Disallow streaming event filters to be created for invalid event type
What does this MR do and why?
We have external audit event streaming to custom http destinations for top group-level and instance-level audit events, refer https://docs.gitlab.com/ee/administration/audit_event_streaming/ for more details.
For such destinations we support filtering of audit events on the basis of the allowed audit event types. While creating these event type filters for destinations at here and here, we do not check whether the event type is defined or not.
What?
- This MR adds a check for validating the audit event type being used for creation of the event type filters.
- Since we were using placeholder
audit_operation
audit event type for creating event type filters in rspecs, they started failing once the check was added, so I have replace these invalid audit event type with a valid oneevent_type_filter_created
.
How to set up and validate locally
Numbered steps to set up and validate the change are strongly suggested.
- Try creating an event type filter for a custom http destination as mentioned in https://docs.gitlab.com/ee/administration/audit_event_streaming/graphql_api.html#use-the-api-to-add-an-event-type-filter and https://docs.gitlab.com/ee/administration/audit_event_streaming/graphql_api.html#use-the-api-to-add-an-event-type-filter-1 with a valid audit event type, say
event_type_filter_created
, and it should create the event filter. - Try creating event type filter with invalid type, for example
invalid-event-type
and it should not create any filter and should return error in response.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #413893 (closed)
Edited by Hitesh Raghuvanshi