QUA-1806: Platform Audit documentation#1150
Open
RafaelOsiro wants to merge 5 commits into
Open
Conversation
RafaelOsiro
requested review from
Hitsu-360,
ets,
gasscoelho,
josecsotomorales,
pelegolas9 and
shindiogawa
Contributor
Greptile SummaryThis PR adds a complete Platform Audit documentation section to the Qualytics user guide (
Confidence Score: 5/5Documentation-only PR with no runtime logic changes; all previously flagged content errors are resolved. The change is entirely documentation and a single CSS variable addition. The three prior review findings (hardcoded demo URL, incorrect login-event claim in the adoption-tracking bullet, and action_count miscategorized as a top-level field in the FAQ migration note) are all correctly addressed. Content across all ten new audit pages is internally consistent — timeframe definitions, permission rules, and API schema descriptions agree. The role permission tables in admin.md, manager.md, member.md, and overview.md are mutually consistent with each other and with the new audit deep-dive permissions page. No files require special attention. Important Files Changed
Flowchart%%{init: {'theme': 'neutral'}}%%
flowchart TD
GS[Getting Started<br/>getting-started.md]
GS --> DD[Deep Dive]
GS --> HT[How-tos]
GS --> REF[Reference]
DD --> INTRO[Introduction<br/>introduction.md]
DD --> HIW[How It Works<br/>how-it-works.md]
DD --> PERM[Permissions<br/>permissions.md]
DD --> BP[Best Practices<br/>best-practices.md]
HT --> SS[Summary Section<br/>summary-section.md]
HT --> FA[Filter Activity<br/>filter-activity.md]
HT --> EA[Export Activity<br/>export-activity.md]
REF --> API[API<br/>api.md]
REF --> FAQ[FAQ<br/>faq.md]
API --> EP1["GET /api/activity<br/>(paginated log)"]
API --> EP2["GET /api/activity/insights<br/>(summary cards + chart)"]
PERM --> ROLES[User Roles Overview<br/>roles/overview.md]
%%{init: {'theme': 'base', 'themeVariables': {"darkMode": true, "background": "#0d1117", "primaryColor": "#21262d", "primaryTextColor": "#e6edf3", "primaryBorderColor": "#8b949e", "lineColor": "#8b949e", "textColor": "#e6edf3", "edgeLabelBackground": "#161b22", "actorBkg": "#21262d", "actorBorder": "#8b949e", "actorTextColor": "#e6edf3", "actorLineColor": "#8b949e", "signalColor": "#8b949e", "signalTextColor": "#e6edf3", "noteBkgColor": "#373320", "noteBorderColor": "#d4a72c", "noteTextColor": "#f0e6c0", "labelBoxBkgColor": "#21262d", "labelBoxBorderColor": "#8b949e", "labelTextColor": "#e6edf3", "loopTextColor": "#e6edf3", "activationBkgColor": "#30363d", "activationBorderColor": "#8b949e"}}}%%
flowchart TD
GS[Getting Started<br/>getting-started.md]
GS --> DD[Deep Dive]
GS --> HT[How-tos]
GS --> REF[Reference]
DD --> INTRO[Introduction<br/>introduction.md]
DD --> HIW[How It Works<br/>how-it-works.md]
DD --> PERM[Permissions<br/>permissions.md]
DD --> BP[Best Practices<br/>best-practices.md]
HT --> SS[Summary Section<br/>summary-section.md]
HT --> FA[Filter Activity<br/>filter-activity.md]
HT --> EA[Export Activity<br/>export-activity.md]
REF --> API[API<br/>api.md]
REF --> FAQ[FAQ<br/>faq.md]
API --> EP1["GET /api/activity<br/>(paginated log)"]
API --> EP2["GET /api/activity/insights<br/>(summary cards + chart)"]
PERM --> ROLES[User Roles Overview<br/>roles/overview.md]
Reviews (3): Last reviewed commit: "docs(audit): fix login-claim in best-pra..." | Re-trigger Greptile |
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
Audit access is Admin-only at both the API layer and in the Settings UI. Defaults access is Admin-only via UI tab visibility (other roles do not see the tab). Updates the Member / Manager / Admin role docs and the permission-matrix overview to reflect this, plus sweeps 7 pre-existing em-dashes across the four files.
