Link project_bot user deletion audit event to its resource if possible
What does this MR do and why?
Related to #488166 (closed)
Currently, when deleting user with any user type, GitLab creates user_destroyed audit event. That audit event is linked to User. Meaning that only instance admins can see that audit event.
The goal of this MR to allow resource(group/project) owners see user_destroyed audit events that are related to the resource project_bot user deletion by linking that audit event to the resource if possible.
That MR also
- improves
user_destroyedaudit event creation by mentioning reason of the user deletion in the message - ensures
user_destroyedaudit event is created even withoutcurrent_user- I think we and users could benefit from having audit events about user deletions without
current_user(when user is deleted from rails console for instance). See !167021 (comment 2137711286)
- I think we and users could benefit from having audit events about user deletions without
Screenshots or screen recordings
| Before | After |
|---|---|
 |
 |
How to set up and validate locally
- Create project access token or group access token. (Under the hood it creates a user with project_bot type)
- Revoke the token or simulate token expiration.
- Visit the group/project's
/audit_eventspage. You should see the event about the project_bot deletion with the reason in the message.
Edited by Bogdan Denkovych