0ef78e13ff
- Backend (FastAPI): - AuditLog and AuditAlert models with Alembic migration - AuditService with SHA-256 checksum for log integrity - AuditMiddleware for request metadata extraction (IP, user_agent) - Integrated audit logging into Task, Project, Blocker APIs - Query API with filtering, pagination, CSV export - Integrity verification endpoint - Sensitive operation alerts with acknowledgement - Frontend (React + Vite): - Admin AuditPage with filters and export - ResourceHistory component for change tracking - Audit service for API calls - Testing: - 15 tests covering service and API endpoints - OpenSpec: - add-audit-trail change archived 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2.5 KiB
2.5 KiB
1. Database Schema
- 1.1 建立 AuditLog model (
pjctrl_audit_logs) - 1.2 建立 AuditAlert model (
pjctrl_audit_alerts) - 1.3 建立 Alembic migration
- 1.4 建立 event types 和 sensitivity levels 常數
2. Core Audit Service
- 2.1 建立 AuditService 核心類別
- 2.2 實作 checksum 計算邏輯
- 2.3 實作 log_event() 方法 (非同步)
- 2.4 實作 detect_changes() 方法 (比較 old/new values)
- 2.5 實作敏感度判定邏輯
3. Audit Middleware
- 3.1 建立 AuditMiddleware 擷取 request metadata (IP, user_agent)
- 3.2 將 metadata 注入 request state
4. API Integration - Task
- 4.1 整合 Task create 稽核
- 4.2 整合 Task update 稽核 (含 changes diff)
- 4.3 整合 Task delete 稽核
- 4.4 整合 Task assign 稽核
5. API Integration - Project
- 5.1 整合 Project create 稽核
- 5.2 整合 Project update 稽核
- 5.3 整合 Project delete 稽核
6. API Integration - User & Auth
- 6.1 整合 User permission change 稽核
- 6.2 整合 Login/Logout 稽核
- 6.3 整合 Blocker 事件稽核
7. Backend API - Query
- 7.1 建立 AuditLog schemas (response)
- 7.2 實作 GET
/api/audit-logs- 查詢稽核日誌 - 7.3 實作 GET
/api/audit-logs/resource/{type}/{id}- 資源歷史 - 7.4 實作 query filters (時間、使用者、資源、敏感度)
8. Backend API - Export & Verify
- 8.1 實作 GET
/api/audit-logs/export- CSV 匯出 - 8.2 實作 POST
/api/audit-logs/verify-integrity- 完整性驗證 - 8.3 實作分頁處理大量資料
9. Alert System
- 9.1 建立 AuditAlert schemas
- 9.2 實作 create_alert() 方法
- 9.3 實作敏感操作警示觸發
- 9.4 實作大量刪除偵測
- 9.5 整合 NotificationService 發送警示
- 9.6 實作 PUT
/api/audit-alerts/{id}/acknowledge- 確認警示
10. Frontend - Admin Audit Page
- 10.1 建立 audit.ts service
- 10.2 建立 AuditLogList 元件
- 10.3 建立 AuditLogFilters 元件 (日期、使用者、資源)
- 10.4 建立 AuditLogDetail modal (顯示 changes diff)
- 10.5 建立 CSV 匯出按鈕
- 10.6 新增 Admin menu 連結
11. Frontend - Resource History
- 11.1 建立 ResourceHistory 元件
- 11.2 整合至 Task 詳情頁
- 11.3 整合至 Project 詳情頁
12. Testing
- 12.1 AuditService 單元測試
- 12.2 Checksum 計算測試
- 12.3 Audit API 端點測試
- 12.4 Alert 觸發測試
- 12.5 CSV 匯出測試
- 12.6 完整性驗證測試