diff --git a/ee/app/services/ee/issuable/destroy_service.rb b/ee/app/services/ee/issuable/destroy_service.rb index 82f83405baba7c2e1f84b0f4efd12c680b8b7907..eba865e545ce6db6b77f515b1925e479e83673f5 100644 --- a/ee/app/services/ee/issuable/destroy_service.rb +++ b/ee/app/services/ee/issuable/destroy_service.rb @@ -9,6 +9,7 @@ module DestroyService override :after_destroy def after_destroy(issuable) + log_audit_event(issuable) track_usage_ping_epic_destroyed(issuable) if issuable.is_a?(Epic) super @@ -27,6 +28,24 @@ def track_usage_ping_epic_destroyed(epic) namespace: epic.group ) end + + def log_audit_event(issuable) + return unless current_user + + issuable_name = issuable.is_a?(Issue) ? issuable.work_item_type.name : issuable.class.name + + audit_context = { + name: "delete_#{issuable.to_ability_name}", + stream_only: true, + author: current_user, + target: issuable, + scope: issuable.resource_parent, + message: "Removed #{issuable_name}(#{issuable.title} with IID: #{issuable.iid} and ID: #{issuable.id})", + target_details: { title: issuable.title, iid: issuable.iid, id: issuable.id, type: issuable_name } + } + + ::Gitlab::Audit::Auditor.audit(audit_context) + end end end end diff --git a/ee/config/audit_events/types/delete_epic.yaml b/ee/config/audit_events/types/delete_epic.yaml new file mode 100644 index 0000000000000000000000000000000000000000..0101633380c8ccd5a6d8f0f31255fa54f80dbd40 --- /dev/null +++ b/ee/config/audit_events/types/delete_epic.yaml @@ -0,0 +1,8 @@ +name: delete_epic +description: Event triggered on successful epic deletion +introduced_by_issue: https://gitlab.com/gitlab-org/gitlab/-/issues/370487 +introduced_by_mr: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/96773 +group: "group::project management" +milestone: 15.4 +saved_to_database: false +streamed: true \ No newline at end of file diff --git a/ee/config/audit_events/types/delete_issue.yaml b/ee/config/audit_events/types/delete_issue.yaml new file mode 100644 index 0000000000000000000000000000000000000000..f5df5696ef741a471a77649509916bdd137e6f33 --- /dev/null +++ b/ee/config/audit_events/types/delete_issue.yaml @@ -0,0 +1,8 @@ +name: delete_issue +description: Event triggered on successful issue deletion +introduced_by_issue: https://gitlab.com/gitlab-org/gitlab/-/issues/370487 +introduced_by_mr: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/96773 +group: "group::project management" +milestone: 15.4 +saved_to_database: false +streamed: true \ No newline at end of file diff --git a/ee/config/audit_events/types/delete_merge_request.yaml b/ee/config/audit_events/types/delete_merge_request.yaml new file mode 100644 index 0000000000000000000000000000000000000000..e03b65879337a62313bb1864e3862ee7e1fa3d79 --- /dev/null +++ b/ee/config/audit_events/types/delete_merge_request.yaml @@ -0,0 +1,8 @@ +name: delete_merge_request +description: Event triggered on successful merge request deletion +introduced_by_issue: https://gitlab.com/gitlab-org/gitlab/-/issues/370487 +introduced_by_mr: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/96773 +group: "group::project management" +milestone: 15.4 +saved_to_database: false +streamed: true \ No newline at end of file diff --git a/ee/config/audit_events/types/delete_work_item.yaml b/ee/config/audit_events/types/delete_work_item.yaml new file mode 100644 index 0000000000000000000000000000000000000000..4567c50c8a121ee835c419157a63b4eee1c1fb6c --- /dev/null +++ b/ee/config/audit_events/types/delete_work_item.yaml @@ -0,0 +1,8 @@ +name: delete_work_item +description: Event triggered on successful work item deletion +introduced_by_issue: https://gitlab.com/gitlab-org/gitlab/-/issues/370487 +introduced_by_mr: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/96773 +group: "group::project management" +milestone: 15.4 +saved_to_database: false +streamed: true \ No newline at end of file diff --git a/ee/spec/services/ee/issuable/destroy_service_spec.rb b/ee/spec/services/ee/issuable/destroy_service_spec.rb index 580b6ecfef62f2635e0ba21ef78e43455b873b9e..87e1c40cb1b560d73e3b66056cfb20806c0f36d8 100644 --- a/ee/spec/services/ee/issuable/destroy_service_spec.rb +++ b/ee/spec/services/ee/issuable/destroy_service_spec.rb @@ -32,6 +32,55 @@ subject.execute(issuable) end + + RSpec.shared_examples 'logs delete issuable audit event' do + it 'logs audit event' do + audit_context = { + name: "delete_#{issuable.to_ability_name}", + stream_only: true, + author: user, + scope: scope, + target: issuable, + message: "Removed #{issuable_name}(#{issuable.title} with IID: #{issuable.iid} and ID: #{issuable.id})", + target_details: { title: issuable.title, iid: issuable.iid, id: issuable.id, type: issuable_name } + } + + expect(::Gitlab::Audit::Auditor).to receive(:audit).with(audit_context) + + service.execute(issuable) + end + end + + context 'when issuable is an issue' do + let(:issuable_name) { issuable.work_item_type.name } + let(:scope) { issuable.project } + + it_behaves_like 'logs delete issuable audit event' + end + + context 'when issuable is an epic' do + let(:issuable) { create(:epic) } + let(:issuable_name) { 'Epic' } + let(:scope) { issuable.group } + + it_behaves_like 'logs delete issuable audit event' + end + + context 'when issuable is a task' do + let(:issuable) { create(:work_item, :task) } + let(:issuable_name) { issuable.work_item_type.name } + let(:scope) { issuable.project } + + it_behaves_like 'logs delete issuable audit event' + end + + context 'when issuable is a merge_request' do + let(:issuable) { create(:merge_request) } + let(:issuable_name) { 'MergeRequest' } + let(:scope) { issuable.project } + + it_behaves_like 'logs delete issuable audit event' + end end end end