Merge branch '217872-use-preferred-auditor-class' into 'master'

Use Gitlab::Audit::Auditor for DAST scanner profile audit events See merge request gitlab-org/gitlab!62007

Merge branch '217872-use-preferred-auditor-class' into 'master'
Use Gitlab::Audit::Auditor for DAST scanner profile audit events See merge request gitlab-org/gitlab!62007
dbd5803d · Mikołaj Wawrzyniak · 6b4679d8 · 1f17e0a8 · dbd5803d · dbd5803d
Commit dbd5803d authored May 24, 2021 by Mikołaj Wawrzyniak
6 changed files
--- a/ee/app/services/app_sec/dast/scanner_profiles/create_service.rb
+++ b/ee/app/services/app_sec/dast/scanner_profiles/create_service.rb
@@ -33,12 +33,13 @@ module AppSec
        end

        def create_audit_event(profile)
-          AuditEventService.new(current_user, project, {
-            add: 'DAST scanner profile',
-            target_id: profile.id,
-            target_type: profile.class.name,
-            target_details: profile.name
-          }).security_event
+          ::Gitlab::Audit::Auditor.audit(
+            name: 'dast_scanner_profile_create',
+            author: current_user,
+            scope: project,
+            target: profile,
+            message: "Added DAST scanner profile"
+          )
        end
      end
    end

--- a/ee/app/services/app_sec/dast/scanner_profiles/destroy_service.rb
+++ b/ee/app/services/app_sec/dast/scanner_profiles/destroy_service.rb
@@ -41,12 +41,13 @@ module AppSec
        end

        def create_audit_event(profile)
-          AuditEventService.new(current_user, project, {
-            remove: 'DAST scanner profile',
-            target_id: profile.id,
-            target_type: profile.class.name,
-            target_details: profile.name
-          }).security_event
+          ::Gitlab::Audit::Auditor.audit(
+            name: 'dast_scanner_profile_destroy',
+            author: current_user,
+            scope: project,
+            target: profile,
+            message: "Removed DAST scanner profile"
+          )
        end
      end
    end

--- a/ee/app/services/app_sec/dast/scanner_profiles/update_service.rb
+++ b/ee/app/services/app_sec/dast/scanner_profiles/update_service.rb
@@ -56,14 +56,13 @@ module AppSec

            next if old_value == new_value

-            AuditEventService.new(current_user, project, {
-              change: "DAST scanner profile #{property}",
-              from: old_value,
-              to: new_value,
-              target_id: profile.id,
-              target_type: profile.class.name,
-              target_details: profile.name
-            }).security_event
+            ::Gitlab::Audit::Auditor.audit(
+              name: 'dast_scanner_profile_update',
+              author: current_user,
+              scope: project,
+              target: profile,
+              message: "Changed DAST scanner profile #{property} from #{old_value} to #{new_value}"
+            )
          end
        end
      end

--- a/ee/spec/services/app_sec/dast/scanner_profiles/create_service_spec.rb
+++ b/ee/spec/services/app_sec/dast/scanner_profiles/create_service_spec.rb
@@ -100,7 +100,8 @@ RSpec.describe AppSec::Dast::ScannerProfiles::CreateService do
          expect(audit_event.target_type).to eq('DastScannerProfile')
          expect(audit_event.target_details).to eq(profile.name)
          expect(audit_event.details).to eq({
-            add: 'DAST scanner profile',
+            author_name: user.name,
+            custom_message: 'Added DAST scanner profile',
            target_id: profile.id,
            target_type: 'DastScannerProfile',
            target_details: profile.name

--- a/ee/spec/services/app_sec/dast/scanner_profiles/destroy_service_spec.rb
+++ b/ee/spec/services/app_sec/dast/scanner_profiles/destroy_service_spec.rb
@@ -63,7 +63,8 @@ RSpec.describe AppSec::Dast::ScannerProfiles::DestroyService do
          expect(audit_event.target_type).to eq('DastScannerProfile')
          expect(audit_event.target_details).to eq(profile.name)
          expect(audit_event.details).to eq({
-            remove: 'DAST scanner profile',
+            author_name: user.name,
+            custom_message: 'Removed DAST scanner profile',
            target_id: profile.id,
            target_type: 'DastScannerProfile',
            target_details: profile.name

--- a/ee/spec/services/app_sec/dast/scanner_profiles/update_service_spec.rb
+++ b/ee/spec/services/app_sec/dast/scanner_profiles/update_service_spec.rb
@@ -76,25 +76,22 @@ RSpec.describe AppSec::Dast::ScannerProfiles::UpdateService do
      let(:base_audit_details) do
        [
          {
-            change: "DAST scanner profile name",
-            from: dast_profile.name,
-            to: new_profile_name,
+            author_name: user.name,
+            custom_message: "Changed DAST scanner profile name from #{dast_profile.name} to #{new_profile_name}",
            target_id: dast_profile.id,
            target_type: 'DastScannerProfile',
            target_details: new_profile_name
          },
          {
-            change: "DAST scanner profile target_timeout",
-            from: dast_profile.target_timeout,
-            to: new_target_timeout,
+            author_name: user.name,
+            custom_message: "Changed DAST scanner profile target_timeout from #{dast_profile.target_timeout} to #{new_target_timeout}",
            target_id: dast_profile.id,
            target_type: 'DastScannerProfile',
            target_details: new_profile_name
          },
          {
-            change: "DAST scanner profile spider_timeout",
-            from: dast_profile.spider_timeout,
-            to: new_spider_timeout,
+            author_name: user.name,
+            custom_message: "Changed DAST scanner profile spider_timeout from #{dast_profile.spider_timeout} to #{new_spider_timeout}",
            target_id: dast_profile.id,
            target_type: 'DastScannerProfile',
            target_details: new_profile_name
@@ -169,25 +166,22 @@ RSpec.describe AppSec::Dast::ScannerProfiles::UpdateService do

          expect(audit_events_details).to match_array(base_audit_details + [
            {
-              change: "DAST scanner profile scan_type",
-              from: dast_profile.scan_type,
-              to: new_scan_type,
+              author_name: user.name,
+              custom_message: "Changed DAST scanner profile scan_type from #{dast_profile.scan_type} to #{new_scan_type}",
              target_id: profile.id,
              target_type: 'DastScannerProfile',
              target_details: new_profile_name
            },
            {
-              change: "DAST scanner profile use_ajax_spider",
-              from: dast_profile.use_ajax_spider,
-              to: new_use_ajax_spider,
+              author_name: user.name,
+              custom_message: "Changed DAST scanner profile use_ajax_spider from #{dast_profile.use_ajax_spider} to #{new_use_ajax_spider}",
              target_id: profile.id,
              target_type: 'DastScannerProfile',
              target_details: new_profile_name
            },
            {
-              change: "DAST scanner profile show_debug_messages",
-              from: dast_profile.show_debug_messages,
-              to: new_show_debug_messages,
+              author_name: user.name,
+              custom_message: "Changed DAST scanner profile show_debug_messages from #{dast_profile.show_debug_messages} to #{new_show_debug_messages}",
              target_id: profile.id,
              target_type: 'DastScannerProfile',
              target_details: new_profile_name