tag/v2.1.0/backend/routes/auditLog.js

// Audit Log Routes (Admin only)
const express = require('express');
const pool = require('../db');
const { requireAuth, requireGroup } = require('../middleware/auth');

function createAuditLogRouter() {
    const router = express.Router();

    // All routes require Admin group
    router.use(requireAuth(), requireGroup('Admin'));

    // Get paginated audit logs with filters
    router.get('/', async (req, res) => {
        const {
            page = 1,
            limit = 25,
            user,
            action,
            entityType,
            startDate,
            endDate
        } = req.query;

        const offset = (Math.max(1, parseInt(page)) - 1) * parseInt(limit);
        const pageSize = Math.min(100, Math.max(1, parseInt(limit)));

        let where = [];
        let params = [];
        let paramIndex = 1;

        if (user) {
            where.push(`username ILIKE $${paramIndex++}`);
            params.push(`%${user}%`);
        }
        if (action) {
            where.push(`action = $${paramIndex++}`);
            params.push(action);
        }
        if (entityType) {
            where.push(`entity_type = $${paramIndex++}`);
            params.push(entityType);
        }
        if (startDate) {
            where.push(`created_at >= $${paramIndex++}`);
            params.push(startDate);
        }
        if (endDate) {
            where.push(`created_at <= $${paramIndex++}`);
            params.push(endDate + ' 23:59:59');
        }

        const whereClause = where.length > 0 ? 'WHERE ' + where.join(' AND ') : '';

        try {
            // Get total count
            const countResult = await pool.query(
                `SELECT COUNT(*) as total FROM audit_logs ${whereClause}`,
                params
            );
            const total = parseInt(countResult.rows[0].total);

            // Get paginated results
            const dataResult = await pool.query(
                `SELECT * FROM audit_logs ${whereClause} ORDER BY created_at DESC LIMIT $${paramIndex++} OFFSET $${paramIndex++}`,
                [...params, pageSize, offset]
            );

            res.json({
                logs: dataResult.rows,
                pagination: {
                    page: parseInt(page),
                    limit: pageSize,
                    total: total,
                    totalPages: Math.ceil(total / pageSize)
                }
            });
        } catch (err) {
            console.error('Audit log query error:', err);
            res.status(500).json({ error: 'Failed to fetch audit logs' });
        }
    });

    // Get distinct action types for filter dropdown
    router.get('/actions', async (req, res) => {
        try {
            const { rows } = await pool.query(
                'SELECT DISTINCT action FROM audit_logs ORDER BY action'
            );
            res.json(rows.map(r => r.action));
        } catch (err) {
            console.error('Audit log actions error:', err);
            res.status(500).json({ error: 'Failed to fetch actions' });
        }
    });

    return router;
}

module.exports = createAuditLogRouter;
Audit logging feature files 2026-01-29 15:10:29 -07:00			`// Audit Log Routes (Admin only)`
			`const express = require('express');`
feat(postgres): migrate all route files from SQLite to pg pool - All 16 route files now import pool from ../db directly - Removed db parameter from all factory functions - All callbacks replaced with async/await pool.query() - All ? placeholders converted to $1, $2... numbered params - datetime('now') → NOW(), INSERT OR IGNORE → ON CONFLICT DO NOTHING - LIKE → ILIKE for case-insensitive searches - Error detection: err.code === '23505' for unique violations - server.js no longer passes pool/db/requireAuth to route factories - Only ivantiFindings.js still receives pool (pending task 8 rewrite) 2026-05-06 11:44:17 -06:00			`const pool = require('../db');`
			`const { requireAuth, requireGroup } = require('../middleware/auth');`
Audit logging feature files 2026-01-29 15:10:29 -07:00
feat(postgres): migrate all route files from SQLite to pg pool - All 16 route files now import pool from ../db directly - Removed db parameter from all factory functions - All callbacks replaced with async/await pool.query() - All ? placeholders converted to $1, $2... numbered params - datetime('now') → NOW(), INSERT OR IGNORE → ON CONFLICT DO NOTHING - LIKE → ILIKE for case-insensitive searches - Error detection: err.code === '23505' for unique violations - server.js no longer passes pool/db/requireAuth to route factories - Only ivantiFindings.js still receives pool (pending task 8 rewrite) 2026-05-06 11:44:17 -06:00			`function createAuditLogRouter() {`
Audit logging feature files 2026-01-29 15:10:29 -07:00			`const router = express.Router();`

