fix(gui): heuristics page fixes
Description
How to test
- Upload the modifications to the
id-testfollowing the tutorial: https://perunaai.atlassian.net/wiki/spaces/DEVS/pages/162070538/How+to+test+modifications+to+proxy - access the heuristics page on: https://id.muni.cz/proxygui/heuristics
- find a user with the desired log records mentioned in the
Other information section, e.g. user mentioned in the issue description
Author's checklist
-
I have followed the contribution guidelines -
This MR has been tested or does not change functionality -
I have added relevant merge request dependencies (if this MR has any) -
I have added the correct labels -
I have assigned reviewers (if any are relevant) -
I have edited the documentation (if the changes require it) or I have noted the need for the change if I do not have access to the documentation -
I have marked all introduced BREAKING CHANGES or necessary DEPLOYMENT NOTES in the commit message(s)
Reviewer's checklist
-
This MR has been tested or does not change functionality -
This MR has correct commit message format
Other information
This commit addresses multiple issues listed in: https://perunaai.atlassian.net/browse/STR-1269
- only the ID of the inspected person was showing on the heuristics page, the name was not being accessed properly due to the
perun_user_name_attributenot being obtained and parsed properly - tables for auth logging data did not have unique constraints set in the SQLAlchemy script, allowing duplicates in the auth log records
- MFA was being evaluated only for the upstream ACRs, local MFA checking was added, changes in
simplesamlphp-module-perunwere made to store this information and inproxyidp-guito load and display this information - private addresses were always displayed as unknown, new config option was added to specify NAT segments that are aliased e.g. "VPN students" , now the aliases can be shown for IP addresses belonging to the configured segments
- Web browsers/devices of the user agents were not being parsed properly due to reading the incorrect auth log table. Reading from the
user_agent_raw_valuesinstead of theuser_agent_valuesfeeds the user agent parser the correct input information and the values are parsed as expected - Last cities connected/Last IP addresses connected contained duplicates. Querying was modified to filter out distinct values for the last IP addresses/places
Related issues
re STR-1269
Edited by Jiří Prokop