Introduce Your account access log Account sub-page

This provides another bit of functionality that was lost in the switch
from Users#edit to the new Account page. It's pretty much identical to
the Users#event_logs page except for living under /account

app/controllers/account/activities_controller.rb

@@ -0,0 +1,16 @@
+class Account::ActivitiesController < ApplicationController
+  layout "admin_layout"
+
+  before_action :authenticate_user!
+  before_action :authorise_user
+
+  def show
+    @logs = current_user.event_logs.page(params[:page]).per(100)
+  end
+
+private
+
+  def authorise_user
+    authorize %i[account activities]
+  end
+end

app/policies/account/activities_policy.rb

@@ -0,0 +1,5 @@
+class Account::ActivitiesPolicy < BasePolicy
+  def show?
+    current_user.present?
+  end
+end

app/views/account/activities/show.html.erb

@@ -0,0 +1,22 @@
+<% content_for :title, "Account access log" %>
+
+<% content_for :breadcrumbs,
+   render("govuk_publishing_components/components/breadcrumbs", {
+     collapse_on_mobile: true,
+     breadcrumbs: [
+       {
+         title: "Dashboard",
+         url: root_path,
+       },
+       {
+         title: "Settings",
+         url: account_path,
+       },
+       {
+         title: "Account access log",
+       },
+     ]
+   })
+%>
+
+<%= render "shared/event_logs_table", logs: @logs %>

app/views/accounts/show.html.erb

@@ -45,5 +45,12 @@
         path: account_role_organisation_path,
       },
     },
+    {
+      link: {
+        text: "Your account access log",
+        path: account_activity_path,
+      },
+      description: "View your account activity.",
+    },
   ].compact
 } %>

config/routes.rb

@@ -50,6 +50,7 @@
 
   resource :account, only: [:show]
   namespace :account do
+    resource :activity, only: [:show]
     resources :applications, only: %i[show index] do
       resources :permissions, only: [:index]
       resource :signin_permission, only: %i[create destroy] do

test/integration/account_activities_test.rb

@@ -0,0 +1,16 @@
+require "test_helper"
+
+class AccountActivitiesTest < ActionDispatch::IntegrationTest
+  context "#show" do
+    should "list user's EventLogs in table" do
+      user = create(:user)
+
+      visit new_user_session_path
+      signin_with user
+
+      visit account_activity_path
+
+      assert page.has_selector? "td", text: "Successful login"
+    end
+  end
+end

test/integration/account_test.rb

@@ -22,6 +22,7 @@ class AccountTest < ActionDispatch::IntegrationTest
       assert page.has_link?("Manage permissions", href: account_manage_permissions_path)
       assert page.has_link?("Change your 2-step verification phone", href: two_step_verification_path)
       assert page.has_link?("Change your role or organisation", href: account_role_organisation_path)
+      assert page.has_link?("Your account access log", href: account_activity_path)
     end
 
     should "link to Change email/password, Change 2SV and Role/org for normal users" do
@@ -36,6 +37,7 @@ class AccountTest < ActionDispatch::IntegrationTest
       assert page.has_link?("Change your email or password", href: account_email_password_path)
       assert page.has_link?("Change your 2-step verification phone", href: two_step_verification_path)
       assert page.has_link?("View your role and organisation", href: account_role_organisation_path)
+      assert page.has_link?("Your account access log", href: account_activity_path)
 
       assert_not page.has_link?("Manage permissions")
     end

test/policies/account/activities_policy_test.rb

@@ -0,0 +1,14 @@
+require "test_helper"
+require "support/policy_helpers"
+
+class Account::ActivitiesPolicyTest < ActiveSupport::TestCase
+  include PolicyHelpers
+
+  should "allow logged in users to see show irrespective of their role" do
+    assert permit?(build(:user), nil, :show)
+  end
+
+  should "not allow anonymous visitors to see show" do
+    assert forbid?(nil, nil, :show)
+  end
+end