Add audit events for ee invite service

- bring inline with create service.

Add audit events for ee invite service
- bring inline with create service.
07ed4699 · Doug Stull · Dylan Griffith · d07ce7af · 07ed4699 · 07ed4699
Commit 07ed4699 authored Mar 25, 2021 by Doug Stull Committed by Dylan Griffith Mar 25, 2021
4 changed files
--- a/app/services/members/invite_service.rb
+++ b/app/services/members/invite_service.rb
@@ -84,7 +84,11 @@ module Members
    def add_member(email)
      new_member = source.add_user(email, params[:access_level], current_user: current_user, expires_at: params[:expires_at])

-      errors[email] = new_member.errors.full_messages.to_sentence if new_member.invalid?
+      if new_member.invalid?
+        errors[email] = new_member.errors.full_messages.to_sentence
+      else
+        after_execute(member: new_member)
+      end
    end

    def result

--- a/ee/app/services/ee/members/invite_service.rb
+++ b/ee/app/services/ee/members/invite_service.rb
@@ -3,11 +3,8 @@
 module EE
  module Members
    module InviteService
-      extend ::Gitlab::Utils::Override
-
      private

-      override :validate_emails!
      def validate_emails!
        super

@@ -25,6 +22,20 @@ module EE

        source.actual_limits.exceeded?(:daily_invites, invite_count + emails.count)
      end
+
+      def after_execute(member:)
+        super
+
+        log_audit_event(member: member)
+      end
+
+      def log_audit_event(member:)
+        ::AuditEventService.new(
+          current_user,
+          member.source,
+          action: :create
+        ).for_member(member).security_event
+      end
    end
  end
 end
--- a/ee/changelogs/unreleased/323078-combine-concepts-in-inviting-member-service-classes-2.yml
+++ b/ee/changelogs/unreleased/323078-combine-concepts-in-inviting-member-service-classes-2.yml
+---
+title: Add missing audit logging to invite service
+merge_request: 57358
+author:
+type: other
--- a/ee/spec/services/ee/members/invite_service_spec.rb
+++ b/ee/spec/services/ee/members/invite_service_spec.rb
@@ -81,5 +81,21 @@ RSpec.describe Members::InviteService, :aggregate_failures do
        expect(result[:status]).to eq(:success)
      end
    end
+
+    context 'with Audit Event logging' do
+      context 'when there are valid members created' do
+        it 'creates Audit Events' do
+          expect { result }.to change { AuditEvent.count }.by(2)
+        end
+      end
+
+      context 'when there are some invalid members' do
+        let(:params) { { email: %w[_bogus_ email2@example.org], access_level: Gitlab::Access::GUEST } }
+
+        it 'only creates Audit Events for valid members' do
+          expect { result }.to change { AuditEvent.count }.by(1)
+        end
+      end
+    end
  end
 end