Commit 03f0de49 authored by Evan Read's avatar Evan Read Committed by Max Woolf

Apply 1 suggestion(s) to 1 file(s)

parent 6724b3e0
...@@ -162,7 +162,7 @@ The following user actions are recorded: ...@@ -162,7 +162,7 @@ The following user actions are recorded:
- Failed second-factor authentication attempt ([introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/16826) in GitLab 13.5) - Failed second-factor authentication attempt ([introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/16826) in GitLab 13.5)
- A user's personal access token was successfully created or revoked ([introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/276921) in GitLab 13.6) - A user's personal access token was successfully created or revoked ([introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/276921) in GitLab 13.6)
- A failed attempt to create or revoke a user's personal access token ([introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/276921) in GitLab 13.6) - A failed attempt to create or revoke a user's personal access token ([introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/276921) in GitLab 13.6)
- Adding or removing an administrator ([introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/323905) in GitLab 14.1) - Administrator added or removed ([introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/323905) in GitLab 14.1)
Instance events can also be accessed via the [Instance Audit Events API](../api/audit_events.md#instance-audit-events). Instance events can also be accessed via the [Instance Audit Events API](../api/audit_events.md#instance-audit-events).
......
...@@ -101,6 +101,26 @@ RSpec.describe Users::UpdateService do ...@@ -101,6 +101,26 @@ RSpec.describe Users::UpdateService do
stub_licensed_features(admin_audit_log: true) stub_licensed_features(admin_audit_log: true)
end end
context 'updating administrator status' do
let_it_be(:admin_user) { create(:admin) }
it 'logs making a user an administrator' do
expect do
update_user_as(admin_user, user, admin: true)
end.to change { AuditEvent.count }.by(1)
expect(AuditEvent.last.present.action).to eq('Changed admin status from false to true')
end
it 'logs making an administrator a user' do
expect do
update_user_as(admin_user, create(:admin), admin: false)
end.to change { AuditEvent.count }.by(1)
expect(AuditEvent.last.present.action).to eq('Changed admin status from true to false')
end
end
context 'updating username' do context 'updating username' do
it 'logs audit event' do it 'logs audit event' do
previous_username = user.username previous_username = user.username
...@@ -156,28 +176,6 @@ RSpec.describe Users::UpdateService do ...@@ -156,28 +176,6 @@ RSpec.describe Users::UpdateService do
{ name: 'John Doe', username: 'jduser', email: 'jd@example.com', password: 'mydummypass' } { name: 'John Doe', username: 'jduser', email: 'jd@example.com', password: 'mydummypass' }
end end
context 'updating administrator status' do
before do
stub_licensed_features(admin_audit_log: true)
end
it 'logs making a user an administrator' do
expect do
update_user_as(admin_user, user, admin: true)
end.to change { AuditEvent.count }.by(1)
expect(AuditEvent.last.present.action).to eq('Changed admin status from false to true')
end
it 'logs making an administrator a user' do
expect do
update_user_as(admin_user, create(:admin), admin: false)
end.to change { AuditEvent.count }.by(1)
expect(AuditEvent.last.present.action).to eq('Changed admin status from true to false')
end
end
context 'allowed params' do context 'allowed params' do
context 'with identity' do context 'with identity' do
let(:provider) { create(:saml_provider) } let(:provider) { create(:saml_provider) }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment