Add user_access_unlocked audit event
What does this MR do and why?
Resolves https://gitlab.com/gitlab-org/modelops/anti-abuse/team-tasks/-/issues/244?work_item_iid=416 as part of https://gitlab.com/gitlab-org/modelops/anti-abuse/team-tasks/-/issues/244.
Add user_access_unlocked
audit event.
A user_access_unlocked
audit event is logged when the user's access to the instance is unlocked. The author for the logged audit event is set to the user that unlocked the user's access.
The following table shows the events that trigger logging of the new type of audit event as well as the author used for the audit event.
event trigger | author |
---|---|
Unlocked by an admin via the users admin page | current user (admin) |
Unlocked by the user by entering a code sent to their email | the locked user |
Unlocked after the lock expires | the locked user |
Calls to User#unlock_access
|
the locked user |
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Merge request reports
Activity
changed milestone to %16.2
assigned to @eugielimpin
- A deleted user
added backend label
2 Warnings d0a4f6de: Commits that change 30 or more lines across at least 3 files should describe these changes in the commit body. For more information, take a look at our Commit message guidelines. 09038da0: Commits that change 30 or more lines across at least 3 files should describe these changes in the commit body. For more information, take a look at our Commit message guidelines. 1 Message This merge request adds or changes documentation files. A review from the Technical Writing team before you merge is recommended. Reviews can happen after you merge. Documentation review
The following files require a review from a technical writer:
-
doc/administration/audit_events.md
(Link to current live version)
The review does not need to block merging this merge request. See the:
-
Metadata for the
*.md
files that you've changed. The first few lines of each*.md
file identify the stage and group most closely associated with your docs change. - The Technical Writer assigned for that stage and group.
- Documentation workflows for information on when to assign a merge request for review.
Reviewer roulette
Changes that require review have been detected!
Please refer to the table below for assigning reviewers and maintainers suggested by Danger in the specified category:
Category Reviewer Maintainer backend Michael Becker (
@wandering_person
) (UTC-7, 15 hours behind@eugielimpin
)Gary Holtz (
@garyh
) (UTC-5, 13 hours behind@eugielimpin
)To spread load more evenly across eligible reviewers, Danger has picked a candidate for each review slot, based on their timezone. Feel free to override these selections if you think someone else would be better-suited or use the GitLab Review Workload Dashboard to find other available reviewers.
To read more on how to use the reviewer roulette, please take a look at the Engineering workflow and code review guidelines. Please consider assigning a reviewer or maintainer who is a domain expert in the area of the merge request.
Once you've decided who will review this merge request, assign them as a reviewer! Danger does not automatically notify them for you.
If needed, you can retry the
danger-review
job that generated this comment.Generated by
Danger-
added 1 commit
- 79ee6c3c - Update audit event type definition file with the correct MR URL
Allure report
allure-report-publisher
generated test report!e2e-test-on-gdk:
test report for d0a4f6deexpand test summary
+-----------------------------------------------------------------------+ | suites summary | +------------------+--------+--------+---------+-------+-------+--------+ | | passed | failed | skipped | flaky | total | result | +------------------+--------+--------+---------+-------+-------+--------+ | Govern | 2 | 0 | 0 | 0 | 2 | ✅ | | Create | 6 | 2 | 1 | 6 | 9 | ❌ | | Manage | 1 | 0 | 0 | 0 | 1 | ✅ | | Monitor | 4 | 0 | 0 | 2 | 4 | ❗ | | Plan | 4 | 0 | 0 | 4 | 4 | ❗ | | Framework sanity | 0 | 0 | 1 | 0 | 1 | ➖ | | Data Stores | 2 | 0 | 0 | 0 | 2 | ✅ | +------------------+--------+--------+---------+-------+-------+--------+ | Total | 19 | 2 | 2 | 12 | 23 | ❌ | +------------------+--------+--------+---------+-------+-------+--------+
added 1 commit
- 7b7d81e6 - Log an audit event when user unlocks their own user access
added 1 commit
- 997669ef - Log an audit event when user unlocks their own user access
marked the checklist item I have evaluated the MR acceptance checklist for this MR. as completed
added 1 commit
- a586df4e - Update check to see if a user's access is locked
- Resolved by Douglas Barbosa Alexandre
Hey @alexbuijs
Could you do the initial backend review for this MR, please?
added workflowin review label
requested review from @alexbuijs
- Resolved by Alex Buijs
- Resolved by Eugie Limpin
removed review request for @alexbuijs
added 1 commit
- 481e2fd1 - Add comment to indicate method is overridden in EE
requested review from @alexbuijs
added 573 commits
-
481e2fd1...57fc34ce - 568 commits from branch
master
- d2e8de25 - Add user_access_unlocked audit event
- 968a7f99 - Update audit event type definition file with the correct MR URL
- 64da9d8b - Log an audit event when user unlocks their own user access
- 6ca48a88 - Update check to see if a user's access is locked
- c85292c7 - Add comment to indicate method is overridden in EE
Toggle commit list-
481e2fd1...57fc34ce - 568 commits from branch
@phillipwells Could you review the documentation part, please?
requested review from @phillipwells
- A deleted user
added documentation label
requested review from @dbalexandre and @mksionek
@alexbuijs
, thanks for approving this merge request.This is the first time the merge request is approved. To ensure full test coverage, a new pipeline will be started shortly.
For more info, please refer to the following links:
added pipeline:mr-approved label
removed review request for @alexbuijs
- Resolved by Douglas Barbosa Alexandre
removed review request for @dbalexandre
removed review request for @mksionek
- Resolved by Alex Buijs
- Resolved by Eugie Limpin
@eugielimpin I've approved from a Technical Writing standpoint. Thanks!
added Technical Writing docsfeature labels
removed review request for @phillipwells
added pipeline:run-as-if-foss label
requested review from @dbalexandre
added 1 commit
- d0a4f6de - Remove use of virtual attribute unlock_access_audit_event_author_id
enabled an automatic merge when the pipeline for cc9e802e succeeds
mentioned in commit cf64921a
added workflowstaging-canary label and removed workflowin review label
added workflowcanary label and removed workflowstaging-canary label
added workflowstaging label and removed workflowcanary label
added workflowproduction label and removed workflowstaging label
added releasedcandidate label
mentioned in merge request kubitus-project/kubitus-installer!2281 (merged)
added releasedpublished label and removed releasedcandidate label
mentioned in issue #502374