From b332caa4eb607073d62848c46a3fafbd660d18aa Mon Sep 17 00:00:00 2001 From: Oswaldo Ferreira Date: Tue, 27 Aug 2019 18:50:17 -0300 Subject: [PATCH] Backport "Track repository pushes as audit events" --- app/services/audit_event_service.rb | 8 ++++---- config/sidekiq_queues.yml | 1 + spec/services/audit_event_service_spec.rb | 12 ++++++++++++ 3 files changed, 17 insertions(+), 4 deletions(-) diff --git a/app/services/audit_event_service.rb b/app/services/audit_event_service.rb index 73f3408a240..22ade0b0658 100644 --- a/app/services/audit_event_service.rb +++ b/app/services/audit_event_service.rb @@ -21,6 +21,10 @@ class AuditEventService log_security_event_to_database end + def log_security_event_to_file + file_logger.info(base_payload.merge(formatted_details)) + end + private def base_payload @@ -39,10 +43,6 @@ class AuditEventService @details.merge(@details.slice(:from, :to).transform_values(&:to_s)) end - def log_security_event_to_file - file_logger.info(base_payload.merge(formatted_details)) - end - def log_security_event_to_database SecurityEvent.create(base_payload.merge(details: @details)) end diff --git a/config/sidekiq_queues.yml b/config/sidekiq_queues.yml index ea165508d29..7edec576f9a 100644 --- a/config/sidekiq_queues.yml +++ b/config/sidekiq_queues.yml @@ -102,6 +102,7 @@ - [create_github_webhook, 2] - [geo, 1] - [repository_update_mirror, 1] + - [repository_push_audit_event, 1] - [new_epic, 2] - [project_import_schedule, 1] - [project_update_repository_storage, 1] diff --git a/spec/services/audit_event_service_spec.rb b/spec/services/audit_event_service_spec.rb index e42bff607b2..96df6689bb0 100644 --- a/spec/services/audit_event_service_spec.rb +++ b/spec/services/audit_event_service_spec.rb @@ -47,4 +47,16 @@ describe AuditEventService do expect(details[:target_id]).to eq(1) end end + + describe '#log_security_event_to_file' do + it 'logs security event to file' do + expect(service).to receive(:file_logger).and_return(logger) + expect(logger).to receive(:info).with(author_id: user.id, + entity_type: 'Project', + entity_id: project.id, + action: :destroy) + + service.log_security_event_to_file + end + end end