Vés al contingut principal

Configuració de les galetes

Fem servir galetes per assegurar les funcionalitats bàsiques del lloc web i per a millorar la teva experiència en línia. Pots configurar i acceptar l'ús de galetes, i modificar les teves opcions de consentiment en qualsevol moment.

Essencials

Preferències

Analítiques i estadístiques

Màrqueting

Canvis a "Improve Access to Operational Logs and Uploaded Asset Management"

Avatar: HIGASHI Kenjiro HIGASHI Kenjiro 30/11/2025 22:58

Cos (English)

  • +

    Is your feature request related to a problem? Please describe.
    When operating a Decidim instance, administrators frequently face difficulties identifying why user login or signup attempts fail.
    This is especially problematic when using OAuth2/OIDC authentication, where error details are often hidden and cannot be viewed by admins.

    Similarly, it is difficult to manage uploaded assets (images/files) across the organization. There is no centralized place to list uploaded assets with metadata, making audits, cleanup, and operational monitoring challenging.

    Describe the solution you'd like
    I would like Decidim to provide an admin or system-level dashboard where operators can view operational information, including:

    • OAuth2/OIDC login failure logs

    • Standard signup and login error logs

    • Key error information such as

      • reason for failure

      • data received by the system except passwords

    • A centralized list of uploaded images and files, with

      • file metadata (size, type, uploader, timestamp, model reference)

      • organization-level filtering

    This would greatly improve debugging, incident response, and operational oversight.

    Describe alternatives you've considered

    • Checking server logs manually, which is not accessible to most operators.

    • Adding external infrastructure (e.g., reverse proxies, log collectors), which increases operational complexity.

    • Exporting database records directly, which is not safe or convenient for administrators.

    Additional context
    Many municipalities and organizations using Decidim rely on external identity providers (IdPs).
    When login/signup fails, administrators have no visibility into failure causes, making support and user onboarding difficult.
    For uploaded files, compliance and transparency requirements (especially in governmental institutions) require auditability.

    Does this issue could impact on users private data?
    Potentially yes, depending on design.
    However, requested information excludes sensitive data such as passwords and should be limited to operational logs and metadata.
    If implemented with appropriate access restrictions, the feature can comply with privacy and data protection requirements.

Títol (English)

  • +Improve Access to Operational Logs and Uploaded Asset Management

Confirmar

Si us plau, inicia la sessió

La contrasenya és massa curta.