Merge branch 'sfang-audit-event-query-reduction' into 'master'

Reduce resource access token AuditEvent queries

See merge request gitlab-org/gitlab!52630

ee/spec/services/resource_access_tokens/create_service_spec.rb

@@ -30,11 +30,17 @@ RSpec.describe ResourceAccessTokens::CreateService do
   end
 
   shared_examples 'audit event details' do
-    it 'logs author and resource info', :aggregate_failures do
+    it 'creates an audit event' do
       expect { subject }.to change { AuditEvent.count }.from(0).to(1)
-      expect(AuditEvent.last.author_id).to eq(user.id)
-      expect(AuditEvent.last.entity_id).to eq(resource.id)
-      expect(AuditEvent.last.ip_address).to eq(user.current_sign_in_ip)
+    end
+
+    it 'logs author and resource info', :aggregate_failures do
+      subject
+
+      audit_event = AuditEvent.where(author_id: user.id).last
+
+      expect(audit_event.entity_id).to eq(resource.id)
+      expect(audit_event.ip_address).to eq(user.current_sign_in_ip)
     end
   end
 
@@ -77,8 +83,10 @@ RSpec.describe ResourceAccessTokens::CreateService do
         it 'logs project access token details', :aggregate_failures do
           response = subject
 
-          expect(AuditEvent.last.details[:custom_message]).to eq("Created project access token with id: #{response.payload[:access_token].user.id} with scopes: #{response.payload[:access_token].scopes}")
-          expect(AuditEvent.last.details[:target_details]).to match(response.payload[:access_token].user.name)
+          audit_event = AuditEvent.where(author_id: user.id).last
+
+          expect(audit_event.details[:custom_message]).to eq("Created project access token with id: #{response.payload[:access_token].user.id} with scopes: #{response.payload[:access_token].scopes}")
+          expect(audit_event.details[:target_details]).to match(response.payload[:access_token].user.name)
         end
       end
 
@@ -93,7 +101,7 @@ RSpec.describe ResourceAccessTokens::CreateService do
           it 'logs the permission error message' do
             subject
 
-            expect(AuditEvent.last.details[:custom_message]).to eq('Attempted to create project access token but failed with message: User does not have permission to create project access token')
+            expect(AuditEvent.where(author_id: user.id).last.details[:custom_message]).to eq('Attempted to create project access token but failed with message: User does not have permission to create project access token')
           end
         end
 
@@ -115,7 +123,7 @@ RSpec.describe ResourceAccessTokens::CreateService do
           it 'logs the provisioning error message' do
             subject
 
-            expect(AuditEvent.last.details[:custom_message]).to eq('Attempted to create project access token but failed with message: Could not provision maintainer access to project access token')
+            expect(AuditEvent.where(author_id: user.id).last.details[:custom_message]).to eq('Attempted to create project access token but failed with message: Could not provision maintainer access to project access token')
           end
         end
       end

ee/spec/services/resource_access_tokens/revoke_service_spec.rb

@@ -10,11 +10,17 @@ RSpec.describe ResourceAccessTokens::RevokeService do
   let(:access_token) { create(:personal_access_token, user: resource_bot) }
 
   shared_examples 'audit event details' do
-    it 'logs author and resource info', :aggregate_failures do
+    it 'creates an audit event' do
       expect { subject }.to change { AuditEvent.count }.from(0).to(1)
-      expect(AuditEvent.last.author_id).to eq(user.id)
-      expect(AuditEvent.last.entity_id).to eq(resource.id)
-      expect(AuditEvent.last.ip_address).to eq(user.current_sign_in_ip)
+    end
+
+    it 'logs author and resource info', :aggregate_failures do
+      subject
+
+      audit_event = AuditEvent.where(author_id: user.id).last
+
+      expect(audit_event.entity_id).to eq(resource.id)
+      expect(audit_event.ip_address).to eq(user.current_sign_in_ip)
     end
   end
 
@@ -32,8 +38,10 @@ RSpec.describe ResourceAccessTokens::RevokeService do
       it 'logs project access token details', :aggregate_failures do
         subject
 
-        expect(AuditEvent.last.details[:custom_message]).to match(/Revoked project access token with id: \d+/)
-        expect(AuditEvent.last.details[:target_details]).to eq(access_token.user.name)
+        audit_event = AuditEvent.where(author_id: user.id).last
+
+        expect(audit_event.details[:custom_message]).to match(/Revoked project access token with id: \d+/)
+        expect(audit_event.details[:target_details]).to eq(access_token.user.name)
       end
     end
 
@@ -48,7 +56,7 @@ RSpec.describe ResourceAccessTokens::RevokeService do
         it 'logs the find error message' do
           subject
 
-          expect(AuditEvent.last.details[:custom_message]).to match(/Attempted to revoke project access token with id: \d+, but failed with message: Failed to find bot user/)
+          expect(AuditEvent.where(author_id: user.id).last.details[:custom_message]).to match(/Attempted to revoke project access token with id: \d+, but failed with message: Failed to find bot user/)
         end
       end
 
@@ -63,7 +71,7 @@ RSpec.describe ResourceAccessTokens::RevokeService do
         it 'logs the permission error message' do
           subject
 
-          expect(AuditEvent.last.details[:custom_message]).to match(/Attempted to revoke project access token with id: \d+, but failed with message: #{user.name} cannot delete #{access_token.user.name}/)
+          expect(AuditEvent.where(author_id: user.id).last.details[:custom_message]).to match(/Attempted to revoke project access token with id: \d+, but failed with message: #{user.name} cannot delete #{access_token.user.name}/)
         end
       end
     end