PROJECT-CONTORL

egg/PROJECT-CONTORL

Fork 0

Commit Graph

Author	SHA1	Message	Date
beabigegg	10db2c9d1f	feat: implement audit trail alignment (soft delete & permission audit) - Task Soft Delete: - Add is_deleted, deleted_at, deleted_by fields to Task model - Convert DELETE to soft delete with cascade to subtasks - Add include_deleted query param (admin only) - Add POST /api/tasks/{id}/restore endpoint - Exclude deleted tasks from subtask_count - Permission Change Audit: - Add user.role_change event (high sensitivity) - Add user.admin_change event (critical, triggers alert) - Add PATCH /api/users/{id}/admin endpoint - Add role.permission_change event type - Append-Only Enforcement: - Add DB triggers for audit_logs immutability (manual for production) - Migration 008 with graceful trigger failure handling - Tests: 11 new soft delete tests (153 total passing) - OpenSpec: fix-audit-trail archived, fix-realtime-notifications & fix-weekly-report proposals added 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-30 06:58:30 +08:00
beabigegg	0ef78e13ff	feat: implement audit trail module - Backend (FastAPI): - AuditLog and AuditAlert models with Alembic migration - AuditService with SHA-256 checksum for log integrity - AuditMiddleware for request metadata extraction (IP, user_agent) - Integrated audit logging into Task, Project, Blocker APIs - Query API with filtering, pagination, CSV export - Integrity verification endpoint - Sensitive operation alerts with acknowledgement - Frontend (React + Vite): - Admin AuditPage with filters and export - ResourceHistory component for change tracking - Audit service for API calls - Testing: - 15 tests covering service and API endpoints - OpenSpec: - add-audit-trail change archived 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-29 21:21:18 +08:00

Author

SHA1

Message

Date

beabigegg

10db2c9d1f

feat: implement audit trail alignment (soft delete & permission audit)

- Task Soft Delete:
  - Add is_deleted, deleted_at, deleted_by fields to Task model
  - Convert DELETE to soft delete with cascade to subtasks
  - Add include_deleted query param (admin only)
  - Add POST /api/tasks/{id}/restore endpoint
  - Exclude deleted tasks from subtask_count

- Permission Change Audit:
  - Add user.role_change event (high sensitivity)
  - Add user.admin_change event (critical, triggers alert)
  - Add PATCH /api/users/{id}/admin endpoint
  - Add role.permission_change event type

- Append-Only Enforcement:
  - Add DB triggers for audit_logs immutability (manual for production)
  - Migration 008 with graceful trigger failure handling

- Tests: 11 new soft delete tests (153 total passing)
- OpenSpec: fix-audit-trail archived, fix-realtime-notifications & fix-weekly-report proposals added

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

2025-12-30 06:58:30 +08:00

beabigegg

0ef78e13ff

feat: implement audit trail module

- Backend (FastAPI):
  - AuditLog and AuditAlert models with Alembic migration
  - AuditService with SHA-256 checksum for log integrity
  - AuditMiddleware for request metadata extraction (IP, user_agent)
  - Integrated audit logging into Task, Project, Blocker APIs
  - Query API with filtering, pagination, CSV export
  - Integrity verification endpoint
  - Sensitive operation alerts with acknowledgement

- Frontend (React + Vite):
  - Admin AuditPage with filters and export
  - ResourceHistory component for change tracking
  - Audit service for API calls

- Testing:
  - 15 tests covering service and API endpoints

- OpenSpec:
  - add-audit-trail change archived

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

2025-12-29 21:21:18 +08:00

2 Commits