Skip to content

G
gitlab-ce
Commit 1f17e0a8 authored by Avielle Wolfe's avatar Avielle Wolfe
Browse files
Options

Use Gitlab::Audit::Auditor class 

This is the official class that should be used for creating audit
events. This commit replaces uses of AuditEventService with it for all
DAST scanner profile audit events.
parent c17f8a2f
Show whitespace changes
Inline Side-by-side
Showing with 37 additions and 40 deletions
ee/app/services/app_sec/dast/scanner_profiles/create_service.rb
View file @ 1f17e0a8
...@@ -33,12 +33,13 @@ module AppSec ...@@ -33,12 +33,13 @@ module AppSec
end end
def create_audit_event(profile) def create_audit_event(profile)
AuditEventService.new(current_user, project, { ::Gitlab::Audit::Auditor.audit(
add: 'DAST scanner profile', name: 'dast_scanner_profile_create',
target_id: profile.id, author: current_user,
target_type: profile.class.name, scope: project,
target_details: profile.name target: profile,
}).security_event message: "Added DAST scanner profile"
)
end end
end end
end end
......
ee/app/services/app_sec/dast/scanner_profiles/destroy_service.rb
View file @ 1f17e0a8
...@@ -41,12 +41,13 @@ module AppSec ...@@ -41,12 +41,13 @@ module AppSec
end end
def create_audit_event(profile) def create_audit_event(profile)
AuditEventService.new(current_user, project, { ::Gitlab::Audit::Auditor.audit(
remove: 'DAST scanner profile', name: 'dast_scanner_profile_destroy',
target_id: profile.id, author: current_user,
target_type: profile.class.name, scope: project,
target_details: profile.name target: profile,
}).security_event message: "Removed DAST scanner profile"
)
end end
end end
end end
......
ee/app/services/app_sec/dast/scanner_profiles/update_service.rb
View file @ 1f17e0a8
...@@ -56,14 +56,13 @@ module AppSec ...@@ -56,14 +56,13 @@ module AppSec
next if old_value == new_value next if old_value == new_value
AuditEventService.new(current_user, project, { ::Gitlab::Audit::Auditor.audit(
change: "DAST scanner profile #{property}", name: 'dast_scanner_profile_update',
from: old_value, author: current_user,
to: new_value, scope: project,
target_id: profile.id, target: profile,
target_type: profile.class.name, message: "Changed DAST scanner profile #{property} from #{old_value} to #{new_value}"
target_details: profile.name )
}).security_event
end end
end end
end end
......
ee/spec/services/app_sec/dast/scanner_profiles/create_service_spec.rb
View file @ 1f17e0a8
...@@ -100,7 +100,8 @@ RSpec.describe AppSec::Dast::ScannerProfiles::CreateService do ...@@ -100,7 +100,8 @@ RSpec.describe AppSec::Dast::ScannerProfiles::CreateService do
expect(audit_event.target_type).to eq('DastScannerProfile') expect(audit_event.target_type).to eq('DastScannerProfile')
expect(audit_event.target_details).to eq(profile.name) expect(audit_event.target_details).to eq(profile.name)
expect(audit_event.details).to eq({ expect(audit_event.details).to eq({
add: 'DAST scanner profile', author_name: user.name,
custom_message: 'Added DAST scanner profile',
target_id: profile.id, target_id: profile.id,
target_type: 'DastScannerProfile', target_type: 'DastScannerProfile',
target_details: profile.name target_details: profile.name
......
ee/spec/services/app_sec/dast/scanner_profiles/destroy_service_spec.rb
View file @ 1f17e0a8
...@@ -63,7 +63,8 @@ RSpec.describe AppSec::Dast::ScannerProfiles::DestroyService do ...@@ -63,7 +63,8 @@ RSpec.describe AppSec::Dast::ScannerProfiles::DestroyService do
expect(audit_event.target_type).to eq('DastScannerProfile') expect(audit_event.target_type).to eq('DastScannerProfile')
expect(audit_event.target_details).to eq(profile.name) expect(audit_event.target_details).to eq(profile.name)
