Audit auditor role changes
What does this MR do and why?
This MR adds an audit event at eh instance level when a user is promoted or demoted as an auditor. Currently, we log this event for and admin user and this MR logs the event for auditor role changes.
By extending the audit logging to the 'Auditor' role, we can offer instance administrators a complete and transparent view of role changes within the platform. This will enhance security, accountability, and monitoring capabilities, ensuring that any changes to roles with access to sensitive data or functionalities are adequately tracked.
- Issue: #430235 (closed)
Screenshots or screen recordings
How to set up and validate locally
- In the GDK, navigate to
http://localhost:3000/admin/users/ANY_USER_NAME - Edit the user and switch the role to auditor
- Verify the audit event in the instance level audit events page: http://localhost:3000/admin/audit_logs
- Switch the user back to regular user
- Verify the audit event in the instance level audit events page: http://localhost:3000/admin/audit_logs
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by sameer shaik