Skip to content
Snippets Groups Projects
Commit a286850c authored by Kerri Miller's avatar Kerri Miller
Browse files

Merge branch 'harsimarsandhu-replace-streamed-id-for-audit-events' into 'master'

Use SecureRandom uuid for streaming audit event

See merge request !102972



Merged-by: default avatarKerri Miller <kerrizor@kerrizor.com>
Approved-by: default avatarMichael Becker <11881043-wandering_person@users.noreply.gitlab.com>
Approved-by: default avatarKerri Miller <kerrizor@kerrizor.com>
Co-authored-by: default avatarharsimarsandhu <hsandhu@gitlab.com>
parents d7d74a3c 3c4426f8
No related branches found
No related tags found
1 merge request!102972Use SecureRandom uuid for streaming audit event
Pipeline #708756397 passed
......@@ -65,6 +65,9 @@ def allowed_to_stream?(destination, audit_operation)
def request_body(audit_event, audit_operation)
body = audit_event.as_json
body[:event_type] = audit_operation
# We want to have uuid for stream only audit events also and in this case audit_event's id is blank.
# so we override it with `SecureRandom.uuid`
body["id"] = SecureRandom.uuid if audit_event.id.blank?
Gitlab::Json::LimitedEncoder.encode(body, limit: REQUEST_BODY_SIZE_LIMIT)
end
......@@ -78,10 +81,7 @@ def audit_event(audit_event_id, audit_event_json)
def parse_audit_event_json(audit_event_json)
audit_event_json = Gitlab::Json.parse(audit_event_json).with_indifferent_access
audit_event = AuditEvent.new(audit_event_json)
# We want to have created_at as unique id for deduplication if audit_event id is not present
audit_event.id = audit_event.created_at.to_i if audit_event.id.blank?
audit_event
AuditEvent.new(audit_event_json)
end
end
end
......@@ -17,9 +17,21 @@
end
context 'when audit event json is passed' do
subject { worker.perform('audit_operation', nil, event.to_json) }
context 'when audit event is streamed as well as database saved' do
subject { worker.perform('audit_operation', nil, event.to_json) }
include_context 'audit event stream'
include_context 'audit event stream'
end
context 'when audit event is stream only' do
before do
event.id = nil # id is nil in case of stream only events because they are not stored in database.
end
subject { worker.perform('audit_operation', nil, event.to_json) }
include_context 'audit event stream'
end
end
end
......@@ -79,6 +91,24 @@
end
end
context 'and id is always passed in request body' do
before do
allow(SecureRandom).to receive(:uuid).and_return('randomtoken')
end
it 'sends correct id in request body' do
if event.id.present?
expect(Gitlab::HTTP).to receive(:post).with(an_instance_of(String),
hash_including(body: a_string_including("id\":#{event.id}")))
else
expect(Gitlab::HTTP).to receive(:post).with(an_instance_of(String),
hash_including(body: a_string_including("id\":\"randomtoken\"")))
end
subject
end
end
context 'when the destination has custom headers' do
it 'sends the headers with the payload' do
create_list(:audit_events_streaming_header, 2, external_audit_event_destination: group.external_audit_event_destinations.last)
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment