From 5db6a3ba830bc4ef9547ee2f602a2e13b66b2838 Mon Sep 17 00:00:00 2001
From: Alexandre Rulleau <alexandre.rulleau@datadoghq.com>
Date: Mon, 6 Jan 2025 17:17:50 +0100
Subject: [PATCH] chore(appsec): fix CI tests

Signed-off-by: Alexandre Rulleau <alexandre.rulleau@datadoghq.com>
---
 appsec/src/extension/tags.c                   | 32 ++++++++-----------
 ..._user_signup_event_sdk_takes_priority.phpt |  1 +
 .../appsec/php/integration/CommonTests.groovy |  6 ----
 3 files changed, 15 insertions(+), 24 deletions(-)

diff --git a/appsec/src/extension/tags.c b/appsec/src/extension/tags.c
index 0c2c1bb211..07d73ac039 100644
--- a/appsec/src/extension/tags.c
+++ b/appsec/src/extension/tags.c
@@ -1015,18 +1015,16 @@ static PHP_FUNCTION(datadog_appsec_track_user_signup_event_automated)
             zend_string_release(anon_user_id);
             return;
         }
-
-        user_login = anon_user_login;
-        user_id = anon_user_id;
     }
 
     if (ZSTR_LEN(user_id) > 0) {
         // usr.id = <user_id>
-        _add_new_zstr_to_meta(meta_ht, _dd_tag_user_id, user_id, true, false);
+        _add_new_zstr_to_meta(meta_ht, _dd_tag_user_id,
+            anon_user_id ? anon_user_id : user_id, true, false);
 
         // _dd.appsec.usr.id = <user_id>
-        _add_new_zstr_to_meta(
-            meta_ht, _dd_appsec_user_id, user_id, false, true);
+        _add_new_zstr_to_meta(meta_ht, _dd_appsec_user_id,
+            anon_user_id ? anon_user_id : user_id, true, true);
     }
 
     // _dd.appsec.events.users.signup.auto.mode =
@@ -1158,20 +1156,18 @@ static PHP_FUNCTION(datadog_appsec_track_user_login_success_event_automated)
             zend_string_release(anon_user_id);
             return;
         }
-
-        user_login = anon_user_login;
-        user_id = anon_user_id;
     }
 
     if (ZSTR_LEN(user_id) > 0) {
         dd_find_and_apply_verdict_for_user(user_id);
 
         // usr.id = <user_id>
-        _add_new_zstr_to_meta(meta_ht, _dd_tag_user_id, user_id, true, false);
+        _add_new_zstr_to_meta(meta_ht, _dd_tag_user_id,
+            anon_user_id ? anon_user_id : user_id, true, false);
 
         // _dd.appsec.usr.id = <user_id>
-        _add_new_zstr_to_meta(
-            meta_ht, _dd_appsec_user_id, user_id, false, true);
+        _add_new_zstr_to_meta(meta_ht, _dd_appsec_user_id,
+            anon_user_id ? anon_user_id : user_id, true, true);
     }
 
     // _dd.appsec.events.users.login.success.auto.mode =
@@ -1230,6 +1226,8 @@ static PHP_FUNCTION(datadog_appsec_track_user_login_success_event)
     _user_event_triggered = true;
     zend_array *meta_ht = Z_ARRVAL_P(meta);
 
+    dd_find_and_apply_verdict_for_user(user_id);
+
     // usr.id = <user_id>
     _add_new_zstr_to_meta(
         meta_ht, _dd_tag_user_id, user_id, copy_user_id, true);
@@ -1306,19 +1304,17 @@ static PHP_FUNCTION(datadog_appsec_track_user_login_failure_event_automated)
         if (metadata && zend_array_count(metadata) > 0) {
             metadata = NULL;
         }
-
-        user_login = anon_user_login;
-        user_id = anon_user_id;
     }
 
     if (ZSTR_LEN(user_id) > 0) {
         // appsec.events.users.login.failure.usr.id = <user_id>
         _add_custom_event_keyval(meta_ht, _dd_login_failure_event,
-            _dd_tag_user_id, user_id, true, false);
+            _dd_tag_user_id, anon_user_id ? anon_user_id : user_id, true,
+            false);
 
         // _dd.appsec.usr.id = <user_id>
-        _add_new_zstr_to_meta(
-            meta_ht, _dd_appsec_user_id, user_id, false, true);
+        _add_new_zstr_to_meta(meta_ht, _dd_appsec_user_id,
+            anon_user_id ? anon_user_id : user_id, false, true);
     }
 
     // _dd.appsec.events.users.login.failure.auto.mode =
diff --git a/appsec/tests/extension/track_user_signup_event_sdk_takes_priority.phpt b/appsec/tests/extension/track_user_signup_event_sdk_takes_priority.phpt
index ccc0152788..183c62a986 100644
--- a/appsec/tests/extension/track_user_signup_event_sdk_takes_priority.phpt
+++ b/appsec/tests/extension/track_user_signup_event_sdk_takes_priority.phpt
@@ -9,6 +9,7 @@ DD_APPSEC_ENABLED=1
 use function datadog\appsec\testing\root_span_get_meta;
 use function datadog\appsec\track_user_signup_event;
 use function datadog\appsec\track_user_signup_event_automated;
+
 include __DIR__ . '/inc/ddtrace_version.php';
 
 ddtrace_version_at_least('0.79.0');
diff --git a/appsec/tests/integration/src/test/groovy/com/datadog/appsec/php/integration/CommonTests.groovy b/appsec/tests/integration/src/test/groovy/com/datadog/appsec/php/integration/CommonTests.groovy
index 3e7a22454a..de82845944 100644
--- a/appsec/tests/integration/src/test/groovy/com/datadog/appsec/php/integration/CommonTests.groovy
+++ b/appsec/tests/integration/src/test/groovy/com/datadog/appsec/php/integration/CommonTests.groovy
@@ -69,9 +69,6 @@ trait CommonTests {
         assert span.meta."_dd.appsec.usr.id" == 'Admin'
         assert span.meta."_dd.appsec.usr.login" == 'Login'
         assert span.meta."appsec.events.users.login.success.track" == 'true'
-        assert span.meta."appsec.events.users.login.success.email" == 'jean.example@example.com'
-        assert span.meta."appsec.events.users.login.success.session_id" == '987654321'
-        assert span.meta."appsec.events.users.login.success.role" == 'admin'
     }
 
     @Test
@@ -104,9 +101,6 @@ trait CommonTests {
         assert span.meta."appsec.events.users.login.failure.usr.login" == 'Login'
         assert span.meta."appsec.events.users.login.failure.usr.exists" == 'false'
         assert span.meta."appsec.events.users.login.failure.track" == 'true'
-        assert span.meta."appsec.events.users.login.failure.email" == 'jean.example@example.com'
-        assert span.meta."appsec.events.users.login.failure.session_id" == '987654321'
-        assert span.meta."appsec.events.users.login.failure.role" == 'admin'
     }
 
     @Test