Groupfolder permission changes and other admin actions are not logged in Activity app, but are in admin audit log #3581
Comments
|
I don't see a problem here. You can see the critical activities in the admin audit log and everything else in the normal Activity app. The Activity app is also accessible by normal users, so I guess that's the reason why critical activities are not shown there. |
|
For other admin actions (such as adding users, groups, setting/revoking permissions) these are shown in the regular Activity app. So at the very least, this behavior is inconsistent with that. It in fact creates a precedent in where the regular activities app can not be trusted to capture an audit trail, which is a total nogo for using Nextcloud in any regulated industry. Should you wish for me to provide you with the actual regulations requiring such audit trails feel free to ask. |
|
Hi Hans, I do agree with you that this seems a valid issue and we are happy to take care of it - but, as group folders is a business feature, this would only happen under business conditions - as part of a PoC with us for example. Not as a volunteer effort. I'd be more than happy to connect you to our sales team, will reach out 1:1. |
Steps to reproduce
Expected behaviour
Any admin action to a group folder should be visible in the Activity app or in the regular log, as such an audit trail is required in regulated environments.
Actual behaviour
Groupfolder permission changes and other admin actions are not logged in Activity app
Server configuration
Operating system:
Ubuntu 24.04
Web server:
Apache (behind nginx proxy)
Database:
PostgreSQL 15
PHP version:
8.2.27
Nextcloud version: (see Nextcloud admin page)
30.0.5
Team folders version:
18.0.9
Updated from an older Nextcloud/ownCloud or fresh install:
Fresh install of groupfolders
Where did you install Nextcloud from:
Are you using external storage, if yes which one: local/s3/smb/sftp/...
No
Are you using encryption: yes/no
No
Are you using an external user-backend, if yes which one: LDAP/ActiveDirectory/Webdav/Saml/...
No
Client configuration
Browser:
MS Edge latest stable version
Operating system:
Windows 11
Logs
From audit.log (example)
{"reqId":"r6IkiNodUsFObiZ3Rb0A","level":1,"time":"2025-02-03T09:50:28+00:00","remoteAddr":"XXXXXX","user":"nc-admin","app":"admin_audit","method":"POST","url":"/apps/groupfolders/folders/1/groups/Lab-operator","message":"The permissions of group "Lab-operator" to the groupfolder with id 1 was set to 1","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 Edg/132.0.0.0","version":"30.0.5.1","data":{"app":"admin_audit"}}
Web server error log
N/A
Nextcloud log (data/nextcloud.log)
N/A
Browser log
N/A
The text was updated successfully, but these errors were encountered: