Audit logging feature files
This commit is contained in:
114
backend/routes/auditLog.js
Normal file
114
backend/routes/auditLog.js
Normal file
@@ -0,0 +1,114 @@
|
||||
// Audit Log Routes (Admin only)
|
||||
const express = require('express');
|
||||
|
||||
function createAuditLogRouter(db, requireAuth, requireRole) {
|
||||
const router = express.Router();
|
||||
|
||||
// All routes require admin role
|
||||
router.use(requireAuth(db), requireRole('admin'));
|
||||
|
||||
// Get paginated audit logs with filters
|
||||
router.get('/', async (req, res) => {
|
||||
const {
|
||||
page = 1,
|
||||
limit = 25,
|
||||
user,
|
||||
action,
|
||||
entityType,
|
||||
startDate,
|
||||
endDate
|
||||
} = req.query;
|
||||
|
||||
const offset = (Math.max(1, parseInt(page)) - 1) * parseInt(limit);
|
||||
const pageSize = Math.min(100, Math.max(1, parseInt(limit)));
|
||||
|
||||
let where = [];
|
||||
let params = [];
|
||||
|
||||
if (user) {
|
||||
where.push('username LIKE ?');
|
||||
params.push(`%${user}%`);
|
||||
}
|
||||
if (action) {
|
||||
where.push('action = ?');
|
||||
params.push(action);
|
||||
}
|
||||
if (entityType) {
|
||||
where.push('entity_type = ?');
|
||||
params.push(entityType);
|
||||
}
|
||||
if (startDate) {
|
||||
where.push('created_at >= ?');
|
||||
params.push(startDate);
|
||||
}
|
||||
if (endDate) {
|
||||
where.push('created_at <= ?');
|
||||
params.push(endDate + ' 23:59:59');
|
||||
}
|
||||
|
||||
const whereClause = where.length > 0 ? 'WHERE ' + where.join(' AND ') : '';
|
||||
|
||||
try {
|
||||
// Get total count
|
||||
const countRow = await new Promise((resolve, reject) => {
|
||||
db.get(
|
||||
`SELECT COUNT(*) as total FROM audit_logs ${whereClause}`,
|
||||
params,
|
||||
(err, row) => {
|
||||
if (err) reject(err);
|
||||
else resolve(row);
|
||||
}
|
||||
);
|
||||
});
|
||||
|
||||
// Get paginated results
|
||||
const rows = await new Promise((resolve, reject) => {
|
||||
db.all(
|
||||
`SELECT * FROM audit_logs ${whereClause} ORDER BY created_at DESC LIMIT ? OFFSET ?`,
|
||||
[...params, pageSize, offset],
|
||||
(err, rows) => {
|
||||
if (err) reject(err);
|
||||
else resolve(rows);
|
||||
}
|
||||
);
|
||||
});
|
||||
|
||||
res.json({
|
||||
logs: rows,
|
||||
pagination: {
|
||||
page: parseInt(page),
|
||||
limit: pageSize,
|
||||
total: countRow.total,
|
||||
totalPages: Math.ceil(countRow.total / pageSize)
|
||||
}
|
||||
});
|
||||
} catch (err) {
|
||||
console.error('Audit log query error:', err);
|
||||
res.status(500).json({ error: 'Failed to fetch audit logs' });
|
||||
}
|
||||
});
|
||||
|
||||
// Get distinct action types for filter dropdown
|
||||
router.get('/actions', async (req, res) => {
|
||||
try {
|
||||
const rows = await new Promise((resolve, reject) => {
|
||||
db.all(
|
||||
'SELECT DISTINCT action FROM audit_logs ORDER BY action',
|
||||
(err, rows) => {
|
||||
if (err) reject(err);
|
||||
else resolve(rows);
|
||||
}
|
||||
);
|
||||
});
|
||||
|
||||
res.json(rows.map(r => r.action));
|
||||
} catch (err) {
|
||||
console.error('Audit log actions error:', err);
|
||||
res.status(500).json({ error: 'Failed to fetch actions' });
|
||||
}
|
||||
});
|
||||
|
||||
return router;
|
||||
}
|
||||
|
||||
module.exports = createAuditLogRouter;
|
||||
Reference in New Issue
Block a user