Skip to content

Include request.remote_ip when instrumenting an audit event

Problems to solve

Ensure that (when possible) pass request.remote_ip when create a new audit event.

Proposal

Original proposal
  • Investigate all current instrumentation of Audit Events
  • Where possible, pass request.remote_ip when create audit event
    • For application controllers, remote IP can be retrieved via request.remote_ip
    • For API, remote IP can be retrieved via ip_request via API::Helpers.
    • If the audit events are emitted deep in the call stacks, it might require to replace the existing implementation with Audit::Auditor.

Extract request IP from RequestContext within AuditEventService. The callers are not required to provide this piece of information when invoking AuditEventService.

Usages

Controllers

  • ee/app/controllers/smartcard_controller.rb

Services

  • ee/app/services/groups/restore_service.rb
  • ee/app/services/groups/mark_for_deletion_service.rb
  • ee/app/services/projects/restore_service.rb
  • ee/app/services/projects/mark_for_deletion_service.rb
  • ee/app/services/ee/audit_event_service.rb
  • ee/app/services/ee/projects/destroy_service.rb
  • ee/app/services/ee/projects/create_service.rb
  • ee/app/services/ee/keys/create_service.rb
  • ee/app/services/ee/projects/enable_deploy_key_service.rb
  • ee/app/services/ee/members/destroy_service.rb
  • ee/app/services/ee/members/approve_access_request_service.rb
  • ee/app/services/ee/members/create_service.rb
  • ee/app/services/ee/members/update_service.rb
  • ee/app/services/ee/projects/disable_deploy_key_service.rb
  • ee/app/services/ee/groups/create_service.rb
  • ee/app/services/ee/applications/create_service.rb
  • ee/app/services/ee/groups/destroy_service.rb
  • ee/app/services/ee/projects/import_service.rb
  • ee/app/services/ee/emails/base_service.rb
  • ee/app/services/ee/projects/group_links/destroy_service.rb
  • ee/app/services/ee/users/block_service.rb
  • ee/app/services/ee/users/destroy_service.rb
  • ee/app/services/ee/projects/group_links/create_service.rb
  • ee/app/services/ee/users/create_service.rb
  • ee/app/services/ee/deploy_keys/create_service.rb
  • ee/app/services/ci/audit_variable_change_service.rb
  • ee/app/services/ee/audit_events/repository_download_started_audit_event_service.rb
  • ee/app/services/ee/audit_events/release_created_audit_event_service.rb
  • ee/app/services/ee/audit_events/protected_branch_audit_event_service.rb
  • ee/app/services/ee/audit_events/custom_audit_event_service.rb
  • ee/app/services/ee/protected_branches/loggable.rb
  • ee/app/services/ee/audit_events/impersonation_audit_event_service.rb
  • ee/app/services/ee/audit_events/release_associate_milestone_audit_event_service.rb
  • ee/app/services/ee/audit_events/repository_push_audit_event_service.rb
  • ee/app/services/ee/audit_events/release_audit_event_service.rb
  • ee/app/services/ee/audit_events/release_artifacts_downloaded_audit_event_service.rb
  • ee/app/services/ee/audit_events/release_updated_audit_event_service.rb
Edited by Tan Le