Skip to content

Refactor audit events for omniauth, registration controllers

Aaron Huntsmanrequested to merge
374107-add-event-type-information-for-audit-events-using-auditeventservice-in-user into master

What does this MR do and why?

Adds audit event types for controllers related to user registration and authentication. Refactors associated API helpers to use Gitlab::Audit::Auditor to build audit events.

This affects the following services:

  • ee/app/controllers/ee/omniauth_callbacks_controller.rb
  • ee/app/controllers/ee/registrations_controller.rb

Verification steps

Omniauth failed login

  1. Log out
  2. Attempt to login via google. This should fail by default in a local GDK environment.
  3. Verify the audit event.

Registrations Controller

  1. Log out
  2. Click register to request a new account.
  3. Log in as admin
  4. Verify the audit event.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #374107 (closed)

Edited by Aaron Huntsman

Merge request reports