From c8cb1b57d8da7956f5e063356d00815480ae82d9 Mon Sep 17 00:00:00 2001 From: Hitesh Raghuvanshi Date: Wed, 8 Nov 2023 16:46:32 +0530 Subject: [PATCH 01/11] Added destroy api for namespace filters Added destroy api for deleting namespace filters for group level custom http external audit event destination Changelog: added EE: true --- .../audit_event_types.md | 1 + doc/api/graphql/reference/index.md | 35 +++++++ ee/app/graphql/ee/types/mutation_type.rb | 1 + .../http/namespace_filters/destroy.rb | 46 +++++++++ .../types/destroy_http_namespace_filter.yml | 8 ++ .../http/namespace_filters/destroy_spec.rb | 97 +++++++++++++++++++ 6 files changed, 188 insertions(+) create mode 100644 ee/app/graphql/mutations/audit_events/streaming/http/namespace_filters/destroy.rb create mode 100644 ee/config/audit_events/types/destroy_http_namespace_filter.yml create mode 100644 ee/spec/requests/api/graphql/audit_events/streaming/http/namespace_filters/destroy_spec.rb diff --git a/doc/administration/audit_event_streaming/audit_event_types.md b/doc/administration/audit_event_streaming/audit_event_types.md index 34d19327c18b05..471d60aa16feeb 100644 --- a/doc/administration/audit_event_streaming/audit_event_types.md +++ b/doc/administration/audit_event_streaming/audit_event_types.md @@ -47,6 +47,7 @@ Audit event types belong to the following product categories. | [`create_event_streaming_destination`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/74632) | Event triggered when an external audit event destination is created| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [14.6](https://gitlab.com/gitlab-org/gitlab/-/issues/344664) | | [`create_instance_event_streaming_destination`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/123882) | Event triggered when an instance level external audit event destination is created| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.2](https://gitlab.com/gitlab-org/gitlab/-/issues/404730) | | [`destroy_event_streaming_destination`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/74632) | Event triggered when an external audit event destination is deleted| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [14.6](https://gitlab.com/gitlab-org/gitlab/-/issues/344664) | +| [`destroy_http_namespace_filter`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/136047) | Event triggered when a namespace filter for group level external audit event destination is destroyed.| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.6](https://gitlab.com/gitlab-org/gitlab/-/issues/424177) | | [`destroy_instance_event_streaming_destination`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/125846) | Event triggered when an instance level external audit event destination is deleted| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.2](https://gitlab.com/gitlab-org/gitlab/-/issues/404730) | | [`event_type_filters_created`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/113081) | Event triggered when a new audit events streaming event type filter is created| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [15.10](https://gitlab.com/gitlab-org/gitlab/-/issues/344848) | | [`event_type_filters_deleted`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/113489) | Event triggered when audit events streaming event type filters are deleted| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [15.10](https://gitlab.com/gitlab-org/gitlab/-/issues/344848) | diff --git a/doc/api/graphql/reference/index.md b/doc/api/graphql/reference/index.md index 98c5d13e75a4eb..20c852e16a896a 100644 --- a/doc/api/graphql/reference/index.md +++ b/doc/api/graphql/reference/index.md @@ -1564,6 +1564,24 @@ Input type: `AuditEventsStreamingHeadersUpdateInput` | `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | | `header` | [`AuditEventStreamingHeader`](#auditeventstreamingheader) | Updates header. | +### `Mutation.auditEventsStreamingHttpNamespaceFiltersDestroy` + +Input type: `AuditEventsStreamingHTTPNamespaceFiltersDestroyInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| `namespaceFilterId` | [`AuditEventsStreamingHTTPNamespaceFilterID!`](#auditeventsstreaminghttpnamespacefilterid) | Namespace filter id. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + ### `Mutation.auditEventsStreamingInstanceHeadersCreate` Input type: `AuditEventsStreamingInstanceHeadersCreateInput` @@ -14073,6 +14091,17 @@ Represents a HTTP header key/value that belongs to an audit streaming destinatio | `key` | [`String!`](#string) | Key of the header. | | `value` | [`String!`](#string) | Value of the header. | +### `AuditEventsStreamingHTTPNamespaceFiltersDestroyPayload` + +Autogenerated return type of AuditEventsStreamingHTTPNamespaceFiltersDestroy. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + ### `AuditEventsStreamingInstanceHeader` Represents a HTTP header key/value that belongs to an instance level audit streaming destination. @@ -30679,6 +30708,12 @@ A `AuditEventsInstanceGoogleCloudLoggingConfigurationID` is a global ID. It is e An example `AuditEventsInstanceGoogleCloudLoggingConfigurationID` is: `"gid://gitlab/AuditEvents::Instance::GoogleCloudLoggingConfiguration/1"`. +### `AuditEventsStreamingHTTPNamespaceFilterID` + +A `AuditEventsStreamingHTTPNamespaceFilterID` is a global ID. It is encoded as a string. + +An example `AuditEventsStreamingHTTPNamespaceFilterID` is: `"gid://gitlab/AuditEvents::Streaming::HTTP::NamespaceFilter/1"`. + ### `AuditEventsStreamingHeaderID` A `AuditEventsStreamingHeaderID` is a global ID. It is encoded as a string. diff --git a/ee/app/graphql/ee/types/mutation_type.rb b/ee/app/graphql/ee/types/mutation_type.rb index 4cd40ff64f2931..7903b697ffa230 100644 --- a/ee/app/graphql/ee/types/mutation_type.rb +++ b/ee/app/graphql/ee/types/mutation_type.rb @@ -142,6 +142,7 @@ module MutationType mount_mutation ::Mutations::Analytics::CycleAnalytics::ValueStreams::Create, alpha: { milestone: '16.6' } mount_mutation ::Mutations::Analytics::CycleAnalytics::ValueStreams::Update, alpha: { milestone: '16.6' } mount_mutation ::Mutations::Analytics::CycleAnalytics::ValueStreams::Destroy, alpha: { milestone: '16.6' } + mount_mutation ::Mutations::AuditEvents::Streaming::HTTP::NamespaceFilters::Destroy prepend(Types::DeprecatedMutations) end diff --git a/ee/app/graphql/mutations/audit_events/streaming/http/namespace_filters/destroy.rb b/ee/app/graphql/mutations/audit_events/streaming/http/namespace_filters/destroy.rb new file mode 100644 index 00000000000000..2f09eada5ed3a7 --- /dev/null +++ b/ee/app/graphql/mutations/audit_events/streaming/http/namespace_filters/destroy.rb @@ -0,0 +1,46 @@ +# frozen_string_literal: true + +module Mutations + module AuditEvents + module Streaming + module HTTP + module NamespaceFilters + class Destroy < BaseMutation + graphql_name 'AuditEventsStreamingHTTPNamespaceFiltersDestroy' + authorize :admin_external_audit_events + + argument :namespace_filter_id, ::Types::GlobalIDType[::AuditEvents::Streaming::HTTP::NamespaceFilter], + required: true, + description: 'Namespace filter id.' + def resolve(namespace_filter_id:) + filter = authorized_find!(id: namespace_filter_id) + + audit(filter, action: :destroy) if filter.destroy + + { namespace_filter: nil, errors: [] } + end + + private + + def find_object(id:) + ::GitlabSchema.object_from_id(id, expected_type: ::AuditEvents::Streaming::HTTP::NamespaceFilter) + end + + def audit(filter, action:) + audit_context = { + name: "#{action}_http_namespace_filter", + author: current_user, + scope: filter.external_audit_event_destination.group, + target: filter.external_audit_event_destination, + message: "#{action.capitalize} namespace filter for http audit event streaming destination " \ + "#{filter.external_audit_event_destination.name} and namespace #{filter.namespace.full_path}" + } + + ::Gitlab::Audit::Auditor.audit(audit_context) + end + end + end + end + end + end +end diff --git a/ee/config/audit_events/types/destroy_http_namespace_filter.yml b/ee/config/audit_events/types/destroy_http_namespace_filter.yml new file mode 100644 index 00000000000000..753248a6a27b6c --- /dev/null +++ b/ee/config/audit_events/types/destroy_http_namespace_filter.yml @@ -0,0 +1,8 @@ +name: destroy_http_namespace_filter +description: Event triggered when a namespace filter for group level external audit event destination is destroyed. +introduced_by_issue: https://gitlab.com/gitlab-org/gitlab/-/issues/424177 +introduced_by_mr: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/136047 +feature_category: audit_events +milestone: "16.6" +saved_to_database: true +streamed: true diff --git a/ee/spec/requests/api/graphql/audit_events/streaming/http/namespace_filters/destroy_spec.rb b/ee/spec/requests/api/graphql/audit_events/streaming/http/namespace_filters/destroy_spec.rb new file mode 100644 index 00000000000000..26e0216c65ed62 --- /dev/null +++ b/ee/spec/requests/api/graphql/audit_events/streaming/http/namespace_filters/destroy_spec.rb @@ -0,0 +1,97 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe 'Destroy a namespace filter for group level external audit event destinations', feature_category: :audit_events do + include GraphqlHelpers + + let(:current_user) { create(:user) } + let_it_be(:group) { create(:group) } + let_it_be(:subgroup) { create(:group, parent: group) } + let(:destination) { create(:external_audit_event_destination, group: group) } + let!(:filter) do + create(:audit_events_streaming_http_namespace_filter, external_audit_event_destination: destination, + namespace: subgroup) + end + + let(:mutation) { graphql_mutation(:audit_events_streaming_http_namespace_filters_destroy, input) } + let(:mutation_response) { graphql_mutation_response(:audit_events_streaming_http_namespace_filters_destroy) } + + let(:input) do + { namespaceFilterId: filter.to_gid } + end + + subject { post_graphql_mutation(mutation, current_user: current_user) } + + shared_examples 'does not destroy the namespace filter' do + it do + expect(::Gitlab::Audit::Auditor).not_to receive(:audit) + .with(a_hash_including(name: 'destroy_http_namespace_filter')) + + expect { subject }.not_to change { destination.reload.namespace_filter } + end + end + + context 'when feature is licensed' do + before do + stub_licensed_features(external_audit_events: true) + end + + context 'when current user is group owner' do + before_all do + group.add_owner(current_user) + end + + it 'destroys the filter' do + expect(::Gitlab::Audit::Auditor).to receive(:audit).with(a_hash_including( + name: 'destroy_http_namespace_filter', + author: current_user, + scope: group, + target: destination, + message: "Destroy namespace filter for http audit event streaming destination #{destination.name} " \ + "and namespace #{subgroup.full_path}")).once.and_call_original + + expect { subject }.to change { AuditEvents::Streaming::HTTP::NamespaceFilter.count }.by(-1) + + expect(destination.reload.namespace_filter).to be nil + expect_graphql_errors_to_be_empty + expect(mutation_response['errors']).to be_empty + expect(mutation_response['namespaceFilter']).to be nil + end + end + + context 'when current user is a group maintainer' do + before_all do + group.add_maintainer(current_user) + end + + it_behaves_like 'does not destroy the namespace filter' + end + + context 'when current user is a group developer' do + before_all do + group.add_developer(current_user) + end + + it_behaves_like 'does not destroy the namespace filter' + end + + context 'when current user is a group guest' do + before_all do + group.add_guest(current_user) + end + + it_behaves_like 'does not destroy the namespace filter' + end + end + + context 'when feature is not licensed' do + before do + stub_licensed_features(external_audit_events: false) + end + + it_behaves_like 'a mutation on an unauthorized resource' + + it_behaves_like 'does not destroy the namespace filter' + end +end -- GitLab From e3ee44209f23e8ffe49cb85aa42f5fc3f33c5cf4 Mon Sep 17 00:00:00 2001 From: Hitesh Raghuvanshi Date: Wed, 8 Nov 2023 16:47:51 +0530 Subject: [PATCH 02/11] Fixed mr link --- ee/config/audit_events/types/destroy_http_namespace_filter.