Log a audit event when an admin custom role is assigned to user (!186570) · Merge requests · GitLab.org / GitLab

What does this MR do and why?

Updates the MemberRoles::AssignService. Logs an audit event when a admin role is assigned / unassigned from a user.
If a member_role is provided, then it's assigned to the user. If the member_role is NULL then it's unassigned from the user.

References

How to set up and validate locally

In the rails console, first enable the feature flag and seed some data:

Feature.enable(:custom_admin_roles)

# Create admin member role
member_role = MemberRole.create(name: "Admin custom role", read_admin_dashboard: true)

Log-in as admin and navigate to /-/graphql_explorer and run the following query:

mutation {
  memberRoleToUserAssign(input: {
    memberRoleId: "gid://gitlab/MemberRole/<member_role.id>",
    userId: "gid://gitlab/User/<User.first.id>",
  }) {
    errors
    clientMutationId
  }
}

You should see a record in /admin/audit_logs

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #507958 (closed)

Edited Apr 03, 2025 by Hinam Mehra

Log a audit event when an admin custom role is assigned to user

What does this MR do and why?

References

How to set up and validate locally

MR acceptance checklist

Merge request reports