On branch-2.1 the AUDITLOG events is raised like this:
I'd like to extend this line with "caller" user info like this:
Similar change is proposed for Revoke event.
On branch-2.2+ grant() and revoke() methods in AccessController have been deprecated and logic was moved to MasterRpcServices, but that class doesn't do any audit logging. I'm not sure about why audit logging has been removed and about any replacement in the refactored logic, but Audit logging is a crucial security tool in our environment to track change events on ACLs.
I'm planning to add AUDITLOG to MasterRpcServices to bring back this functionality, but please FIXME and point me in the right direction if needed.