Skip to content

Add user_access_unlocked audit event

Eugie Limpin requested to merge el-add-unlock-access-audit-event into master

What does this MR do and why?

Resolves https://gitlab.com/gitlab-org/modelops/anti-abuse/team-tasks/-/issues/244?work_item_iid=416 as part of https://gitlab.com/gitlab-org/modelops/anti-abuse/team-tasks/-/issues/244.

Add user_access_unlocked audit event.

A user_access_unlocked audit event is logged when the user's access to the instance is unlocked. The author for the logged audit event is set to the user that unlocked the user's access.

The following table shows the events that trigger logging of the new type of audit event as well as the author used for the audit event.

event trigger author
Unlocked by an admin via the users admin page current user (admin)
Unlocked by the user by entering a code sent to their email the locked user
Unlocked after the lock expires the locked user
Calls to User#unlock_access the locked user

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Eugie Limpin

Merge request reports

Loading