[PR #2868] [MERGED] Add Organizational event logging feature #6810

New Issue

Closed

opened 2026-03-07 21:05:44 -06:00 by GiteaMirror · 0 comments

GiteaMirror commented 2026-03-07 21:05:44 -06:00

Owner

Copy Link

📋 Pull Request Information

Original PR: https://github.com/dani-garcia/vaultwarden/pull/2868
Author: @BlackDex
Created: 10/26/2022
Status: ✅ Merged
Merged: 12/1/2022
Merged by: @dani-garcia

Base: main ← Head: impl-events

---

📝 Commits (1)

• 2ea9b66 Add Organizational event logging feature

📊 Changes

31 files changed (+1887 additions, -240 deletions)

View changed files

📝 .env.template (+24 -3)
➕ migrations/mysql/2022-10-18-170602_add_events/down.sql (+1 -0)
➕ migrations/mysql/2022-10-18-170602_add_events/up.sql (+19 -0)
➕ migrations/postgresql/2022-10-18-170602_add_events/down.sql (+1 -0)
➕ migrations/postgresql/2022-10-18-170602_add_events/up.sql (+19 -0)
➕ migrations/sqlite/2022-10-18-170602_add_events/down.sql (+1 -0)
➕ migrations/sqlite/2022-10-18-170602_add_events/up.sql (+19 -0)
📝 src/api/admin.rs (+40 -4)
📝 src/api/core/accounts.rs (+20 -5)
📝 src/api/core/ciphers.rs (+257 -77)
➕ src/api/core/events.rs (+341 -0)
📝 src/api/core/mod.rs (+10 -0)
📝 src/api/core/organizations.rs (+397 -70)
📝 src/api/core/two_factor/authenticator.rs (+17 -4)
📝 src/api/core/two_factor/duo.rs (+23 -8)
📝 src/api/core/two_factor/email.rs (+29 -8)
📝 src/api/core/two_factor/mod.rs (+19 -6)
📝 src/api/core/two_factor/webauthn.rs (+31 -8)
📝 src/api/core/two_factor/yubikey.rs (+21 -6)
📝 src/api/identity.rs (+115 -32)

...and 11 more files

📄 Description

This PR adds event/audit logging support for organizations.
By default this feature is disabled, since it does log a lot and adds
extra database transactions.

All events are touched except a few, since we do not support those
features (yet), like SSO for example.

This feature is tested with multiple clients and all database types.

Fixes #229

---

Checklist:

User ✔️

• UserLoggedIn
• UserChangedPassword
• UserUpdated2fa
• UserDisabled2fa
• UserRecovered2fa
• UserFailedLogIn
• UserFailedLogIn2fa
• UserClientExportedVault
• UserUpdatedTempPassword
• UserMigratedKeyToKeyConnector

Cipher ✔️

• CipherCreated
• CipherUpdated
• CipherDeleted
• CipherAttachmentCreated
• CipherAttachmentDeleted
• CipherShared
• CipherUpdatedCollections
• CipherClientViewed
• CipherClientToggledPasswordVisible
• CipherClientToggledHiddenFieldVisible
• CipherClientToggledCardCodeVisible
• CipherClientCopiedPassword
• CipherClientCopiedHiddenField
• CipherClientCopiedCardCode
• CipherClientAutofilled
• CipherSoftDeleted
• CipherRestored
• CipherClientToggledCardNumberVisible

Collection ✔️

• CollectionCreated
• CollectionUpdated
• CollectionDeleted

Group ✔️

• GroupCreated
• GroupUpdated
• GroupDeleted

Org User ✔️

• OrganizationUserInvited
• OrganizationUserConfirmed
• OrganizationUserUpdated
• OrganizationUserRemoved
• OrganizationUserUpdatedGroups
• OrganizationUserUnlinkedSso
• OrganizationUserResetPasswordEnroll
• OrganizationUserResetPasswordWithdraw
• OrganizationUserAdminResetPassword
• OrganizationUserResetSsoLink
• OrganizationUserFirstSsoLogin
• OrganizationUserRevoked
• OrganizationUserRestored

