Skip to content

Adding details in audit events for user registration

Hitesh Raghuvanshi requested to merge 377756-user-access-events into master

What does this MR do and why?

Adding additional user information in audit event generated when a new user is registered as per #377756.

User information being added are:

  1. id
  2. name
  3. username
  4. email id
  5. access level

How to set up and validate locally

  1. Setup an instance level external audit event destination for your GitLab instance, you would require an Ultimate license for the instance.
  2. Register as a new user from UI on your instance, you should receive an audit event on your registered destination in step 1 with event_type registration_created and a hash with key registration_details in the response payload under details hash. It would look something like following:
Payload - Click to expand 
{
  "id": 5500,
  "author_id": 67,
  "entity_id": 67,
  "entity_type": "User",
  "details": {
    "registration_details": {
      "id": 67,
      "username": "auditcheck1",
      "name": "Audit check1",
      "email": "auditcheck1@example.com",
      "access_level": "regular"
    },
    "author_name": "Audit check1",
    "author_class": "User",
    "target_id": 67,
    "target_type": "User",
    "target_details": "auditcheck1",
    "custom_message": "Instance access request",
    "ip_address": "127.0.0.1",
    "entity_path": "auditcheck1"
  },
  "ip_address": "127.0.0.1",
  "author_name": "Audit check1",
  "entity_path": "auditcheck1",
  "target_details": "auditcheck1",
  "created_at": "2023-08-10T07:17:10.072Z",
  "target_type": "User",
  "target_id": 67,
  "event_type": "registration_created"
}
  1. Now create a new user from admin area by following steps in https://docs.gitlab.com/ee/user/profile/account/create_accounts.html#create-users-in-admin-area. You would receive an audit event to your external destination with event_type as user_created and registration_details hash similar to one received in step 2.
  2. Register as a user via SSO, and then you would receive an audit event to your external destination with event_type as authenticated_with_group_saml and registration_details hash as similar to step 2.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #377756

Edited by Hitesh Raghuvanshi

Merge request reports