feat: Add audit event for group Pages public access control setting

What does this MR do and why?

Toggling the "Remove public access" setting (force_pages_access_control) at the group level previously produced no audit event, creating a gap in audit coverage for a security-relevant setting that affects all projects within a group and its subgroups.

This MR adds the group_force_pages_access_control_updated audit event by:

  1. Creating a new audit event type YAML file at ee/config/audit_events/types/group_force_pages_access_control_updated.yml
  2. Adding force_pages_access_control to EVENT_NAME_PER_COLUMN in Namespaces::NamespaceSettingChangesAuditor, so changes to this column are audited consistently with other namespace settings
  3. Updating the spec to add a test case for the new column and removing it from the denylist
  4. Updating the audit event types documentation

This is consistent with how project-level Pages access changes are audited via Projects::ProjectFeatureChangesAuditor (project_feature_pages_access_level_updated).

References

  • Closes #595288 (closed)
  • Reference: existing project-level audit event ee/config/audit_events/types/project_feature_pages_access_level_updated.yml

Screenshots or screen recordings

No UI changes — this is a backend-only change adding audit instrumentation.

Before After
No audit event when toggling "Remove public access" at group level group_force_pages_access_control_updated audit event created

How to set up and validate locally

  1. Toggle the Remove public access setting for your group.
  2. Check Group Audit events — a group_force_pages_access_control_updated event should appear

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Naman Jagdish Gala

Merge request reports

Loading