expect(audit_event.details).to eq({ expect(audit_event.details).to eq({
remove: 'DAST scanner profile', author_name: user.name,
custom_message: 'Removed DAST scanner profile',
target_id: profile.id, target_id: profile.id,
target_type: 'DastScannerProfile', target_type: 'DastScannerProfile',
target_details: profile.name target_details: profile.name
......
ee/spec/services/app_sec/dast/scanner_profiles/update_service_spec.rb
View file @ 1f17e0a8
...@@ -76,25 +76,22 @@ RSpec.describe AppSec::Dast::ScannerProfiles::UpdateService do ...@@ -76,25 +76,22 @@ RSpec.describe AppSec::Dast::ScannerProfiles::UpdateService do
let(:base_audit_details) do let(:base_audit_details) do
[ [
{ {
change: "DAST scanner profile name", author_name: user.name,
from: dast_profile.name, custom_message: "Changed DAST scanner profile name from #{dast_profile.name} to #{new_profile_name}",
to: new_profile_name,
target_id: dast_profile.id, target_id: dast_profile.id,
target_type: 'DastScannerProfile', target_type: 'DastScannerProfile',
target_details: new_profile_name target_details: new_profile_name
}, },
{ {
change: "DAST scanner profile target_timeout", author_name: user.name,
from: dast_profile.target_timeout, custom_message: "Changed DAST scanner profile target_timeout from #{dast_profile.target_timeout} to #{new_target_timeout}",
to: new_target_timeout,
target_id: dast_profile.id, target_id: dast_profile.id,
target_type: 'DastScannerProfile', target_type: 'DastScannerProfile',
target_details: new_profile_name target_details: new_profile_name
}, },
{ {
change: "DAST scanner profile spider_timeout", author_name: user.name,
from: dast_profile.spider_timeout, custom_message: "Changed DAST scanner profile spider_timeout from #{dast_profile.spider_timeout} to #{new_spider_timeout}",
to: new_spider_timeout,
target_id: dast_profile.id, target_id: dast_profile.id,
target_type: 'DastScannerProfile', target_type: 'DastScannerProfile',
target_details: new_profile_name target_details: new_profile_name
...@@ -169,25 +166,22 @@ RSpec.describe AppSec::Dast::ScannerProfiles::UpdateService do ...@@ -169,25 +166,22 @@ RSpec.describe AppSec::Dast::ScannerProfiles::UpdateService do
expect(audit_events_details).to match_array(base_audit_details + [ expect(audit_events_details).to match_array(base_audit_details + [
{ {
change: "DAST scanner profile scan_type", author_name: user.name,
from: dast_profile.scan_type, custom_message: "Changed DAST scanner profile scan_type from #{dast_profile.scan_type} to #{new_scan_type}",
to: new_scan_type,
target_id: profile.id, target_id: profile.id,
target_type: 'DastScannerProfile', target_type: 'DastScannerProfile',
target_details: new_profile_name target_details: new_profile_name
}, },
{ {
change: "DAST scanner profile use_ajax_spider", author_name: user.name,
from: dast_profile.use_ajax_spider, custom_message: "Changed DAST scanner profile use_ajax_spider from #{dast_profile.use_ajax_spider} to #{new_use_ajax_spider}",
to: new_use_ajax_spider,
target_id: profile.id, target_id: profile.id,
target_type: 'DastScannerProfile', target_type: 'DastScannerProfile',
target_details: new_profile_name target_details: new_profile_name
}, },
{ {
change: "DAST scanner profile show_debug_messages", author_name: user.name,
from: dast_profile.show_debug_messages, custom_message: "Changed DAST scanner profile show_debug_messages from #{dast_profile.show_debug_messages} to #{new_show_debug_messages}",
to: new_show_debug_messages,
target_id: profile.id, target_id: profile.id,
target_type: 'DastScannerProfile', target_type: 'DastScannerProfile',
target_details: new_profile_name target_details: new_profile_name
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7