diff --git a/ee/app/controllers/ee/projects_controller.rb b/ee/app/controllers/ee/projects_controller.rb index 3a2625045be7201dfe10af7ee11cd8b7404aef7c..333df44094e09cfa05f09281df1763fde7144d64 100644 --- a/ee/app/controllers/ee/projects_controller.rb +++ b/ee/app/controllers/ee/projects_controller.rb @@ -184,25 +184,29 @@ def compliance_framework_params [compliance_framework_setting_attributes: [:framework]] end - def log_audit_event(message:) - ::AuditEvents::CustomAuditEventService.new( - current_user, - project, - request.remote_ip, - message - ).for_project.security_event + def log_audit_event(message:, event_type:) + audit_context = { + name: event_type, + author: current_user, + target: project, + scope: project, + message: message, + ip_address: request.remote_ip + } + + ::Gitlab::Audit::Auditor.audit(audit_context) end def log_download_export_audit_event - log_audit_event(message: 'Export file download started') + log_audit_event(message: 'Export file download started', event_type: 'project_export_file_download_started') end def log_archive_audit_event - log_audit_event(message: 'Project archived') + log_audit_event(message: 'Project archived', event_type: 'project_archived') end def log_unarchive_audit_event - log_audit_event(message: 'Project unarchived') + log_audit_event(message: 'Project unarchived', event_type: 'project_unarchived') end end end diff --git a/ee/app/services/ee/projects/import_service.rb b/ee/app/services/ee/projects/import_service.rb index 68c313ef12007437f28a44e20d7ffab9742bd350..2fcbf70e4c94162f40382e4d90049b2c1a23e1f7 100644 --- a/ee/app/services/ee/projects/import_service.rb +++ b/ee/app/services/ee/projects/import_service.rb @@ -15,12 +15,16 @@ def after_execute_hook private def log_audit_event - ::AuditEventService.new( - current_user, - project.group, - action: :custom, - custom_message: 'Project imported' - ).for_repository_import(project.full_path).security_event + audit_context = { + name: 'project_imported', + author: current_user, + scope: project.group, + target: project, + message: 'Project imported', + target_details: project.full_path + } + + ::Gitlab::Audit::Auditor.audit(audit_context) end end end diff --git a/ee/app/services/projects/restore_service.rb b/ee/app/services/projects/restore_service.rb index ea4710beb938e331f349e585d12cac4eb0dd6ea6..040f852e30656025c5fd20bdb4b1c872fb1e7097 100644 --- a/ee/app/services/projects/restore_service.rb +++ b/ee/app/services/projects/restore_service.rb @@ -30,12 +30,15 @@ def log_event end def log_audit_event - ::AuditEventService.new( - current_user, - project, - action: :custom, - custom_message: "Project restored" - ).for_project.security_event + audit_context = { + name: 'project_restored', + author: current_user, + scope: project, + target: project, + message: 'Project restored' + } + + ::Gitlab::Audit::Auditor.audit(audit_context) end private diff --git a/ee/config/audit_events/types/project_archived.yml b/ee/config/audit_events/types/project_archived.yml new file mode 100644 index 0000000000000000000000000000000000000000..8a33fd2ee83dcb83fb757c6ed32bffdd74f7925d --- /dev/null +++ b/ee/config/audit_events/types/project_archived.yml @@ -0,0 +1,9 @@ +--- +name: project_archived +description: Event triggered when a project is archived. +introduced_by_issue: https://gitlab.com/gitlab-org/gitlab/-/issues/374105 +introduced_by_mr: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/117528 +feature_category: compliance_management +milestone: '15.11' +saved_to_database: true +streamed: true diff --git a/ee/config/audit_events/types/project_export_file_download_started.yml b/ee/config/audit_events/types/project_export_file_download_started.yml new file mode 100644 index 0000000000000000000000000000000000000000..1b5532e8c936e4a87770e8ad07bc46f0db3f979a --- /dev/null +++ b/ee/config/audit_events/types/project_export_file_download_started.yml @@ -0,0 +1,9 @@ +--- +name: project_export_file_download_started +description: Event triggered when download of project export file gets started. +introduced_by_issue: https://gitlab.com/gitlab-org/gitlab/-/issues/374105 +introduced_by_mr: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/117528 +feature_category: compliance_management +milestone: '15.11' +saved_to_database: true +streamed: true diff --git a/ee/config/audit_events/types/project_imported.yml b/ee/config/audit_events/types/project_imported.yml new file mode 100644 index 0000000000000000000000000000000000000000..a75004c943dc7486b71a680925c66b1bf3778514 --- /dev/null +++ b/ee/config/audit_events/types/project_imported.yml @@ -0,0 +1,9 @@ +--- +name: project_imported +description: Event triggered when a project is imported. +introduced_by_issue: https://gitlab.com/gitlab-org/gitlab/-/issues/374105 +introduced_by_mr: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/117528 +feature_category: compliance_management +milestone: '15.11' +saved_to_database: true +streamed: true diff --git a/ee/config/audit_events/types/project_restored.yml b/ee/config/audit_events/types/project_restored.yml new file mode 100644 index 0000000000000000000000000000000000000000..4ae1041d0e29f0fba6b1981540152d2137529001 --- /dev/null +++ b/ee/config/audit_events/types/project_restored.yml @@ -0,0 +1,9 @@ +--- +name: project_restored +description: Event triggered when a project is restored. +introduced_by_issue: https://gitlab.com/gitlab-org/gitlab/-/issues/374105 +introduced_by_mr: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/117528 +feature_category: compliance_management +milestone: '15.11' +saved_to_database: true +streamed: true diff --git a/ee/config/audit_events/types/project_unarchived.yml b/ee/config/audit_events/types/project_unarchived.yml new file mode 100644 index 0000000000000000000000000000000000000000..9217d45fc14c2a226c94a51b05605aae50dd9fa3 --- /dev/null +++ b/ee/config/audit_events/types/project_unarchived.yml @@ -0,0 +1,9 @@ +--- +name: project_unarchived +description: Event triggered when a project is unarchived. +introduced_by_issue: https://gitlab.com/gitlab-org/gitlab/-/issues/374105 +introduced_by_mr: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/117528 +feature_category: compliance_management +milestone: '15.11' +saved_to_database: true +streamed: true diff --git a/ee/spec/controllers/projects_controller_spec.rb b/ee/spec/controllers/projects_controller_spec.rb index 3c0612a8a80e7b67f604f487918ee2a69c6b3feb..b680707d323ac2ed2d585ec586602e2ef85c14c9 100644 --- a/ee/spec/controllers/projects_controller_spec.rb +++ b/ee/spec/controllers/projects_controller_spec.rb @@ -15,6 +15,17 @@ sign_in(user) end + shared_examples 'audit events with event type' do + it 'logs the audit event' do + expect(::Gitlab::Audit::Auditor).to receive(:audit).with( + hash_including(name: audit_name) + ).and_call_original + + expect { request }.to change { AuditEvent.count }.by(1) + expect(AuditEvent.last.details[:custom_message]).to eq(custom_message) + end + end + describe 'GET show', feature_category: :projects do render_views @@ -652,8 +663,9 @@ let(:request) { get :download_export, params: { namespace_id: project.namespace, id: project } } context 'when project export is enabled' do - it 'logs the audit event' do - expect { request }.to change { AuditEvent.count }.by(1) + it_behaves_like 'audit events with event type' do + let_it_be(:audit_name) { 'project_export_file_download_started' } + let_it_be(:custom_message) { 'Export file download started' } end end @@ -680,9 +692,9 @@ group.add_owner(user) end - it 'logs the audit event' do - expect { request }.to change { AuditEvent.count }.by(1) - expect(AuditEvent.last.details[:custom_message]).to eq('Project archived') + it_behaves_like 'audit events with event type' do + let_it_be(:audit_name) { 'project_archived' } + let_it_be(:custom_message) { 'Project archived' } end end @@ -705,9 +717,9 @@ group.add_owner(user) end - it 'logs the audit event' do - expect { request }.to change { AuditEvent.count }.by(1) - expect(AuditEvent.last.details[:custom_message]).to eq('Project unarchived') + it_behaves_like 'audit events with event type' do + let_it_be(:audit_name) { 'project_unarchived' } + let_it_be(:custom_message) { 'Project unarchived' } end end diff --git a/ee/spec/services/projects/import_service_spec.rb b/ee/spec/services/projects/import_service_spec.rb index 62401d69d60eb2c95c73b4112e6f5e2bf9d9c665..0c74d89d98edfd9281abfc5476a0485438758870 100644 --- a/ee/spec/services/projects/import_service_spec.rb +++ b/ee/spec/services/projects/import_service_spec.rb @@ -23,6 +23,10 @@ end it 'does audit' do + expect(::Gitlab::Audit::Auditor).to receive(:audit).with( + hash_including(name: 'project_imported') + ).and_call_original + expect { subject.execute }.to change { AuditEvent.count }.by(1) end end diff --git a/ee/spec/services/projects/restore_service_spec.rb b/ee/spec/services/projects/restore_service_spec.rb index a87602ead4a7809c2cfc390a5d446205e35788a9..62e477216c6ed823206587fd7ab6da1ff7fcbe08 100644 --- a/ee/spec/services/projects/restore_service_spec.rb +++ b/ee/spec/services/projects/restore_service_spec.rb @@ -99,6 +99,18 @@ context 'audit events' do it 'saves audit event' do + expect(::Gitlab::Audit::Auditor).to receive(:audit).with( + hash_including(name: 'project_path_updated') + ).and_call_original + + expect(::Gitlab::Audit::Auditor).to receive(:audit).with( + hash_including(name: 'project_name_updated') + ).and_call_original + + expect(::Gitlab::Audit::Auditor).to receive(:audit).with( + hash_including(name: 'project_restored') + ).and_call_original + expect { described_class.new(project, user).execute } .to change { AuditEvent.count }.by(3) end