Commit 20fa7840 authored by Jan Provaznik's avatar Jan Provaznik

Merge branch 'dblessing-group-audit-events-saml-sso' into 'master'

Group-level audit event for Group SAML SSO

Closes #35710

See merge request gitlab-org/gitlab!28575
parents a69f44a5 eef3e83d
......@@ -41,6 +41,7 @@ From there, you can see the following actions:
- Group created or deleted
- Group changed visibility
- User was added to group and with which [permissions]
- User sign-in via [Group SAML](../user/group/saml_sso/index.md)
- Permissions changes of a user assigned to a group
- Removed user from group
- Project added to group and with which visibility level
......
......@@ -153,4 +153,10 @@ class Groups::OmniauthCallbacksController < OmniauthCallbacksController
sso_group_saml_providers_path(group)
end
end
override :log_audit_event
def log_audit_event(user, options = {})
AuditEventService.new(user, @unauthenticated_group, options)
.for_authentication.security_event
end
end
---
title: Create group-level audit event for Group SAML SSO sign in
merge_request: 28575
author:
type: added
......@@ -68,6 +68,16 @@ describe Groups::OmniauthCallbacksController do
expect(response).to redirect_to('/explore')
end
it 'logs group audit event for authentication' do
audit_event_service = instance_double(AuditEventService)
expect(AuditEventService).to receive(:new).with(user, group, with: provider)
.and_return(audit_event_service)
expect(audit_event_service).to receive_message_chain(:for_authentication, :security_event)
post provider, params: { group_id: group }
end
include_examples 'works with session enforcement'
end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment