Blazam-App / BLAZAM

A modern Active Directory management web application with a focus on delegation
https://blazam.org
Other
27 stars 3 forks source link

WebHook Notifications #585

Open ErmakovDmitriy opened 1 week ago

ErmakovDmitriy commented 1 week ago

Is your feature request related to a problem? Please describe. Currently, when I checked v1, it is possible to configure "internal notifications" and "email notifications".

Sometimes, it is necessary to do extra actions based on an event, my situation is: when a User is created, a script should run to create the user's home directory in a shared storage, populate it with default files (i.e. .bashrc etc) and chown the new directory to the new User.

I assume that it is possible to do even now by a way: Email Notification => Postfix SMTP Relay => Script handler (Postfix allows running scripts on some events as I remember).

but it might be a convenient feature to run a Service which is listening on some port and does actions based on events.

Describe the solution you'd like I think that a possible solution could be:

For each event (Create, Update, Delete of an Active Directory User or Group) send in the HTTP request body a JSON (probably) like:

{
  "event": "create", // change, delete.
  "object_type": "User", // or Group
  "timestamp": " RFC 3339 time string",
  "object_name": "username or group name",
  "actor": "username of a person who performed the action"
}

In addition to that, for a User it might be a good idea to include extra fields:

{
  "first_name": "First Name",
  "middle_name": "Middle Name",
  "last_name": "Last Name",
  // Extra fields like "City", "Department" which are defined for the user.
  "groups": ["group1", "group2"] // List of groups the User belongs to.
}

Additional context The description above is probably "too much". For my case, it is enough to have a WebHook which will send just:

{
  "object_type": "User", // or "Group"
  "object_name": "username or group name"
}

as other fields are easy to get from the LDAP server in which this Object is modified.

The idea about adding the extra fields like actor, timestamp etc is not important for me but I think it might be useful for people who want to have some audit backend.

jacobsen9026 commented 1 week ago

As always, an excellent feature suggestion.

I was waiting until v1.0 before working on any external integrations (API/Webhooks), obviously that time has come.

I don't use webhooks personally or professionally, so having a well written use case of what you need and how you want it to behave is incredibly helpful.

This can be implemented into Blazam relatively easily.

I need to update the documentation with the other features first before I forget but this feature would arguably warrant v1.1

Thank you.

jacobsen9026 commented 6 days ago

FYI, this is second on the plate after a prior user's feature suggestion for "Request for assign access" on groups. As you probably can tell, most of my available time to work on these additions is over the weekends. I can't currently provide an eta but I would hope it's three weeks or less.

ErmakovDmitriy commented 6 days ago

Thank you for your help!