CE: Audit event for archiving and unarchiving projectsce-8631-archiving-a-project-should-create-an-audit-event

author: manojmj <mmj@gitlab.com> 2019-08-21 09:12:48 +0530
committer: manojmj <mmj@gitlab.com> 2019-08-21 09:12:48 +0530
commit: a07efbdfd0ccb332df124b6c40287bdccb26fd89 (patch)
tree: 032080a18bbf242684ee6854ae6284ec80d6cdae
parent: da573ae259f132e8a557001f54d58037f2534753 (diff)
download: gitlab-ce-ce-8631-archiving-a-project-should-create-an-audit-event.tar.gz
3 files changed, 99 insertions, 4 deletions
diff --git a/app/controllers/projects_controller.rb b/app/controllers/projects_controller.rb
index e04cbf10470..5f335de4d6b 100644
--- a/app/controllers/projects_controller.rb
+++ b/app/controllers/projects_controller.rb
@@ -29,6 +29,7 @@ class ProjectsController < Projects::ApplicationController
 
   # Authorize
   before_action :authorize_admin_project!, only: [:edit, :update, :housekeeping, :download_export, :export, :remove_export, :generate_new_export]
+  before_action :authorize_archive_project!, only: [:archive, :unarchive]
   before_action :event_filter, only: [:show, :activity]
 
   layout :determine_layout
@@ -164,8 +165,6 @@ class ProjectsController < Projects::ApplicationController
   end
 
   def archive
-    return access_denied! unless can?(current_user, :archive_project, @project)
-
     ::Projects::UpdateService.new(@project, current_user, archived: true).execute
 
     respond_to do |format|
@@ -174,8 +173,6 @@ class ProjectsController < Projects::ApplicationController
   end
 
   def unarchive
-    return access_denied! unless can?(current_user, :archive_project, @project)
-
     ::Projects::UpdateService.new(@project, current_user, archived: false).execute
 
     respond_to do |format|
diff --git a/doc/administration/audit_events.md b/doc/administration/audit_events.md
index 02de2caf558..8075a40cae7 100644
--- a/doc/administration/audit_events.md
+++ b/doc/administration/audit_events.md
@@ -75,6 +75,8 @@ From there, you can see the following actions:
 - User was removed from project
 - Project export was downloaded
 - Project repository was downloaded
+- Project was archived
+- Project was unarchived
 
 ### Instance events **(PREMIUM ONLY)**
 
diff --git a/spec/controllers/projects_controller_spec.rb b/spec/controllers/projects_controller_spec.rb
index 083a1c1383a..c732caa6160 100644
--- a/spec/controllers/projects_controller_spec.rb
+++ b/spec/controllers/projects_controller_spec.rb
@@ -318,6 +318,102 @@ describe ProjectsController do
     end
   end
 
+  describe 'POST #archive' do
+    let(:group) { create(:group) }
+    let(:project) { create(:project, group: group) }
+
+    before do
+      sign_in(user)
+    end
+
+    context 'for a user with the ability to archive a project' do
+      before do
+        group.add_owner(user)
+
+        post :archive, params: {
+          namespace_id: project.namespace.path,
+          id: project.path
+        }
+      end
+
+      it 'archives the project' do
+        expect(project.reload.archived?).to be_truthy
+      end
+
+      it 'redirects to projects path' do
+        expect(response).to have_gitlab_http_status(302)
+        expect(response).to redirect_to(project_path(project))
+      end
+    end
+
+    context 'for a user that does not have the ability to archive a project' do
+      before do
+        project.add_maintainer(user)
+
+        post :archive, params: {
+          namespace_id: project.namespace.path,
+          id: project.path
+        }
+      end
+
+      it 'does not archive the project' do
+        expect(project.reload.archived?).to be_falsey
+      end
+
+      it 'returns 404' do
+        expect(response).to have_gitlab_http_status(404)
+      end
+    end
+  end
+
+  describe 'POST #unarchive' do
+    let(:group) { create(:group) }
+    let(:project) { create(:project, :archived, group: group) }
+
+    before do
+      sign_in(user)
+    end
+
+    context 'for a user with the ability to unarchive a project' do
+      before do
+        group.add_owner(user)
+
+        post :unarchive, params: {
+          namespace_id: project.namespace.path,
+          id: project.path
+        }
+      end
+
+      it 'unarchives the project' do
+        expect(project.reload.archived?).to be_falsey
+      end
+
+      it 'redirects to projects path' do
+        expect(response).to have_gitlab_http_status(302)
+        expect(response).to redirect_to(project_path(project))
+      end
+    end
+
+    context 'for a user that does not have the ability to unarchive a project' do
+      before do
+        project.add_maintainer(user)
+
+        post :unarchive, params: {
+          namespace_id: project.namespace.path,
+          id: project.path
+        }
+      end
+
+      it 'does not unarchive the project' do
+        expect(project.reload.archived?).to be_truthy
+      end
+
+      it 'returns 404' do
+        expect(response).to have_gitlab_http_status(404)
+      end
+    end
+  end
+
   describe '#housekeeping' do
     let(:group) { create(:group) }
     let(:project) { create(:project, group: group) }
author	manojmj <mmj@gitlab.com>	2019-08-21 09:12:48 +0530
committer	manojmj <mmj@gitlab.com>	2019-08-21 09:12:48 +0530
commit	a07efbdfd0ccb332df124b6c40287bdccb26fd89 (patch)
tree	032080a18bbf242684ee6854ae6284ec80d6cdae
parent	da573ae259f132e8a557001f54d58037f2534753 (diff)
download	gitlab-ce-ce-8631-archiving-a-project-should-create-an-audit-event.tar.gz