sebi/effigenix
1
0
Fork 0
mirror of https://github.com/s-frick/effigenix.git synced 2026-03-28 18:49:59 +01:00
Code Issues Releases Activity Actions

fix: audit log entity_id zu lang bei ROLE_ASSIGNED/ROLE_REMOVED

Browse source 
AssignRole und RemoveRole übergaben einen zusammengesetzten String
("User: uuid, Role: NAME") als entity_id-Spalte, die nur VARCHAR(36)
erlaubt. Neuer AuditLogger-Overload log(event, entityId, details, actor)
trennt UUID und Zusatzinformationen sauber.
This commit is contained in:
Sebastian Frick 2026-02-18 12:03:02 +01:00
parent bc0043db93
commit 0ee7d91528
4 changed files with 34 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

2
backend/src/main/java/de/effigenix/application/usermanagement/AssignRole.java
View file

@ -73,7 +73,7 @@ public class AssignRole {
}
// 4. Audit log
auditLogger.log(AuditEvent.ROLE_ASSIGNED, "User: " + userId.value() + ", Role: " + role.name(), performedBy);
auditLogger.log(AuditEvent.ROLE_ASSIGNED, userId.value(), "Role: " + role.name(), performedBy);
return Result.success(UserDTO.from(user));
}

10
backend/src/main/java/de/effigenix/application/usermanagement/AuditLogger.java
View file

@ -27,6 +27,16 @@ public interface AuditLogger {
*/
void log(AuditEvent event, String details);
/**
* Logs an audit event with entity and additional details.
*
* @param event Event type
* @param entityId ID of the entity affected (UUID, max 36 chars)
* @param details Additional details (e.g., role name, reason)
* @param performedBy Actor who performed the action
*/
void log(AuditEvent event, String entityId, String details, ActorId performedBy);
/**
* Logs an audit event without entity (e.g., LOGIN_SUCCESS).
*

2
backend/src/main/java/de/effigenix/application/usermanagement/RemoveRole.java
View file

@ -80,7 +80,7 @@ public class RemoveRole {
}
// 4. Audit log
auditLogger.log(AuditEvent.ROLE_REMOVED, "User: " + userId + ", Role: " + roleName, performedBy);
auditLogger.log(AuditEvent.ROLE_REMOVED, userId, "Role: " + roleName, performedBy);
return Result.success(UserDTO.from(user));
}

22
backend/src/main/java/de/effigenix/infrastructure/audit/DatabaseAuditLogger.java
View file

@ -85,6 +85,28 @@ public class DatabaseAuditLogger implements AuditLogger {
}
}
@Override
@Transactional(propagation = Propagation.REQUIRES_NEW)
public void log(AuditEvent event, String entityId, String details, ActorId performedBy) {
try {
AuditLogEntity auditLog = new AuditLogEntity(
UUID.randomUUID().toString(),
event,
entityId,
performedBy.value(),
details,
LocalDateTime.now(),
getClientIpAddress(),
getUserAgent()
);
repository.save(auditLog);
log.debug("Audit log created: event={}, entityId={}, details={}, actor={}", event, entityId, details, performedBy.value());
} catch (Exception e) {
log.error("Failed to create audit log: event={}, entityId={}, details={}, actor={}", event, entityId, details, performedBy.value(), e);
}
}
@Override
@Transactional(propagation = Propagation.REQUIRES_NEW)
public void log(AuditEvent event, ActorId performedBy) {