Commit 2a06b6a2 authored by manojmj's avatar manojmj

Create audit log event for username changes

This change adds audit events when a user/admin
changes username.
parent 189fe430
...@@ -105,6 +105,7 @@ recorded: ...@@ -105,6 +105,7 @@ recorded:
- Ask for password reset - Ask for password reset
- Grant OAuth access - Grant OAuth access
- Started/stopped user impersonation - Started/stopped user impersonation
- Changed username
It is possible to filter particular actions by choosing an audit data type from It is possible to filter particular actions by choosing an audit data type from
the filter dropdown box. You can further filter by specific group, project or user the filter dropdown box. You can further filter by specific group, project or user
......
...@@ -23,6 +23,7 @@ module EE ...@@ -23,6 +23,7 @@ module EE
audit_changes(:email, as: 'email address') audit_changes(:email, as: 'email address')
audit_changes(:encrypted_password, as: 'password', skip_changes: true) audit_changes(:encrypted_password, as: 'password', skip_changes: true)
audit_changes(:username, as: 'username')
success success
end end
......
---
title: Create audit log when username changes
merge_request: 23576
author:
type: added
...@@ -71,6 +71,28 @@ describe Users::UpdateService do ...@@ -71,6 +71,28 @@ describe Users::UpdateService do
end end
end end
context 'audit events' do
context 'licensed' do
before do
stub_licensed_features(admin_audit_log: true)
end
context 'updating username' do
it 'logs audit event' do
previous_username = user.username
new_username = 'my_new_username'
expected_message = "Changed username from #{previous_username} to #{new_username}"
expect do
update_user(user, username: new_username)
end.to change { AuditEvent.count }.by(1)
expect(AuditEvent.last.present.action).to eq(expected_message)
end
end
end
end
it 'does not update email if an user has group managed account' do it 'does not update email if an user has group managed account' do
allow(user).to receive(:group_managed_account?).and_return(true) allow(user).to receive(:group_managed_account?).and_return(true)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment