V14 - umbracoAudit table is not logging some audit events

[OwainJ]

Which Umbraco version are you using? (Please write the exact version, example: 10.1.0)

15.0.0-rc2

Bug summary

The umbracoAudit table seems to be logging less User events in v15.0.0-rc2 when compared to v13.5.1. Missing events seem to include all events relating to passwords, logging in and logging out.

Note: I have only tested password changing and login/logout events, it's possible that more audit events are missing.

Specifics

No response

Steps to reproduce

1. Setup a new project using a script from Package Script Writer - https://psw.codeshare.co.uk/

   • v15.0.0-rc2

       # Ensure we have the version specific Umbraco templates
       dotnet new install Umbraco.Templates::15.0.0-rc2 --force
     
       # Create solution/project
       dotnet new sln --name "15-0-0-RC2"
       dotnet new umbraco --force -n "15-0-0-RC2" --friendly-name "Administrator" --email "admin@example.com" --password "1234567890" --development-database-type SQLite
       dotnet sln add "15-0-0-RC2"
     
       dotnet run --project "15-0-0-RC2"
       #Running

   • v13.5.1

     # Ensure we have the version specific Umbraco templates
       dotnet new install Umbraco.Templates::13.5.1 --force
     
       # Create solution/project
       dotnet new sln --name "13.5.1"
       dotnet new umbraco --force -n "13.5.1" --friendly-name "Administrator" --email "admin@example.com" --password "1234567890" --development-database-type SQLite
       dotnet sln add "13.5.1"
     
       dotnet run --project "13.5.1"
       #Running

2. Once it is running, login as Admin
   • Username: admin@example.com
   • Password: 1234567890
3. Navigate to the Users section
4. Create a new User with the following details:
   • Name: Editor
   • Email: editor@example.com
   • User Group: Editors
5. Navigate to the User profile and change it's password to 1234567890
6. Open a new window in private/incognito and navigate to the Umbraco backoffice login page
7. Login as Editor
8. Logout as Editor
9. Observe the umbracoAudit database table to check what events have been logged

Expected result / actual result

I would expect the events logged to be similar/identical to the events logged in Umbraco 13, but there appears to be quite a few audit events that are no longer logged.

v13.5.1

The events highlighted in yellow do not appear in the v15 umbracoAudit table.

v15.0.0-rc1

Umbraco 15 should be logging the password related events, and the login/logout related events.

[github-actions[bot]]

Hi there @OwainJ!

Firstly, a big thank you for raising this issue. Every piece of feedback we receive helps us to make Umbraco better.

We really appreciate your patience while we wait for our team to have a look at this but we wanted to let you know that we see this and share with you the plan for what comes next.

• We'll assess whether this issue relates to something that has already been fixed in a later version of the release that it has been raised for.
• If it's a bug, is it related to a release that we are actively supporting or is it related to a release that's in the end-of-life or security-only phase?
• We'll replicate the issue to ensure that the problem is as described.
• We'll decide whether the behavior is an issue or if the behavior is intended.

We wish we could work with everyone directly and assess your issue immediately but we're in the fortunate position of having lots of contributions to work with and only a few humans who are able to do it. We are making progress though and in the meantime, we will keep you in the loop and let you know when we have any questions.

Thanks, from your friendly Umbraco GitHub bot :robot: :slightly_smiling_face:

[Zeegaan]

@OwainJ Have you tested this in v14? I think this is a symptom of the service rework in v14 🙈

[OwainJ]

@OwainJ Have you tested this in v14? I think this is a symptom of the service rework in v14 🙈

Just tested v14.3.0 and the behavior seems consistent with v15.0.0-rc2: It's also missing the password and login/logout events.

[Zeegaan]

Yea that makes sense to me 😁 Thanks for looking into this 🙏 Should be a great up for grabs issue, as it should "just" be adding some calls to audit in the methods, where it is missing 🐛

[github-actions[bot]]

Hi @OwainJ,

We're writing to let you know that we would love some help with this issue. We feel that this issue is ideal to flag for a community member to work on it. Once flagged here, folk looking for issues to work on will know to look at yours. Of course, please feel free work on this yourself ;-). If there are any changes to this status, we'll be sure to let you know.

For more information about issues and states, have a look at this blog post.

Thanks muchly, from your friendly Umbraco GitHub bot :-)