From f76895c6617b60f6a85f2754b837178629396c70 Mon Sep 17 00:00:00 2001 From: sameer shaik Date: Thu, 9 Nov 2023 13:11:41 +0000 Subject: [PATCH 1/3] Audit auditor role changes Adds an audit event for auditor role changes Changelog: added MR: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/136456 EE: true --- .../audit_event_types.md | 1 + ee/app/services/ee/users/update_service.rb | 3 +++ .../types/user_auditor_status_updated.yml | 9 ++++++++ .../services/ee/users/update_service_spec.rb | 21 +++++++++++++++++++ 4 files changed, 34 insertions(+) create mode 100644 ee/config/audit_events/types/user_auditor_status_updated.yml diff --git a/doc/administration/audit_event_streaming/audit_event_types.md b/doc/administration/audit_event_streaming/audit_event_types.md index 34d19327c18b05..1c3ad12e5f97b8 100644 --- a/doc/administration/audit_event_streaming/audit_event_types.md +++ b/doc/administration/audit_event_streaming/audit_event_types.md @@ -445,6 +445,7 @@ Audit event types belong to the following product categories. | [`email_confirmation_sent`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/129261) | Triggered when users add or change and email address and it needs to be confirmed.| **{dotted-circle}** No | **{check-circle}** Yes | GitLab [16.3](https://gitlab.com/gitlab-org/gitlab/-/issues/377625) | | [`remove_ssh_key`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/65615) | Audit event triggered when a SSH key is removed| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [14.1](https://gitlab.com/gitlab-org/gitlab/-/issues/220127) | | [`user_admin_status_updated`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/65168) | Adds an audit event when a user is either made an administrator, or removed as an administrator| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [14.1](https://gitlab.com/gitlab-org/gitlab/-/issues/323905) | +| [`user_auditor_status_updated`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/136455) | Adds an audit event when a user is either made an auditor, or removed as an auditor| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.7](https://gitlab.com/gitlab-org/gitlab/-/issues/430235) | | [`user_email_address_updated`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/2103) | Adds an audit event when a user updates their email address| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [10.1](https://gitlab.com/gitlab-org/gitlab-ee/issues/1370) | | [`user_profile_visiblity_updated`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/129149) | Triggered when user toggles private profile user setting| **{dotted-circle}** No | **{check-circle}** Yes | GitLab [16.3](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/129149) | | [`user_username_updated`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/106086) | Event triggered on updating a user's username| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [15.7](https://gitlab.com/gitlab-org/gitlab/-/issues/369329) | diff --git a/ee/app/services/ee/users/update_service.rb b/ee/app/services/ee/users/update_service.rb index ed0a6313bbdc57..08abc63190537b 100644 --- a/ee/app/services/ee/users/update_service.rb +++ b/ee/app/services/ee/users/update_service.rb @@ -33,6 +33,9 @@ def notify_success(user_exists) audit_changes(:admin, as: 'admin status', event_type: 'user_admin_status_updated') + audit_changes(:auditor, as: 'auditor status', + event_type: 'user_auditor_status_updated') + log_audit_events end diff --git a/ee/config/audit_events/types/user_auditor_status_updated.yml b/ee/config/audit_events/types/user_auditor_status_updated.yml new file mode 100644 index 00000000000000..0d2ee2ea8928e2 --- /dev/null +++ b/ee/config/audit_events/types/user_auditor_status_updated.yml @@ -0,0 +1,9 @@ +--- +name: user_auditor_status_updated +description: Adds an audit event when a user is either made an auditor, or removed as an auditor +introduced_by_issue: https://gitlab.com/gitlab-org/gitlab/-/issues/430235 +introduced_by_mr: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/136456 +milestone: "16.7" +feature_category: user_profile +saved_to_database: true +streamed: true \ No newline at end of file diff --git a/ee/spec/services/ee/users/update_service_spec.rb b/ee/spec/services/ee/users/update_service_spec.rb index eee050ae2ada34..ed7d7c6bfbce03 100644 --- a/ee/spec/services/ee/users/update_service_spec.rb +++ b/ee/spec/services/ee/users/update_service_spec.rb @@ -135,6 +135,27 @@ end end + context 'updating auditor status' do + let_it_be_with_reload(:admin_user) { create(:admin) } + + it 'logs promoting a user to auditor' do + expect do + update_user_as(admin_user, user, auditor: true) + end.to change { AuditEvent.count }.by(1) + + expect(AuditEvent.last.present.action).to eq('Changed auditor status from false to true') + end + + it 'logs demoting an auditor to a regular user' do + user.update!(auditor: true) + expect do + update_user_as(admin_user, user, auditor: false) + end.to change { AuditEvent.count }.by(1) + + expect(AuditEvent.last.present.action).to eq('Changed auditor status from true to false') + end + end + context 'updating username' do it 'logs audit event' do previous_username = user.username -- GitLab From a752415952b8172a0d5a171d4c1f3eb867dd351e Mon Sep 17 00:00:00 2001 From: sameer shaik Date: Thu, 9 Nov 2023 13:44:45 +0000 Subject: [PATCH 2/3] Update audit event docs --- doc/administration/audit_event_streaming/audit_event_types.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/administration/audit_event_streaming/audit_event_types.md b/doc/administration/audit_event_streaming/audit_event_types.md index 1c3ad12e5f97b8..0faa2c14c767ac 100644 --- a/doc/administration/audit_event_streaming/audit_event_types.md +++ b/doc/administration/audit_event_streaming/audit_event_types.md @@ -445,7 +445,7 @@ Audit event types belong to the following product categories. | [`email_confirmation_sent`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/129261) | Triggered when users add or change and email address and it needs to be confirmed.