 curo1305
|
839bfe0ffe
|
feat(06.2-04): backend — handle enrichment, user_handle filter, two daily-export endpoints
- Add _audit_to_dict_with_handles() with user_handle + actor_handle fields
- Add _build_filtered_query_with_handles() with aliased User double-JOIN
- Change list_audit_log user_id param to user_handle string with handle→UUID resolution
- Change export_audit_log user_id param to user_handle (Pitfall 7 — both endpoints enriched)
- Add GET /audit-log/daily-exports — lists MinIO audit-logs bucket, asyncio.to_thread
- Add GET /audit-log/daily-exports/{date} — streams CSV, date regex validation (T-06.2-04-01)
- Move daily-export endpoints before viewer to ensure specific path registration order
- Update test_audit_log_export_csv to match enriched CSV header (user_handle, actor_handle)
- All 10 test_audit.py tests pass
|
2026-05-31 15:17:53 +02:00 |
|
|
curo1305
|
364447d0bc
|
feat(phase-4-06): admin audit log viewer + CSV export (ADMIN-06)
- Create backend/api/audit.py: GET /api/admin/audit-log (paginated, filtered)
and GET /api/admin/audit-log/export (streaming CSV)
- Both endpoints protected by Depends(get_current_admin) — regular users → 403
- _audit_to_dict() whitelist explicitly excludes filename, extracted_text,
password_hash, credentials_enc (T-04-06-02, D-15)
- CSV export uses same helper as JSON viewer; Content-Disposition: attachment
- Register audit_router in backend/main.py
|
2026-05-25 18:48:02 +02:00 |
|