What would you do if you want to track the role assignation in the platform i.e., which role was assigned/unassigned by whom and when or by which group?
There is a table in the platform 'sys_audit_role' that tracks such operations. You can go to this table via 'System Security->Role Audit'
The columns available by default are
|
Column Name
|
Purpose
|
|
Changed by
|
The person who assigned the role
|
|
Operation
|
Can either be ‘added’ or ‘removed’ based on the type of operation being performed
|
|
Role
|
Name of the role to be assigned
|
|
User
|
Name of the user
|
|
Granted by group
|
If the role was granted with the help of a group
|
|
Count after change
|
Copies the value of inh_count column on ‘sys_user_has_role’ table
|
Please note: This would only be working if the system property ‘glide.role_management.v2.audit_roles’ is set to true by default this property doesn’t exists in the system
Enabling this feature can be help trace the role that was assigned to a user based on date/time or inheritance etc.
It can help from a compliance perspective in case you want to check that only entitled users are assigning roles on your instance
