-
Notifications
You must be signed in to change notification settings - Fork 263
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
webadmin: improve audit log for user profile #132
Conversation
Example logs
|
ae11fda
to
237fb44
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The whole idea of adding those audit log messages is for tracking the management of properties settings. But since our behavior with those properties is not consistent comparing admin/vm portals and also comparing between the different properties, it's a bit hard to understand which operation was actually done by the user on a higher level (update a property, reset a property or all properties, created one?).
For example:
-
When updating an existing user property via the VM portal, it always break down to:
removed
+created
the property. While on admin portal it always break down intoreplaced
the property only. This is confusing and bottom line doesn't really reflects a consistent operation. -
When resetting all settings - not all properties are actually removed. Part of them are set back to a default value. so the '
Rest Settings
' operation is broke down into: removing few of properties but updating few others. And then when a user set them again - part of them are created and part are updated. So there is no way to know that the user was actually resetting back to defaults.
Bottom line, logging from the commands
level is very confusing and inconsistent. i wonder if there is a way to generate those logs on a higher level for the vm portal and for reset settings at least.
backend/manager/modules/dal/src/main/resources/bundles/AuditLogMessages.properties
Outdated
Show resolved
Hide resolved
...nager/modules/bll/src/main/java/org/ovirt/engine/core/bll/AddUserProfilePropertyCommand.java
Outdated
Show resolved
Hide resolved
Audit log was not key priority. The properties do not impact engine operation or resource allocation and are limited to improving user experience in the UI. If we have a use case where admin needs to understand this kind of changes then we can improve audit capabilities.
Audit log is a low level log that reflects the changes on the backend. The same flow in the UI is implemented differently for REST API and for GWT. The new REST API cannot use "replace" as "update" so it uses "delete" + "add" instead. The GWT version can access the command layer directly and is able to take advantage of "replace" command.
The exact flow of reset settings operation is an implementation detail. It might be implemented by removal of the property or by replacing with property that has "default" value. Having said that, all currently supported properties use "remove" approach. If you have noticed different approach then please let me know.
The reset is limited to (chosen) properties displayed in the Account Setting dialog - other settings are no affected by design.
As mentioned above, we are abusing the audit log here: it simply reflects the true flow executed on the backend(for audit purpose). This doesn't match the UI flow but having 1:1 mapping between UI and backend is not one of the project goals. |
User changing his own props
User changing other users props
|
@sgratch |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
regenerated (for updating) suggest mutation which is incorrect since a new (immutable) entity is created.
Correct, but the admin user is not necessarily a DBA so he might not understand the meaning as we do. Replacing means changing the property with what? Messages should be accurate but low level details are sometimes confusing and not enough. Maybe just add a description of replacing with what, e.g.
${UserName} replaced property '${profile_property} with the same property name and an updated value.
Please check the newest version - the log message now contains target user name if needed. The implementation is based on extra query to fetch target user.
+1, used by other command as well and by audit log too so I'm ok with that.
Audit log was not key priority. The properties do not impact engine operation or resource allocation and are limited to improving user experience in the UI. If we have a use case where admin needs to understand this kind of changes then we can improve audit capabilities.
The point is that based on logs it's impossible for admins and for trouble shooting to understand what the user configured with user settings up till now and I think it's needed. We could implement "reset" as part of REST as well if needed instead of asking the user to reset one by one via the apis. That's not an excuse for the problem of tracking user actions. Most of user actions are logged (at least on DEBUG log level) so that it will be easy to understand what the user tried to do.
But since it will require extra effort to enable that on a upper level now and since webadmin and web ui are different then let's leave it as is for now, even though not ideal.
The exact flow of reset settings operation is an implementation detail. It might be implemented by removal of the property or by replacing with property that has "default" value. Having said that, all currently supported properties use "remove" approach. If you have noticed different approach then please let me know.
This is correct for webadmin properties and not correct for all vmportal ones. All vmportal properties are not just removed when calling reset settings, they are removed and then re-created with the default value. While for webadmin all user's properties are removed except SSH_PUBLIC_KEY
and webadmin
(grids setting) . Can we at least keep consistency on that level?
backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/AuditLogType.java
Outdated
Show resolved
Hide resolved
New message uses
+1
This is definitely out of scope of this PR. Please create another issue and let's discuss it there. |
1e3fd56
to
21e7f7e
Compare
@sgratch
|
Before, a generic audit log message was used for all operations on user profile virtual entity. The message included only the name of the user that performed the operation. Changes: 1. include target user name if different than current user - use case: admin creating/deleting properties for a regular user 2. include property name 3. use different messages for create/remove/replace operations
/ost |
+1, much better
This is definitely out of scope, it is just reflected by this fix more easily. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Before, a generic audit log message was used for all operations on
user profile virtual entity. The message included only the name of the
user that performed the operation.
Changes:
properties for a regular user
Notes about implementation:
Account Settings:
was added for Notification Drawer. In the audit log we have more information i.e. message code. In the UI this context is missing so message needs to be explicit.the current DB layer does not provide the name of the user linked with the property - we have only user ID. Retrieving the user name can be done under different PR.