Audit log of user actions #772
Comments
|
Yes, I think it would be pretty important and useful to have something like that |
|
yeah this is a good idea - the only functionality that exists right now to this end (which was implemented because of the possibility of malicious/hijacked accounts attempting to poison the data) is the ability to see recent user actions (tags, classifications) on the user's profile, and then disable their account. But with a large number of users as you note, this is really hard to monitor. |
|
I will take a stab at this. I plan to have a list showing recent user actions (tags / categories) that can at least be filtered by city and some ability to undo the respective action. This will be accessible to admins and area coordinator (for that particular city) only. |
|
This ticket should help with this problem to some degree: #928 |
Admins don't really have much visibility into updates that occur on the site (new photos/tags, edited profiles, added officers, etc.). Since newly registered users are able to sort and tag images, a bad actor could abuse this to quickly sort and tag inappropriate or incorrect photos to officer profiles and admins wouldn't necessarily know (for a while or at all) unless they're being extra vigilant. Or a legit user or area coordinator could have their account compromised leading to similar results.
I think it would be helpful to have a page for admins to see an audit log of relevant authenticated actions in order to gain visibility into changes to the site and what users are doing.
The text was updated successfully, but these errors were encountered: