Commit e6dff31c authored by Robert Speicher's avatar Robert Speicher

Merge branch '299943-follow-up-from-project-access-token-api' into 'master'

Project access token audit events- Log token id instead of user id

See merge request gitlab-org/gitlab!52535
parents 260e0afc 85c58c0e
......@@ -13,7 +13,7 @@ module EE
def audit_event_service(token, response)
message = if response.success?
"Created #{resource_type} access token with id: #{token.user.id} with scopes: #{token.scopes}"
"Created #{resource_type} access token with token_id: #{token.id} with scopes: #{token.scopes}"
else
"Attempted to create #{resource_type} access token but failed with message: #{response.message}"
end
......
......@@ -5,7 +5,7 @@ module EE
module RevokeService
def execute
super.tap do |response|
audit_event_service(bot_user, response)
audit_event_service(access_token, response)
end
end
......@@ -13,15 +13,15 @@ module EE
def audit_event_service(token, response)
message = if response.success?
"Revoked #{resource.class.name.downcase} access token with id: #{bot_user.id}"
"Revoked #{resource.class.name.downcase} access token with token_id: #{access_token.id}"
else
"Attempted to revoke #{resource.class.name.downcase} access token with id: #{bot_user.id}, but failed with message: #{response.message}"
"Attempted to revoke #{resource.class.name.downcase} access token with token_id: #{access_token.id}, but failed with message: #{response.message}"
end
::AuditEventService.new(
current_user,
resource,
target_details: bot_user.name,
target_details: access_token.user.name,
action: :custom,
custom_message: message,
ip_address: current_user.current_sign_in_ip
......
---
title: Log token_id in project access token audit events instead of user_id
merge_request: 52535
author:
type: changed
......@@ -85,7 +85,7 @@ RSpec.describe ResourceAccessTokens::CreateService do
audit_event = AuditEvent.where(author_id: user.id).last
expect(audit_event.details[:custom_message]).to eq("Created project access token with id: #{response.payload[:access_token].user.id} with scopes: #{response.payload[:access_token].scopes}")
expect(audit_event.details[:custom_message]).to eq("Created project access token with token_id: #{response.payload[:access_token].id} with scopes: #{response.payload[:access_token].scopes}")
expect(audit_event.details[:target_details]).to match(response.payload[:access_token].user.name)
end
end
......
......@@ -40,7 +40,7 @@ RSpec.describe ResourceAccessTokens::RevokeService do
audit_event = AuditEvent.where(author_id: user.id).last
expect(audit_event.details[:custom_message]).to match(/Revoked project access token with id: \d+/)
expect(audit_event.details[:custom_message]).to match(/Revoked project access token with token_id: \d+/)
expect(audit_event.details[:target_details]).to eq(access_token.user.name)
end
end
......@@ -56,7 +56,7 @@ RSpec.describe ResourceAccessTokens::RevokeService do
it 'logs the find error message' do
subject
expect(AuditEvent.where(author_id: user.id).last.details[:custom_message]).to match(/Attempted to revoke project access token with id: \d+, but failed with message: Failed to find bot user/)
expect(AuditEvent.where(author_id: user.id).last.details[:custom_message]).to match(/Attempted to revoke project access token with token_id: \d+, but failed with message: Failed to find bot user/)
end
end
......@@ -71,7 +71,7 @@ RSpec.describe ResourceAccessTokens::RevokeService do
it 'logs the permission error message' do
subject
expect(AuditEvent.where(author_id: user.id).last.details[:custom_message]).to match(/Attempted to revoke project access token with id: \d+, but failed with message: #{user.name} cannot delete #{access_token.user.name}/)
expect(AuditEvent.where(author_id: user.id).last.details[:custom_message]).to match(/Attempted to revoke project access token with token_id: \d+, but failed with message: #{user.name} cannot delete #{access_token.user.name}/)
end
end
end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment