what do you think about historical assignements for permissions ans roles, to recap the assigned rights/roles to any timestamp?
Id UserId RoleId ValidFrom ValidTo (Nullable => To check if it is valid)
And the same for:
What is it's purpose? If it's purpose is to know if a role WAS assigned to a user in a time range, what if we assign, unassign and assign again? In that case, we loose the history. Is'nt it better to write some audit log for each change (module-zero makes it already)? We may make UserRole soft-delete, so we can also keep old records for history. But, I think this is not needed. audit-logs show who assigned/unassigned a user to/from a role.
the audit log should fit the function I need. I searched for it, and i saw, the the function is realized on the application level and it logs the dto data. What happend with application calls which i want to log but not all data fields (e.g. the call of change password, but not the password field).
Do have an documentation for it?