Project

General

Profile

Bug #22199

Audit user and user group linking

Added by Marek Hulán about 5 years ago. Updated over 4 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Lukas Zapletal
Category:
Audit Log
Target version:
1.18.0
Difficulty:
Triaged:
Bugzilla link:
Pull request:
https://github.com/theforeman/foreman/pull/5450, https://github.com/theforeman/foreman/pull/5187
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

In order to audit all changes that might affect user permissions, it's not enough to just audit user roles, which is covered by #22051. We also need:

As a user with view_audits permission I want to see user audit record creates when a role has been assigned to a user.

As a user with view_audits permission I want to see user group audit record created when a role has been assigned to a user group.

As a user with view_audits permission I want to see user group audit record created when user group is assigned/disassigned another user group as parent/children. Note that this can have implications on what permissions a user in a given parent user group has grantes.

As a user with view_audits permission I want to see user audit record created when user is assigned or disassigned from a user group. This should include automatic external user group sync. Wile it does not necessarily is triggered by user, without this information, the critical part would be missing.

As a user with view_audits permission I want to see role audit record created when role permissions changes.

Related issues

Related to Foreman - Tracker #21879: [TRACKER] Audit every possible resourceNew2017-12-06

Related to Foreman - Bug #6235: User group membership changes not auditedResolved2014-06-16
Related to Foreman - Bug #23195: associations are not audited on creationClosed2018-04-10
Related to Foreman - Bug #23965: audit: undefined method `each' for "":StringClosed2018-06-17

Associated revisions

Revision d0eef9af (diff)
Added by Swapnil Abnave about 5 years ago

Fixes #22199 - Audit has_many associations (#5187)

History

#1 Updated by Marek Hulán about 5 years ago

  • Related to Tracker #21879: [TRACKER] Audit every possible resource added

#2 Updated by Tomer Brisker about 5 years ago

  • Related to Bug #6235: User group membership changes not audited added

#3 Updated by The Foreman Bot about 5 years ago

  • Status changed from New to Ready For Testing
  • Pull request https://github.com/theforeman/foreman/pull/5187 added

#4 Updated by Marek Hulán about 5 years ago

  • Legacy Backlogs Release (now unused) set to 330

#5 Updated by Swapnil Abnave about 5 years ago

  • % Done changed from 0 to 100
  • Status changed from Ready For Testing to Closed

#6 Updated by Tomer Brisker almost 5 years ago

  • Related to Bug #23195: associations are not audited on creation added

#7 Updated by The Foreman Bot almost 5 years ago

  • Assignee set to Lukas Zapletal
  • Pull request https://github.com/theforeman/foreman/pull/5450 added

#8 Updated by Tomer Brisker almost 5 years ago

  • Related to Bug #23965: audit: undefined method `each' for "":String added

Also available in: Atom PDF