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ee/config/audit_events/types/destroy_http_namespace_filter.yml b/ee/config/audit_events/types/destroy_http_namespace_filter.yml index 753248a6a27b6c..2429e9c7b558aa 100644 --- a/ee/config/audit_events/types/destroy_http_namespace_filter.yml +++ b/ee/config/audit_events/types/destroy_http_namespace_filter.yml @@ -1,7 +1,7 @@ name: destroy_http_namespace_filter description: Event triggered when a namespace filter for group level external audit event destination is destroyed. introduced_by_issue: https://gitlab.com/gitlab-org/gitlab/-/issues/424177 -introduced_by_mr: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/136047 +introduced_by_mr: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/136302 feature_category: audit_events milestone: "16.6" saved_to_database: true -- GitLab From 1e0681d7a42506ccf2ef8477f18f18b2e166df24 Mon Sep 17 00:00:00 2001 From: Hitesh Raghuvanshi Date: Wed, 8 Nov 2023 16:48:24 +0530 Subject: [PATCH 03/11] Fixed mr link --- doc/administration/audit_event_streaming/audit_event_types.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/administration/audit_event_streaming/audit_event_types.md b/doc/administration/audit_event_streaming/audit_event_types.md index 471d60aa16feeb..95a00ba3dafe93 100644 --- a/doc/administration/audit_event_streaming/audit_event_types.md +++ b/doc/administration/audit_event_streaming/audit_event_types.md @@ -47,7 +47,7 @@ Audit event types belong to the following product categories. | [`create_event_streaming_destination`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/74632) | Event triggered when an external audit event destination is created| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [14.6](https://gitlab.com/gitlab-org/gitlab/-/issues/344664) | | [`create_instance_event_streaming_destination`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/123882) | Event triggered when an instance level external audit event destination is created| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.2](https://gitlab.com/gitlab-org/gitlab/-/issues/404730) | | [`destroy_event_streaming_destination`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/74632) | Event triggered when an external audit event destination is deleted| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [14.6](https://gitlab.com/gitlab-org/gitlab/-/issues/344664) | -| [`destroy_http_namespace_filter`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/136047) | Event triggered when a namespace filter for group level external audit event destination is destroyed.| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.6](https://gitlab.com/gitlab-org/gitlab/-/issues/424177) | +| [`destroy_http_namespace_filter`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/136302) | Event triggered when a namespace filter for group level external audit event destination is destroyed.| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.6](https://gitlab.com/gitlab-org/gitlab/-/issues/424177) | | [`destroy_instance_event_streaming_destination`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/125846) | Event triggered when an instance level external audit event destination is deleted| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.2](https://gitlab.com/gitlab-org/gitlab/-/issues/404730) | | [`event_type_filters_created`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/113081) | Event triggered when a new audit events streaming event type filter is created| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [15.10](https://gitlab.com/gitlab-org/gitlab/-/issues/344848) | | [`event_type_filters_deleted`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/113489) | Event triggered when audit events streaming event type filters are deleted| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [15.10](https://gitlab.com/gitlab-org/gitlab/-/issues/344848) | -- GitLab From 327603583d5bc0b96d59eacb02e59ae84e4424eb Mon Sep 17 00:00:00 2001 From: Hitesh Raghuvanshi Date: Wed, 8 Nov 2023 17:05:55 +0530 Subject: [PATCH 04/11] Fixed test cases --- .../streaming/http/namespace_filters/destroy_spec.rb | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/ee/spec/requests/api/graphql/audit_events/streaming/http/namespace_filters/destroy_spec.rb b/ee/spec/requests/api/graphql/audit_events/streaming/http/namespace_filters/destroy_spec.rb index 26e0216c65ed62..31f8d274dace74 100644 --- a/ee/spec/requests/api/graphql/audit_events/streaming/http/namespace_filters/destroy_spec.rb +++ b/ee/spec/requests/api/graphql/audit_events/streaming/http/namespace_filters/destroy_spec.rb @@ -6,8 +6,8 @@ include GraphqlHelpers let(:current_user) { create(:user) } - let_it_be(:group) { create(:group) } - let_it_be(:subgroup) { create(:group, parent: group) } + let(:group) { create(:group) } + let(:subgroup) { create(:group, parent: group) } let(:destination) { create(:external_audit_event_destination, group: group) } let!