diff --git a/ee/app/services/approval_rules/project_rule_destroy_service.rb b/ee/app/services/approval_rules/project_rule_destroy_service.rb index 5e1fc53dd3d979fa3197e4fd056e27e94d7fecce..fd508bbe776f99da97f25c68eba9bf4b2466f848 100644 --- a/ee/app/services/approval_rules/project_rule_destroy_service.rb +++ b/ee/app/services/approval_rules/project_rule_destroy_service.rb @@ -36,6 +36,7 @@ def remove_associated_approval_rules_from_unmerged_merge_requests def audit_deletion audit_context = { + name: 'approval_rule_deleted', author: current_user, scope: rule.project, target: rule, diff --git a/ee/app/services/concerns/approval_rules/updater.rb b/ee/app/services/concerns/approval_rules/updater.rb index c6e493dd4bb317e0bfa1c4149f2412bf35732837..edb0bd3f280c86ffdfa9ce8523c09dd96bd43a3d 100644 --- a/ee/app/services/concerns/approval_rules/updater.rb +++ b/ee/app/services/concerns/approval_rules/updater.rb @@ -22,8 +22,9 @@ def action private def with_audit_logged(&block) + name = rule.new_record? ? 'approval_rule_created' : 'update_aproval_rules' audit_context = { - name: 'update_aproval_rules', + name: name, author: current_user, scope: rule.project, target: rule @@ -62,7 +63,8 @@ def log_audit_event(rule) :approvals_required, as: 'number of required approvals', entity: rule.project, - model: rule + model: rule, + event_type: 'update_aproval_rules' ) end end diff --git a/ee/spec/services/approval_rules/create_service_spec.rb b/ee/spec/services/approval_rules/create_service_spec.rb index 5c82b5ad99818552ec6dc929635bd8841d4b1e87..31e8cffaaa352b94f823ea0e9bfdc53fcb86e069 100644 --- a/ee/spec/services/approval_rules/create_service_spec.rb +++ b/ee/spec/services/approval_rules/create_service_spec.rb @@ -349,4 +349,33 @@ end end end + + context 'audit event is streamed with correct event type', :request_store do + let_it_be(:user) { create(:user)} + let_it_be(:group) { create(:group) } + let_it_be(:project) { create(:project, creator: user, group: group) } + let_it_be(:new_approvers) { create_list(:user, 2) } + let_it_be(:new_groups) { create_list(:group, 2, :private) } + let_it_be(:destination) { create(:external_audit_event_destination, group: group) } + + subject do + described_class.new( + project, + user, + { name: 'security', + approvals_required: 1, + user_ids: new_approvers.map(&:id), + group_ids: new_groups.map(&:id) } + ).execute + end + + before do + group.add_owner(user) + stub_licensed_features(external_audit_events: true) + end + + it_behaves_like 'sends correct event type in audit event stream' do + let_it_be(:event_type) { 'approval_rule_created' } + end + end end diff --git a/ee/spec/services/approval_rules/project_rule_destroy_service_spec.rb b/ee/spec/services/approval_rules/project_rule_destroy_service_spec.rb index a0b232d2529a67ff327b2b5f14f92806034ece80..9cf099543d21190e48e5bc683187fe2ad938d17e 100644 --- a/ee/spec/services/approval_rules/project_rule_destroy_service_spec.rb +++ b/ee/spec/services/approval_rules/project_rule_destroy_service_spec.rb @@ -3,18 +3,19 @@ require 'spec_helper' RSpec.describe ApprovalRules::ProjectRuleDestroyService do - let(:project) { create(:project, :repository) } + let(:group) { create(:group) } + let(:project) { create(:project, :repository, group: group) } let(:merge_request) { create(:merge_request, source_project: project, target_project: project) } describe '#execute' do let!