2018-12-13 13:39:08 +05:30
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
|
|
require 'spec_helper'
|
|
|
|
|
2020-07-28 23:09:34 +05:30
|
|
|
RSpec.describe AuditEventService do
|
2018-12-13 13:39:08 +05:30
|
|
|
let(:project) { create(:project) }
|
2020-06-23 00:09:42 +05:30
|
|
|
let(:user) { create(:user, :with_sign_ins) }
|
2018-12-13 13:39:08 +05:30
|
|
|
let(:project_member) { create(:project_member, user: user) }
|
|
|
|
let(:service) { described_class.new(user, project, { action: :destroy }) }
|
|
|
|
let(:logger) { instance_double(Gitlab::AuditJsonLogger) }
|
|
|
|
|
|
|
|
describe '#security_event' do
|
2020-06-23 00:09:42 +05:30
|
|
|
before do
|
|
|
|
stub_licensed_features(admin_audit_log: false)
|
|
|
|
end
|
|
|
|
|
2018-12-13 13:39:08 +05:30
|
|
|
it 'creates an event and logs to a file' do
|
2019-09-30 21:07:59 +05:30
|
|
|
expect(service).to receive(:file_logger).and_return(logger)
|
2018-12-13 13:39:08 +05:30
|
|
|
expect(logger).to receive(:info).with(author_id: user.id,
|
2020-07-28 23:09:34 +05:30
|
|
|
author_name: user.name,
|
2018-12-13 13:39:08 +05:30
|
|
|
entity_id: project.id,
|
|
|
|
entity_type: "Project",
|
|
|
|
action: :destroy)
|
|
|
|
|
|
|
|
expect { service.security_event }.to change(SecurityEvent, :count).by(1)
|
|
|
|
end
|
2019-09-30 21:07:59 +05:30
|
|
|
|
|
|
|
it 'formats from and to fields' do
|
|
|
|
service = described_class.new(
|
|
|
|
user, project,
|
|
|
|
{
|
|
|
|
from: true,
|
|
|
|
to: false,
|
|
|
|
action: :create,
|
|
|
|
target_id: 1
|
|
|
|
})
|
|
|
|
expect(service).to receive(:file_logger).and_return(logger)
|
|
|
|
expect(logger).to receive(:info).with(author_id: user.id,
|
2020-07-28 23:09:34 +05:30
|
|
|
author_name: user.name,
|
2019-09-30 21:07:59 +05:30
|
|
|
entity_type: 'Project',
|
|
|
|
entity_id: project.id,
|
|
|
|
from: 'true',
|
|
|
|
to: 'false',
|
|
|
|
action: :create,
|
|
|
|
target_id: 1)
|
|
|
|
|
|
|
|
expect { service.security_event }.to change(SecurityEvent, :count).by(1)
|
|
|
|
|
|
|
|
details = SecurityEvent.last.details
|
|
|
|
expect(details[:from]).to be true
|
|
|
|
expect(details[:to]).to be false
|
|
|
|
expect(details[:action]).to eq(:create)
|
|
|
|
expect(details[:target_id]).to eq(1)
|
|
|
|
end
|
2018-12-13 13:39:08 +05:30
|
|
|
end
|
2019-12-04 20:38:33 +05:30
|
|
|
|
|
|
|
describe '#log_security_event_to_file' do
|
|
|
|
it 'logs security event to file' do
|
|
|
|
expect(service).to receive(:file_logger).and_return(logger)
|
|
|
|
expect(logger).to receive(:info).with(author_id: user.id,
|
2020-07-28 23:09:34 +05:30
|
|
|
author_name: user.name,
|
2019-12-04 20:38:33 +05:30
|
|
|
entity_type: 'Project',
|
|
|
|
entity_id: project.id,
|
|
|
|
action: :destroy)
|
|
|
|
|
|
|
|
service.log_security_event_to_file
|
|
|
|
end
|
|
|
|
end
|
2018-12-13 13:39:08 +05:30
|
|
|
end
|