refactor: Move audit logging from controllers into services

Add auditContext parameter to service mutating functions. Services now call audit log functions internally when auditContext is provided. Controllers pass { userId, ipAddress, userAgent } and no longer import audit service or fetch extra data for audit purposes. Files modified: - 10 service files: added audit imports and auditContext parameter - 9 controller files: removed audit imports and calls Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-28 07:39:41 +01:00
parent caab86079e
commit 3aba6c2955
19 changed files with 315 additions and 430 deletions
--- a/src/controllers/admin.controller.js
+++ b/src/controllers/admin.controller.js
@@ -1,6 +1,5 @@
 import * as adminService from '../services/admin.service.js';
 import * as statusService from '../services/status.service.js';
-import { logUserCreation, logRoleChange, logUserDeleted } from '../services/audit.service.js';
 import { triggerEventNotifications } from '../cron/index.js';

 /**
@@ -21,17 +20,8 @@ export const createUser = async (req, res, next) => {
      lastName,
      role,
      email,
-      emailPassword
-    );
-
-    // Log user creation
-    await logUserCreation(
-      adminId,
-      result.user.id,
-      username,
-      result.user.role,
-      ipAddress,
-      userAgent
+      emailPassword,
+      { userId: adminId, ipAddress, userAgent }
    );

    res.status(201).json({
@@ -110,10 +100,7 @@ export const changeUserRole = async (req, res, next) => {
  const userAgent = req.headers['user-agent'];

  try {
-    const result = await adminService.changeUserRole(userId, role);
-
-    // Log role change
-    await logRoleChange(adminId, userId, result.oldRole, result.newRole, ipAddress, userAgent);
+    const result = await adminService.changeUserRole(userId, role, { userId: adminId, ipAddress, userAgent });

    res.status(200).json({
      success: true,
@@ -177,13 +164,7 @@ export const deleteUser = async (req, res, next) => {
  const userAgent = req.headers['user-agent'];

  try {
-    // Get user info before deletion for audit
-    const userToDelete = await adminService.getUserById(userId);
-
-    const result = await adminService.deleteUser(userId);
-
-    // Log user deletion
-    await logUserDeleted(adminId, userId, userToDelete.username, ipAddress, userAgent);
+    const result = await adminService.deleteUser(userId, { userId: adminId, ipAddress, userAgent });

    res.status(200).json({
      success: true,