Commit 2d354e32 authored by huzaifaiftikhar1's avatar huzaifaiftikhar1

Create Groups::DeployTokens::RevokeService

Move the group deploy tokens revoke logic to a service to
avoid any missing anything in the future when we create APIs for revoke
parent c93724b8
...@@ -6,11 +6,8 @@ class Groups::DeployTokensController < Groups::ApplicationController ...@@ -6,11 +6,8 @@ class Groups::DeployTokensController < Groups::ApplicationController
feature_category :continuous_delivery feature_category :continuous_delivery
def revoke def revoke
@token = @group.deploy_tokens.find(params[:id]) Groups::DeployTokens::RevokeService.new(@group, current_user, params).execute
@token.revoke!
redirect_to group_settings_repository_path(@group, anchor: 'js-deploy-tokens') redirect_to group_settings_repository_path(@group, anchor: 'js-deploy-tokens')
end end
end end
Groups::DeployTokensController.prepend_mod
# frozen_string_literal: true
module Groups
module DeployTokens
class RevokeService < BaseService
attr_accessor :token
def execute
@token = group.deploy_tokens.find(params[:id])
@token.revoke!
end
end
end
end
Groups::DeployTokens::RevokeService.prepend_mod
# frozen_string_literal: true
module EE
module Groups
module DeployTokensController
extend ::Gitlab::Utils::Override
override :revoke
def revoke
super
log_audit_event
end
private
def log_audit_event
# rubocop:disable Gitlab/ModuleWithInstanceVariables
message = "Revoked group deploy token with name: #{@token.name} with token_id: #{@token.id} with scopes: #{@token.scopes}."
::AuditEventService.new(
current_user,
@group,
target_id: @token.id,
target_type: @token.class.name,
target_details: @token.name,
action: :custom,
custom_message: message
).security_event
# rubocop:enable Gitlab/ModuleWithInstanceVariables
end
end
end
end
# frozen_string_literal: true
module EE
module Groups
module DeployTokens
module RevokeService
extend ::Gitlab::Utils::Override
override :execute
def execute
super.tap { log_audit_event }
end
private
def log_audit_event
message = "Revoked group deploy token with name: #{token.name} with token_id: #{token.id} with scopes: #{token.scopes}."
::AuditEventService.new(
current_user,
group,
target_id: token.id,
target_type: token.class.name,
target_details: token.name,
action: :custom,
custom_message: message
).security_event
end
end
end
end
end
...@@ -2,29 +2,17 @@ ...@@ -2,29 +2,17 @@
require 'spec_helper' require 'spec_helper'
RSpec.describe Groups::DeployTokensController do RSpec.describe Groups::DeployTokens::RevokeService do
let_it_be(:group) { create(:group) } let_it_be(:entity) { create(:group) }
let_it_be(:deploy_token) { create(:deploy_token, :group, groups: [entity]) }
let_it_be(:user) { create(:user) } let_it_be(:user) { create(:user) }
let_it_be(:deploy_token) { create(:deploy_token, :group, groups: [group]) } let_it_be(:deploy_token_params) { { id: deploy_token.id } }
let_it_be(:params) do
{ id: deploy_token.id, group_id: group }
end
before do
group.add_owner(user)
sign_in(user)
end
describe 'PUT /groups/:group_path_with_namespace/-/deploy_tokens/:id/revoke' do
subject(:put_revoke) do
put "/groups/#{group.full_path}/-/deploy_tokens/#{deploy_token.id}/revoke", params: params
end
it 'creates an audit event' do describe '#execute' do
expect { put_revoke }.to change { AuditEvent.count }.by(1) subject { described_class.new(entity, user, deploy_token_params).execute }
expect(response).to redirect_to(group_settings_repository_path(group, anchor: 'js-deploy-tokens')) it "creates an audit event" do
expect { subject }.to change { AuditEvent.count }.by(1)
expected_message = <<~MESSAGE.squish expected_message = <<~MESSAGE.squish
Revoked group deploy token with name: #{deploy_token.name} Revoked group deploy token with name: #{deploy_token.name}
......
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe Groups::DeployTokens::RevokeService do
let_it_be(:entity) { create(:group) }
let_it_be(:deploy_token) { create(:deploy_token, :group, groups: [entity]) }
let_it_be(:user) { create(:user) }
let_it_be(:deploy_token_params) { { id: deploy_token.id } }
describe '#execute' do
subject { described_class.new(entity, user, deploy_token_params).execute }
it "revokes a group deploy token" do
expect(deploy_token.revoked).to eq(false)
expect { subject }.to change { deploy_token.reload.revoked }.to eq(true)
end
context 'invalid token id' do
let(:deploy_token_params) { { token_id: non_existing_record_id } }
it 'raises an error' do
expect { subject }.to raise_error(ActiveRecord::RecordNotFound)
end
end
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment