Improvments to logging\auditing

2026-05-19 10:38:26 +00:00
parent 815084132f f856aa5aea
commit 78bae3c2bb
31 changed files with 2101 additions and 131 deletions
@@ -10,6 +10,8 @@ from gatehouse_app.models import Department, DepartmentMembership
 from gatehouse_app.services.organization_service import OrganizationService
 from gatehouse_app.services.user_service import UserService
 from gatehouse_app.extensions import db
+from gatehouse_app.utils.constants import AuditAction
+from gatehouse_app.services.audit_service import AuditService


 class DepartmentCreateSchema(Schema):
@@ -123,6 +125,15 @@ def create_department(org_id):
        db.session.add(dept)
        db.session.commit()

+        AuditService.log_action(
+            action=AuditAction.DEPARTMENT_CREATED,
+            user_id=g.current_user.id,
+            organization_id=org_id,
+            resource_type="department",
+            resource_id=str(dept.id),
+            description=f"Department '{dept.name}' created",
+        )
+
        return api_response(
            data={"department": dept.to_dict()},
            message="Department created successfully",
@@ -251,6 +262,15 @@ def update_department(org_id, dept_id):

        db.session.commit()

+        AuditService.log_action(
+            action=AuditAction.DEPARTMENT_UPDATED,
+            user_id=g.current_user.id,
+            organization_id=org_id,
+            resource_type="department",
+            resource_id=str(dept.id),
+            description=f"Department '{dept.name}' updated",
+        )
+
        return api_response(
            data={"department": dept.to_dict()},
            message="Department updated successfully",
@@ -304,6 +324,15 @@ def delete_department(org_id, dept_id):
    dept.deleted_at = db.func.now()
    db.session.commit()

+    AuditService.log_action(
+        action=AuditAction.DEPARTMENT_DELETED,
+        user_id=g.current_user.id,
+        organization_id=org_id,
+        resource_type="department",
+        resource_id=str(dept.id),
+        description=f"Department '{dept.name}' deleted",
+    )
+
    return api_response(
        message="Department deleted successfully",
    )
@@ -457,6 +486,15 @@ def add_department_member(org_id, dept_id):

        db.session.commit()

+        AuditService.log_action(
+            action=AuditAction.DEPARTMENT_MEMBER_ADDED,
+            user_id=g.current_user.id,
+            organization_id=org_id,
+            resource_type="user",
+            resource_id=str(user.id),
+            description=f"Added user {user.email} to department '{dept.name}'",
+        )
+
        member_dict = membership.to_dict()
        member_dict["user"] = user.to_dict()

@@ -529,6 +567,15 @@ def remove_department_member(org_id, dept_id, user_id):
    membership.deleted_at = db.func.now()
    db.session.commit()

+    AuditService.log_action(
+        action=AuditAction.DEPARTMENT_MEMBER_REMOVED,
+        user_id=g.current_user.id,
+        organization_id=org_id,
+        resource_type="user",
+        resource_id=str(user_id),
+        description=f"Removed user from department '{dept.name}'",
+    )
+
    return api_response(
        message="Member removed successfully",
    )
@@ -695,5 +742,14 @@ def set_dept_cert_policy(org_id, dept_id):

    db.session.commit()

+    AuditService.log_action(
+        action=AuditAction.DEPARTMENT_CERT_POLICY_UPDATED,
+        user_id=g.current_user.id,
+        organization_id=org_id,
+        resource_type="department",
+        resource_id=str(dept_id),
+        description=f"Certificate policy updated for department '{dept.name}'",
+    )
+
    return api_response(data={"cert_policy": policy.to_dict()}, message="Certificate policy saved")