(:project_rule) { create(:approval_project_rule, project: project) } let(:current_user) { create(:user, name: 'Bruce Wayne') } - subject { described_class.new(project_rule, current_user) } + subject { described_class.new(project_rule, current_user).execute } shared_context 'an audit event is added' do it 'adds an audit event' do - expect { subject.execute }.to change { AuditEvent.count }.by(1) + expect { subject }.to change { AuditEvent.count }.by(1) expect(AuditEvent.last.details).to include({ author_name: current_user.name, custom_message: 'Deleted approval rule', @@ -22,11 +23,20 @@ target_id: project_rule.id }) end + + before do + stub_licensed_features(external_audit_events: true) + group.external_audit_event_destinations.create!(destination_url: 'http://example.com') + end + + it_behaves_like 'sends correct event type in audit event stream' do + let_it_be(:event_type) { 'approval_rule_deleted' } + end end context 'when there is no merge request rules' do it 'destroys project rule' do - expect { subject.execute }.to change { ApprovalProjectRule.count }.by(-1) + expect { subject }.to change { ApprovalProjectRule.count }.by(-1) end include_context 'an audit event is added' @@ -41,7 +51,7 @@ context 'when open' do it 'destroys merge request rules' do - expect { subject.execute }.to change { ApprovalMergeRequestRule.count }.by(-1) + expect { subject }.to change { ApprovalMergeRequestRule.count }.by(-1) end include_context 'an audit event is added' @@ -53,7 +63,7 @@ end it 'does nothing' do - expect { subject.execute }.not_to change { ApprovalMergeRequestRule.count } + expect { subject }.not_to change { ApprovalMergeRequestRule.count } end include_context 'an audit event is added' diff --git a/ee/spec/services/approval_rules/update_service_spec.rb b/ee/spec/services/approval_rules/update_service_spec.rb index 4f0f6443070eedee88000ec181af54ea91e39197..94a44e51ed40e45a69ba9a9500e7c2833d2e1123 100644 --- a/ee/spec/services/approval_rules/update_service_spec.rb +++ b/ee/spec/services/approval_rules/update_service_spec.rb @@ -203,6 +203,10 @@ end describe 'audit events' do + let_it_be(:user) { create(:user)} + let_it_be(:parent_group) { create(:group) } + let_it_be(:destination) { create(:external_audit_event_destination, group: parent_group) } + let_it_be(:project) { create(:project, creator: user, group: parent_group) } let_it_be(:approver) { create(:user, name: 'Batman') } let_it_be(:group) { create(:group, name: 'Justice League') } let_it_be(:new_approver) { create(:user, name: 'Spiderman') } @@ -219,6 +223,7 @@ end before do + parent_group.add_owner(user) project.add_reporter approver project.add_reporter new_approver end @@ -226,6 +231,7 @@ context 'when licensed' do before do stub_licensed_features(audit_events: true) + stub_licensed_features(external_audit_events: true) end context 'when rule update operation succeeds', :request_store do @@ -235,6 +241,11 @@ end.to change { AuditEvent.count }.by(1) end + it_behaves_like 'sends correct event type in audit event stream' do + let_it_be(:event_type) { 'update_aproval_rules' } + subject {described_class.new(approval_rule, user, approvals_required: 1).execute} + end + it 'audits the number of required approvals change' do described_class.new(approval_rule, user, approvals_required: 1).execute diff --git a/ee/spec/services/audit_events/build_service_spec.rb b/ee/spec/services/audit_events/build_service_spec.rb index f21f4c5ed92f176c13859a43df3bff4bbc39e67d..756ad9130e6e040d442d3487e6de206f3d1bc1b0 100644 --- a/ee/spec/services/audit_events/build_service_spec.rb +++ b/ee/spec/services/audit_events/build_service_spec.rb @@ -88,6 +88,22 @@ end end + context 'when overriding target details' do + subject(:service) do + described_class.new( + author: author, + scope: scope, + target: target, + message: message, + target_details: "This is my target details" + ) + end + + it 'uses correct target details' do + expect(event.target_details).to eq("This is my target details") + end + end + context 'when deploy token is passed as author' do let(:service) do described_class.new(