Class: AuditEventService

Inherits:

Object

• Object
• AuditEventService

Includes:

AuditEventSaveType, Gitlab::Audit::Logging, Gitlab::Audit::ScopeValidation

Defined in:

app/services/audit_event_service.rb

Constant Summary

Constants included from Gitlab::Audit::Logging

Gitlab::Audit::Logging::ENTITY_TYPE_TO_CLASS

Constants included from AuditEventSaveType

AuditEventSaveType::SAVE_TYPES

Instance Method Summary

• #for_authentication ⇒ AuditEventService

  Builds the @details attribute for authentication.

• #initialize(author, entity, details = {}, save_type = :database_and_stream, created_at = DateTime.current) ⇒ AuditEventService constructor deprecated Deprecated.

  This service is deprecated. Use Gitlab::Audit::Auditor instead.

• #log_security_event_to_file ⇒ Object

  Writes event to a file.

• #security_event ⇒ AuditEvent

  Writes event to a file and creates an event record in DB.

Methods included from Gitlab::Audit::Logging

#log_to_new_tables

Constructor Details

#initialize(author, entity, details = {}, save_type = :database_and_stream, created_at = DateTime.current) ⇒ AuditEventService

Deprecated.

This service is deprecated. Use Gitlab::Audit::Auditor instead.

Instantiates a new service

More information: docs.gitlab.com/ee/development/audit_event_guide/#how-to-instrument-new-audit-events

Parameters:

• author (User, token String) —

  the entity who authors the change

• entity (User, Project, Group) —

  the scope which audit event belongs to This param is also used to determine the visibility of the audit event.

  • Project: events are visible at Project and Instance level

  • Group: events are visible at Group and Instance level

  • User: events are visible at Instance level

• details (Hash) (defaults to: {}) —

  extra data of audit event

• save_type (Symbol) (defaults to: :database_and_stream) —

  the type to save the event Can be selected from the following, :database, :stream, :database_and_stream .

# File 'app/services/audit_event_service.rb', line 25

def initialize(author, entity, details = {}, save_type = :database_and_stream, created_at = DateTime.current)
  @author = build_author(author)
  @entity = entity
  @details = details
  @ip_address = resolve_ip_address(@author)
  @save_type = save_type
  @created_at = created_at

  validate_scope!(@entity)

  log_initialization
end

Instance Method Details

#for_authentication ⇒ AuditEventService

Builds the @details attribute for authentication

This uses the @author as the target object being audited

Returns:

• (AuditEventService)

# File 'app/services/audit_event_service.rb', line 43

def for_authentication
  mark_as_authentication_event!

  @details = {
    with: @details[:with],
    target_id: @author.id,
    target_type: 'User',
    target_details: @author.name
  }

  self
end

#log_security_event_to_file ⇒ Object

Writes event to a file

# File 'app/services/audit_event_service.rb', line 66

def log_security_event_to_file
  file_logger.info(base_payload.merge(formatted_details))
end

#security_event ⇒ AuditEvent

Writes event to a file and creates an event record in DB

Returns:

• (AuditEvent) —

  persisted if saves and non-persisted if fails

# File 'app/services/audit_event_service.rb', line 59

def security_event
  log_security_event_to_file
  log_authentication_event_to_database
  log_security_event_to_database
end