feat(phase-4-06): admin audit log viewer + CSV export (ADMIN-06)
- Create backend/api/audit.py: GET /api/admin/audit-log (paginated, filtered) and GET /api/admin/audit-log/export (streaming CSV) - Both endpoints protected by Depends(get_current_admin) — regular users → 403 - _audit_to_dict() whitelist explicitly excludes filename, extracted_text, password_hash, credentials_enc (T-04-06-02, D-15) - CSV export uses same helper as JSON viewer; Content-Disposition: attachment - Register audit_router in backend/main.py
This commit is contained in:
curo1305
@@ -187,3 +187,7 @@ app.include_router(document_move_router)
|
||||
# Phase 4: shares router (SHARE-01..05)
|
||||
from api.shares import router as shares_router # noqa: E402
|
||||
app.include_router(shares_router)
|
||||
|
||||
# Phase 4: audit log viewer + CSV export (ADMIN-06)
|
||||
from api.audit import router as audit_router # noqa: E402
|
||||
app.include_router(audit_router)
|
||||
|
||||
Reference in New Issue
Block a user