1763816 – [RFE] Report which users access the API

Bug 1763816 - [RFE] Report which users access the API

Summary: [RFE] Report which users access the API

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Satellite
Classification:	Red Hat
Component:	Reporting
Sub Component:
Version:	6.5.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	high
Target Milestone:	6.8.0
Assignee:	satellite6-bugs
QA Contact:	Lukáš Hellebrandt
Docs Contact:
URL:
Whiteboard:
Duplicates (1):	1765052 (view as bug list)
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2019-10-21 16:39 UTC by Stephen Hobbs
Modified:	2023-12-15 16:52 UTC (History)
CC List:	7 users (show)
Fixed In Version:	foreman-2.0.0
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2020-10-27 12:59:02 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Foreman Issue Tracker	28168	0	Normal	Closed	Report which users access the API	2020-12-09 14:41:24 UTC
Red Hat Product Errata	RHSA-2020:4366	0	None	None	None	2020-10-27 12:59:21 UTC

Description Stephen Hobbs 2019-10-21 16:39:58 UTC

Description of problem:
I’m able to query user access to Satellite using /api/v2/users and able to get last_login_on value, however, this only seems to record when a user accesses the GUI.  I’m looking to see if there is a way to record when a user accesses API as well.

Expected results:
Run a report to track which user accounts are accessing the API.


Additional info:
Customer is looking to implement a "use it or lose it" policy for accessing the API.

Comment 3 Marek Hulan 2019-10-31 15:25:25 UTC

Created redmine issue https://projects.theforeman.org/issues/28168 from this bug

Comment 6 Marek Hulan 2019-11-12 14:33:51 UTC

*** Bug 1765052 has been marked as a duplicate of this bug. ***

Comment 8 Bryan Kearney 2019-12-05 17:00:25 UTC

Moving this bug to POST for triage into Satellite 6 since the upstream issue https://projects.theforeman.org/issues/28168 has been resolved.

Comment 9 Lukáš Hellebrandt 2020-06-10 10:46:37 UTC

Verified with Sat 6.8 snap 3.0.

Created a new user. Last login was empty. Then, with this user:
1) Logged in in WebUI
2) Listed hosts through Hammer
3) Listed hosts through API
After each action, last login got updated to current time in the "User - Registered Users" report.

Comment 12 errata-xmlrpc 2020-10-27 12:59:02 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Important: Satellite 6.8 release), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2020:4366

Note You need to log in before you can comment on or make changes to this bug.