Commit 1f1d3801 authored by harsimarsandhu's avatar harsimarsandhu

Creates audit event when approval rule is deleted

Record an audit event when user deletes
an existing MR approval rule. This event should
be visible under Project > Audit Events
and Admin Area > Audit Log

Changelog: changed
EE: true
parent 9cfd5df7
...@@ -4,8 +4,9 @@ module ApprovalRules ...@@ -4,8 +4,9 @@ module ApprovalRules
class ProjectRuleDestroyService < ::BaseService class ProjectRuleDestroyService < ::BaseService
attr_reader :rule attr_reader :rule
def initialize(approval_rule) def initialize(approval_rule, current_user)
@rule = approval_rule @rule = approval_rule
super(approval_rule, current_user)
end end
def execute def execute
...@@ -17,6 +18,7 @@ module ApprovalRules ...@@ -17,6 +18,7 @@ module ApprovalRules
end end
if rule.destroyed? if rule.destroyed?
audit_deletion(rule)
success success
else else
error(rule.errors.messages) error(rule.errors.messages)
...@@ -31,5 +33,16 @@ module ApprovalRules ...@@ -31,5 +33,16 @@ module ApprovalRules
.for_unmerged_merge_requests .for_unmerged_merge_requests
.delete_all .delete_all
end end
def audit_deletion(rule)
audit_context = {
author: current_user,
scope: rule.project,
target: rule,
message: 'Deleted approval rule'
}
::Gitlab::Audit::Auditor.audit(audit_context)
end
end end
end end
...@@ -75,7 +75,7 @@ module API ...@@ -75,7 +75,7 @@ module API
approval_rule = user_project.approval_rules.find(params[:approval_rule_id]) approval_rule = user_project.approval_rules.find(params[:approval_rule_id])
destroy_conditionally!(approval_rule) do |rule| destroy_conditionally!(approval_rule) do |rule|
::ApprovalRules::ProjectRuleDestroyService.new(rule).execute ::ApprovalRules::ProjectRuleDestroyService.new(rule, current_user).execute
end end
end end
end end
......
...@@ -8,13 +8,28 @@ RSpec.describe ApprovalRules::ProjectRuleDestroyService do ...@@ -8,13 +8,28 @@ RSpec.describe ApprovalRules::ProjectRuleDestroyService do
describe '#execute' do describe '#execute' do
let!(:project_rule) { create(:approval_project_rule, project: project) } let!(:project_rule) { create(:approval_project_rule, project: project) }
let(:current_user) { create(:user, name: 'Bruce Wayne') }
subject { described_class.new(project_rule) } subject { described_class.new(project_rule, current_user) }
shared_context 'an audit event is added' do
it 'adds an audit event' do
expect { subject.execute }.to change { AuditEvent.count }.by(1)
expect(AuditEvent.last.details).to include({
author_name: current_user.name,
custom_message: 'Deleted approval rule',
target_type: 'ApprovalProjectRule',
target_id: project_rule.id
})
end
end
context 'when there is no merge request rules' do context 'when there is no merge request rules' do
it 'destroys project rule' do it 'destroys project rule' do
expect { subject.execute }.to change { ApprovalProjectRule.count }.by(-1) expect { subject.execute }.to change { ApprovalProjectRule.count }.by(-1)
end end
include_context 'an audit event is added'
end end
context 'when there is a merge request rule' do context 'when there is a merge request rule' do
...@@ -28,6 +43,8 @@ RSpec.describe ApprovalRules::ProjectRuleDestroyService do ...@@ -28,6 +43,8 @@ RSpec.describe ApprovalRules::ProjectRuleDestroyService do
it 'destroys merge request rules' do it 'destroys merge request rules' do
expect { subject.execute }.to change { ApprovalMergeRequestRule.count }.by(-1) expect { subject.execute }.to change { ApprovalMergeRequestRule.count }.by(-1)
end end
include_context 'an audit event is added'
end end
context 'when merged' do context 'when merged' do
...@@ -38,6 +55,8 @@ RSpec.describe ApprovalRules::ProjectRuleDestroyService do ...@@ -38,6 +55,8 @@ RSpec.describe ApprovalRules::ProjectRuleDestroyService do
it 'does nothing' do it 'does nothing' do
expect { subject.execute }.not_to change { ApprovalMergeRequestRule.count } expect { subject.execute }.not_to change { ApprovalMergeRequestRule.count }
end end
include_context 'an audit event is added'
end end
end end
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment