Project

General

Profile

Feature #33551

Audits should be searchable by the current user so a role with filter to "see my audits" can be created

Added by Marek Hulán 4 months ago. Updated 2 months ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Audit Log
Target version:
-
Difficulty:
Triaged:
No
Bugzilla link:

Associated revisions

Revision b46326a4 (diff)
Added by Marek Hulán 3 months ago

Fixes #33551 - allow searching audits by current_user

A user would like to define a filter that would allow all users to see
their own audits. The only thing that's missing is to define the
scoped_search on Audit model that would accept the current_user value
for audits' user_id and user.

This PR allows to search audits by the following terms

```
user.id = 1
user.id = 100
user.id = current_user

user = admin
user = current_user
```

the syntax is consitent with other places we have similar support (e.g.
the tasks).

Revision dc1ac386 (diff)
Added by Marek Hulán 3 months ago

Refs #33551 - fix the searching in audits by user

The first PR allowed to search in search_users relation, however that
searches on the actual audited objects. So when used in filters, it
would grant access to see all audits of $my account by anyone. While
such search may still be useful, the original intention was to allow
searching by the author of the audit.

Given the user is already a search keyword, we call this
authored_by_user. The correct syntax then is

authored_by_user = admin
authored_by_user = current_user

authored_by_user.id = 2
authored_by_user.id = current_user

History

#1 Updated by The Foreman Bot 4 months ago

  • Assignee set to Marek Hulán
  • Status changed from New to Ready For Testing
  • Pull request https://github.com/theforeman/foreman/pull/8792 added

#2 Updated by Nacho Barrientos 4 months ago

Similarly, it'd be nice to be able to create a filter allowing to see audits on resources that the user that's logged in can see at this very moment (hosts, hostgroups, etc). So basically if the current user can see a given host at the moment they'll be able to see the entire audit log of that resource, even if in the past it was not visible to them.

#3 Updated by The Foreman Bot 3 months ago

  • Fixed in Releases 3.1.0 added

#4 Updated by Marek Hulán 3 months ago

  • Status changed from Ready For Testing to Closed

#5 Updated by The Foreman Bot 3 months ago

  • Pull request https://github.com/theforeman/foreman/pull/8864 added

#6 Updated by Amit Upadhye 2 months ago

  • Category set to Audit Log

Also available in: Atom PDF