What is it?
As an application owner, understanding changes to the permission scheme, role configuration, and role assignment over time is beneficial to keep control of who is allowed to do what in your application.
Via system logs, your application provides you with the option to easily trace such changes.
How does it work?
The logs to the permission scheme, role configuration, and role assignment changes can be accessed via the Settings Wheel > Logs > System Logs.
The Logs on permission scheme changes
Changes in the permission configuration are logged in the following format:
Who (user) has changed the configuration?
Where (location) was the configuration changed?
Which (permission) was changed?
Which user role is affected by that change?
To which state was the permission changed?
When was the change?
The logs on role configuration changes
Changes in the role configuration are logged in the following format:
Which role was edited?
What was done?
When was the change?
The logs on user role changes
Changes in the user role assignment are logged in the following format:
Who (user) has changed the configuration?
Which user was affected by the change?
Which role(s) has been assigned to the users before the change?
Which role(s) has been assigned to the users after the change?
When was the change?
The logs to track object-level permission changes
Changes in the content- or object-level permissions, so permissions requested and granted to users per element, are logged in the following format:
Who (user) has requested a permission?
Which permission was requested?
Who (user) approved or declined the request?
When the action took place?
Which element was affected?
The status of a request