Project

General

Profile

Actions

Bug #5490

open

Changes to repo group permissions via API are not audit logged

Added by Peter Colledge over 5 years ago. Updated about 5 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
-
Target version:
Start date:
10.07.2018
Due date:
% Done:

0%

Estimated time:
Sorting:
Commit Number:
Affected Version:

Description

grant_user_permission_to_repo_group()
revoke_user_permission_from_repo_group()
grant_user_group_permission_to_repo_group()
revoke_user_group_permission_from_repo_group()

in rhodecode/api/views/repo_group_api.py

are missing audit_logger.store_api('repo.edit.permissions', ...)

Related: #5461

Actions #1

Updated by Marcin Kuzminski [CTO] over 5 years ago

  • Target version set to v4.13

Ok, lets add it into 4.13.

Thanks for reporting this.

Actions #2

Updated by Peter Colledge over 5 years ago

Also please consider:

rhodecode/apps/repository/views/repo_maintainance.py:repo_maintenance_execute()
rhodecode/apps/repository/views/repo_settings_advanced.py:edit_advanced_locking()
rhodecode/apps/repository/views/repo_settings_advanced.py:edit_advanced_install_hooks()
rhodecode/apps/repository/views/repo_settings_fields.py:repo_field_edit()
rhodecode/apps/repository/views/repo_settings_fields.py:repo_field_create()
rhodecode/apps/repository/views/repo_settings_fields.py:repo_field_delete()
rhodecode/apps/repository/views/repo_settings_issue_trackers.py:repo_issuetracker_delete()
rhodecode/apps/repository/views/repo_settings_issue_trackers.py:repo_issuetracker_update()
rhodecode/api/views/repo_api.py:lock()
rhodecode/api/views/repo_api.py:grant_user_permission()
rhodecode/api/views/repo_api.py:revoke_user_permission()
rhodecode/api/views/repo_api.py:grant_user_group_permission()
rhodecode/api/views/repo_api.py:revoke_user_group_permission()
rhodecode/api/views/repo_api.py:set_repo_settings()
Actions #3

Updated by Redmine Integration about 5 years ago

  • Status changed from New to Resolved
Actions

Also available in: Atom PDF