egg/PROJECT-CONTORL
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
1e31def7ba3de00668e46934558e411b132d658f
PROJECT-CONTORL/openspec/changes/archive/2025-12-29-add-audit-trail/tasks.md
beabigegg 0ef78e13ff feat: implement audit trail module 
- Backend (FastAPI):
  - AuditLog and AuditAlert models with Alembic migration
  - AuditService with SHA-256 checksum for log integrity
  - AuditMiddleware for request metadata extraction (IP, user_agent)
  - Integrated audit logging into Task, Project, Blocker APIs
  - Query API with filtering, pagination, CSV export
  - Integrity verification endpoint
  - Sensitive operation alerts with acknowledgement

- Frontend (React + Vite):
  - Admin AuditPage with filters and export
  - ResourceHistory component for change tracking
  - Audit service for API calls

- Testing:
  - 15 tests covering service and API endpoints

- OpenSpec:
  - add-audit-trail change archived

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-29 21:21:18 +08:00

2.5 KiB
Raw Blame History

1. Database Schema

  • 1.1 建立 AuditLog model (pjctrl_audit_logs)
  • 1.2 建立 AuditAlert model (pjctrl_audit_alerts)
  • 1.3 建立 Alembic migration
  • 1.4 建立 event types 和 sensitivity levels 常數

2. Core Audit Service

  • 2.1 建立 AuditService 核心類別
  • 2.2 實作 checksum 計算邏輯
  • 2.3 實作 log_event() 方法 (非同步)
  • 2.4 實作 detect_changes() 方法 (比較 old/new values)
  • 2.5 實作敏感度判定邏輯

3. Audit Middleware

  • 3.1 建立 AuditMiddleware 擷取 request metadata (IP, user_agent)
  • 3.2 將 metadata 注入 request state

4. API Integration - Task

  • 4.1 整合 Task create 稽核
  • 4.2 整合 Task update 稽核 (含 changes diff)
  • 4.3 整合 Task delete 稽核
  • 4.4 整合 Task assign 稽核

5. API Integration - Project

  • 5.1 整合 Project create 稽核
  • 5.2 整合 Project update 稽核
  • 5.3 整合 Project delete 稽核

6. API Integration - User & Auth

  • 6.1 整合 User permission change 稽核
  • 6.2 整合 Login/Logout 稽核
  • 6.3 整合 Blocker 事件稽核

7. Backend API - Query

  • 7.1 建立 AuditLog schemas (response)
  • 7.2 實作 GET /api/audit-logs - 查詢稽核日誌
  • 7.3 實作 GET /api/audit-logs/resource/{type}/{id} - 資源歷史
  • 7.4 實作 query filters (時間、使用者、資源、敏感度)

8. Backend API - Export & Verify

  • 8.1 實作 GET /api/audit-logs/export - CSV 匯出
  • 8.2 實作 POST /api/audit-logs/verify-integrity - 完整性驗證
  • 8.3 實作分頁處理大量資料

9. Alert System

  • 9.1 建立 AuditAlert schemas
  • 9.2 實作 create_alert() 方法
  • 9.3 實作敏感操作警示觸發
  • 9.4 實作大量刪除偵測
  • 9.5 整合 NotificationService 發送警示
  • 9.6 實作 PUT /api/audit-alerts/{id}/acknowledge - 確認警示

10. Frontend - Admin Audit Page

  • 10.1 建立 audit.ts service
  • 10.2 建立 AuditLogList 元件
  • 10.3 建立 AuditLogFilters 元件 (日期、使用者、資源)
  • 10.4 建立 AuditLogDetail modal (顯示 changes diff)
  • 10.5 建立 CSV 匯出按鈕
  • 10.6 新增 Admin menu 連結

11. Frontend - Resource History

  • 11.1 建立 ResourceHistory 元件
  • 11.2 整合至 Task 詳情頁
  • 11.3 整合至 Project 詳情頁

12. Testing

  • 12.1 AuditService 單元測試
  • 12.2 Checksum 計算測試
  • 12.3 Audit API 端點測試
  • 12.4 Alert 觸發測試
  • 12.5 CSV 匯出測試
  • 12.6 完整性驗證測試