(:filter) do create(:audit_events_streaming_http_namespace_filter, external_audit_event_destination: destination, @@ -38,7 +38,7 @@ end context 'when current user is group owner' do - before_all do + before do group.add_owner(current_user) end @@ -61,7 +61,7 @@ end context 'when current user is a group maintainer' do - before_all do + before do group.add_maintainer(current_user) end @@ -69,7 +69,7 @@ end context 'when current user is a group developer' do - before_all do + before do group.add_developer(current_user) end @@ -77,7 +77,7 @@ end context 'when current user is a group guest' do - before_all do + before do group.add_guest(current_user) end -- GitLab From c4393597ada6ab51857a30582727cf84e555f495 Mon Sep 17 00:00:00 2001 From: Hitesh Raghuvanshi Date: Thu, 9 Nov 2023 11:57:34 +0530 Subject: [PATCH 05/11] Updated audit event description --- doc/administration/audit_event_streaming/audit_event_types.md | 2 +- ee/config/audit_events/types/destroy_http_namespace_filter.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/administration/audit_event_streaming/audit_event_types.md b/doc/administration/audit_event_streaming/audit_event_types.md index 95a00ba3dafe93..8bca2bec0078f1 100644 --- a/doc/administration/audit_event_streaming/audit_event_types.md +++ b/doc/administration/audit_event_streaming/audit_event_types.md @@ -47,7 +47,7 @@ Audit event types belong to the following product categories. | [`create_event_streaming_destination`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/74632) | Event triggered when an external audit event destination is created| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [14.6](https://gitlab.com/gitlab-org/gitlab/-/issues/344664) | | [`create_instance_event_streaming_destination`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/123882) | Event triggered when an instance level external audit event destination is created| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.2](https://gitlab.com/gitlab-org/gitlab/-/issues/404730) | | [`destroy_event_streaming_destination`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/74632) | Event triggered when an external audit event destination is deleted| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [14.6](https://gitlab.com/gitlab-org/gitlab/-/issues/344664) | -| [`destroy_http_namespace_filter`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/136302) | Event triggered when a namespace filter for group level external audit event destination is destroyed.| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.6](https://gitlab.com/gitlab-org/gitlab/-/issues/424177) | +| [`destroy_http_namespace_filter`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/136302) | Event triggered when a namespace filter for an external audit event destination for a top-level group is deleted.| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.6](https://gitlab.com/gitlab-org/gitlab/-/issues/424177) | | [`destroy_instance_event_streaming_destination`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/125846) | Event triggered when an instance level external audit event destination is deleted| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.2](https://gitlab.com/gitlab-org/gitlab/-/issues/404730) | | [`event_type_filters_created`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/113081) | Event triggered when a new audit events streaming event type filter is created| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [15.10](https://gitlab.com/gitlab-org/gitlab/-/issues/344848) | | [`event_type_filters_deleted`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/113489) | Event triggered when audit events streaming event type filters are deleted| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [15.10](https://gitlab.com/gitlab-org/gitlab/-/issues/344848) | diff --git a/ee/config/audit_events/types/destroy_http_namespace_filter.yml b/ee/config/audit_events/types/destroy_http_namespace_filter.yml index 2429e9c7b558aa..c80527131ddd72 100644 --- a/ee/config/audit_events/types/destroy_http_namespace_filter.yml +++ b/ee/config/audit_events/types/destroy_http_namespace_filter.yml @@ -1,5 +1,5 @@ name: destroy_http_namespace_filter -description: Event triggered when a namespace filter for group level external audit event destination is destroyed. +description: Event triggered when a namespace filter for an external audit event destination for a top-level group is deleted. introduced_by_issue: https://gitlab.com/gitlab-org/gitlab/-/issues/424177 introduced_by_mr: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/136302 feature_category: audit_events -- GitLab From 70c99e5cc89cbac9cafd6917ae2f61dc838af846 Mon Sep 17 00:00:00 2001 From: Evan Read Date: Fri, 10 Nov 2023 04:34:22 +0000 Subject: [PATCH 06/11] Applying documentation suggestion --- .../audit_events/streaming/http/namespace_filters/destroy.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ee/app/graphql/mutations/audit_events/streaming/http/namespace_filters/destroy.rb b/ee/app/graphql/mutations/audit_events/streaming/http/namespace_filters/destroy.rb index 2f09eada5ed3a7..b16ee0097c7b28 100644 --- a/ee/app/graphql/mutations/audit_events/streaming/http/namespace_filters/destroy.rb +++ b/ee/app/graphql/mutations/audit_events/streaming/http/namespace_filters/destroy.rb @@ -11,7 +11,7 @@ class Destroy < BaseMutation argument :namespace_filter_id, ::Types::GlobalIDType[::AuditEvents::Streaming::HTTP::NamespaceFilter], required: true, - description: 'Namespace filter id.' + description: 'Namespace filter ID.' def resolve(namespace_filter_id:) filter = authorized_find!(id: namespace_filter_id) -- GitLab From 2e0a46047eaf96e4a688dacecb3eda2c4cb6d7f0 Mon Sep 17 00:00:00 2001 From: Hitesh Raghuvanshi Date: Fri, 10 Nov 2023 13:32:57 +0530 Subject: [PATCH 07/11] Updating autogenerated file --- doc/api/graphql/reference/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/api/graphql/reference/index.md b/doc/api/graphql/reference/index.md index 20c852e16a896a..d7528d027ed9d8 100644 --- a/doc/api/graphql/reference/index.md +++ b/doc/api/graphql/reference/index.md @@ -1573,7 +1573,7 @@ Input type: `AuditEventsStreamingHTTPNamespaceFiltersDestroyInput` | Name | Type | Description | | ---- | ---- | ----------- | | `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `namespaceFilterId` | [`AuditEventsStreamingHTTPNamespaceFilterID!