update license checks for audit events

0ad7f5db · James Lopez · a1434b1c · 0ad7f5db · 0ad7f5db
Commit 0ad7f5db authored Sep 19, 2017 by James Lopez
Showing with 24 additions and 17 deletions

ee/app/services/ee/audit_event_service.rb ee/app/services/ee/audit_event_service.rb +20 -17

spec/ee/spec/services/ee/audit_event_service_spec.rb spec/ee/spec/services/ee/audit_event_service_spec.rb +4 -0

No files found.
--- a/ee/app/services/ee/audit_event_service.rb
+++ b/ee/app/services/ee/audit_event_service.rb
@@ -76,29 +76,14 @@ module EE
        return super
      end
-      super if audit_events_enabled?
+      super if audit_events_enabled? || entity_audit_events_enabled?
-    end
-    def add_security_event_admin_details!
-      @details.merge!(ip_address: ip_address,
-                      entity_path: @entity.full_path)
-    end
-    def audit_events_enabled?
-      return true unless @entity.respond_to?(:feature_available?)
-      @entity.feature_available?(:audit_events)
-    end
-    def admin_audit_log_enabled?
-      License.feature_available?(:admin_audit_log)
    end
    def unauth_security_event
      return unless audit_events_enabled?
      @details.delete(:ip_address) unless admin_audit_log_enabled?
-      @details[:entity_path] = @entity&.full_path
+      @details[:entity_path] = @entity&.full_path if admin_audit_log_enabled?
      SecurityEvent.create(
        author_id: @author.respond_to?(:id) ? @author.id : -1,
@@ -160,5 +145,23 @@ module EE
    def ip_address
      @author&.current_sign_in_ip || @details[:ip_address]
    end
+    def add_security_event_admin_details!
+      @details.merge!(ip_address: ip_address,
+                      entity_path: @entity.full_path)
+    end
+    def entity_audit_events_enabled?
+      @entity.respond_to?(:feature_available?) && @entity.feature_available?(:audit_events)
+    end
+    def audit_events_enabled?
+      # Always log auth events. Log all other events if `extended_audit_events` is enabled
+      @details[:with] || License.feature_available?(:extended_audit_events)
+    end
+    def admin_audit_log_enabled?
+      License.feature_available?(:admin_audit_log)
+    end
  end
 end
--- a/spec/ee/spec/services/ee/audit_event_service_spec.rb
+++ b/spec/ee/spec/services/ee/audit_event_service_spec.rb
@@ -7,6 +7,10 @@ describe AuditEventService do
    let(:service) { described_class.new(author_name, nil, ip_address: ip_address) }
    let(:event) { service.for_failed_login.unauth_security_event }
+    before do
+      stub_licensed_features(extended_audit_events: true)
+    end
    it 'has the right type' do
      expect(event.entity_type).to eq('User')
    end