No Audit Event When Access is Removed Due To Expiration
Summary
No audit event is generated when a user's access is removed due an expiration date being set by an admin. This recently caused a lot of ~toil to determine the cause of an apparent removal of GitLab team member from a top-level group.
Steps to reproduce
- Add a user to group with an expiration date. It can be set to the current day.
- After a day, observe that the user is no longer a member, but no audit event exists or is present in the
audit_json.log
file.
What is the current bug behavior?
The user is removed with no indication to admins or other users.
What is the expected correct behavior?
An audit event indicating that access expired should exist in the audit events.
Output of checks
This bug happens on GitLab.com