feat: implement group-based access control (Admin, Standard_User, Leadership, Read_Only) - Add user_group migration and created_by column migration - Replace requireRole middleware with requireGroup - Update all backend routes to use group-based authorization - Add Standard_User conditional delete with ownership, state, and compliance checks - Add cascade impact check for CVE deletes - Update AuthContext with group-based permission helpers - Update all frontend components for group-based rendering - Update UserManagement UI with group dropdown, confirmation dialogs, self-demotion prevention 2026-04-06 16:18:07 -06:00			`// All routes require Admin group`
feat(postgres): migrate all route files from SQLite to pg pool - All 16 route files now import pool from ../db directly - Removed db parameter from all factory functions - All callbacks replaced with async/await pool.query() - All ? placeholders converted to $1, $2... numbered params - datetime('now') → NOW(), INSERT OR IGNORE → ON CONFLICT DO NOTHING - LIKE → ILIKE for case-insensitive searches - Error detection: err.code === '23505' for unique violations - server.js no longer passes pool/db/requireAuth to route factories - Only ivantiFindings.js still receives pool (pending task 8 rewrite) 2026-05-06 11:44:17 -06:00			`router.use(requireAuth(), requireGroup('Admin'));`
Audit logging feature files 2026-01-29 15:10:29 -07:00
			`// Get paginated audit logs with filters`
			`router.get('/', async (req, res) => {`
			`const {`
			`page = 1,`
			`limit = 25,`
			`user,`
			`action,`
			`entityType,`
			`startDate,`
			`endDate`
			`} = req.query;`

			`const offset = (Math.max(1, parseInt(page)) - 1) * parseInt(limit);`
			`const pageSize = Math.min(100, Math.max(1, parseInt(limit)));`

