Audit log of user actions

[dismantl]

Admins don't really have much visibility into updates that occur on the site (new photos/tags, edited profiles, added officers, etc.). Since newly registered users are able to sort and tag images, a bad actor could abuse this to quickly sort and tag inappropriate or incorrect photos to officer profiles and admins wouldn't necessarily know (for a while or at all) unless they're being extra vigilant. Or a legit user or area coordinator could have their account compromised leading to similar results.

I think it would be helpful to have a page for admins to see an audit log of relevant authenticated actions in order to gain visibility into changes to the site and what users are doing.

[abandoned-prototype]

Yes, I think it would be pretty important and useful to have something like that

[redshiftzero]

yeah this is a good idea - the only functionality that exists right now to this end (which was implemented because of the possibility of malicious/hijacked accounts attempting to poison the data) is the ability to see recent user actions (tags, classifications) on the user's profile, and then disable their account. But with a large number of users as you note, this is really hard to monitor.

[abandoned-prototype]

I will take a stab at this. I plan to have a list showing recent user actions (tags / categories) that can at least be filtered by city and some ability to undo the respective action. This will be accessible to admins and area coordinator (for that particular city) only.

[michplunkett]

This ticket should help with this problem to some degree: https://github.com/lucyparsons/OpenOversight/issues/928