`](#auditeventsstreaminghttpnamespacefilterid) | Namespace filter id. | +| `namespaceFilterId` | [`AuditEventsStreamingHTTPNamespaceFilterID!`](#auditeventsstreaminghttpnamespacefilterid) | Namespace filter ID. | #### Fields -- GitLab From 5403356d73cb3791d2eac065cd47383d29a15306 Mon Sep 17 00:00:00 2001 From: Hitesh Raghuvanshi Date: Mon, 13 Nov 2023 14:53:02 +0530 Subject: [PATCH 08/11] Updating milestone version --- doc/administration/audit_event_streaming/audit_event_types.md | 2 +- ee/config/audit_events/types/destroy_http_namespace_filter.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/administration/audit_event_streaming/audit_event_types.md b/doc/administration/audit_event_streaming/audit_event_types.md index 4b7c9972e666b8..2e8ffea4fb9837 100644 --- a/doc/administration/audit_event_streaming/audit_event_types.md +++ b/doc/administration/audit_event_streaming/audit_event_types.md @@ -48,7 +48,7 @@ Audit event types belong to the following product categories. | [`create_http_namespace_filter`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/136047) | Event triggered when a namespace filter for an external audit event destination for a top-level group is created.| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.6](https://gitlab.com/gitlab-org/gitlab/-/issues/424176) | | [`create_instance_event_streaming_destination`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/123882) | Event triggered when an instance level external audit event destination is created| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.2](https://gitlab.com/gitlab-org/gitlab/-/issues/404730) | | [`destroy_event_streaming_destination`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/74632) | Event triggered when an external audit event destination is deleted| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [14.6](https://gitlab.com/gitlab-org/gitlab/-/issues/344664) | -| [`destroy_http_namespace_filter`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/136302) | Event triggered when a namespace filter for an external audit event destination for a top-level group is deleted.| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.6](https://gitlab.com/gitlab-org/gitlab/-/issues/424177) | +| [`destroy_http_namespace_filter`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/136302) | Event triggered when a namespace filter for an external audit event destination for a top-level group is deleted.| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.7](https://gitlab.com/gitlab-org/gitlab/-/issues/424177) | | [`destroy_instance_event_streaming_destination`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/125846) | Event triggered when an instance level external audit event destination is deleted| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.2](https://gitlab.com/gitlab-org/gitlab/-/issues/404730) | | [`event_type_filters_created`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/113081) | Event triggered when a new audit events streaming event type filter is created| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [15.10](https://gitlab.com/gitlab-org/gitlab/-/issues/344848) | | [`event_type_filters_deleted`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/113489) | Event triggered when audit events streaming event type filters are deleted| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [15.10](https://gitlab.com/gitlab-org/gitlab/-/issues/344848) | diff --git a/ee/config/audit_events/types/destroy_http_namespace_filter.yml b/ee/config/audit_events/types/destroy_http_namespace_filter.yml index c80527131ddd72..18c95495cb4c5b 100644 --- a/ee/config/audit_events/types/destroy_http_namespace_filter.yml +++ b/ee/config/audit_events/types/destroy_http_namespace_filter.yml @@ -3,6 +3,6 @@ description: Event triggered when a namespace filter for an external audit event introduced_by_issue: https://gitlab.com/gitlab-org/gitlab/-/issues/424177 introduced_by_mr: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/136302 feature_category: audit_events -milestone: "16.6" +milestone: "16.7" saved_to_database: true streamed: true -- GitLab From 4c69e9cecc33c939482b56788df012932dcced0e Mon Sep 17 00:00:00 2001 From: Hitesh Raghuvanshi Date: Tue, 14 Nov 2023 12:10:23 +0530 Subject: [PATCH 09/11] Updated mutation name to delete --- doc/api/graphql/reference/index.md | 20 ++++++++--------- .../http/namespace_filters/destroy.rb | 2 +- .../http/namespace_filters/destroy_spec.rb | 22 +++---------------- 3 files changed, 14 insertions(+), 30 deletions(-) diff --git a/doc/api/graphql/reference/index.md b/doc/api/graphql/reference/index.md index b309f37af4f7ef..0c60894e98c4aa 100644 --- a/doc/api/graphql/reference/index.md +++ b/doc/api/graphql/reference/index.md @@ -1586,23 +1586,23 @@ Input type: `AuditEventsStreamingHTTPNamespaceFiltersAddInput` | `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | | `namespaceFilter` | [`AuditEventStreamingHTTPNamespaceFilter`](#auditeventstreaminghttpnamespacefilter) | Namespace filter created. | -### `Mutation.auditEventsStreamingHttpNamespaceFiltersDestroy` +### `Mutation.auditEventsStreamingHttpNamespaceFiltersDelete` -Input type: `AuditEventsStreamingHTTPNamespaceFiltersDestroyInput` +Input type: `AuditEventsStreamingHTTPNamespaceFiltersDeleteInput` #### Arguments | Name | Type | Description | | ---- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `namespaceFilterId` | [`AuditEventsStreamingHTTPNamespaceFilterID!`](#auditeventsstreaminghttpnamespacefilterid) | Namespace filter ID. | +| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| `namespaceFilterId` | [`AuditEventsStreamingHTTPNamespaceFilterID!