From cd2a90f5b3651753a571402e0afada15b94155e6 Mon Sep 17 00:00:00 2001 From: Rajendra Kadam Date: Tue, 16 Jun 2020 20:43:30 +0530 Subject: [PATCH 1/4] Use Keys::CreateService when Admin creates keys for themselves --- lib/api/users.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/api/users.rb b/lib/api/users.rb index 3d8ae09edf1dc0..77644a2cbc2bb0 100644 --- a/lib/api/users.rb +++ b/lib/api/users.rb @@ -730,9 +730,9 @@ def find_impersonation_token optional :expires_at, type: DateTime, desc: 'The expiration date of the SSH key in ISO 8601 format (YYYY-MM-DDTHH:MM:SSZ)' end post "keys" do - key = current_user.keys.new(declared_params) + key = ::Keys::CreateService.new(current_user, declared_params(include_missing: false)).execute - if key.save + if key.persisted? present key, with: Entities::SSHKey else render_validation_error!(key) -- GitLab From cce2753e707c04f4c84975a6b19deae3b0ae6a55 Mon Sep 17 00:00:00 2001 From: Rajendra Kadam Date: Tue, 16 Jun 2020 20:49:29 +0530 Subject: [PATCH 2/4] Add changelog --- changelogs/unreleased/services-usage-3.yml | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 changelogs/unreleased/services-usage-3.yml diff --git a/changelogs/unreleased/services-usage-3.yml b/changelogs/unreleased/services-usage-3.yml new file mode 100644 index 00000000000000..eceb65046cf025 --- /dev/null +++ b/changelogs/unreleased/services-usage-3.yml @@ -0,0 +1,5 @@ +--- +title: Record audit event when an admin creates a new SSH Key for themselves via the API +merge_request: 34645 +author: Rajendra Kadam +type: fixed -- GitLab From 6e5f16075bc0c85971ceec0cedd58afc4ca18e02 Mon Sep 17 00:00:00 2001 From: Rajendra Kadam Date: Wed, 17 Jun 2020 11:18:44 +0530 Subject: [PATCH 3/4] Add specs for audit event --- changelogs/unreleased/services-usage-3.yml | 2 +- ee/spec/requests/api/users_spec.rb | 28 ++++++++++++++++++---- 2 files changed, 25 insertions(+), 5 deletions(-) diff --git a/changelogs/unreleased/services-usage-3.yml b/changelogs/unreleased/services-usage-3.yml index eceb65046cf025..3084e61cf0f287 100644 --- a/changelogs/unreleased/services-usage-3.yml +++ b/changelogs/unreleased/services-usage-3.yml @@ -1,5 +1,5 @@ --- -title: Record audit event when an admin creates a new SSH Key for themselves via the API +title: Record audit event when a user creates a new SSH Key for themselves via the API merge_request: 34645 author: Rajendra Kadam type: fixed diff --git a/ee/spec/requests/api/users_spec.rb b/ee/spec/requests/api/users_spec.rb index 0752d24a4a2625..7010bafec1297a 100644 --- a/ee/spec/requests/api/users_spec.rb +++ b/ee/spec/requests/api/users_spec.rb @@ -62,10 +62,12 @@ end context 'extended audit events' do + before do + stub_licensed_features(extended_audit_events: true) + end + describe "PUT /users/:id" do it "creates audit event when updating user with new password" do - stub_licensed_features(extended_audit_events: true) - put api("/users/#{user.id}", admin), params: { password: '12345678' } expect(AuditEvent.count).to eq(1) @@ -74,13 +76,31 @@ describe 'POST /users/:id/block' do it 'creates audit event when blocking user' do - stub_licensed_features(extended_audit_events: true) - expect do post api("/users/#{user.id}/block", admin) end.to change { AuditEvent.count }.by(1) end end + + describe 'POST /keys' do + let(:key_attrs) { attributes_for :key } + + def make_request(endpoint, user) + post api(endpoint, user), params: key_attrs + end + + it 'creates audit event when user adds a new SSH key' do + expect do + make_request("/user/keys", user) + end.to change { AuditEvent.count }.by(1) + end + + it 'creates audit event when admin adds a new key for a user' do + expect do + make_request("/users/#{user.id}/keys", admin) + end.to change { AuditEvent.count }.by(1) + end + end end context 'shared_runners_minutes_limit' do -- GitLab From 8f56d7b1d26bd02ce1aeaab311ebaf2bfa06d46e Mon Sep 17 00:00:00 2001 From: Rajendra Kadam Date: Wed, 17 Jun 2020 12:00:27 +0530 Subject: [PATCH 4/4] Separate describe blocks for each test --- ee/spec/requests/api/users_spec.rb | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/ee/spec/requests/api/users_spec.rb b/ee/spec/requests/api/users_spec.rb index 7010bafec1297a..88728d40121ea0 100644 --- a/ee/spec/requests/api/users_spec.rb +++ b/ee/spec/requests/api/users_spec.rb @@ -82,22 +82,22 @@ end end - describe 'POST /keys' do - let(:key_attrs) { attributes_for :key } - - def make_request(endpoint, user) - post api(endpoint, user), params: key_attrs - end - + describe 'POST /user/keys' do it 'creates audit event when user adds a new SSH key' do + key = attributes_for(:key) + expect do - make_request("/user/keys", user) + post api('/user/keys', user), params: key end.to change { AuditEvent.count }.by(1) end + end + describe 'POST /users/:id/keys' do it 'creates audit event when admin adds a new key for a user' do + key = attributes_for(:key) + expect do - make_request("/users/#{user.id}/keys", admin) + post api("/users/#{user.id}/keys", admin), params: key end.to change { AuditEvent.count }.by(1) end end -- GitLab