-
Notifications
You must be signed in to change notification settings - Fork 980
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Audit logging #6339
Audit logging #6339
Conversation
7297b66
to
85d3529
Compare
@nlhkabu this should be ready for your input on UI/X 😄 |
Thanks @woodruffw I've formatted the new events in the security history page - but I wasn't sure how I could test these... Would you be able to generate a screenshot on your side? Also, I was wondering - is there a technical reason why we don't capture/expose data re: the user who has created the release, removed the release and removed the file? I would have thought this is pretty useful information to expose. |
For
Nope, just an oversight on my part. I'll expose this information. |
Co-Authored-By: Dustin Ingram <di@users.noreply.github.com>
Co-Authored-By: Dustin Ingram <di@users.noreply.github.com>
Co-Authored-By: Dustin Ingram <di@users.noreply.github.com>
Co-Authored-By: Dustin Ingram <di@users.noreply.github.com>
Co-Authored-By: Dustin Ingram <di@users.noreply.github.com>
Woot! |
Adds
UserEvent
andProjectEvent
models, as well as corresponding helpers for recording events.A shortlist of loggable events (not all of which need to be part of this PR):
Users:
Projects:
TODO:
assert
s torecord_event
calls in unit tests, where appropriate.Summary of events added:
Users:
account:email:add
(New email added to account)account:email:remove
(Email removed from account)account:email:primary:change
(Primary email changed or added)account:email:reverify
(Email reverified)account:password:change
(Account password changed)account:two_factor:method_added
(Two factor method added)account:two_factor:method_removed
(Two factor method removed)account:api_token:added
(API token added)account:api_token:removed
(API token removed)account:create
(Account created)account:password:reset:request
(Password reset request sent)account:password:reset
(Password reset request completed)account:email:verified
(Email address verified)account:login:success
(Successful login)Projects:
project:create
(Project created)project:release:added
(New project release added)project:release:removed
(Project release removed)project:release:file:removed
(Project release file removed)project:api_token:added
(API token added w/ project in scope)project:api_token:removed
(API token removed w/ project in scope)project:role:add
(New role added to project)project:role:delete
(Role removed from project)project:role:change
(Role changed in project)cc @brainwane @ewdurbin @di @dstufft @nlhkabu
Closes #5863.