From 1f17e0a88a480d5940212a872c71bafc12941640 Mon Sep 17 00:00:00 2001 From: Avielle Wolfe Date: Tue, 18 May 2021 16:27:05 +0200 Subject: [PATCH] Use Gitlab::Audit::Auditor class This is the official class that should be used for creating audit events. This commit replaces uses of AuditEventService with it for all DAST scanner profile audit events. --- .../dast/scanner_profiles/create_service.rb | 13 ++++---- .../dast/scanner_profiles/destroy_service.rb | 13 ++++---- .../dast/scanner_profiles/update_service.rb | 15 +++++----- .../scanner_profiles/create_service_spec.rb | 3 +- .../scanner_profiles/destroy_service_spec.rb | 3 +- .../scanner_profiles/update_service_spec.rb | 30 ++++++++----------- 6 files changed, 37 insertions(+), 40 deletions(-) diff --git a/ee/app/services/app_sec/dast/scanner_profiles/create_service.rb b/ee/app/services/app_sec/dast/scanner_profiles/create_service.rb index 84722d8d8d7c99..c773a9ba544d20 100644 --- a/ee/app/services/app_sec/dast/scanner_profiles/create_service.rb +++ b/ee/app/services/app_sec/dast/scanner_profiles/create_service.rb @@ -33,12 +33,13 @@ def allowed? end def create_audit_event(profile) - AuditEventService.new(current_user, project, { - add: 'DAST scanner profile', - target_id: profile.id, - target_type: profile.class.name, - target_details: profile.name - }).security_event + ::Gitlab::Audit::Auditor.audit( + name: 'dast_scanner_profile_create', + author: current_user, + scope: project, + target: profile, + message: "Added DAST scanner profile" + ) end end end diff --git a/ee/app/services/app_sec/dast/scanner_profiles/destroy_service.rb b/ee/app/services/app_sec/dast/scanner_profiles/destroy_service.rb index 4cc03eeb4c791a..33c41cd5f15fa2 100644 --- a/ee/app/services/app_sec/dast/scanner_profiles/destroy_service.rb +++ b/ee/app/services/app_sec/dast/scanner_profiles/destroy_service.rb @@ -41,12 +41,13 @@ def find_dast_scanner_profile(id) end def create_audit_event(profile) - AuditEventService.new(current_user, project, { - remove: 'DAST scanner profile', - target_id: profile.id, - target_type: profile.class.name, - target_details: profile.name - }).security_event + ::Gitlab::Audit::Auditor.audit( + name: 'dast_scanner_profile_destroy', + author: current_user, + scope: project, + target: profile, + message: "Removed DAST scanner profile" + ) end end end diff --git a/ee/app/services/app_sec/dast/scanner_profiles/update_service.rb b/ee/app/services/app_sec/dast/scanner_profiles/update_service.rb index a3d0a239b1d1e3..fd70272c3a8e64 100644 --- a/ee/app/services/app_sec/dast/scanner_profiles/update_service.rb +++ b/ee/app/services/app_sec/dast/scanner_profiles/update_service.rb @@ -56,14 +56,13 @@ def create_audit_events(profile, params, old_params) next if old_value == new_value - AuditEventService.new(current_user, project, { - change: "DAST scanner profile #{property}", - from: old_value, - to: new_value, - target_id: profile.id, - target_type: profile.class.name, - target_details: profile.name - }).security_event + ::Gitlab::Audit::Auditor.audit( + name: 'dast_scanner_profile_update', + author: current_user, + scope: project, + target: profile, + message: "Changed DAST scanner profile #{property} from #{old_value} to #{new_value}" + ) end end end diff --git a/ee/spec/services/app_sec/dast/scanner_profiles/create_service_spec.rb b/ee/spec/services/app_sec/dast/scanner_profiles/create_service_spec.rb index 99addc94422375..a17c956076ba27 100644 --- a/ee/spec/services/app_sec/dast/scanner_profiles/create_service_spec.rb +++ b/ee/spec/services/app_sec/dast/scanner_profiles/create_service_spec.rb @@ -100,7 +100,8 @@ expect(audit_event.target_type).to