); + assert.strictEqual(typeof auditSource, 'object'); assert.strictEqual(typeof callback, 'function'); apps.transferOwnership(oldOwnerId, newOwnerId, function (error) { if (error && error.reason === AppsError.NOT_FOUND) return callback(new UsersError(UsersError.NOT_FOUND, error.message)); if (error) return callback(new UsersError(UsersError.INTERNAL_ERROR, error)); + eventlog.add(eventlog.ACTION_USER_TRANSFER, auditSource, { oldOwnerId: oldOwnerId, newOwnerId: newOwnerId }); + callback(null); }); }