Organization ✔️

• OrganizationUpdated
• OrganizationPurgedVault
• OrganizationClientExportedVault
• OrganizationVaultAccessed
• OrganizationEnabledSso
• OrganizationDisabledSso
• OrganizationEnabledKeyConnector
• OrganizationDisabledKeyConnector
• OrganizationSponsorshipsSynced
• PolicyUpdated

Misc:

• Log Admin Interface user update/delete actions.
• Config option to enable/disable this feature
• Test MySQL and PostgreSQL
• Cronjob to clean event logs with a retention of x days
• Test all event types and links the web-vault generate
• Test other clients, Desktop, Mobile, etc..
• Use the continuation token and load a max of 30 items a time?

---

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/dani-garcia/vaultwarden/pull/2868 **Author:** [@BlackDex](https://github.com/BlackDex) **Created:** 10/26/2022 **Status:** ✅ Merged **Merged:** 12/1/2022 **Merged by:** [@dani-garcia](https://github.com/dani-garcia) **Base:** `main` ← **Head:** `impl-events` --- ### 📝 Commits (1) - [`2ea9b66`](https://github.com/dani-garcia/vaultwarden/commit/2ea9b669438cdff048d74cb49c9f6777e9018371) Add Organizational event logging feature ### 📊 Changes **31 files changed** (+1887 additions, -240 deletions) <details> <summary>View changed files</summary> 📝 `.env.template` (+24 -3) ➕ `migrations/mysql/2022-10-18-170602_add_events/down.sql` (+1 -0) ➕ `migrations/mysql/2022-10-18-170602_add_events/up.sql` (+19 -0) ➕ `migrations/postgresql/2022-10-18-170602_add_events/down.sql` (+1 -0) ➕ `migrations/postgresql/2022-10-18-170602_add_events/up.sql` (+19 -0) ➕ `migrations/sqlite/2022-10-18-170602_add_events/down.sql` (+1 -0) ➕ `migrations/sqlite/2022-10-18-170602_add_events/up.sql` (+19 -0) 📝 `src/api/admin.rs` (+40 -4) 📝 `src/api/core/accounts.rs` (+20 -5) 📝 `src/api/core/ciphers.rs` (+257 -77) ➕ `src/api/core/events.rs` (+341 -0) 📝 `src/api/core/mod.rs` (+10 -0) 📝 `src/api/core/organizations.rs` (+397 -70) 📝 `src/api/core/two_factor/authenticator.rs` (+17 -4) 📝 `src/api/core/two_factor/duo.rs` (+23 -8) 📝 `src/api/core/two_factor/email.rs` (+29 -8) 📝 `src/api/core/two_factor/mod.rs` (+19 -6) 📝 `src/api/core/two_factor/webauthn.rs` (+31 -8) 📝 `src/api/core/two_factor/yubikey.rs` (+21 -6) 📝 `src/api/identity.rs` (+115 -32) _...and 11 more files_ </details> ### 📄 Description This PR adds event/audit logging support for organizations. By default this feature is disabled, since it does log a lot and adds extra database transactions. All events are touched except a few, since we do not support those features (yet), like SSO for example. This feature is tested with multiple clients and all database types. Fixes #229 --- **Checklist:** <details><summary>User :heavy_check_mark:</summary> - [x] UserLoggedIn - [x] UserChangedPassword - [x] UserUpdated2fa - [x] UserDisabled2fa - [x] UserRecovered2fa - [x] UserFailedLogIn - [x] UserFailedLogIn2fa - [x] UserClientExportedVault - ~~UserUpdatedTempPassword~~ - ~~UserMigratedKeyToKeyConnector~~ </details> <details><summary>Cipher :heavy_check_mark:</summary> - [x] CipherCreated - [x] CipherUpdated - [x] CipherDeleted - [x] CipherAttachmentCreated - [x] CipherAttachmentDeleted - [x] CipherShared - [x] CipherUpdatedCollections - [x] CipherClientViewed - [x] CipherClientToggledPasswordVisible - [x] CipherClientToggledHiddenFieldVisible - [x] CipherClientToggledCardCodeVisible - [x] CipherClientCopiedPassword - [x] CipherClientCopiedHiddenField - [x] CipherClientCopiedCardCode - [x] CipherClientAutofilled - [x] CipherSoftDeleted - [x] CipherRestored - [x] CipherClientToggledCardNumberVisible </details> <details><summary>Collection :heavy_check_mark:</summary> - [x] CollectionCreated - [x] CollectionUpdated - [x] CollectionDeleted </details> <details><summary>Group :heavy_check_mark:</summary> - [x] GroupCreated - [x] GroupUpdated - [x] GroupDeleted </details> <details><summary>Org User :heavy_check_mark:</summary> - [x] OrganizationUserInvited - [x] OrganizationUserConfirmed - [x] OrganizationUserUpdated - [x] OrganizationUserRemoved - [x] OrganizationUserUpdatedGroups - ~~OrganizationUserUnlinkedSso~~ - ~~OrganizationUserResetPasswordEnroll~~ - ~~OrganizationUserResetPasswordWithdraw~~ - ~~OrganizationUserAdminResetPassword~~ - ~~OrganizationUserResetSsoLink~~ - ~~OrganizationUserFirstSsoLogin~~ - [x] OrganizationUserRevoked - [x] OrganizationUserRestored </details> <details><summary>Organization :heavy_check_mark:</summary> - [x] OrganizationUpdated - [x] OrganizationPurgedVault - [x] OrganizationClientExportedVault - ~~OrganizationVaultAccessed~~ - ~~OrganizationEnabledSso~~ - ~~OrganizationDisabledSso~~ - ~~OrganizationEnabledKeyConnector~~ - ~~OrganizationDisabledKeyConnector~~ - ~~OrganizationSponsorshipsSynced~~ - [x] PolicyUpdated </details> **Misc:** - [x] Log Admin Interface user update/delete actions. - [x] Config option to enable/disable this feature - [x] Test MySQL and PostgreSQL - [x] Cronjob to clean event logs with a retention of x days - [x] Test all event types and links the web-vault generate - [x] Test other clients, Desktop, Mobile, etc.. - [x] Use the continuation token and load a max of 30 items a time? --- _{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

