Ticket #1259 (new bug)
Logging update action on profiles and on preferences, geo setting, emails update
| Reported by: | jeanyves | Owned by: | jeanyves |
|---|---|---|---|
| Priority: | critical | Milestone: | unassigned |
| Component: | BW General | Version: | test |
| Keywords: | logs | Cc: | lupochen fake51 |
| Follow up needed: | test on alpha | Frequently reported: | 1 |
| Announce on BW: | no |
Description
When someone update his profile there is no more logs (MOD_Log) about it.
It is needed to do it (no need to log the data), because if for some reason thee is a bug, or someone stealing a password and updating a profile, or some failed update, or some member contes, or whatever you can imagine, it is very useful to be able to see when the member last updated his profile.
(May be some are already done but I didn't detect the)
The same stands for geo updates, emails update (don't put the email value in logs !)
It is also very important to do it with preferences (and here to log the value before and the value after). This has been very demonstrated to be very useful before when a member though that his preferences for public profile (which was done from the preferences page in old BW) where not working because his profile was indexed by google. We have been able with these log to provide him with exact and reliable explanations
For the typeof log, please use the same value as old BW, this allow for efficient history. If you don't know which one to use, please just ask me.
Any action one the database should in general produce a log (don't overload it however).
Be careful not to store private data in logs.
Always store volunteer actions or even from members which might lead to some contestation
I set it to critical, because I think it hard to keep it mind such detail which you never realize you miss it untill the moment when you are with a problem to try to explain some big problem
Change History
comment:2 Changed 13 months ago by jeanyves
- Owner set to jeanyves
- Status changed from new to assigned
- Version set to test
I have added logged in members.model
comment:3 Changed 13 months ago by jeanyves
- Follow up needed changed from none to test on alpha
- Status changed from assigned to new
comment:5 Changed 8 months ago by jeanyves
Since I wrote this initial ticket/reminder, since I also can see that several appropriated logs have been added in the various places I suggest, I think this ticket could beclosed, unless someone say it otherwise.
May be Matthias could check the logs and give his opinion about data which are stored here. The idea beeing that the right balance between the logs needed to be recorded and the people privacy -the goal is not to spy people activity- is to be found. According to my opinion, it is ok. A second one is (at least) needed, or an audit
Update profile in members app does log some changes though probably not enough (most changes should be logged, without storing personal details). Have a look at members.model for the easiest way to use the log