			`let where = [];`
			`let params = [];`
feat(postgres): migrate all route files from SQLite to pg pool - All 16 route files now import pool from ../db directly - Removed db parameter from all factory functions - All callbacks replaced with async/await pool.query() - All ? placeholders converted to $1, $2... numbered params - datetime('now') → NOW(), INSERT OR IGNORE → ON CONFLICT DO NOTHING - LIKE → ILIKE for case-insensitive searches - Error detection: err.code === '23505' for unique violations - server.js no longer passes pool/db/requireAuth to route factories - Only ivantiFindings.js still receives pool (pending task 8 rewrite) 2026-05-06 11:44:17 -06:00			`let paramIndex = 1;`
Audit logging feature files 2026-01-29 15:10:29 -07:00
			`if (user) {`
feat(postgres): migrate all route files from SQLite to pg pool - All 16 route files now import pool from ../db directly - Removed db parameter from all factory functions - All callbacks replaced with async/await pool.query() - All ? placeholders converted to $1, $2... numbered params - datetime('now') → NOW(), INSERT OR IGNORE → ON CONFLICT DO NOTHING - LIKE → ILIKE for case-insensitive searches - Error detection: err.code === '23505' for unique violations - server.js no longer passes pool/db/requireAuth to route factories - Only ivantiFindings.js still receives pool (pending task 8 rewrite) 2026-05-06 11:44:17 -06:00			where.push(`username ILIKE $${paramIndex++}`);
Audit logging feature files 2026-01-29 15:10:29 -07:00			params.push(`%${user}%`);
			`}`
			`if (action) {`
feat(postgres): migrate all route files from SQLite to pg pool - All 16 route files now import pool from ../db directly - Removed db parameter from all factory functions - All callbacks replaced with async/await pool.query() - All ? placeholders converted to $1, $2... numbered params - datetime('now') → NOW(), INSERT OR IGNORE → ON CONFLICT DO NOTHING - LIKE → ILIKE for case-insensitive searches - Error detection: err.code === '23505' for unique violations - server.js no longer passes pool/db/requireAuth to route factories - Only ivantiFindings.js still receives pool (pending task 8 rewrite) 2026-05-06 11:44:17 -06:00			where.push(`action = $${paramIndex++}`);
Audit logging feature files 2026-01-29 15:10:29 -07:00			`params.push(action);`
			`}`
			`if (entityType) {`
feat(postgres): migrate all route files from SQLite to pg pool - All 16 route files now import pool from ../db directly - Removed db parameter from all factory functions - All callbacks replaced with async/await pool.query() - All ? placeholders converted to $1, $2... numbered params - datetime('now') → NOW(), INSERT OR IGNORE → ON CONFLICT DO NOTHING - LIKE → ILIKE for case-insensitive searches - Error detection: err.code === '23505' for unique violations - server.js no longer passes pool/db/requireAuth to route factories - Only ivantiFindings.js still receives pool (pending task 8 rewrite) 2026-05-06 11:44:17 -06:00			where.push(`entity_type = $${paramIndex++}`);
Audit logging feature files 2026-01-29 15:10:29 -07:00			`params.push(entityType);`
			`}`
			`if (startDate) {`
feat(postgres): migrate all route files from SQLite to pg pool - All 16 route files now import pool from ../db directly - Removed db parameter from all factory functions - All callbacks replaced with async/await pool.query() - All ? placeholders converted to $1, $2... numbered params - datetime('now') → NOW(), INSERT OR IGNORE → ON CONFLICT DO NOTHING - LIKE → ILIKE for case-insensitive searches - Error detection: err.code === '23505' for unique violations - server.js no longer passes pool/db/requireAuth to route factories - Only ivantiFindings.js still receives pool (pending task 8 rewrite) 2026-05-06 11:44:17 -06:00			where.push(`created_at >= $${paramIndex++}`);
Audit logging feature files 2026-01-29 15:10:29 -07:00			`params.push(startDate);`
			`}`
			`if (endDate) {`
feat(postgres): migrate all route files from SQLite to pg pool - All 16 route files now import pool from ../db directly - Removed db parameter from all factory functions - All callbacks replaced with async/await pool.query() - All ? placeholders converted to $1, $2... numbered params - datetime('now') → NOW(), INSERT OR IGNORE → ON CONFLICT DO NOTHING - LIKE → ILIKE for case-insensitive searches - Error detection: err.code === '23505' for unique violations - server.js no longer passes pool/db/requireAuth to route factories - Only ivantiFindings.js still receives pool (pending task 8 rewrite) 2026-05-06 11:44:17 -06:00			where.push(`created_at <= $${paramIndex++}`);
Audit logging feature files 2026-01-29 15:10:29 -07:00			`params.push(endDate + ' 23:59:59');`
			`}`

			`const whereClause = where.length > 0 ? 'WHERE ' + where.join(' AND ') : '';`

			`try {`
			`// Get total count`
feat(postgres): migrate all route files from SQLite to pg pool - All 16 route files now import pool from ../db directly - Removed db parameter from all factory functions - All callbacks replaced with async/await pool.query() - All ? placeholders converted to $1, $2... numbered params - datetime('now') → NOW(), INSERT OR IGNORE → ON CONFLICT DO NOTHING - LIKE → ILIKE for case-insensitive searches - Error detection: err.code === '23505' for unique violations - server.js no longer passes pool/db/requireAuth to route factories - Only ivantiFindings.js still receives pool (pending task 8 rewrite) 2026-05-06 11:44:17 -06:00			`const countResult = await pool.query(`
			`SELECT COUNT(*) as total FROM audit_logs ${whereClause}`,
			`params`
			`);`
			`const total = parseInt(countResult.rows[0].total);`
Audit logging feature files 2026-01-29 15:10:29 -07:00
			`// Get paginated results`
feat(postgres): migrate all route files from SQLite to pg pool - All 16 route files now import pool from ../db directly - Removed db parameter from all factory functions - All callbacks replaced with async/await pool.query() - All ? placeholders converted to $1, $2... numbered params - datetime('now') → NOW(), INSERT OR IGNORE → ON CONFLICT DO NOTHING - LIKE → ILIKE for case-insensitive searches - Error detection: err.code === '23505' for unique violations - server.js no longer passes pool/db/requireAuth to route factories - Only ivantiFindings.js still receives pool (pending task 8 rewrite) 2026-05-06 11:44:17 -06:00			`const dataResult = await pool.query(`
			`SELECT * FROM audit_logs ${whereClause} ORDER BY created_at DESC LIMIT $${paramIndex++} OFFSET $${paramIndex++}`,
			`[...params, pageSize, offset]`
			`);`
Audit logging feature files 2026-01-29 15:10:29 -07:00
			`res.json({`
feat(postgres): migrate all route files from SQLite to pg pool - All 16 route files now import pool from ../db directly - Removed db parameter from all factory functions - All callbacks replaced with async/await pool.query() - All ? placeholders converted to $1, $2... numbered params - datetime('now') → NOW(), INSERT OR IGNORE → ON CONFLICT DO NOTHING - LIKE → ILIKE for case-insensitive searches - Error detection: err.code === '23505' for unique violations - server.js no longer passes pool/db/requireAuth to route factories - Only ivantiFindings.js still receives pool (pending task 8 rewrite) 2026-05-06 11:44:17 -06:00			`logs: dataResult.rows,`
Audit logging feature files 2026-01-29 15:10:29 -07:00			`pagination: {`
			`page: parseInt(page),`
			`limit: pageSize,`
feat(postgres): migrate all route files from SQLite to pg pool - All 16 route files now import pool from ../db directly - Removed db parameter from all factory functions - All callbacks replaced with async/await pool.query() - All ? placeholders converted to $1, $2... numbered params - datetime('now') → NOW(), INSERT OR IGNORE → ON CONFLICT DO NOTHING - LIKE → ILIKE for case-insensitive searches - Error detection: err.code === '23505' for unique violations - server.js no longer passes pool/db/requireAuth to route factories - Only ivantiFindings.js still receives pool (pending task 8 rewrite) 2026-05-06 11:44:17 -06:00			`total: total,`
			`totalPages: Math.ceil(total / pageSize)`
Audit logging feature files 2026-01-29 15:10:29 -07:00			`}`
			`});`
			`} catch (err) {`
			`console.error('Audit log query error:', err);`
			`res.status(500).json({ error: 'Failed to fetch audit logs' });`
			`}`
			`});`

			`// Get distinct action types for filter dropdown`
			`router.get('/actions', async (req, res) => {`
			`try {`
feat(postgres): migrate all route files from SQLite to pg pool - All 16 route files now import pool from ../db directly - Removed db parameter from all factory functions - All callbacks replaced with async/await pool.query() - All ? placeholders converted to $1, $2... numbered params - datetime('now') → NOW(), INSERT OR IGNORE → ON CONFLICT DO NOTHING - LIKE → ILIKE for case-insensitive searches - Error detection: err.code === '23505' for unique violations - server.js no longer passes pool/db/requireAuth to route factories - Only ivantiFindings.js still receives pool (pending task 8 rewrite) 2026-05-06 11:44:17 -06:00			`const { rows } = await pool.query(`
			`'SELECT DISTINCT action FROM audit_logs ORDER BY action'`
			`);`
Audit logging feature files 2026-01-29 15:10:29 -07:00			`res.json(rows.map(r => r.action));`
			`} catch (err) {`
			`console.error('Audit log actions error:', err);`
			`res.status(500).json({ error: 'Failed to fetch actions' });`
			`}`
			`});`

			`return router;`
			`}`

			`module.exports = createAuditLogRouter;`