Changes at "Uploaded asset management"

• -

  Is your feature request related to a problem? Please describe.
  When operating a Decidim instance, administrators frequently face difficulties identifying why user login or signup attempts fail.
  This is especially problematic when using OAuth2/OIDC authentication, where error details are often hidden and cannot be viewed by admins.

  Similarly, it is difficult to manage uploaded assets (images/files) across the organization. There is no centralized place to list uploaded assets with metadata, making audits, cleanup, and operational monitoring challenging.

  Describe the solution you'd like
  I would like Decidim to provide an admin or system-level dashboard where operators can view operational information, including:

  • OAuth2/OIDC login failure logs

  • Standard signup and login error logs

  • Key error information such as

    • reason for failure

    • data received by the system except passwords

  • A centralized list of uploaded images and files, with

    • file metadata (size, type, uploader, timestamp, model reference)

    • organization-level filtering

  This would greatly improve debugging, incident response, and operational oversight.

  Describe alternatives you've considered

  • Checking server logs manually, which is not accessible to most operators.

  • Adding external infrastructure (e.g., reverse proxies, log collectors), which increases operational complexity.

  • Exporting database records directly, which is not safe or convenient for administrators.

  Additional context
  Many municipalities and organizations using Decidim rely on external identity providers (IdPs).
  When login/signup fails, administrators have no visibility into failure causes, making support and user onboarding difficult.
  For uploaded files, compliance and transparency requirements (especially in governmental institutions) require auditability.

  Does this issue could impact on users private data?
  Potentially yes, depending on design.
  However, requested information excludes sensitive data such as passwords and should be limited to operational logs and metadata.
  If implemented with appropriate access restrictions, the feature can comply with privacy and data protection requirements.

• +

  Is your feature request related to a problem? Please describe.

  Administrators currently lack a centralized place to view and manage uploaded assets (images/files). Without an overview of uploaded files and their metadata, audits, cleanup, and operational monitoring are difficult to perform.

  Describe the solution you'd like

  Create an system-level view listing all uploaded images and files, including:
• +

• file metadata (size, type, uploader, timestamp, model reference)

• +

• filtering at the organization level

• +

• options for reviewing and potentially cleaning up unused or outdated assets

• +

This would improve operational oversight and help meet compliance or transparency requirements.

Describe alternatives you've considered

• +

• Inspecting server files manually, which is not practical for most operators.

• +

• Setting up external tooling for asset tracking, which increases complexity.

• +

• Querying the database directly, which is unsafe and not accessible to non-technical administrators.

• +

Additional context

Governmental institutions and municipalities often require auditability of uploaded files. A centralized assets dashboard would make compliance significantly easier.

Could this issue impact on users private data?

Yes, because uploaded files may contain personal information. Access should be restricted to authorized administrators, and the feature must follow existing privacy and data retention policies.

• -Improve Access to Operational Logs and Uploaded Asset Management
• +Uploaded Asset Management