(no) Security audit for user actions
- Tom Wyczółkowski
- Martin SWG (Unlicensed)
Specific actions that manages security permissions for users are now being reported in Administration panel.
Each entry row will consists of following columns:
Operation type - name of the operation performed,
Administrator Full Name - full name of admin user who performed given action,
User Full Name - full name of user that the action affects,
Description - text description of what has been changed for given user
Date and Time - date and time when the change has been done
Each row is also expandable, showing additional information about activity:
administration username and email that performed the action,
username and email of user that the action affects,
Country, Region and IP - GeoIP information if possible of administrator who performed action
User Agent - additional info of Administrator system.
List of user activities that will be reported in Administrative Activity tab:
1 | changed user name |
2 | changed user full name |
3 | changed user description |
4 | changed user email |
5 | changed user provider |
6 | enabled user |
7 | disabled user |
8 | deleted user |
9 | assigned user to group |
10 | removed user from group |
11 | assigned user to role |
12 | removed user from role |
13 | assigned user to permission in security scheme |
14 | unassigned user from permission in security scheme |
15 | assigned user to FLS |
16 | unassigned user from FLS |
17 | added user |
Administrator using Activity log can narrow list of activities by selecting User. List will show actions related to selected user.
Some additional features will be implemented for next version:
groups handling,
additional filtering possibilities (by date and operation type),
retention policy,
possibly adding new operation types if needed.