Merge branch '7797-audit-log-include-username-changes' into 'master'

Resolve "Audit Log: Include username changes"

Closes #7797

See merge request gitlab-org/gitlab!23576

doc/administration/audit_events.md

@@ -105,6 +105,7 @@ recorded:
 - Ask for password reset
 - Grant OAuth access
 - Started/stopped user impersonation
+- Changed username
 
 It is possible to filter particular actions by choosing an audit data type from
 the filter dropdown box. You can further filter by specific group, project or user

ee/app/services/ee/users/update_service.rb

@@ -23,6 +23,7 @@ module EE
 
         audit_changes(:email, as: 'email address')
         audit_changes(:encrypted_password, as: 'password', skip_changes: true)
+        audit_changes(:username, as: 'username')
 
         success
       end

ee/changelogs/unreleased/7797-audit-log-include-username-changes.yml

+---
+title: Create audit log when username changes
+merge_request: 23576
+author:
+type: added

ee/spec/services/users/update_service_spec.rb

@@ -71,6 +71,28 @@ describe Users::UpdateService do
       end
     end
 
+    context 'audit events' do
+      context 'licensed' do
+        before do
+          stub_licensed_features(admin_audit_log: true)
+        end
+
+        context 'updating username' do
+          it 'logs audit event' do
+            previous_username = user.username
+            new_username = 'my_new_username'
+            expected_message = "Changed username from #{previous_username} to #{new_username}"
+
+            expect do
+              update_user(user, username: new_username)
+            end.to change { AuditEvent.count }.by(1)
+
+            expect(AuditEvent.last.present.action).to eq(expected_message)
+          end
+        end
+      end
+    end
+
     it 'does not update email if an user has group managed account' do
       allow(user).to receive(:group_managed_account?).and_return(true)