Bug #5461: Changes to user group permissions via API are not audit logged - RhodeCode CE/EE - RhodeCode - issues

Actions

Copy link

Bug #5461

open

Changes to user group permissions via API are not audit logged

Added by Peter Colledge over 6 years ago. Updated about 6 years ago.

Status:

Resolved

Priority:

Normal

Assignee:

Category:

Target version:

v4.12

Start date:

11.04.2018

Due date:

% Done:

Estimated time:

Sorting:

Commit Number:

Affected Version:

v4.11

Description

grant_user_permission_to_user_group()
revoke_user_permission_from_user_group()
grant_user_group_permission_to_user_group()
revoke_user_group_permission_from_user_group()

in rhodecode/api/views/user_group_api.py

are missing audit_logger.store_api('user_group.edit.permissions', ...)

Actions

Copy link

Updated by Marcin Kuzminski [CTO] over 6 years ago

Target version set to v4.12

@team, can we force push this to 4.12 ?

Those functions use the general logger that audit logs it to the logging system but as indicated those should be audit logged as well...

Actions

Copy link

Updated by Marcin Kuzminski [CTO] over 6 years ago

Status changed from New to In Progress

Actions

Copy link

Updated by Peter Colledge over 6 years ago

Fixed in https://code.rhodecode.com/rhodecode-enterprise-ce/changeset/7f25a959a6c9e630c3e46e7f7f7580a87630906e thanks

Actions

Copy link

Updated by Marcin Kuzminski [CTO] about 6 years ago

Status changed from In Progress to Resolved

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

RhodeCode CE/EE

Custom queries

Bug #5461

Changes to user group permissions via API are not audit logged

Updated by Marcin Kuzminski [CTO] over 6 years ago

Updated by Marcin Kuzminski [CTO] over 6 years ago

Updated by Peter Colledge over 6 years ago

Updated by Marcin Kuzminski [CTO] about 6 years ago