Refactor audit events for omniauth, registration controllers (!123080) · Merge requests · GitLab.org / GitLab

Aaron Huntsman requested to merge 374107-add-event-type-information-for-audit-events-using-auditeventservice-in-user into master Jun 08, 2023

What does this MR do and why?

Adds audit event types for controllers related to user registration and authentication. Refactors associated API helpers to use Gitlab::Audit::Auditor to build audit events.

This affects the following services:

ee/app/controllers/ee/omniauth_callbacks_controller.rb
ee/app/controllers/ee/registrations_controller.rb

Verification steps

Omniauth failed login

Log out
Attempt to login via google. This should fail by default in a local GDK environment.
Verify the audit event.

Registrations Controller

Log out
Click register to request a new account.
Log in as admin
Verify the audit event.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Related to #374107 (closed)

Edited Jun 09, 2023 by Aaron Huntsman

Refactor audit events for omniauth, registration controllers

What does this MR do and why?

Verification steps

Omniauth failed login

Registrations Controller

MR acceptance checklist

Merge request reports