|Open||None||T152972 Accessing private information through SecurePoll should be logged|
|Resolved||STran||T271276 Log when admins access voter data in SecurePoll|
- Mentioned In
- T152972: Accessing private information through SecurePoll should be logged
T271275: Log when admins are added to or removed from SecurePoll elections
T271280: Make SecurePoll log data downloadable as a CSV or WikiText
T271277: Create Special:SecurePollLog page
- Mentioned Here
- rESPO1ebc4fda886d: Localisation updates from https://translatewiki.net.
T270342: Investigate work involved in adding log for scrutiny of voter data [8 hours]
T271270: Create new logging table in SecurePoll
We now record every time an admin goes to Special:SecurePoll/list/<id>. A log entry is also recorded every time you refresh or use pagination. So you may see lots of entries for the same user and election (like below).
A log entry is only recorded if the user is an admin of the election and is in the electionadmin group. If a non-admin user goes to /list, they do not see any of the personal data (e.g. IP, UA) and a log entry is not recorded.
Test environment: local vagrant SecurePoll 2.0.0 (1ebc4fd).