Audits should be searchable by the current user so a role with filter to "see my audits" can be created
Fixes #33551 - allow searching audits by current_user
A user would like to define a filter that would allow all users to see
their own audits. The only thing that's missing is to define the
scoped_search on Audit model that would accept the current_user value
for audits' user_id and user.
This PR allows to search audits by the following terms
user.id = 1
user.id = 100
user.id = current_user
user = admin
user = current_user
the syntax is consitent with other places we have similar support (e.g.
Refs #33551 - fix the searching in audits by user
The first PR allowed to search in search_users relation, however that
searches on the actual audited objects. So when used in filters, it
would grant access to see all audits of $my account by anyone. While
such search may still be useful, the original intention was to allow
searching by the author of the audit.
Given the user is already a search keyword, we call this
authored_by_user. The correct syntax then is
authored_by_user = admin
authored_by_user = current_user
authored_by_user.id = 2
authored_by_user.id = current_user
#2 Updated by Nacho Barrientos 9 months ago
Similarly, it'd be nice to be able to create a filter allowing to see audits on resources that the user that's logged in can see at this very moment (hosts, hostgroups, etc). So basically if the current user can see a given host at the moment they'll be able to see the entire audit log of that resource, even if in the past it was not visible to them.