aa052763f6
- .env.example: полный шаблон, защита секретов - .gitignore: явное исключение .env.* и секретов - layout.tsx: XSS — заменён dangerouslySetInnerHTML на next/script для SW - ESLint: no-console error (allow warn/error), ignore scripts/ - scripts/remove-console-logs.js: очистка console.log без glob - backend/routes/modules: README с планом рефакторинга крупных файлов - SECURITY.md: гид по секретам, XSS, CORS, auth, линту - .husky/pre-commit: запуск npm run lint + прочие правки приложения и бэкенда Co-authored-by: Cursor <cursoragent@cursor.com>
28 lines
1.2 KiB
Python
28 lines
1.2 KiB
Python
"""Audit events API — now uses real AuditLog table."""
|
|
from fastapi import APIRouter, Depends, Query
|
|
from sqlalchemy.orm import Session
|
|
|
|
from app.api.deps import get_current_user, require_roles
|
|
from app.api.helpers import is_authority, paginate_query
|
|
from app.db.session import get_db
|
|
from app.models.audit_log import AuditLog
|
|
|
|
router = APIRouter(tags=["audit"])
|
|
|
|
|
|
@router.get("/audit/events", dependencies=[Depends(require_roles("admin", "authority_inspector"))])
|
|
def list_audit_events(
|
|
entity_type: str | None = Query(None), entity_id: str | None = Query(None),
|
|
user_id: str | None = Query(None), action: str | None = Query(None),
|
|
page: int = Query(1, ge=1), per_page: int = Query(50, ge=1, le=100),
|
|
db: Session = Depends(get_db), user=Depends(get_current_user),
|
|
):
|
|
q = db.query(AuditLog)
|
|
if entity_type: q = q.filter(AuditLog.entity_type == entity_type)
|
|
if entity_id: q = q.filter(AuditLog.entity_id == entity_id)
|
|
if user_id: q = q.filter(AuditLog.user_id == user_id)
|
|
if action: q = q.filter(AuditLog.action == action)
|
|
if not is_authority(user): q = q.filter(AuditLog.organization_id == user.organization_id)
|
|
q = q.order_by(AuditLog.created_at.desc())
|
|
return paginate_query(q, page, per_page)
|