eq('DastScannerProfile') expect(audit_event.target_details).to eq(profile.name) expect(audit_event.details).to eq({ - add: 'DAST scanner profile', + author_name: user.name, + custom_message: 'Added DAST scanner profile', target_id: profile.id, target_type: 'DastScannerProfile', target_details: profile.name diff --git a/ee/spec/services/app_sec/dast/scanner_profiles/destroy_service_spec.rb b/ee/spec/services/app_sec/dast/scanner_profiles/destroy_service_spec.rb index 5740f83e36bdab..26414b7129b896 100644 --- a/ee/spec/services/app_sec/dast/scanner_profiles/destroy_service_spec.rb +++ b/ee/spec/services/app_sec/dast/scanner_profiles/destroy_service_spec.rb @@ -63,7 +63,8 @@ expect(audit_event.target_type).to eq('DastScannerProfile') expect(audit_event.target_details).to eq(profile.name) expect(audit_event.details).to eq({ - remove: 'DAST scanner profile', + author_name: user.name, + custom_message: 'Removed DAST scanner profile', target_id: profile.id, target_type: 'DastScannerProfile', target_details: profile.name diff --git a/ee/spec/services/app_sec/dast/scanner_profiles/update_service_spec.rb b/ee/spec/services/app_sec/dast/scanner_profiles/update_service_spec.rb index eecc1e3c125aa7..8609f2131a957a 100644 --- a/ee/spec/services/app_sec/dast/scanner_profiles/update_service_spec.rb +++ b/ee/spec/services/app_sec/dast/scanner_profiles/update_service_spec.rb @@ -76,25 +76,22 @@ let(:base_audit_details) do [ { - change: "DAST scanner profile name", - from: dast_profile.name, - to: new_profile_name, + author_name: user.name, + custom_message: "Changed DAST scanner profile name from #{dast_profile.name} to #{new_profile_name}", target_id: dast_profile.id, target_type: 'DastScannerProfile', target_details: new_profile_name }, { - change: "DAST scanner profile target_timeout", - from: dast_profile.target_timeout, - to: new_target_timeout, + author_name: user.name, + custom_message: "Changed DAST scanner profile target_timeout from #{dast_profile.target_timeout} to #{new_target_timeout}", target_id: dast_profile.id, target_type: 'DastScannerProfile', target_details: new_profile_name }, { - change: "DAST scanner profile spider_timeout", - from: dast_profile.spider_timeout, - to: new_spider_timeout, + author_name: user.name, + custom_message: "Changed DAST scanner profile spider_timeout from #{dast_profile.spider_timeout} to #{new_spider_timeout}", target_id: dast_profile.id, target_type: 'DastScannerProfile', target_details: new_profile_name @@ -169,25 +166,22 @@ expect(audit_events_details).to match_array(base_audit_details + [ { - change: "DAST scanner profile scan_type", - from: dast_profile.scan_type, - to: new_scan_type, + author_name: user.name, + custom_message: "Changed DAST scanner profile scan_type from #{dast_profile.scan_type} to #{new_scan_type}", target_id: profile.id, target_type: 'DastScannerProfile', target_details: new_profile_name }, { - change: "DAST scanner profile use_ajax_spider", - from: dast_profile.use_ajax_spider, - to: new_use_ajax_spider, + author_name: user.name, + custom_message: "Changed DAST scanner profile use_ajax_spider from #{dast_profile.use_ajax_spider} to #{new_use_ajax_spider}", target_id: profile.id, target_type: 'DastScannerProfile', target_details: new_profile_name }, { - change: "DAST scanner profile show_debug_messages", - from: dast_profile.show_debug_messages, - to: new_show_debug_messages, + author_name: user.name, + custom_message: "Changed DAST scanner profile show_debug_messages from #{dast_profile.show_debug_messages} to #{new_show_debug_messages}", target_id: profile.id, target_type: 'DastScannerProfile', target_details: new_profile_name -- GitLab