Brings the working-tree CLAUDE.md additions into the committed history (Writing Style, Page Structure with the H2-per-subsection hub convention codified during this PR, Tables, Cards, Workflow sections) and sanitizes internal references in one pass. The userguide repo is public on GitHub, so CLAUDE.md is publicly readable. Specific private-repo names, internal symbol patterns, and architecture component names are replaced with generic categories. The exact names live in the shared memory file reference_qualytics_repos.md instead.
- API tip box: replace hardcoded demo.qualytics.io URL with the your-instance.qualytics.io placeholder used by other API examples on the same page so readers on production deployments aren't redirected to the public demo instance. - Adoption-tracking bullet: the state-change-only audit log records user actions, not logins. Reworded to "users have taken actions" so the claim matches what the log actually captures (consistent with the "Pure read operations... are not recorded" note in the FAQ). - Schema renames FAQ: action_count is a nested field inside top_actor, not a renamed top-level field alongside total_actions. Clarified so developers updating client code see the correct shape.
Contributor
Author
|
@greptileai review |
The "Did this user log in yesterday?" example contradicts the audit log's documented scope (state-changing actions only; logins are not recorded). Reworded to "Did this user take any actions yesterday?" so the example matches what the log actually captures. Same correction was applied to the adoption-tracking bullet in introduction.md in the previous Greptile review pass.
Contributor
Author
|
@greptileai review |
1 similar comment
Contributor
Author
|
@greptileai review |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Overview
This PR adds the full Platform Audit documentation under
settings/audit/, restructures the Settings overview as an H2-per-section hub, updates the user-role permission docs to reflect Audit and Defaults tab access, and consolidates writing conventions in CLAUDE.md (with internal references moved to shared memory).Key Changes
docs/settings/audit/covering Getting Started, Deep Dive (Introduction, How It Works, Permissions, Best Practices), How-tos (Summary Section, Filter Activity, Export Activity), API, and FAQ.docs/settings/overview.mdrestructured as an H2-per-section hub with 137 cards inmkdocs.ymlnav order. H1 updated to "Settings Overview" with:material-book-alphabet:brick icon. Card icons follow the verified-only rule (mirror the sub-overview).admin.md/manager.md/member.md/overview.mdupdated to include Audit (Admin-only at API and UI) and Defaults (Admin-only via UI tab visibility). Tab lists reordered to match the frontendSettingsTabsorder, plus 7 pre-existing em-dashes swept across the four files.--q-secondary: #86AA5Btodocs/stylesheets/extra.css(light and dark modes) so the audit Summary Section legend renders the User vs Automated colors matching the frontend chart.mkdocs.ymlgets the Audit sub-tree entries under Settings.demo.qualytics.ioURL in the audit API tip box with theyour-instance.qualytics.ioplaceholder; reworded the adoption-tracking bullet and the "Did this user log in yesterday?" timeframe example to "users have taken actions" / "Did this user take any actions yesterday?" since the audit log is state-change-only (logins are not recorded); clarified the FAQ schema-renames entry soaction_countis correctly shown as a sub-field oftop_actorrather than a renamed top-level field.Pages to Test
:material-book-alphabet:+ "Settings Overview"; six H2 sections (Connections, Integrations, Security, Access Tokens, Audit, Status) separated by HR dividers; 137 cards inmkdocs.ymlnav order; Audit Deep Dive cards qualified (Audit Introduction, How the Audit Page Works, Audit Permissions, Audit Best Practices); no "Hub page", "under the hood", "Synthetic users", "Re-fetch", or "graceful shutdown signal" wording.:material-book-open-page-variant:;!!! info "Permissions"block (Admin-only); three H2 sections (Deep Dive / How-tos / Reference) separated by HR; card icons mirror destination H1s.:material-book-open-variant:;!!! info "Existing data, new view"admonition; Next Steps grid at the bottom with 4 cards; adoption-tracking bullet says "users have taken actions" (no login claim); "Qualytics system account" wording.:material-file-cog:; eight H2 sections; zero em-dashes; "internal users" terminology; empty-state line names every card behavior.:material-shield-lock-outline:; sentence-case H2s; Admin-only permission matrix; "does not load the page" wording.:material-api:; tip banner usesyour-instance.qualytics.io/api/docsplaceholder; "internal users" terminology;transaction.userschema says "null when the user account no longer exists".:material-help-circle-outline:; seven H2 categories; "Why is one row tinted?"; "Did the schema fields change names?" answer correctly identifiesaction_countas a sub-field oftop_actor.