Event/Audit Log permissions do not factor in unscoped alternatives

[NickJosevski]

Summary

EventView permissions have been flawed for a while.

They have been improved by #4307 but they still do not return the correct type of results for a user with sufficient permission, it will only filter based on their exact scoping.

Details

Permissions changed for EventView to ensure customers could restrict it adequately, these restrictions currently do not co-operate well across different event types. Example: environment scoping of EventView will cause ONLY Environment entries to be returned, the user does not have a restriction on Project related events, but they are filtered out.

Workarounds before a patch is released

1. Do not scope your EventView permission (if you can)
2. or Further scope it to all applicable projects, project groups and tenants and events

Confirmed as longer running issue

Existed in 4.1.10 which was a few weeks before the changes made by #4307

[octoreleasebot]

Release Note: Fix for events/audit not being returned when user had scoped permissions applied

[lock]

This thread has been automatically locked since there has not been any recent activity after it was closed. If you think you've found a related issue, please contact our support team so we can triage your issue, and make sure it's handled appropriately.