From 651f4e819e69850c56e90423c6005ea3bc74e741 Mon Sep 17 00:00:00 2001
From: Rolf Schmidt <rolf.schmidt@zammad.com>
Date: Fri, 2 Jul 2021 06:22:43 +0000
Subject: [PATCH] Fixes #3614 - Log if a active user (in UI) has been logged
 out due to SessionTimeout.

---
 app/jobs/session_timeout_job/session.rb | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/app/jobs/session_timeout_job/session.rb b/app/jobs/session_timeout_job/session.rb
index 79f53048d..ffc8ffccb 100644
--- a/app/jobs/session_timeout_job/session.rb
+++ b/app/jobs/session_timeout_job/session.rb
@@ -3,8 +3,6 @@
 class SessionTimeoutJob::Session
   attr_accessor :session, :user
 
-  delegate :destroy, to: :session
-
   def initialize(session)
     @session = session
     @user    = User.find_by(id: session.data['user_id'])
@@ -15,7 +13,6 @@ class SessionTimeoutJob::Session
   end
 
   def active?
-    return true if !user?
     return true if timeout < 1
     return true if session.data['ping'] > timeout.seconds.ago
   end
@@ -27,7 +24,13 @@ class SessionTimeoutJob::Session
   end
 
   def timeout
-    @timeout ||= begin
+    return -1 if !user?
+
+    timeout_user
+  end
+
+  def timeout_user
+    @timeout_user ||= begin
       permissions = Permission.where(id: user.permissions_with_child_ids).pluck(:name)
 
       result = -1
@@ -50,4 +53,9 @@ class SessionTimeoutJob::Session
   def config
     Setting.get('session_timeout')
   end
+
+  def destroy
+    session.destroy
+    Rails.logger.info "SessionTimeoutJob removed session '#{session.id}' for user id '#{user&.id}' (last ping: '#{session.data['ping']}', timeout: '#{timeout.seconds}')"
+  end
 end