Commit 85c58c0e authored by Serena Fang's avatar Serena Fang Committed by Robert Speicher

Change audit event user id to token id

Log token id instead of user id
parent 88e3fdc4
...@@ -13,7 +13,7 @@ module EE ...@@ -13,7 +13,7 @@ module EE
def audit_event_service(token, response) def audit_event_service(token, response)
message = if response.success? message = if response.success?
"Created #{resource_type} access token with id: #{token.user.id} with scopes: #{token.scopes}" "Created #{resource_type} access token with token_id: #{token.id} with scopes: #{token.scopes}"
else else
"Attempted to create #{resource_type} access token but failed with message: #{response.message}" "Attempted to create #{resource_type} access token but failed with message: #{response.message}"
end end
......
...@@ -5,7 +5,7 @@ module EE ...@@ -5,7 +5,7 @@ module EE
module RevokeService module RevokeService
def execute def execute
super.tap do |response| super.tap do |response|
audit_event_service(bot_user, response) audit_event_service(access_token, response)
end end
end end
...@@ -13,15 +13,15 @@ module EE ...@@ -13,15 +13,15 @@ module EE
def audit_event_service(token, response) def audit_event_service(token, response)
message = if response.success? message = if response.success?
"Revoked #{resource.class.name.downcase} access token with id: #{bot_user.id}" "Revoked #{resource.class.name.downcase} access token with token_id: #{access_token.id}"
else else
"Attempted to revoke #{resource.class.name.downcase} access token with id: #{bot_user.id}, but failed with message: #{response.message}" "Attempted to revoke #{resource.class.name.downcase} access token with token_id: #{access_token.id}, but failed with message: #{response.message}"
end end
::AuditEventService.new( ::AuditEventService.new(
current_user, current_user,
resource, resource,
target_details: bot_user.name, target_details: access_token.user.name,
action: :custom, action: :custom,
custom_message: message, custom_message: message,
ip_address: current_user.current_sign_in_ip ip_address: current_user.current_sign_in_ip
......
---
title: Log token_id in project access token audit events instead of user_id
merge_request: 52535
author:
type: changed
...@@ -85,7 +85,7 @@ RSpec.describe ResourceAccessTokens::CreateService do ...@@ -85,7 +85,7 @@ RSpec.describe ResourceAccessTokens::CreateService do
audit_event = AuditEvent.where(author_id: user.id).last audit_event = AuditEvent.where(author_id: user.id).last
expect(audit_event.details[:custom_message]).to eq("Created project access token with id: #{response.payload[:access_token].user.id} with scopes: #{response.payload[:access_token].scopes}") expect(audit_event.details[:custom_message]).to eq("Created project access token with token_id: #{response.payload[:access_token].id} with scopes: #{response.payload[:access_token].scopes}")
expect(audit_event.details[:target_details]).to match(response.payload[:access_token].user.name) expect(audit_event.details[:target_details]).to match(response.payload[:access_token].user.name)
end end
end end
......
...@@ -40,7 +40,7 @@ RSpec.describe ResourceAccessTokens::RevokeService do ...@@ -40,7 +40,7 @@ RSpec.describe ResourceAccessTokens::RevokeService do
audit_event = AuditEvent.where(author_id: user.id).last audit_event = AuditEvent.where(author_id: user.id).last
expect(audit_event.details[:custom_message]).to match(/Revoked project access token with id: \d+/) expect(audit_event.details[:custom_message]).to match(/Revoked project access token with token_id: \d+/)
expect(audit_event.details[:target_details]).to eq(access_token.user.name) expect(audit_event.details[:target_details]).to eq(access_token.user.name)
end end
end end
...@@ -56,7 +56,7 @@ RSpec.describe ResourceAccessTokens::RevokeService do ...@@ -56,7 +56,7 @@ RSpec.describe ResourceAccessTokens::RevokeService do
it 'logs the find error message' do it 'logs the find error message' do
subject subject
expect(AuditEvent.where(author_id: user.id).last.details[:custom_message]).to match(/Attempted to revoke project access token with id: \d+, but failed with message: Failed to find bot user/) expect(AuditEvent.where(author_id: user.id).last.details[:custom_message]).to match(/Attempted to revoke project access token with token_id: \d+, but failed with message: Failed to find bot user/)
end end
end end
...@@ -71,7 +71,7 @@ RSpec.describe ResourceAccessTokens::RevokeService do ...@@ -71,7 +71,7 @@ RSpec.describe ResourceAccessTokens::RevokeService do
it 'logs the permission error message' do it 'logs the permission error message' do
subject subject
expect(AuditEvent.where(author_id: user.id).last.details[:custom_message]).to match(/Attempted to revoke project access token with id: \d+, but failed with message: #{user.name} cannot delete #{access_token.user.name}/) expect(AuditEvent.where(author_id: user.id).last.details[:custom_message]).to match(/Attempted to revoke project access token with token_id: \d+, but failed with message: #{user.name} cannot delete #{access_token.user.name}/)
end end
end end
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment