Merge branch 'services-usage-1' into 'master'

Record Audit Event when creating new SSH keys via the API See merge request gitlab-org/gitlab!33859

Merge branch 'services-usage-1' into 'master'
Record Audit Event when creating new SSH keys via the API See merge request gitlab-org/gitlab!33859
6da8db40 · Sean McGivern · 358f18e0 · d6e5b443 · 6da8db40 · 6da8db40
Commit 6da8db40 authored Jun 15, 2020 by Sean McGivern
5 changed files
--- a/app/services/keys/create_service.rb
+++ b/app/services/keys/create_service.rb
@@ -2,6 +2,14 @@

 module Keys
  class CreateService < ::Keys::BaseService
+    attr_accessor :current_user
+
+    def initialize(current_user, params = {})
+      @current_user, @params = current_user, params
+      @ip_address = @params.delete(:ip_address)
+      @user = params.delete(:user) || current_user
+    end
+
    def execute
      key = user.keys.create(params)
      notification_service.new_key(key) if key.persisted?

--- a/changelogs/unreleased/services-usage-1.yml
+++ b/changelogs/unreleased/services-usage-1.yml
+---
+title: Record audit event when an admin creates a new SSH Key for a user via the API
+merge_request: 33859
+author: Rajendra Kadam
+type: fixed
--- a/ee/app/services/ee/keys/create_service.rb
+++ b/ee/app/services/ee/keys/create_service.rb
@@ -14,7 +14,7 @@ module EE
      end

      def audit_event_service
-        ::AuditEventService.new(user,
+        ::AuditEventService.new(current_user,
                                user,
                                action: :custom,
                                custom_message: 'Added SSH key',

--- a/ee/spec/services/keys/create_service_spec.rb
+++ b/ee/spec/services/keys/create_service_spec.rb
@@ -3,14 +3,20 @@
 require 'spec_helper'

 RSpec.describe Keys::CreateService do
+  let(:admin) { create(:admin) }
  let(:user) { create(:user) }
-  let(:params) { attributes_for(:key) }
+  let(:params) { attributes_for(:key).merge(user: user) }

-  subject { described_class.new(user, params) }
+  subject { described_class.new(admin, params) }

  it 'creates' do
    stub_licensed_features(extended_audit_events: true)

    expect { subject.execute }.to change { SecurityEvent.count }.by(1)
+
+    event = SecurityEvent.last
+
+    expect(event.author_name).to eq(admin.name)
+    expect(event.entity_id).to eq(user.id)
  end
 end
--- a/lib/api/users.rb
+++ b/lib/api/users.rb
@@ -264,9 +264,9 @@ module API
        user = User.find_by(id: params.delete(:id))
        not_found!('User') unless user

-        key = user.keys.new(declared_params(include_missing: false))
+        key = ::Keys::CreateService.new(current_user, declared_params(include_missing: false).merge(user: user)).execute

-        if key.save
+        if key.persisted?
          present key, with: Entities::SSHKey
        else
          render_validation_error!(key)