Managing redaction of users #128

Closed
opened 2023-12-14 17:41:06 +00:00 by alejandrosame · 1 comment
alejandrosame commented 2023-12-14 17:41:06 +00:00 (Migrated from github.com)

Check the management of user deletion with regards to activity logs.

We'll need to decide on what to do when a user asks to be deleted from the database in order to not to lose the overall overview of changes.

Context: https://github.com/Nix-Security-WG/nix-security-tracker/pull/126#pullrequestreview-1781939821 and https://github.com/Nix-Security-WG/nix-security-tracker/pull/126#issuecomment-1856283951

Check the management of user deletion with regards to activity logs. We'll need to decide on what to do when a user asks to be deleted from the database in order to not to lose the overall overview of changes. **Context:** https://github.com/Nix-Security-WG/nix-security-tracker/pull/126#pullrequestreview-1781939821 and https://github.com/Nix-Security-WG/nix-security-tracker/pull/126#issuecomment-1856283951
alejandrosame commented 2024-12-02 14:14:41 +00:00 (Migrated from github.com)

Since #366 has landed, this issue can be closed. The way pghistory keeps the user that made a certain action is to register its user ID in pgh_context.

I did try locally making actions and deleting users from the database, and the activity log is keeping the actions. In this case, the UI logic identifies that an ID pointing to a non-existent user means the user has been redacted, and is displayed as such.

image

Since #366 has landed, this issue can be closed. The way `pghistory` keeps the user that made a certain action is to register its user ID in `pgh_context`. I did try locally making actions and deleting users from the database, and the activity log is keeping the actions. In this case, the [UI logic](https://github.com/Nix-Security-WG/nix-security-tracker/blob/b4d77de3e249deced5ecda5cc3469772fa46d9f1/src/website/shared/logs/logs.py#L192-L194) identifies that an ID pointing to a non-existent user means the user has been redacted, and is displayed as such. ![image](https://github.com/user-attachments/assets/d6ab33f2-f3f7-40f9-8969-7e77a0767c4e)
Sign in to join this conversation.
No description provided.