Merge branch '239305-resolve-ip-address-for-audit' into 'master'

Resolve IP address from RequestContext for audit See merge request gitlab-org/gitlab!46114

Merge branch '239305-resolve-ip-address-for-audit' into 'master'
Resolve IP address from RequestContext for audit See merge request gitlab-org/gitlab!46114
b076da89 · Dylan Griffith · 88b24406 · 816032b2 · b076da89 · b076da89
Commit b076da89 authored Oct 27, 2020 by Dylan Griffith
3 changed files
--- a/app/services/audit_event_service.rb
+++ b/app/services/audit_event_service.rb
@@ -16,7 +16,7 @@ class AuditEventService
    @author = build_author(author)
    @entity = entity
    @details = details
-    @ip_address = (@details[:ip_address].presence || @author.current_sign_in_ip)
+    @ip_address = resolve_ip_address(@details, @author)
  end
  # Builds the @details attribute for authentication
@@ -64,6 +64,12 @@ class AuditEventService
    end
  end
+  def resolve_ip_address(details, author)
+    details[:ip_address].presence ||
+      Gitlab::RequestContext.instance.client_ip ||
+      author.current_sign_in_ip
+  end
  def base_payload
    {
      author_id: @author.id,

--- a/changelogs/unreleased/239305-resolve-ip-address-for-audit.yml
+++ b/changelogs/unreleased/239305-resolve-ip-address-for-audit.yml
+---
+title: Resolve request IP address on audit event
+merge_request: 46114
+author:
+type: changed
--- a/spec/services/audit_event_service_spec.rb
+++ b/spec/services/audit_event_service_spec.rb
@@ -3,17 +3,13 @@
 require 'spec_helper'
 RSpec.describe AuditEventService do
-  let(:project) { create(:project) }
+  let_it_be(:project) { create(:project) }
-  let(:user) { create(:user, :with_sign_ins) }
+  let_it_be(:user) { create(:user, :with_sign_ins) }
-  let(:project_member) { create(:project_member, user: user) }
+  let_it_be(:project_member) { create(:project_member, user: user) }
  let(:service) { described_class.new(user, project, { action: :destroy }) }
  let(:logger) { instance_double(Gitlab::AuditJsonLogger) }
  describe '#security_event' do
-    before do
-      stub_licensed_features(admin_audit_log: false)
-    end
    it 'creates an event and logs to a file' do
      expect(service).to receive(:file_logger).and_return(logger)
      expect(logger).to receive(:info).with(author_id: user.id,
@@ -78,6 +74,31 @@ RSpec.describe AuditEventService do
        audit_service.for_authentication.security_event
      end
+      context 'with IP address', :request_store do
+        using RSpec::Parameterized::TableSyntax
+        where(:from_caller, :from_context, :from_author_sign_in, :output) do
+          '192.168.0.1' | '192.168.0.2' | '192.168.0.3' | '192.168.0.1'
+          nil           | '192.168.0.2' | '192.168.0.3' | '192.168.0.2'
+          nil           | nil           | '192.168.0.3' | '192.168.0.3'
+        end
+        with_them do
+          let(:user) { create(:user, current_sign_in_ip: from_author_sign_in) }
+          let(:audit_service) { described_class.new(user, user, with: 'standard', ip_address: from_caller) }
+          before do
+            allow(Gitlab::RequestContext.instance).to receive(:client_ip).and_return(from_context)
+          end
+          specify do
+            expect(AuthenticationEvent).to receive(:new).with(hash_including(ip_address: output))
+            audit_service.for_authentication.security_event
+          end
+        end
+      end
    end
  end