`](#auditeventsstreaminghttpnamespacefilterid) | Namespace filter ID. | #### Fields | Name | Type | Description | | ---- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | ### `Mutation.auditEventsStreamingInstanceHeadersCreate` @@ -14125,16 +14125,16 @@ Autogenerated return type of AuditEventsStreamingHTTPNamespaceFiltersAdd. | `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | | `namespaceFilter` | [`AuditEventStreamingHTTPNamespaceFilter`](#auditeventstreaminghttpnamespacefilter) | Namespace filter created. | -### `AuditEventsStreamingHTTPNamespaceFiltersDestroyPayload` +### `AuditEventsStreamingHTTPNamespaceFiltersDeletePayload` -Autogenerated return type of AuditEventsStreamingHTTPNamespaceFiltersDestroy. +Autogenerated return type of AuditEventsStreamingHTTPNamespaceFiltersDelete. #### Fields | Name | Type | Description | | ---- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | ### `AuditEventsStreamingInstanceHeader` diff --git a/ee/app/graphql/mutations/audit_events/streaming/http/namespace_filters/destroy.rb b/ee/app/graphql/mutations/audit_events/streaming/http/namespace_filters/destroy.rb index b16ee0097c7b28..b72a76f55cea76 100644 --- a/ee/app/graphql/mutations/audit_events/streaming/http/namespace_filters/destroy.rb +++ b/ee/app/graphql/mutations/audit_events/streaming/http/namespace_filters/destroy.rb @@ -6,7 +6,7 @@ module Streaming module HTTP module NamespaceFilters class Destroy < BaseMutation - graphql_name 'AuditEventsStreamingHTTPNamespaceFiltersDestroy' + graphql_name 'AuditEventsStreamingHTTPNamespaceFiltersDelete' authorize :admin_external_audit_events argument :namespace_filter_id, ::Types::GlobalIDType[::AuditEvents::Streaming::HTTP::NamespaceFilter], diff --git a/ee/spec/requests/api/graphql/audit_events/streaming/http/namespace_filters/destroy_spec.rb b/ee/spec/requests/api/graphql/audit_events/streaming/http/namespace_filters/destroy_spec.rb index 31f8d274dace74..a8c1610beddf5f 100644 --- a/ee/spec/requests/api/graphql/audit_events/streaming/http/namespace_filters/destroy_spec.rb +++ b/ee/spec/requests/api/graphql/audit_events/streaming/http/namespace_filters/destroy_spec.rb @@ -14,8 +14,8 @@ namespace: subgroup) end - let(:mutation) { graphql_mutation(:audit_events_streaming_http_namespace_filters_destroy, input) } - let(:mutation_response) { graphql_mutation_response(:audit_events_streaming_http_namespace_filters_destroy) } + let(:mutation) { graphql_mutation(:audit_events_streaming_http_namespace_filters_delete, input) } + let(:mutation_response) { graphql_mutation_response(:audit_events_streaming_http_namespace_filters_delete) } let(:input) do { namespaceFilterId: filter.to_gid } @@ -42,7 +42,7 @@ group.add_owner(current_user) end - it 'destroys the filter' do + it 'destroys the filter', :aggregate_failures do expect(::Gitlab::Audit::Auditor).to receive(:audit).with(a_hash_including( name: 'destroy_http_namespace_filter', author: current_user, @@ -67,22 +67,6 @@ it_behaves_like 'does not destroy the namespace filter' end - - context 'when current user is a group developer' do - before do - group.add_developer(current_user) - end - - it_behaves_like 'does not destroy the namespace filter' - end - - context 'when current user is a group guest' do - before do - group.add_guest(current_user) - end - - it_behaves_like 'does not destroy the namespace filter' - end end context 'when feature is not licensed' do -- GitLab From c09b46f1bd5171117cb32573f6f0b2aede800540 Mon Sep 17 00:00:00 2001 From: Hitesh Raghuvanshi Date: Tue, 14 Nov 2023 12:13:49 +0530 Subject: [PATCH 10/11] Fixed rubocop offence --- .../streaming/http/namespace_filters/destroy_spec.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ee/spec/requests/api/graphql/audit_events/streaming/http/namespace_filters/destroy_spec.rb b/ee/spec/requests/api/graphql/audit_events/streaming/http/namespace_filters/destroy_spec.rb index a8c1610beddf5f..bce820103fb9b4 100644 --- a/ee/spec/requests/api/graphql/audit_events/streaming/http/namespace_filters/destroy_spec.rb +++ b/ee/spec/requests/api/graphql/audit_events/streaming/http/namespace_filters/destroy_spec.rb @@ -21,7 +21,7 @@ { namespaceFilterId: filter.to_gid } end - subject { post_graphql_mutation(mutation, current_user: current_user) } + subject(:mutate) { post_graphql_mutation(mutation, current_user: current_user) } shared_examples 'does not destroy the namespace filter' do it do @@ -51,7 +51,7 @@ message: "Destroy namespace filter for http audit event streaming destination #{destination.name} " \ "and namespace #{subgroup.full_path}")).once.and_call_original - expect { subject }.to change { AuditEvents::Streaming::HTTP::NamespaceFilter.count }.by(-1) + expect { mutate }.to change { AuditEvents::Streaming::HTTP::NamespaceFilter.count }.by(-1) expect(destination.reload.namespace_filter).to be nil expect_graphql_errors_to_be_empty -- GitLab From e78ab94ef9e69511de68a85fb6ecdc050fe69636 Mon Sep 17 00:00:00 2001 From: Hitesh Raghuvanshi Date: Tue, 14 Nov 2023 19:59:29 +0530 Subject: [PATCH 11/11] Updated file names to delete --- .../audit_event_types.md | 2 +- ee/app/graphql/ee/types/mutation_type.rb | 2 +- .../namespace_filters/{destroy.rb => base.rb} | 18 +---------- .../http/namespace_filters/create.rb | 16 +--------- .../http/namespace_filters/delete.rb | 32 +++++++++++++++++++ ...r.yml => delete_http_namespace_filter.yml} | 2 +- .../{destroy_spec.rb => delete_spec.rb} | 16 +++++----- 7 files changed, 45 insertions(+), 43 deletions(-) rename ee/app/graphql/mutations/audit_events/streaming/http/namespace_filters/{destroy.rb => base.rb} (55%) create mode 100644 ee/app/graphql/mutations/audit_events/streaming/http/namespace_filters/delete.rb rename