audit_trail_webdav
Audit Trail for WebDAV records every WebDAV operation in the Audit Trail chain, giving you a tamper-evident log of who did what over WebDAV.
It is a thin bridge. It subscribes to the events dispatched by the WebDAV module and writes each verb as a chained audit row, while keeping the two modules decoupled: WebDAV does not need to know about Audit Trail, and Audit Trail does not need to know about WebDAV. You can add or remove the bridge without touching either.
What it audits
Every WebDAV verb the upstream module dispatches:
- PUT, recorded as
createorupdate - DELETE, MKCOL, MOVE, COPY
- the LOCK family: acquire, release, and operator force-release
Each row captures a normalized action, the resource path (webdav:[container]/[path]), and the operation context: the HTTP method, the destination for MOVE and COPY, the lock token, timeout and owner for the LOCK family, and before / after file metadata where available.
Keeps WebDAV URL tokens out of the log
When the WebDAV module authenticates by URL token, that token is part of the request path. The bridge keeps the request URI out of the audit row, so the token never lands in the log; the resource path is recorded separately, so nothing is lost.
Privacy
WebDAV operations are tied to a specific user, so all event data lands in the transient, GDPR-purgeable bucket and auto-purges at the short retention window. The permanent bucket stays empty.
Getting started
Install Audit Trail and WebDAV, then enable this module. It ships a ready-to-use chain that claims the audit_trail_webdav channel out of the box, at /admin/config/system/audit-trail/chains/audit_trail_webdav. Operators who want to route WebDAV events into a different chain can re-assign the channel there.
Requirements
- Drupal 11, PHP 8.2 or later
- Audit Trail
- WebDAV