From c46efc3c120aeb01d400af23ab8107d8ff78f9b6 Mon Sep 17 00:00:00 2001
From: Sofia Papacharalampous <spapacharalampous@cite.gr>
Date: Tue, 11 Jun 2024 16:12:49 +0300
Subject: [PATCH] added auditing on allow-merge-account

---
 .../src/main/java/org/opencdmp/audit/AuditableAction.java   | 1 +
 .../main/java/org/opencdmp/controllers/UserController.java  | 6 +++++-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/backend/core/src/main/java/org/opencdmp/audit/AuditableAction.java b/backend/core/src/main/java/org/opencdmp/audit/AuditableAction.java
index c0c84243f..76a4465d9 100644
--- a/backend/core/src/main/java/org/opencdmp/audit/AuditableAction.java
+++ b/backend/core/src/main/java/org/opencdmp/audit/AuditableAction.java
@@ -103,6 +103,7 @@ public class AuditableAction {
     public static final EventId User_RemoveCredentialRequest = new EventId(11012, "User_RemoveCredentialRequest");
     public static final EventId User_RemoveCredentialConfirm = new EventId(11013, "User_RemoveCredentialConfirm");
     public static final EventId User_DmpAssociatedQuery = new EventId(11014, "User_DmpAssociatedQuery");
+    public static final EventId User_AllowMergeAccount = new EventId(11015, "User_AllowMergeAccount");
 
     public static final EventId Tenant_Query = new EventId(12000, "Tenant_Query");
     public static final EventId Tenant_Lookup = new EventId(12001, "Tenant_Lookup");
diff --git a/backend/web/src/main/java/org/opencdmp/controllers/UserController.java b/backend/web/src/main/java/org/opencdmp/controllers/UserController.java
index 92664ca2b..e246f1de2 100644
--- a/backend/web/src/main/java/org/opencdmp/controllers/UserController.java
+++ b/backend/web/src/main/java/org/opencdmp/controllers/UserController.java
@@ -299,7 +299,11 @@ public class UserController {
 
     @GetMapping("mine/allow-merge-account/token/{token}")
     public Boolean getUserTokenPermission(@PathVariable("token") String token) throws InvalidApplicationException, IOException {
-        logger.debug(new MapLogEntry("confirm merge account to user").And("token", token));
+        logger.debug(new MapLogEntry("allow merge account to user").And("token", token));
+
+        this.auditService.track(AuditableAction.User_AllowMergeAccount, Map.ofEntries(
+                new AbstractMap.SimpleEntry<String, Object>("token", token)
+        ));
 
         return this.userTypeService.doesTokenBelongToLoggedInUser(token);
     }