Commit 630bfeae authored by Adrien Gooris's avatar Adrien Gooris Committed by Matthias Käppler

Track changes in merge request approval settings in Audit Events

Changelog: added
MR: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/66234
EE: true
parent 03903b0a
......@@ -123,6 +123,9 @@ From there, you can see the following actions:
- Created, updated, or deleted DAST profiles, DAST scanner profiles, and DAST site profiles
([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/217872) in GitLab 14.1)
- Changed a project's compliance framework ([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/329362) in GitLab 14.1)
- User password required for approvals was updated ([introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/336211) in GitLab 14.2)
- Permission to modify merge requests approval rules in merge requests was updated ([introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/336211) in GitLab 14.2)
- New approvals requirement when new commits are added to an MR was updated ([introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/336211) in GitLab 14.2)
Project events can also be accessed via the [Project Audit Events API](../api/audit_events.md#project-audit-events).
......
......@@ -13,6 +13,9 @@ module EE
audit_changes(:merge_requests_author_approval, as: 'prevent merge request approval from authors', model: model)
audit_changes(:merge_requests_disable_committers_approval, as: 'prevent merge request approval from reviewers', model: model)
audit_changes(:reset_approvals_on_push, as: 'require new approvals when new commits are added to an MR', model: model)
audit_changes(:disable_overriding_approvers_per_merge_request, as: 'prevent users from modifying MR approval rules in merge requests', model: model)
audit_changes(:require_password_to_approve, as: 'require user password for approvals', model: model)
audit_project_feature_changes
audit_compliance_framework_changes
......
......@@ -14,7 +14,10 @@ RSpec.describe EE::Audit::ProjectChangesAuditor do
repository_size_limit: 10,
packages_enabled: true,
merge_requests_author_approval: false,
merge_requests_disable_committers_approval: true
merge_requests_disable_committers_approval: true,
reset_approvals_on_push: false,
disable_overriding_approvers_per_merge_request: false,
require_password_to_approve: false
)
end
......@@ -162,6 +165,45 @@ RSpec.describe EE::Audit::ProjectChangesAuditor do
)
end
end
it 'creates an event when the reset approvals on push changes' do
project.update!(reset_approvals_on_push: true)
aggregate_failures do
expect { foo_instance.execute }.to change { AuditEvent.count }.by(1)
expect(AuditEvent.last.details).to include(
change: 'require new approvals when new commits are added to an MR',
from: false,
to: true
)
end
end
it 'creates an event when the require password to approve changes' do
project.update!(require_password_to_approve: true)
aggregate_failures do
expect { foo_instance.execute }.to change { AuditEvent.count }.by(1)
expect(AuditEvent.last.details).to include(
change: 'require user password for approvals',
from: false,
to: true
)
end
end
it 'creates an event when the disable overriding approvers per merge request changes' do
project.update!(disable_overriding_approvers_per_merge_request: true)
aggregate_failures do
expect { foo_instance.execute }.to change { AuditEvent.count }.by(1)
expect(AuditEvent.last.details).to include(
change: 'prevent users from modifying MR approval rules in merge requests',
from: false,
to: true
)
end
end
end
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment