MantisBT

View Issue Details Jump to Notes ] Wiki ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0008157mantisbtadministrationpublic2007-07-16 16:292014-02-01 06:12
Reportergiallu 
Assigned To 
PrioritynormalSeverityfeatureReproducibilityN/A
StatusacknowledgedResolutionopen 
PlatformOSOS Version
Product Version 
Target VersionFixed in Version 
Summary0008157: User activity report
DescriptionIn order to monitor suspicious activities (but I'm sure there are other purposes for this) it would be nice to have a page with a report for the given
user's activity; this should be an easy information to extract from the
history_table
TagsNo tags attached.
Attached Files

- Relationships
related to 0004723closeddaryn Add new capability to "My View".... "Issues I've added Notes To" 

-  Notes
User avatar (0015066)
giallu (developer)
2007-07-16 16:32

Excerpt from a chat with vboctor:

VB: I think that would be a good idea. We should have a link to that page
from the manage user page and eventually from the user profile page
when we have one
we should have a configurable threshold to access it.
This threshold should be defaulted to administrator. We should be
using the global access level of the user to validate against such
threshold.
User avatar (0016759)
Loki (reporter)
2008-01-22 12:50

track login failure - username attempted and the IP
track deleted issue - need to know who deleted the issue and issue #

Thanks
User avatar (0016762)
jmunro (reporter)
2008-01-22 15:41

I vote for this :)
User avatar (0017285)
giallu (developer)
2008-03-07 13:50

I propose to start from what's available in Ubuntu Launchpad http://launchpad.ubuntu.org [^]

Basically, each user has an activity page where it is possible to list bugs:

Assigned to the user
Commented by the user
Reported by the user
Subscribed by the user
All of the above

That page is reachable clicking on the username where it appears
User avatar (0017290)
vboctor (administrator)
2008-03-08 02:19

The format of the page should be around the user and sorted in some chronological order, probably from newer actions to older actions. This feature can be turned ON/OFF, but also it should be possible to configure what is audited using an associative array. The events to audit should include:

1. Report an issue
2. Update an issue (what is considered an update?)
3. Monitor/unmonitor
4. Relationships
5. Delete issue
6. Add user
7. Update user
8. Delete user
9. Same for projects, news, categories, versions, user access to projects, etc

A quick and dirty way to do the above is to log every Mantis page that the user visits in the database. Although simple and comprehensive, it is not user friendly and not as easy for a user to configure.

We should consider if this can be done as a plugin. I can see need for events on all actions that we need to audit, independent of this feature.

I also agree with the feature which warns the user about the number of login failures since last login.
User avatar (0017303)
giallu (developer)
2008-03-10 04:34

I'm not particularly fond of quick and dirty solutions, they always bite you in the long run ;)

I think we can avoid adding another table since we already have a good event logger with the history api, and that can be extended to cover additional events if we need it.

Actually, the things I listed (and most of the ones you listed) are already in the DB, we just need to aggregate the relevant info for some tables.

I'd start creating a page with the information available in the DB as of today, then we can extend the coverage later.
User avatar (0017308)
vboctor (administrator)
2008-03-10 12:15

Sounds good giallu.
User avatar (0032343)
HanefeldJ (reporter)
2012-07-16 09:13

Hi! Is there any progress on this issue?
User avatar (0039268)
atrol (developer)
2014-02-01 06:12

Unassigned after having been assigned for a long time without progress.

- Issue History
Date Modified Username Field Change
2007-07-16 16:29 giallu New Issue
2007-07-16 16:32 giallu Note Added: 0015066
2007-07-16 22:42 vboctor Status new => acknowledged
2007-08-23 04:26 giallu Relationship added related to 0004723
2008-01-22 12:50 Loki Note Added: 0016759
2008-01-22 15:41 jmunro Note Added: 0016762
2008-03-07 13:50 giallu Note Added: 0017285
2008-03-08 02:19 vboctor Note Added: 0017290
2008-03-10 04:34 giallu Note Added: 0017303
2008-03-10 12:15 vboctor Note Added: 0017308
2008-04-25 10:24 daryn Status acknowledged => assigned
2008-04-25 10:24 daryn Assigned To => daryn
2012-07-16 09:13 HanefeldJ Note Added: 0032343
2014-02-01 06:12 atrol Note Added: 0039268
2014-02-01 06:12 atrol Assigned To daryn =>
2014-02-01 06:12 atrol Status assigned => acknowledged


MantisBT 1.2.17 [^]
Copyright © 2000 - 2014 MantisBT Team
Time: 0.1017 seconds.
memory usage: 3,064 KB
Powered by Mantis Bugtracker