Store user state in Audit Trail (Lombiq Technologies: OFFI-260)

[sarahelsaig]

Fixes #17507

[barthamark]

It looks good to me. @Piedone or @BenedekFarkas can you please merge it? I don't have the permission.

[sebastienros]

This can't be merged as-is because of privacy consideration. Right now every private information of a user is duplicated in audit trail and more importantly disclosed in the UI to anyone with audit trail permissions.

Also deleting a User would delete the information, so a user requesting their information to be deleted is supported by OC. There is no feature that I know of that can delete audit trail records for specific users, and this PR will make it harder (note that such a feature is a different request).

This PR should

• only snapshot by default the properties without private information, like TwoFactorEnabled, LockoutEndUtc ... This is to prevent existing sensitive information like PasswordHash, Tokens from being stored and disclosed.

• provide options in the admin, behind a permission, to add the properties that can be snapshotted. Including Custom Settings. For instance by setting the technical JSON accessor of the property (PhoneNumber, Properties.CustomUserSettings.Address). Otherwise any private information from the custom settings would be stored by default which nobody wants.

• Some informations might be stored as hashed values to detect that is has changed, again only if defined in options. The hash should then vary by system (use a seed per tenant for instance) such that they can't be used with rainbow tables.