Security audit for user actions
The Administration panel now reports specific actions that manage security permissions for users. Each entry row will consist of the following columns:
Operation type: name of the operation performed
Administrator Full Name: full name of admin user who performed the given action
User Full Name: full name of the user that the action affects
Description: text description of what has been changed for the given user
Date and Time: date and time when the change was made
Each row is also expandable, showing additional information about activity:
Administration username and email that performed the action
Username and email of the user that the action affects
Country, Region, and IP: GeoIP information if possible of administrator who performed action
User Agent: additional info on Administrator system.
List of user activities that will be reported in Administrative Activity tab:
1 | changed user name |
2 | changed user full name |
3 | changed user description |
4 | changed user email |
5 | changed user provider |
6 | enabled user |
7 | disabled user |
8 | deleted user |
9 | assigned user to group |
10 | removed user from group |
11 | assigned user to role |
12 | removed user from role |
13 | assigned user to permission in security scheme |
14 | unassigned user from permission in security scheme |
15 | assigned user to FLS |
16 | unassigned user from FLS |
17 | added user |
Administrator using the Activity log can narrow down the list of activities by selecting a specific user. The list will display actions related to the selected user.
Some additional features that will be implemented in the next version include:
Handling groups
Additional filtering options (by date and operation type)
Retention policy
Possibly adding new operation types if needed.