sebi/effigenix
1
0
Fork 0
mirror of https://github.com/s-frick/effigenix.git synced 2026-03-28 12:09:35 +01:00
Code Issues Releases Activity Actions

fix: audit log entity_id zu lang bei ROLE_ASSIGNED/ROLE_REMOVED

Browse source 
AssignRole und RemoveRole übergaben einen zusammengesetzten String
("User: uuid, Role: NAME") als entity_id-Spalte, die nur VARCHAR(36)
erlaubt. Neuer AuditLogger-Overload log(event, entityId, details, actor)
trennt UUID und Zusatzinformationen sauber.
This commit is contained in:
Sebastian Frick 2026-02-18 12:03:02 +01:00
parent bc0043db93
commit 0ee7d91528
4 changed files with 34 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

2
backend/src/main/java/de/effigenix/application/usermanagement/AssignRole.java
View file

@ -73,7 +73,7 @@ public class AssignRole {
} }
// 4. Audit log // 4. Audit log
auditLogger.log(AuditEvent.ROLE_ASSIGNED, "User: " + userId.value() + ", Role: " + role.name(), performedBy); auditLogger.log(AuditEvent.ROLE_ASSIGNED, userId.value(), "Role: " + role.name(), performedBy);
return Result.success(UserDTO.from(user)); return Result.success(UserDTO.from(user));
} }

10
backend/src/main/java/de/effigenix/application/usermanagement/AuditLogger.java
View file

@ -27,6 +27,16 @@ public interface AuditLogger {
*/ */
void log(AuditEvent event, String details); void log(AuditEvent event, String details);
/**
* Logs an audit event with entity and additional details.
*
* @param event Event type
* @param entityId ID of the entity affected (UUID, max 36 chars)
* @param details Additional details (e.g., role name, reason)
* @param performedBy Actor who performed the action
*/
void log(AuditEvent event, String entityId, String details, ActorId performedBy);
/** /**
* Logs an audit event without entity (e.g., LOGIN_SUCCESS). * Logs an audit event without entity (e.g., LOGIN_SUCCESS).
* *

2
backend/src/main/java/de/effigenix/application/usermanagement/RemoveRole.java
View file

@ -80,7 +80,7 @@ public class RemoveRole {
} }
// 4. Audit log // 4. Audit log
auditLogger.log(AuditEvent.ROLE_REMOVED, "User: " + userId + ", Role: " + roleName, performedBy); auditLogger.log(AuditEvent.ROLE_REMOVED, userId, "Role: " + roleName, performedBy);
return Result.success(UserDTO.from(user)); return Result.success(UserDTO.from(user));
} }

22
backend/src/main/java/de/effigenix/infrastructure/audit/DatabaseAuditLogger.java
View file

@ -85,6 +85,28 @@ public class DatabaseAuditLogger implements AuditLogger {
} }
} }
@Override
@Transactional(propagation = Propagation.REQUIRES_NEW)
public void log(AuditEvent event, String entityId, String details, ActorId performedBy) {
try {
AuditLogEntity auditLog = new AuditLogEntity(
UUID.randomUUID().toString(),
event,
entityId,
performedBy.value(),
details,
LocalDateTime.now(),
getClientIpAddress(),
getUserAgent()
);
repository.save(auditLog);
log.debug("Audit log created: event={}, entityId={}, details={}, actor={}", event, entityId, details, performedBy.value());
} catch (Exception e) {
log.error("Failed to create audit log: event={}, entityId={}, details={}, actor={}", event, entityId, details, performedBy.value(), e);
}
}
@Override @Override
@Transactional(propagation = Propagation.REQUIRES_NEW) @Transactional(propagation = Propagation.REQUIRES_NEW)
public void log(AuditEvent event, ActorId performedBy) { public void log(AuditEvent event, ActorId performedBy) {