Skip to content

Refactor target_type in AuditEvent

Max Woolf requested to merge 220322-refactor-target-type into master

What does this MR do?

As part of the wider AuditEvent refactoring work. This MR:

  • Adds target_type:text column to AuditEvent
  • Writes target_type to this new column as well as maintaining the original behaviour.
  • target_type is not displayed on the frontend but it is logged to the output JSON log file.
  • Fills in some of the missing specs for AuditEventService which will hopefully make refactoring easier in the future.

Database Review

Migrate

== 20200706092954 AddTargetTypeToAuditEvent: migrating ========================
-- add_column(:audit_events, :target_type, :text)
   -> 0.0011s
== 20200706092954 AddTargetTypeToAuditEvent: migrated (0.0062s) ===============

== 20200709115716 AddTextLimitToAuditEventTargetType: migrating ===============
-- transaction_open?()
   -> 0.0000s
-- execute("ALTER TABLE audit_events\nADD CONSTRAINT check_82294106dd\nCHECK ( char_length(target_type) <= 255 )\nNOT VALID;\n")
   -> 0.0028s
-- execute("ALTER TABLE audit_events VALIDATE CONSTRAINT check_82294106dd;")
   -> 0.0501s
== 20200709115716 AddTextLimitToAuditEventTargetType: migrated (0.0562s) ======

Rollback

== 20200709115716 AddTextLimitToAuditEventTargetType: reverting ===============
-- execute("ALTER TABLE audit_events\nDROP CONSTRAINT IF EXISTS check_82294106dd\n")
   -> 0.0009s
== 20200709115716 AddTextLimitToAuditEventTargetType: reverted (0.0063s) ======

== 20200706092954 AddTargetTypeToAuditEvent: reverting ========================
-- remove_column(:audit_events, :target_type)
   -> 0.0018s
== 20200706092954 AddTargetTypeToAuditEvent: reverted (0.0019s) ===============

Does this MR meet the acceptance criteria?

Conformity

Availability and Testing

Security

If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:

  • [-] Label as security and @ mention @gitlab-com/gl-security/appsec
  • [-] The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
  • [-] Security reports checked/validated by a reviewer from the AppSec team

Related to #220322 (closed)

Edited by Mayra Cabrera

Merge request reports

Loading