Add UserAudit for user activation and deactivation #35134
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Product Description
As a follow up for SSO work, when we auto-deactivate web user, or when web user get reactivated, those action should be logged for future reference and for easy debug.
But UserHistory report still miss some records:
Those auto-deactivation and reactivation actually won't have a
for-domain
orby-domain
property, because they're operated at user level not domain level.UserHistory report only shows record that are for current domain, I made the change so we can see record for current domain and for no specific domain.
auto-deactivation is not changed by any user but system; deactivation and reactivation can also be triggered by a super user, we want to include those records in UserHistory report too. However, UserHistory report will exclude records whose
changed_by_user
property is not from the current domain, I removed that restriction.Technical Summary
Ticket: https://dimagi.atlassian.net/browse/SAAS-15968
Feature Flag
The change is specific to
user_history_report
flag.wiki: https://dimagi.atlassian.net/wiki/spaces/saas/pages/2146603609/User+History+Report
Safety Assurance
Safety story
The change is behind the feature flag, and this feature flag is for internal use.
It is tested heavily on staging because I use it to debug the sso issue.
Automated test coverage
QA Plan
No QA
Rollback instructions
Labels & Review