ee/config/audit_events/types/{destroy_http_namespace_filter.yml => delete_http_namespace_filter.yml} (91%) rename ee/spec/requests/api/graphql/audit_events/streaming/http/namespace_filters/{destroy_spec.rb => delete_spec.rb} (79%) diff --git a/doc/administration/audit_event_streaming/audit_event_types.md b/doc/administration/audit_event_streaming/audit_event_types.md index 2e8ffea4fb9837..1dbf1e19143275 100644 --- a/doc/administration/audit_event_streaming/audit_event_types.md +++ b/doc/administration/audit_event_streaming/audit_event_types.md @@ -47,8 +47,8 @@ Audit event types belong to the following product categories. | [`create_event_streaming_destination`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/74632) | Event triggered when an external audit event destination is created| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [14.6](https://gitlab.com/gitlab-org/gitlab/-/issues/344664) | | [`create_http_namespace_filter`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/136047) | Event triggered when a namespace filter for an external audit event destination for a top-level group is created.| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.6](https://gitlab.com/gitlab-org/gitlab/-/issues/424176) | | [`create_instance_event_streaming_destination`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/123882) | Event triggered when an instance level external audit event destination is created| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.2](https://gitlab.com/gitlab-org/gitlab/-/issues/404730) | +| [`delete_http_namespace_filter`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/136302) | Event triggered when a namespace filter for an external audit event destination for a top-level group is deleted.| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.7](https://gitlab.com/gitlab-org/gitlab/-/issues/424177) | | [`destroy_event_streaming_destination`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/74632) | Event triggered when an external audit event destination is deleted| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [14.6](https://gitlab.com/gitlab-org/gitlab/-/issues/344664) | -| [`destroy_http_namespace_filter`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/136302) | Event triggered when a namespace filter for an external audit event destination for a top-level group is deleted.| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.7](https://gitlab.com/gitlab-org/gitlab/-/issues/424177) | | [`destroy_instance_event_streaming_destination`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/125846) | Event triggered when an instance level external audit event destination is deleted| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.2](https://gitlab.com/gitlab-org/gitlab/-/issues/404730) | | [`event_type_filters_created`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/113081) | Event triggered when a new audit events streaming event type filter is created| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [15.10](https://gitlab.com/gitlab-org/gitlab/-/issues/344848) | | [`event_type_filters_deleted`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/113489) | Event triggered when audit events streaming event type filters are deleted| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [15.10](https://gitlab.com/gitlab-org/gitlab/-/issues/344848) | diff --git a/ee/app/graphql/ee/types/mutation_type.rb b/ee/app/graphql/ee/types/mutation_type.rb index b08d11be8f506b..b7d5567874ab6f 100644 --- a/ee/app/graphql/ee/types/mutation_type.rb +++ b/ee/app/graphql/ee/types/mutation_type.rb @@ -142,8 +142,8 @@ module MutationType mount_mutation ::Mutations::Analytics::CycleAnalytics::ValueStreams::Create, alpha: { milestone: '16.6' } mount_mutation ::Mutations::Analytics::CycleAnalytics::ValueStreams::Update, alpha: { milestone: '16.6' } mount_mutation ::Mutations::Analytics::CycleAnalytics::ValueStreams::Destroy, alpha: { milestone: '16.6' } - mount_mutation ::Mutations::AuditEvents::Streaming::HTTP::NamespaceFilters::Destroy mount_mutation ::Mutations::AuditEvents::Streaming::HTTP::NamespaceFilters::Create + mount_mutation ::Mutations::AuditEvents::Streaming::HTTP::NamespaceFilters::Delete prepend(Types::DeprecatedMutations) end diff --git a/ee/app/graphql/mutations/audit_events/streaming/http/namespace_filters/destroy.rb b/ee/app/graphql/mutations/audit_events/streaming/http/namespace_filters/base.rb similarity index 55% rename from ee/app/graphql/mutations/audit_events/streaming/http/namespace_filters/destroy.rb rename to ee/app/graphql/mutations/audit_events/streaming/http/namespace_filters/base.rb index b72a76f55cea76..1bf63c9faee97b 100644 --- a/ee/app/graphql/mutations/audit_events/streaming/http/namespace_filters/destroy.rb +++ b/ee/app/graphql/mutations/audit_events/streaming/http/namespace_filters/base.rb @@ -5,27 +5,11 @@ module AuditEvents module Streaming module HTTP module NamespaceFilters - class Destroy < BaseMutation - graphql_name 'AuditEventsStreamingHTTPNamespaceFiltersDelete' + class Base < BaseMutation authorize :admin_external_audit_events - argument :namespace_filter_id, ::Types::GlobalIDType[::AuditEvents::Streaming::HTTP::NamespaceFilter], - required: true, - description: 'Namespace filter ID.' - def resolve(namespace_filter_id:) - filter = authorized_find!