Skip to content

log permission changes for audit reasons #29478

New issue
New issue
Closed
Closed
log permission changes for audit reasons#29478
Labels
1. to developAccepted and waiting to be taken care ofenhancementfeature: admin auditneeds reviewNeeds review to determine if still applicable or covered by other Issues
@schiessle

Description

@schiessle
schiessle
opened on Oct 28, 2021

In security sensitive environments it is crucial to always know when access rights are granted and modified.

Therefore people should be notified on share / group folder permission change and change of group membership.

For audit reasons we should write to the audit log if:

  • a user changed a share permission
  • a user changed a group folder permission (advanced permissions)
  • a group membership changed (a user was added/removed from a group)

Additionally it makes sense to inform users via a activity entries: #31448

Metadata

Metadata

Assignees

No one assigned

    Labels

    1. to developAccepted and waiting to be taken care ofenhancementfeature: admin auditneeds reviewNeeds review to determine if still applicable or covered by other Issues

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions