Skip to content

Add audit events for export, with silent mode

Luke Duncalfe requested to merge 294168-add-audit-events into master

What does this MR do and why?

Adds two new audit events for project and group file-based export, which can be skipped if the user is an admin and the instance has enabled a new setting to make exports silent https://gitlab.com/gitlab-org/gitlab/-/issues/294168.

The user is identified as being an admin within the request as a user_was_admin value. For project exports this value is then saved to ProjectExportJob so that model can determine whether to create an audit after the project export. It's persisted because one method of project export involves multiple steps and many workers. There is no similar model for group exports, and the export happens within a single service. So for group exports the value is not persisted and used within the service.

We assign a param user_was_admin in the request, and pass that to our Sidekiq workers, because due to Admin Mode the check of whether a user is an admin from within a worker context can return false when they actually were acting as an admin in the request. This was an assumption I had made, and so I realise I should verify this (internal, good for 90 days).

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Screenshots or screen recordings

Project export audit event Group export audit event
image image

How to set up and validate locally

QA the new audit events generated on project and group export:

  1. In the rails console enable the flag 
    Feature.enable(:export_audit_events)
  2. Log in as an instance admin (for example root).
  3. Choose a project and export it (Settings > General, scroll down to Advanced and click Export project)
  4. Wait for the export to complete (refresh the page until Download export button is visible in the Advanced section)
  5. View the project audit events (Secure > Audit events). There should be an audit log generated for the export
  6. Choose a group and export it (Settings > General, scroll down to Advanced and click Export group)
  7. Wait for the export to complete (refresh the page until Download export button is visible in the Advanced section)
  8. View the group audit events (Secure > Audit events). There should be an audit log generated for the export

QA that the new audit events are not sent when the new setting is enabled and the user is an instance admin:

  1. Now enable the setting (visit /admin/application_settings/general, expand Import and export settings and enable Silent exports by admins)
  2. Wait a minute for the application setting cache to clear
  3. Export a project and group again (it may be best to choose a different project and group this time)
  4. There should be no audit logs generated
  5. Now log in as a user who is not an admin
  6. Export the project and group again
  7. There should be an audit logs generated

Related to #294168

Edited by Luke Duncalfe

Merge request reports