| **{dotted-circle}** No | **{check-circle}** Yes | GitLab [16.3](https://gitlab.com/gitlab-org/gitlab/-/issues/377625) | | [`remove_ssh_key`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/65615) | Audit event triggered when a SSH key is removed| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [14.1](https://gitlab.com/gitlab-org/gitlab/-/issues/220127) | | [`user_admin_status_updated`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/65168) | Adds an audit event when a user is either made an administrator, or removed as an administrator| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [14.1](https://gitlab.com/gitlab-org/gitlab/-/issues/323905) | -| [`user_auditor_status_updated`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/136455) | Adds an audit event when a user is either made an auditor, or removed as an auditor| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.7](https://gitlab.com/gitlab-org/gitlab/-/issues/430235) | +| [`user_auditor_status_updated`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/136456) | Adds an audit event when a user is either made an auditor, or removed as an auditor| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.7](https://gitlab.com/gitlab-org/gitlab/-/issues/430235) | | [`user_email_address_updated`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/2103) | Adds an audit event when a user updates their email address| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [10.1](https://gitlab.com/gitlab-org/gitlab-ee/issues/1370) | | [`user_profile_visiblity_updated`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/129149) | Triggered when user toggles private profile user setting| **{dotted-circle}** No | **{check-circle}** Yes | GitLab [16.3](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/129149) | | [`user_username_updated`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/106086) | Event triggered on updating a user's username| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [15.7](https://gitlab.com/gitlab-org/gitlab/-/issues/369329) | -- GitLab From ea7dc1077debe3ad3b7058cdcf276834feef7442 Mon Sep 17 00:00:00 2001 From: Mario Celi Date: Thu, 9 Nov 2023 16:56:44 +0000 Subject: [PATCH 3/3] Change milestone to 16.6 --- doc/administration/audit_event_streaming/audit_event_types.md | 2 +- ee/config/audit_events/types/user_auditor_status_updated.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/administration/audit_event_streaming/audit_event_types.md b/doc/administration/audit_event_streaming/audit_event_types.md index 0faa2c14c767ac..a35ba4eb9c57aa 100644 --- a/doc/administration/audit_event_streaming/audit_event_types.md +++ b/doc/administration/audit_event_streaming/audit_event_types.md @@ -445,7 +445,7 @@ Audit event types belong to the following product categories. | [`email_confirmation_sent`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/129261) | Triggered when users add or change and email address and it needs to be confirmed.| **{dotted-circle}** No | **{check-circle}** Yes | GitLab [16.3](https://gitlab.com/gitlab-org/gitlab/-/issues/377625) | | [`remove_ssh_key`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/65615) | Audit event triggered when a SSH key is removed| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [14.1](https://gitlab.com/gitlab-org/gitlab/-/issues/220127) | | [`user_admin_status_updated`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/65168) | Adds an audit event when a user is either made an administrator, or removed as an administrator| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [14.1](https://gitlab.com/gitlab-org/gitlab/-/issues/323905) | -| [`user_auditor_status_updated`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/136456) | Adds an audit event when a user is either made an auditor, or removed as an auditor| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.7](https://gitlab.com/gitlab-org/gitlab/-/issues/430235) | +| [`user_auditor_status_updated`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/136456) | Adds an audit event when a user is either made an auditor, or removed as an auditor| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.6](https://gitlab.com/gitlab-org/gitlab/-/issues/430235) | | [`user_email_address_updated`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/2103) | Adds an audit event when a user updates their email address| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [10.1](https://gitlab.com/gitlab-org/gitlab-ee/issues/1370) | | [`user_profile_visiblity_updated`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/129149) | Triggered when user toggles private profile user setting| **{dotted-circle}** No | **{check-circle}** Yes | GitLab [16.3](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/129149) | | [`user_username_updated`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/106086) | Event triggered on updating a user's username| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [15.7](https://gitlab.com/gitlab-org/gitlab/-/issues/369329) | diff --git a/ee/config/audit_events/types/user_auditor_status_updated.yml b/ee/config/audit_events/types/user_auditor_status_updated.yml index 0d2ee2ea8928e2..53ad0265358186 100644 --- a/ee/config/audit_events/types/user_auditor_status_updated.yml +++ b/ee/config/audit_events/types/user_auditor_status_updated.yml @@ -3,7 +3,7 @@ name: user_auditor_status_updated description: Adds an audit event when a user is either made an auditor, or removed as an auditor introduced_by_issue: https://gitlab.com/gitlab-org/gitlab/-/issues/430235 introduced_by_mr: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/136456 -milestone: "16.7" +milestone: "16.6" feature_category: user_profile saved_to_database: true streamed: true \ No newline at end of file -- GitLab