Remove explicit audit event log in MembershipActions

Move it to Members::ApproveAccessRequestService.

Also, note that there was a double audit event log for access request
destruction.

Signed-off-by: Rémy Coutable <remy@rymai.me>

1 files changed, 12 insertions, 6 deletions

diff --git a/lib/api/members.rb b/lib/api/members.rb
index bc1de37284a..6367cde04bb 100644
--- a/lib/api/members.rb
+++ b/lib/api/members.rb
@@ -81,12 +81,18 @@ module API
           source = find_source(source_type, params.delete(:id))
           authorize_admin_source!(source_type, source)
 
-          member = source.members.find_by!(user_id: params.delete(:user_id))
-
-          if member.update_attributes(declared_params(include_missing: false))
-            present member, with: Entities::Member
+          member = source.members.find_by!(user_id: params[:user_id])
+          updated_member =
+            ::Members::UpdateService.new(
+              source,
+              current_user,
+              declared_params(include_missing: false)
+            ).execute(member)
+
+          if updated_member.valid?
+            present updated_member, with: Entities::Member
           else
-            render_validation_error!(member)
+            render_validation_error!(updated_member)
           end
         end
 
@@ -99,7 +105,7 @@ module API
           member = source.members.find_by!(user_id: params[:user_id])
 
           destroy_conditionally!(member) do
-            ::Members::DestroyService.new(source, current_user, declared_params).execute
+            ::Members::DestroyService.new(source, current_user).execute(member)
           end
         end
       end