OctopusDeploy / Issues

| Public | Bug reports and known issues for Octopus Deploy and all related tools
https://octopus.com
161 stars 20 forks source link

Setting AuditView permission on a custom role doesn't allow users to view events in the audit log #4660

Closed jburger closed 5 years ago

jburger commented 6 years ago

Issue originally raised by @ryanrousseau

The documentation appears to indicate that the AuditView permission allows a user to view the Audit page in the Configuration menu, while this is true, it doesn't provide meaningful output until combined with the EventView permission.

Is this a documentation issue or a bug?

I think this could be simply addressed with some documentation around setting up a custom Auditors role, but, in case this is a bug...

Steps to repo:

  1. Create a custom user role called 'AuditViewers' and apply the 'AuditView' permission.
  2. Create a new team called 'Auditors' and add only the 'AuditViewers' role to it.
  3. Create a user called 'Auditor' and add them to the 'Auditors' team
  4. browse to https://[your-instance]/app#/configuration/audit and observe an empty list

image

Workaround:

Apply AuditView, EventView, ProjectView and EnvironmentView to the AuditViewers role to take full advantage of the Audit page.

NickJosevski commented 5 years ago

AuditView is no longer a concept as of 2019.1.

Docs have been updated to reflect this.

lock[bot] commented 5 years ago

This thread has been automatically locked since there has not been any recent activity after it was closed. If you think you've found a related issue, please contact our support team so we can triage your issue, and make sure it's handled appropriately.