highperfocused/danswer
1
0
Fork 0
mirror of https://github.com/danswer-ai/danswer.git synced 2025-08-28 22:54:22 +02:00
Code Issues Packages Projects Releases Wiki Activity

improve impersonation logging slightly (#4758)

Browse Source 
Co-authored-by: Richard Kuo (Onyx) <rkuo@onyx.app>
This commit is contained in:
rkuo-danswer
2025-05-22 11:17:27 -07:00
committed by GitHub
parent 3b64793d4b
commit 6c349687da
2 changed files with 14 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
backend/ee/onyx/server/tenants/admin_api.py
View File

@@ -2,6 +2,7 @@ from fastapi import APIRouter
from fastapi import Depends from fastapi import Depends
from fastapi import HTTPException from fastapi import HTTPException
from fastapi import Response from fastapi import Response
from fastapi_users import exceptions
from ee.onyx.auth.users import current_cloud_superuser from ee.onyx.auth.users import current_cloud_superuser
from ee.onyx.server.tenants.models import ImpersonateRequest from ee.onyx.server.tenants.models import ImpersonateRequest
@@ -24,14 +25,24 @@ async def impersonate_user(
_: User = Depends(current_cloud_superuser), _: User = Depends(current_cloud_superuser),
) -> Response: ) -> Response:
"""Allows a cloud superuser to impersonate another user by generating an impersonation JWT token""" """Allows a cloud superuser to impersonate another user by generating an impersonation JWT token"""
tenant_id = get_tenant_id_for_email(impersonate_request.email) try:
tenant_id = get_tenant_id_for_email(impersonate_request.email)
except exceptions.UserNotExists:
detail = f"User has no tenant mapping: {impersonate_request.email=}"
logger.warning(detail)
raise HTTPException(status_code=422, detail=detail)
with get_session_with_tenant(tenant_id=tenant_id) as tenant_session: with get_session_with_tenant(tenant_id=tenant_id) as tenant_session:
user_to_impersonate = get_user_by_email( user_to_impersonate = get_user_by_email(
impersonate_request.email, tenant_session impersonate_request.email, tenant_session
) )
if user_to_impersonate is None: if user_to_impersonate is None:
raise HTTPException(status_code=404, detail="User not found") detail = (
f"User not found in tenant: {impersonate_request.email=} {tenant_id=}"
)
logger.warning(detail)
raise HTTPException(status_code=422, detail=detail)
token = await get_redis_strategy().write_token(user_to_impersonate) token = await get_redis_strategy().write_token(user_to_impersonate)
response = await auth_backend.transport.get_login_response(token) response = await auth_backend.transport.get_login_response(token)

2
backend/ee/onyx/server/tenants/user_mapping.py
View File

@@ -47,10 +47,10 @@ def get_tenant_id_for_email(email: str) -> str:
mapping.active = True mapping.active = True
db_session.commit() db_session.commit()
tenant_id = mapping.tenant_id tenant_id = mapping.tenant_id
except Exception as e: except Exception as e:
logger.exception(f"Error getting tenant id for email {email}: {e}") logger.exception(f"Error getting tenant id for email {email}: {e}")
raise exceptions.UserNotExists() raise exceptions.UserNotExists()
if tenant_id is None: if tenant_id is None:
raise exceptions.UserNotExists() raise exceptions.UserNotExists()
return tenant_id return tenant_id