debian-mirror-gitlab/spec/services/audit_event_service_spec.rb

143 lines
5.4 KiB
Ruby
Raw Normal View History

2018-12-13 13:39:08 +05:30
# frozen_string_literal: true
require 'spec_helper'
2023-05-27 22:25:52 +05:30
RSpec.describe AuditEventService, :with_license, feature_category: :audit_events do
2021-01-29 00:20:46 +05:30
let_it_be(:project) { create(:project) }
let_it_be(:user) { create(:user, :with_sign_ins) }
let_it_be(:project_member) { create(:project_member, user: user) }
2021-09-30 23:02:18 +05:30
2018-12-13 13:39:08 +05:30
let(:service) { described_class.new(user, project, { action: :destroy }) }
let(:logger) { instance_double(Gitlab::AuditJsonLogger) }
describe '#security_event' do
it 'creates an event and logs to a file' do
2019-09-30 21:07:59 +05:30
expect(service).to receive(:file_logger).and_return(logger)
2023-04-23 21:23:45 +05:30
expect(logger).to receive(:info).with({ author_id: user.id,
author_name: user.name,
entity_id: project.id,
entity_type: "Project",
action: :destroy,
created_at: anything })
2018-12-13 13:39:08 +05:30
2020-11-24 15:15:51 +05:30
expect { service.security_event }.to change(AuditEvent, :count).by(1)
2018-12-13 13:39:08 +05:30
end
2019-09-30 21:07:59 +05:30
it 'formats from and to fields' do
service = described_class.new(
user, project,
{
from: true,
to: false,
action: :create,
target_id: 1
})
expect(service).to receive(:file_logger).and_return(logger)
2023-04-23 21:23:45 +05:30
expect(logger).to receive(:info).with({ author_id: user.id,
author_name: user.name,
entity_type: 'Project',
entity_id: project.id,
from: 'true',
to: 'false',
action: :create,
target_id: 1,
created_at: anything })
2019-09-30 21:07:59 +05:30
2020-11-24 15:15:51 +05:30
expect { service.security_event }.to change(AuditEvent, :count).by(1)
2019-09-30 21:07:59 +05:30
2020-11-24 15:15:51 +05:30
details = AuditEvent.last.details
2019-09-30 21:07:59 +05:30
expect(details[:from]).to be true
expect(details[:to]).to be false
expect(details[:action]).to eq(:create)
expect(details[:target_id]).to eq(1)
end
2020-11-24 15:15:51 +05:30
2022-06-21 17:19:12 +05:30
context 'when defining created_at manually' do
let(:service) { described_class.new(user, project, { action: :destroy }, :database, 3.weeks.ago) }
it 'is overridden successfully' do
freeze_time do
expect(service).to receive(:file_logger).and_return(logger)
2023-04-23 21:23:45 +05:30
expect(logger).to receive(:info).with({ author_id: user.id,
author_name: user.name,
entity_id: project.id,
entity_type: "Project",
action: :destroy,
created_at: 3.weeks.ago })
2022-06-21 17:19:12 +05:30
expect { service.security_event }.to change(AuditEvent, :count).by(1)
expect(AuditEvent.last.created_at).to eq(3.weeks.ago)
end
end
end
2020-11-24 15:15:51 +05:30
context 'authentication event' do
let(:audit_service) { described_class.new(user, user, with: 'standard') }
it 'creates an authentication event' do
2021-01-03 14:25:43 +05:30
expect(AuthenticationEvent).to receive(:new).with(
2022-07-16 23:28:13 +05:30
{
user: user,
user_name: user.name,
ip_address: user.current_sign_in_ip,
result: AuthenticationEvent.results[:success],
provider: 'standard'
}
2022-03-02 08:16:31 +05:30
).and_call_original
2020-11-24 15:15:51 +05:30
audit_service.for_authentication.security_event
end
2021-01-03 14:25:43 +05:30
it 'tracks exceptions when the event cannot be created' do
2022-03-02 08:16:31 +05:30
allow_next_instance_of(AuditEvent) do |event|
allow(event).to receive(:valid?).and_return(false)
end
2021-01-03 14:25:43 +05:30
expect(Gitlab::ErrorTracking).to(
2022-03-02 08:16:31 +05:30
receive(:track_and_raise_for_dev_exception)
2021-01-03 14:25:43 +05:30
)
audit_service.for_authentication.security_event
end
2021-01-29 00:20:46 +05:30
context 'with IP address', :request_store do
using RSpec::Parameterized::TableSyntax
2021-09-30 23:02:18 +05:30
where(:from_context, :from_author_sign_in, :output) do
'192.168.0.2' | '192.168.0.3' | '192.168.0.2'
nil | '192.168.0.3' | '192.168.0.3'
2021-01-29 00:20:46 +05:30
end
with_them do
let(:user) { create(:user, current_sign_in_ip: from_author_sign_in) }
2021-09-30 23:02:18 +05:30
let(:audit_service) { described_class.new(user, user, with: 'standard') }
2021-01-29 00:20:46 +05:30
before do
allow(Gitlab::RequestContext.instance).to receive(:client_ip).and_return(from_context)
end
specify do
2022-03-02 08:16:31 +05:30
expect(AuthenticationEvent).to receive(:new).with(hash_including(ip_address: output)).and_call_original
2021-01-29 00:20:46 +05:30
audit_service.for_authentication.security_event
end
end
end
2020-11-24 15:15:51 +05:30
end
2018-12-13 13:39:08 +05:30
end
2019-12-04 20:38:33 +05:30
describe '#log_security_event_to_file' do
it 'logs security event to file' do
expect(service).to receive(:file_logger).and_return(logger)
2023-04-23 21:23:45 +05:30
expect(logger).to receive(:info).with({ author_id: user.id,
author_name: user.name,
entity_type: 'Project',
entity_id: project.id,
action: :destroy,
created_at: anything })
2019-12-04 20:38:33 +05:30
service.log_security_event_to_file
end
end
2018-12-13 13:39:08 +05:30
end