GiteaMirror added the pull-request label 2026-03-07 21:05:44 -06:00

GiteaMirror closed this issue 2026-03-07 21:05:45 -06:00

GiteaMirror referenced this issue 2026-03-07 21:18:16 -06:00

[PR #6810] [MERGED] Update crates and web-vault #7479

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

cached-config-operations

test_dylint

1.35.4

1.35.3

1.35.2

1.35.1

1.35.0

1.34.3

1.34.2

1.34.1

1.34.0

1.33.2

1.33.1

1.33.0

1.32.7

1.32.6

1.32.5

1.32.4

1.32.3

1.32.2

1.32.1

1.32.0

1.31.0

1.30.5

1.30.4

1.30.3

1.30.2

1.30.1

1.30.0

1.29.2

1.29.1

1.29.0

1.28.1

1.28.0

1.27.0

1.26.0

1.25.2

1.25.1

1.25.0

1.24.0

1.23.1

1.23.0

1.22.2

1.22.1

1.22.0

1.21.0

1.20.0

1.19.0

1.18.0

1.17.0

1.16.3

1.16.2

1.16.1

1.16.0

1.15.1

1.15.0

1.14.2

1.14.1

1.14

1.13.1

1.13.0

1.12.0

1.11.0

1.10.0

1.9.1

1.9.0

1.8.0

1.7.0

1.6.1

1.6.0

1.5.0

1.4.0

1.3.0

1.2.0

1.1.0

1.0.0

0.13.0

0.12.0

0.11.0

0.10.0

0.9.0

Labels

Clear labels

better for forum

bug

documentation

duplicate

enhancement

future Vault

good first issue

help wanted

low priority

notes

pull-request

Mirrored from GitHub Pull Request

question

SSO

Third party

troubleshooting

wontfix

No Label pull-request

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

GiteaMirror ninjasurge

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/vaultwarden#6810