1 files changed, 37 insertions, 3 deletions

diff --git a/spec/lib/gitlab/audit/null_author_spec.rb b/spec/lib/gitlab/audit/null_author_spec.rb
index eb80e5faa89..7203a0cd816 100644
--- a/spec/lib/gitlab/audit/null_author_spec.rb
+++ b/spec/lib/gitlab/audit/null_author_spec.rb
@@ -6,13 +6,47 @@ RSpec.describe Gitlab::Audit::NullAuthor do
   subject { described_class }
 
   describe '.for' do
+    let(:audit_event) { instance_double(AuditEvent) }
+
     it 'returns an DeletedAuthor' do
-      expect(subject.for(666, 'Old Hat')).to be_a(Gitlab::Audit::DeletedAuthor)
+      allow(audit_event).to receive(:[]).with(:author_name).and_return('Old Hat')
+      allow(audit_event).to receive(:details).and_return({})
+      allow(audit_event).to receive(:target_type)
+
+      expect(subject.for(666, audit_event)).to be_a(Gitlab::Audit::DeletedAuthor)
     end
 
     it 'returns an UnauthenticatedAuthor when id equals -1', :aggregate_failures do
-      expect(subject.for(-1, 'Frank')).to be_a(Gitlab::Audit::UnauthenticatedAuthor)
-      expect(subject.for(-1, 'Frank')).to have_attributes(id: -1, name: 'Frank')
+      allow(audit_event).to receive(:[]).with(:author_name).and_return('Frank')
+      allow(audit_event).to receive(:details).and_return({})
+      allow(audit_event).to receive(:target_type)
+
+      expect(subject.for(-1, audit_event)).to be_a(Gitlab::Audit::UnauthenticatedAuthor)
+      expect(subject.for(-1, audit_event)).to have_attributes(id: -1, name: 'Frank')
+    end
+
+    it 'returns a CiRunnerTokenAuthor when details contain runner registration token', :aggregate_failures do
+      allow(audit_event).to receive(:[]).with(:author_name).and_return('cde456')
+      allow(audit_event).to receive(:entity_type).and_return('User')
+      allow(audit_event).to receive(:entity_path).and_return('/a/b')
+      allow(audit_event).to receive(:target_type).and_return(::Ci::Runner.name)
+      allow(audit_event).to receive(:details)
+        .and_return({ runner_registration_token: 'cde456', author_name: 'cde456', entity_type: 'User', entity_path: '/a/b' })
+
+      expect(subject.for(-1, audit_event)).to be_a(Gitlab::Audit::CiRunnerTokenAuthor)
+      expect(subject.for(-1, audit_event)).to have_attributes(id: -1, name: 'Registration token: cde456')
+    end
+
+    it 'returns a CiRunnerTokenAuthor when details contain runner authentication token', :aggregate_failures do
+      allow(audit_event).to receive(:[]).with(:author_name).and_return('cde456')
+      allow(audit_event).to receive(:entity_type).and_return('User')
+      allow(audit_event).to receive(:entity_path).and_return('/a/b')
+      allow(audit_event).to receive(:target_type).and_return(::Ci::Runner.name)
+      allow(audit_event).to receive(:details)
+        .and_return({ runner_authentication_token: 'cde456', author_name: 'cde456', entity_type: 'User', entity_path: '/a/b' })
+
+      expect(subject.for(-1, audit_event)).to be_a(Gitlab::Audit::CiRunnerTokenAuthor)
+      expect(subject.for(-1, audit_event)).to have_attributes(id: -1, name: 'Authentication token: cde456')
     end
   end