Use Gitlab::Audit::Auditor class

This is the official class that should be used for creating audit events. This commit replaces uses of AuditEventService with it for all DAST scanner profile audit events.

Use Gitlab::Audit::Auditor class
This is the official class that should be used for creating audit events. This commit replaces uses of AuditEventService with it for all DAST scanner profile audit events.
1f17e0a8 · Avielle Wolfe · c17f8a2f · 1f17e0a8 · 1f17e0a8 · 1f17e0a8
Commit 1f17e0a8 authored May 18, 2021 by Avielle Wolfe
6 changed files
--- a/ee/app/services/app_sec/dast/scanner_profiles/create_service.rb
+++ b/ee/app/services/app_sec/dast/scanner_profiles/create_service.rb
@@ -33,12 +33,13 @@ module AppSec
        end

        def create_audit_event(profile)
-          AuditEventService.new(current_user, project, {
-            add: 'DAST scanner profile',
-            target_id: profile.id,
-            target_type: profile.class.name,
-            target_details: profile.name
-          }).security_event
+          ::Gitlab::Audit::Auditor.audit(
+            name: 'dast_scanner_profile_create',
+            author: current_user,
+            scope: project,
+            target: profile,
+            message: "Added DAST scanner profile"
+          )
        end
      end
    end

--- a/ee/app/services/app_sec/dast/scanner_profiles/destroy_service.rb
+++ b/ee/app/services/app_sec/dast/scanner_profiles/destroy_service.rb
@@ -41,12 +41,13 @@ module AppSec
        end

        def create_audit_event(profile)
-          AuditEventService.new(current_user, project, {
-            remove: 'DAST scanner profile',
-            target_id: profile.id,
-            target_type: profile.class.name,
-            target_details: profile.name
-          }).security_event
+          ::Gitlab::Audit::Auditor.audit(
+            name: 'dast_scanner_profile_destroy',
+            author: current_user,
+            scope: project,
+            target: profile,
+            message: "Removed DAST scanner profile"
+          )
        end
      end
    end

--- a/ee/app/services/app_sec/dast/scanner_profiles/update_service.rb
+++ b/ee/app/services/app_sec/dast/scanner_profiles/update_service.rb
@@ -56,14 +56,13 @@ module AppSec

            next if old_value == new_value

-            AuditEventService.new(current_user, project, {
-              change: "DAST scanner profile #{property}",
-              from: old_value,
-              to: new_value,
-              target_id: profile.id,
-              target_type: profile.class.name,
-              target_details: profile.name
-            }).security_event
+            ::Gitlab::Audit::Auditor.audit(
+              name: 'dast_scanner_profile_update',
+              author: current_user,
+              scope: project,
+              target: profile,
+              message: "Changed DAST scanner profile #{property} from #{old_value} to #{new_value}"
+            )
          end
        end
      end

--- a/ee/spec/services/app_sec/dast/scanner_profiles/create_service_spec.rb
+++ b/ee/spec/services/app_sec/dast/scanner_profiles/create_service_spec.rb
@@ -100,7 +100,8 @@ RSpec.describe AppSec::Dast::ScannerProfiles::CreateService do
          expect(audit_event.target_type).to eq('DastScannerProfile')
          expect(audit_event.target_details).to eq(profile.name)
          expect(audit_event.details).to eq({
-            add: 'DAST scanner profile',
+            author_name: user.name,
+            custom_message: 'Added DAST scanner profile',
            target_id: profile.id,
            target_type: 'DastScannerProfile',
            target_details: profile.name

--- a/ee/spec/services/app_sec/dast/scanner_profiles/destroy_service_spec.rb
+++ b/ee/spec/services/app_sec/dast/scanner_profiles/destroy_service_spec.rb
@@ -63,7 +63,8 @@ RSpec.describe AppSec::Dast::ScannerProfiles::DestroyService do
          expect(audit_event.target_type).to eq('DastScannerProfile')
          expect(audit_event.target_details).to eq(profile.name)
          expect(audit_event.details).to eq({
-            remove: 'DAST scanner profile',
+            author_name: user.name,
+            custom_message: 'Removed DAST scanner profile',
            target_id: profile.id,
            target_type: 'DastScannerProfile',
            target_details: profile.name

--- a/ee/spec/services/app_sec/dast/scanner_profiles/update_service_spec.rb
+++ b/ee/spec/services/app_sec/dast/scanner_profiles/update_service_spec.rb
@@ -76,25 +76,22 @@ RSpec.describe AppSec::Dast::ScannerProfiles::UpdateService do
      let(:base_audit_details) do
        [
          {
-            change: "DAST scanner profile name",
-            from: dast_profile.name,
-            to: new_profile_name,
+            author_name: user.name,
+            custom_message: "Changed DAST scanner profile name from #{dast_profile.name} to #{new_profile_name}",
            target_id: dast_profile.id,
            target_type: 'DastScannerProfile',
            target_details: new_profile_name
          },
          {
-            change: "DAST scanner profile target_timeout",
-            from: dast_profile.target_timeout,
-            to: new_target_timeout,
+            author_name: user.name,
+            custom_message: "Changed DAST scanner profile target_timeout from #{dast_profile.target_timeout} to #{new_target_timeout}",
            target_id: dast_profile.id,
            target_type: 'DastScannerProfile',
            target_details: new_profile_name
          },
          {
-            change: "DAST scanner profile spider_timeout",
-            from: dast_profile.spider_timeout,
-            to: new_spider_timeout,
+            author_name: user.name,
+            custom_message: "Changed DAST scanner profile spider_timeout from #{dast_profile.spider_timeout} to #{new_spider_timeout}",
            target_id: dast_profile.id,
            target_type: 'DastScannerProfile',
            target_details: new_profile_name
@@ -169,25 +166,22 @@ RSpec.describe AppSec::Dast::ScannerProfiles::UpdateService do

          expect(audit_events_details).to match_array(base_audit_details + [
            {
-              change: "DAST scanner profile scan_type",
-              from: dast_profile.scan_type,
-              to: new_scan_type,
+              author_name: user.name,
+              custom_message: "Changed DAST scanner profile scan_type from #{dast_profile.scan_type} to #{new_scan_type}",
              target_id: profile.id,
              target_type: 'DastScannerProfile',
              target_details: new_profile_name
            },
            {
-              change: "DAST scanner profile use_ajax_spider",
-              from: dast_profile.use_ajax_spider,
-              to: new_use_ajax_spider,
+              author_name: user.name,
+              custom_message: "Changed DAST scanner profile use_ajax_spider from #{dast_profile.use_ajax_spider} to #{new_use_ajax_spider}",
              target_id: profile.id,
              target_type: 'DastScannerProfile',
              target_details: new_profile_name
            },
            {
-              change: "DAST scanner profile show_debug_messages",
-              from: dast_profile.show_debug_messages,
-              to: new_show_debug_messages,
+              author_name: user.name,
+              custom_message: "Changed DAST scanner profile show_debug_messages from #{dast_profile.show_debug_messages} to #{new_show_debug_messages}",
              target_id: profile.id,
              target_type: 'DastScannerProfile',
              target_details: new_profile_name