(id: namespace_filter_id) - - audit(filter, action: :destroy) if filter.destroy - - { namespace_filter: nil, errors: [] } - end - private - def find_object(id:) - ::GitlabSchema.object_from_id(id, expected_type: ::AuditEvents::Streaming::HTTP::NamespaceFilter) - end - def audit(filter, action:) audit_context = { name: "#{action}_http_namespace_filter", diff --git a/ee/app/graphql/mutations/audit_events/streaming/http/namespace_filters/create.rb b/ee/app/graphql/mutations/audit_events/streaming/http/namespace_filters/create.rb index 054d60d0cb3be1..24078f5b32b81d 100644 --- a/ee/app/graphql/mutations/audit_events/streaming/http/namespace_filters/create.rb +++ b/ee/app/graphql/mutations/audit_events/streaming/http/namespace_filters/create.rb @@ -5,9 +5,8 @@ module AuditEvents module Streaming module HTTP module NamespaceFilters - class Create < BaseMutation + class Create < Base graphql_name 'AuditEventsStreamingHTTPNamespaceFiltersAdd' - authorize :admin_external_audit_events argument :destination_id, ::Types::GlobalIDType[::AuditEvents::ExternalAuditEventDestination], required: true, @@ -66,19 +65,6 @@ def namespace(group_path, project_path) namespace.project_namespace end - def audit(filter, action:) - audit_context = { - name: "#{action}_http_namespace_filter", - author: current_user, - scope: filter.external_audit_event_destination.group, - target: filter.external_audit_event_destination, - message: "#{action.capitalize} namespace filter for http audit event streaming destination " \ - "#{filter.external_audit_event_destination.name} and namespace #{filter.namespace.full_path}" - } - - ::Gitlab::Audit::Auditor.audit(audit_context) - end - def mutually_exclusive_args [:group_path, :project_path] end diff --git a/ee/app/graphql/mutations/audit_events/streaming/http/namespace_filters/delete.rb b/ee/app/graphql/mutations/audit_events/streaming/http/namespace_filters/delete.rb new file mode 100644 index 00000000000000..80fb79f359638d --- /dev/null +++ b/ee/app/graphql/mutations/audit_events/streaming/http/namespace_filters/delete.rb @@ -0,0 +1,32 @@ +# frozen_string_literal: true + +module Mutations + module AuditEvents + module Streaming + module HTTP + module NamespaceFilters + class Delete < Base + graphql_name 'AuditEventsStreamingHTTPNamespaceFiltersDelete' + + argument :namespace_filter_id, ::Types::GlobalIDType[::AuditEvents::Streaming::HTTP::NamespaceFilter], + required: true, + description: 'Namespace filter ID.' + def resolve(namespace_filter_id:) + filter = authorized_find!(id: namespace_filter_id) + + audit(filter, action: :delete) if filter.destroy + + { namespace_filter: nil, errors: [] } + end + + private + + def find_object(id:) + ::GitlabSchema.object_from_id(id, expected_type: ::AuditEvents::Streaming::HTTP::NamespaceFilter) + end + end + end + end + end + end +end diff --git a/ee/config/audit_events/types/destroy_http_namespace_filter.yml b/ee/config/audit_events/types/delete_http_namespace_filter.yml similarity index 91% rename from ee/config/audit_events/types/destroy_http_namespace_filter.yml rename to ee/config/audit_events/types/delete_http_namespace_filter.yml index 18c95495cb4c5b..f4843aa3ad285e 100644 --- a/ee/config/audit_events/types/destroy_http_namespace_filter.yml +++ b/ee/config/audit_events/types/delete_http_namespace_filter.yml @@ -1,4 +1,4 @@ -name: destroy_http_namespace_filter +name: delete_http_namespace_filter description: Event triggered when a namespace filter for an external audit event destination for a top-level group is deleted. introduced_by_issue: https://gitlab.com/gitlab-org/gitlab/-/issues/424177 introduced_by_mr: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/136302 diff --git a/ee/spec/requests/api/graphql/audit_events/streaming/http/namespace_filters/destroy_spec.rb b/ee/spec/requests/api/graphql/audit_events/streaming/http/namespace_filters/delete_spec.rb similarity index 79% rename from ee/spec/requests/api/graphql/audit_events/streaming/http/namespace_filters/destroy_spec.rb rename to ee/spec/requests/api/graphql/audit_events/streaming/http/namespace_filters/delete_spec.rb index bce820103fb9b4..44d288a293f7ba 100644 --- a/ee/spec/requests/api/graphql/audit_events/streaming/http/namespace_filters/destroy_spec.rb +++ b/ee/spec/requests/api/graphql/audit_events/streaming/http/namespace_filters/delete_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -RSpec.describe 'Destroy a namespace filter for group level external audit event destinations', feature_category: :audit_events do +RSpec.describe 'Delete a namespace filter for group level external audit event destinations', feature_category: :audit_events do include GraphqlHelpers let(:current_user) { create(:user) } @@ -23,10 +23,10 @@ subject(:mutate) { post_graphql_mutation(mutation, current_user: current_user) } - shared_examples 'does not destroy the namespace filter' do + shared_examples 'does not delete the namespace filter' do it do expect(::Gitlab::Audit::Auditor).not_to receive(:audit) - .with(a_hash_including(name: 'destroy_http_namespace_filter')) + .with(a_hash_including(name: 'delete_http_namespace_filter')) expect { subject }.not_to change { destination.reload.namespace_filter } end @@ -42,13 +42,13 @@ group.add_owner(current_user) end - it 'destroys the filter', :aggregate_failures do + it 'deletes the filter', :aggregate_failures do expect(::Gitlab::Audit::Auditor).to receive(:audit).with(a_hash_including( - name: 'destroy_http_namespace_filter', + name: 'delete_http_namespace_filter', author: current_user, scope: group, target: destination, - message: "Destroy namespace filter for http audit event streaming destination #{destination.name} " \ + message: "Delete namespace filter for http audit event streaming destination #{destination.name} " \ "and namespace #{subgroup.full_path}")).once.and_call_original expect { mutate }.to change { AuditEvents::Streaming::HTTP::NamespaceFilter.count }.by(-1) @@ -65,7 +65,7 @@ group.add_maintainer(current_user) end - it_behaves_like 'does not destroy the namespace filter' + it_behaves_like 'does not delete the namespace filter' end end @@ -76,6 +76,6 @@ it_behaves_like 'a mutation on an unauthorized resource' - it_behaves_like 'does not destroy the namespace filter' + it_behaves_like 'does not delete the namespace filter' end end -- GitLab