Project

General

Profile

Bug #5490

Changes to repo group permissions via API are not audit logged

Added by Peter Colledge 10 months ago. Updated about 2 months ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
-
Target version:
Start date:
10.07.2018
Due date:
% Done:

0%

Estimated time:
Sorting:
Commit Number:
Affected Version:

Description

grant_user_permission_to_repo_group()
revoke_user_permission_from_repo_group()
grant_user_group_permission_to_repo_group()
revoke_user_group_permission_from_repo_group()

in rhodecode/api/views/repo_group_api.py

are missing audit_logger.store_api('repo.edit.permissions', ...)

Related: #5461

History

#1 Updated by Marcin Kuzminski [staff] 10 months ago

  • Target version set to v4.13

Ok, lets add it into 4.13.

Thanks for reporting this.

#2 Updated by Peter Colledge 10 months ago

Also please consider:

rhodecode/apps/repository/views/repo_maintainance.py:repo_maintenance_execute()
rhodecode/apps/repository/views/repo_settings_advanced.py:edit_advanced_locking()
rhodecode/apps/repository/views/repo_settings_advanced.py:edit_advanced_install_hooks()
rhodecode/apps/repository/views/repo_settings_fields.py:repo_field_edit()
rhodecode/apps/repository/views/repo_settings_fields.py:repo_field_create()
rhodecode/apps/repository/views/repo_settings_fields.py:repo_field_delete()
rhodecode/apps/repository/views/repo_settings_issue_trackers.py:repo_issuetracker_delete()
rhodecode/apps/repository/views/repo_settings_issue_trackers.py:repo_issuetracker_update()
rhodecode/api/views/repo_api.py:lock()
rhodecode/api/views/repo_api.py:grant_user_permission()
rhodecode/api/views/repo_api.py:revoke_user_permission()
rhodecode/api/views/repo_api.py:grant_user_group_permission()
rhodecode/api/views/repo_api.py:revoke_user_group_permission()
rhodecode/api/views/repo_api.py:set_repo_settings()

#3 Updated by Redmine Integration about 2 months ago

  • Status changed from New to Resolved

Also available in: Atom PDF