diff --git a/ee/app/graphql/mutations/audit_events/streaming/instance_headers/create.rb b/ee/app/graphql/mutations/audit_events/streaming/instance_headers/create.rb index 1246b06868f6721ee243f3b2507f9979a799a3f6..d34be4034bb5921eb0e6b6d8b2514adb96ef109a 100644 --- a/ee/app/graphql/mutations/audit_events/streaming/instance_headers/create.rb +++ b/ee/app/graphql/mutations/audit_events/streaming/instance_headers/create.rb @@ -25,7 +25,8 @@ class Create < Base def resolve(destination_id:, key:, value:) response = ::AuditEvents::Streaming::InstanceHeaders::CreateService.new( - params: { key: key, value: value, destination: find_destination(destination_id) } + params: { key: key, value: value, destination: find_destination(destination_id) }, + current_user: current_user ).execute if response.success? diff --git a/ee/app/services/audit_events/streaming/headers/create_service.rb b/ee/app/services/audit_events/streaming/headers/create_service.rb index a7cca7774878db4f123b1f8437cd6ad2ef7eedf2..d4e751f7fe3130aae1d483b0bd9d357db4644c4d 100644 --- a/ee/app/services/audit_events/streaming/headers/create_service.rb +++ b/ee/app/services/audit_events/streaming/headers/create_service.rb @@ -6,18 +6,7 @@ module Headers class CreateService < Base def execute super - - success, response, header = create_header(destination, params[:key], params[:value]) - - audit(action: :create, header: header, message: audit_message(header.key)) if success - - response - end - - private - - def audit_message(key) - "Created custom HTTP header with key #{key}." + create_header(destination, params[:key], params[:value]) end end end diff --git a/ee/app/services/audit_events/streaming/headers_operations.rb b/ee/app/services/audit_events/streaming/headers_operations.rb index e7fc4e2ddf429ff109709498a0bd01042ac781db..10df3bcb34cfd9c0f47d938d2aa94fbb8630aeab 100644 --- a/ee/app/services/audit_events/streaming/headers_operations.rb +++ b/ee/app/services/audit_events/streaming/headers_operations.rb @@ -6,9 +6,14 @@ module HeadersOperations def create_header(destination, key, value) header = destination.headers.new(key: key, value: value) - return true, ServiceResponse.success(payload: { header: header, errors: [] }), header if header.save + if header.save + audit_message = "Created custom HTTP header with key #{key}." + audit(action: :create, header: header, message: audit_message) - [false, ServiceResponse.error(message: Array(header.errors)), nil] + ServiceResponse.success(payload: { header: header, errors: [] }) + else + ServiceResponse.error(message: Array(header.errors)) + end end def update_header(header, key, value) diff --git a/ee/app/services/audit_events/streaming/instance_headers/base_service.rb b/ee/app/services/audit_events/streaming/instance_headers/base_service.rb index 6d8fa01ecec925fd211b1231b5944b5b10e3973e..68108a2af3c5f19d7174d1b9104589c3d9c91739 100644 --- a/ee/app/services/audit_events/streaming/instance_headers/base_service.rb +++ b/ee/app/services/audit_events/streaming/instance_headers/base_service.rb @@ -6,10 +6,23 @@ module InstanceHeaders class BaseService include AuditEvents::Streaming::HeadersOperations - attr_reader :params + attr_reader :params, :current_user - def initialize(params: {}) + def initialize(params: {}, current_user: nil) @params = params + @current_user = current_user + end + + def audit(action:, header:, message:, author: current_user) + audit_context = { + name: "audit_events_streaming_instance_headers_#{action}", + author: author, + scope: Gitlab::Audit::InstanceScope.new, + target: header, + message: message + } + + ::Gitlab::Audit::Auditor.audit(audit_context) end end end diff --git a/ee/app/services/audit_events/streaming/instance_headers/create_service.rb b/ee/app/services/audit_events/streaming/instance_headers/create_service.rb index da817d353bb42d708ead098776ad8dd08822be50..f13ce5a636e6ae6572c639851905c4b57ac5cfdb 100644 --- a/ee/app/services/audit_events/streaming/instance_headers/create_service.rb +++ b/ee/app/services/audit_events/streaming/instance_headers/create_service.rb @@ -5,8 +5,7 @@ module Streaming module InstanceHeaders class CreateService < BaseService def execute - _, response, _ = create_header(params[:destination], params[:key], params[:value]) - response + create_header(params[:destination], params[:key], params[:value]) end end end diff --git a/ee/spec/services/audit_events/streaming/headers/create_service_spec.rb b/ee/spec/services/audit_events/streaming/headers/create_service_spec.rb index d50b4f872785d0e242aa9630cb2ef863fbd73027..f350bb7d83b0b7bef6b2f35d66f65c7364414887 100644 --- a/ee/spec/services/audit_events/streaming/headers/create_service_spec.rb +++ b/ee/spec/services/audit_events/streaming/headers/create_service_spec.rb @@ -40,18 +40,6 @@ .with(hash_including(audit_context)).and_call_original expect { response }.to change { AuditEvent.count }.from(0).to(1) end - - context "with license feature external_audit_events" do - before do - stub_licensed_features(external_audit_events: true) - end - - it 'sends correct event type in audit event stream' do - expect(AuditEvents::AuditEventStreamingWorker).to receive(:perform_async).with(event_type, nil, anything) - - response - end - end end end end diff --git a/ee/spec/services/audit_events/streaming/instance_headers/create_service_spec.rb b/ee/spec/services/audit_events/streaming/instance_headers/create_service_spec.rb index d3156b7fe2c5f74a08a234eb6dfda23eb5179a82..879bc7d9e75931e38140df5cf72bc555b37331bc 100644 --- a/ee/spec/services/audit_events/streaming/instance_headers/create_service_spec.rb +++ b/ee/spec/services/audit_events/streaming/instance_headers/create_service_spec.rb @@ -5,10 +5,13 @@ RSpec.describe AuditEvents::Streaming::InstanceHeaders::CreateService, feature_category: :audit_events do let_it_be(:destination) { create(:instance_external_audit_event_destination) } let(:params) { { destination: destination } } + let_it_be(:user) { create(:admin) } + let_it_be(:event_type) { "audit_events_streaming_instance_headers_create" } subject(:service) do described_class.new( - params: params + params: params, + current_user: user ) end @@ -21,6 +24,27 @@ let(:params) { super().merge(key: 'a_key', value: 'a_value') } it_behaves_like 'header creation successful' + + it 'sends the audit streaming event', :aggregate_failures do + audit_context = { + name: 'audit_events_streaming_instance_headers_create', + author: user, + message: "Created custom HTTP header with key a_key." + } + expect(::Gitlab::Audit::Auditor) + .to receive(:audit) + .with(hash_including(audit_context)) + .and_call_original + + expect { response }.to change { AuditEvent.count }.from(0).to(1) + + expect(AuditEvent.last).to have_attributes( + author: user, + entity_id: Gitlab::Audit::InstanceScope.new.id, + entity_type: "Gitlab::Audit::InstanceScope", + details: include(custom_message: 'Created custom HTTP header with key a_key.') + ) + end end end end diff --git a/ee/spec/support/shared_examples/services/audit_events/streaming/headers_operations_shared_examples.rb b/ee/spec/support/shared_examples/services/audit_events/streaming/headers_operations_shared_examples.rb index 8e804e30639c9e323287c3af801bf4af94636ae9..6f85b477507aa221f9220208d70d2fd05d0f41a9 100644 --- a/ee/spec/support/shared_examples/services/audit_events/streaming/headers_operations_shared_examples.rb +++ b/ee/spec/support/shared_examples/services/audit_events/streaming/headers_operations_shared_examples.rb @@ -26,6 +26,18 @@ expect(header.key).to eq('a_key') expect(header.value).to eq('a_value') end + + context "with license feature external_audit_events" do + before do + stub_licensed_features(external_audit_events: true) + end + + it 'sends correct event type in audit event stream' do + expect(AuditEvents::AuditEventStreamingWorker).to receive(:perform_async).with(event_type, nil, anything) + + response + end + end end RSpec.shared_examples 'header updation' do