Merge branch 'audit_deploy_key' into 'master'

Audit log for deploy keys Implements #251 ![joxi_screenshot_1427130431169](https://dev.gitlab.org/gitlab/gitlab-ee/uploads/a893f55f27fb4f1c50feb2062f9f26d6/joxi_screenshot_1427130431169.png) See merge request !360

Merge branch 'audit_deploy_key' into 'master'
Audit log for deploy keys Implements #251 ![joxi_screenshot_1427130431169](https://dev.gitlab.org/gitlab/gitlab-ee/uploads/a893f55f27fb4f1c50feb2062f9f26d6/joxi_screenshot_1427130431169.png) See merge request !360
d2721c23 · Dmitriy Zaporozhets · fbaf39ca · f444c9cc · d2721c23 · d2721c23
Commit d2721c23 authored Mar 24, 2015 by Dmitriy Zaporozhets
6 changed files
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -23,6 +23,7 @@ v 7.10.0 (unreleased)
  - Restrict permissions on backup files
  - Improve oauth accounts UI in profile page
  - Add ability to unlink connected accounts
+  - Add changes to Deploy Keys to the Audit Logs

 v 7.9.0 (unreleased)
  - Add HipChat integration documentation (Stan Hu)

--- a/app/controllers/projects/deploy_keys_controller.rb
+++ b/app/controllers/projects/deploy_keys_controller.rb
@@ -25,6 +25,8 @@ class Projects::DeployKeysController < Projects::ApplicationController
    @key = DeployKey.new(deploy_key_params)

    if @key.valid? && @project.deploy_keys << @key
+      log_audit_event(@key.title, action: :create)
+
      redirect_to namespace_project_deploy_keys_path(@project.namespace,
                                                     @project)
    else
@@ -36,6 +38,8 @@ class Projects::DeployKeysController < Projects::ApplicationController
    @key = @project.deploy_keys.find(params[:id])
    @key.destroy

+    log_audit_event(@key.title, action: :destroy)
+
    respond_to do |format|
      format.html { redirect_to namespace_project_deploy_keys_path(@project.namespace, @project) }
      format.js { render nothing: true }
@@ -65,4 +69,9 @@ class Projects::DeployKeysController < Projects::ApplicationController
  def deploy_key_params
    params.require(:deploy_key).permit(:key, :title)
  end
+
+  def log_audit_event(key_title, options = {})
+    AuditEventService.new(current_user, @project, options).
+      for_deploy_key(key_title).security_event
+  end
 end
--- a/app/services/audit_event_service.rb
+++ b/app/services/audit_event_service.rb
@@ -40,6 +40,30 @@ class AuditEventService
    self
  end

+  def for_deploy_key(key_title)
+    action = @details[:action]
+
+    @details =
+      case action
+      when :destroy
+        {
+          remove: "deploy_key",
+          target_id: key_title,
+          target_type: "DeployKey",
+          target_details: key_title,
+        }
+      when :create
+        {
+          add: "deploy_key",
+          target_id: key_title,
+          target_type: "DeployKey",
+          target_details: key_title,
+        }
+      end
+
+    self
+  end
+
  def security_event
    SecurityEvent.create(
      author_id: @author.id,

--- a/features/project/audit_event.feature
+++ b/features/project/audit_event.feature
+Feature: Audit Event
+  Background:
+    Given I sign in as a user
+    And I own project "Shop"
+
+  Scenario: I add new deploy key
+    Given I created new depoloy key
+    When I visit audit event page
+    Then I see deploy key event
+    When I remove deploy key
+    And I visit audit event page
+    Then I see remove deploy key event
+
+  
\ No newline at end of file
--- a/features/steps/project/audit_event.rb
+++ b/features/steps/project/audit_event.rb
+class Spinach::Features::AuditEvent < Spinach::FeatureSteps
+  include SharedAuthentication
+  include SharedProject
+  include SharedPaths
+
+  step 'I created new depoloy key' do
+    visit new_namespace_project_deploy_key_path(@project.namespace, @project)
+
+    fill_in "deploy_key_title", with: "laptop"
+    fill_in "deploy_key_key", with: "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAzrEJUIR6Y03TCE9rIJ+GqTBvgb8t1jI9h5UBzCLuK4VawOmkLornPqLDrGbm6tcwM/wBrrLvVOqi2HwmkKEIecVO0a64A4rIYScVsXIniHRS6w5twyn1MD3sIbN+socBDcaldECQa2u1dI3tnNVcs8wi77fiRe7RSxePsJceGoheRQgC8AZ510UdIlO+9rjIHUdVN7LLyz512auAfYsgx1OfablkQ/XJcdEwDNgi9imI6nAXhmoKUm1IPLT2yKajTIC64AjLOnE0YyCh6+7RFMpiMyu1qiOCpdjYwTgBRiciNRZCH8xIedyCoAmiUgkUT40XYHwLuwiPJICpkAzp7Q== user@laptop"
+
+    click_button "Create"
+  end
+
+  step 'I remove deploy key' do
+    visit namespace_project_deploy_keys_path(@project.namespace, @project)
+    click_link "Remove"
+  end
+
+  step 'I see remove deploy key event' do
+    page.should have_content("Remove deploy key")
+  end
+
+  step 'I see deploy key event' do
+    page.should have_content("Add deploy key")
+  end
+end
--- a/features/steps/shared/paths.rb
+++ b/features/steps/shared/paths.rb
@@ -67,6 +67,10 @@ module SharedPaths
    visit edit_group_path(Group.find_by(name:"Guest"))
  end

+  step 'I visit audit event page' do
+    visit namespace_project_audit_events_path(@project.namespace, @project)
+  end
+
  # ----------------------------------------
  # Dashboard
  # ----------------------------------------