Open kimadactyl opened 5 months ago
Seems like this approach may be helpful here.
Create a model ActivityLog
that stores the actions (create, modify, (delete?)) and then "log" activity in the controller.
Root users can then pull up a Partner, Calendar, Site etc. and see who did what when.
Hmmm that sounds like a lot of interface to me compared to adding fields to our existing models? I do like it though that makes a lot of sense. Just sounds like a load of work.
Another option would be to just use Rails.logger
to just make a regular text log file?
This probably needs a couple of heads together to come up with a minimal effort set of first steps AC. The use case that has come up most recently is for a partnership admin to be able to see a list of the partners they recently added, so the text logs wouldn't be sufficient. If we wanted to implement this for infosec compliance then we'd probably need to work out a comprehensive & consistent logging strategy and to implement log rotation on server or they'd fill up pretty fast.
So, we maybe need to get back to considering what the actual urgent problem is that we are trying to solve.
OK I think roughly in order for me:
It's too late in the day to do any new feature - but as an minimum we could log out messages on create and edit of whichever models we care most about (partner?).
Partner [id] created by User [id]
This seems the most minimal thing we could do to at least have a record that we can look at if we need to - but it also feels like the least useful to our users.
Dokku wraps Rails in a stateless container so logging is not written to a file but handled by dokku (plugins?) or a third party log persistence facility
See the docs.
It's too late in the day to do any new feature - but as an minimum we could log out messages on create and edit of whichever models we care most about (partner?).
Partner [id] created by User [id]
This seems the most minimal thing we could do to at least have a record that we can look at if we need to - but it also feels like the least useful to our users.
I think this will knock the first one off the list and sounds good - at least we have the potential to audit what's happened if something goes wrong! It should also be really quick to implement using just Rails.logger
Dokku wraps Rails in a stateless container so logging is not written to a file but handled by dokku (plugins?) or a third party log persistence facility
It can log to the existing persistant storage device too, don't think this should be an issue?
User story
As PHT, we need some basic record keeping about who created partners and users in order that if there's any kind of incident we can work out who we need to talk to about it.
As an organiser, I want to be able to see who has created and edited partners in my partnerships, in order that I can work with that person instead of cross purposes.
Created as part of the cycle 29 scoping workshop
Acceptance criteria
Implementation notes & questions
Previously I think we were tracking this with the
paper_trail
gem.Do we need this for calendars too? We may not but seems weird not to do it for completeness?
This is being done as a stopgap until we can resolve this fully https://github.com/geeksforsocialchange/PlaceCal/issues/2256
Implementation plan
To be written by the developer