foxerBN/crm-server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add audit logging for CRUD operations

Browse Source 
- Extend audit.service.js with logging functions for projects, todos, companies, time tracking, and auth
- Create audit.controller.js for fetching recent audit logs with user info
- Create audit.routes.js with GET /api/audit-logs endpoint
- Add audit logging to project, todo, company, time-tracking, and auth controllers
- Log create/delete operations for projects, todos, companies
- Log timer start/stop for time tracking
- Log login/logout events

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
richardtekula
2025-12-04 10:33:04 +01:00
parent fa7129a5b4
commit a49bff56da
9 changed files with 251 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
src/controllers/todo.controller.js
View File

@@ -1,4 +1,5 @@
import * as todoService from '../services/todo.service.js';
import { logTodoCreated, logTodoDeleted, logTodoCompleted } from '../services/audit.service.js';
/**
* Get all todos
@@ -112,6 +113,9 @@ export const createTodo = async (req, res, next) => {
console.log('Backend received todo data:', data);
const todo = await todoService.createTodo(userId, data);
// Log audit event
await logTodoCreated(userId, todo.id, todo.title, req.ip, req.headers['user-agent']);
res.status(201).json({
success: true,
data: todo,
@@ -152,9 +156,17 @@ export const updateTodo = async (req, res, next) => {
export const deleteTodo = async (req, res, next) => {
try {
const { todoId } = req.params;
const userId = req.userId;
// Get todo info before deleting
const todo = await todoService.getTodoById(todoId);
const todoTitle = todo?.title;
const result = await todoService.deleteTodo(todoId);
// Log audit event
await logTodoDeleted(userId, todoId, todoTitle, req.ip, req.headers['user-agent']);
res.status(200).json({
success: true,
message: result.message,
@@ -171,15 +183,22 @@ export const deleteTodo = async (req, res, next) => {
export const toggleTodo = async (req, res, next) => {
try {
const { todoId } = req.params;
const userId = req.userId;
// Get current todo
const todo = await todoService.getTodoById(todoId);
const wasCompleted = todo.status === 'completed';
// Toggle completed status
const updated = await todoService.updateTodo(todoId, {
status: todo.status === 'completed' ? 'pending' : 'completed',
status: wasCompleted ? 'pending' : 'completed',
});
// Log audit event if todo was completed
if (!wasCompleted) {
await logTodoCompleted(userId, todoId, todo.title, req.ip, req.headers['user-agent']);
}
res.status(200).json({
success: true,
data: updated,