Remove duplicate audit event when creating project access token (!109032) · Merge requests · GitLab.org / GitLab

Aaron Huntsman requested to merge 333902-audit-events-creating-project-access-tokens-generates-duplicate-audit-events into master Jan 16, 2023

What does this MR do and why?

ResourceAccessToken::CreateService invokes PersonalAccessToken::CreateService which generates a second "access token created" audit event. This event appears redundant to the end user.

This MR refactors ResourceAccessToken::CreateService to create the token itself, thus removing the extra audit event.

How to set up and validate locally

Create a project access token as per the instruction
Navigate to Admin Area > Monitoring > Audit Events
Verify that only one audit event is created for "Created project access token"; a second "Created personal access token" event should not be created.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Related to #333902 (closed)

Edited Jan 24, 2023 by Aaron Huntsman

Remove duplicate audit event when creating project access token

What does this MR do and why?

How to set up and validate locally

MR acceptance checklist

Merge request reports