2026-03-04 15:56:58 +01:00
|
|
|
<?php
|
|
|
|
|
|
refactor(audit): extract audit domain into self-contained module
Move the entire audit subsystem (system audit, API audit, import audit,
user lifecycle audit, frontend telemetry) from core into modules/audit/.
Core decoupling via interface-based injection:
- AuditRecorderInterface replaces SystemAuditService in 10+ core services
- UserLifecycleAuditInterface / ImportAuditInterface for specialized flows
- NullAuditRecorder fallback when audit module is disabled
- ApiBootstrap/ApiResponse use null-safe callable resolvers
Module structure (modules/audit/):
- Manifest with routes, permissions, scheduler jobs, authorization policy
- 9 services, 8 repositories, 6 domain enums, 4 job handlers
- 33 page files, 4 JS files, 8 test files, migration scripts, i18n
Core cleanup:
- OperationsAuthorizationPolicy, UiCapabilityMap, PermissionService
surgically cleaned of audit-specific constants
- Sidebar template cleared of hardcoded audit navigation
- AuditModuleIsolationContractTest ensures no future core→module coupling
All quality gates pass: 1346 tests (19,276 assertions), PHPStan level 5
clean, architecture contracts verified.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-25 21:12:49 +01:00
|
|
|
use MintyPHP\Module\Audit\AuditAuthorizationPolicy;
|
|
|
|
|
use MintyPHP\Module\Audit\Domain\SystemAuditChannel;
|
|
|
|
|
use MintyPHP\Module\Audit\Domain\SystemAuditOutcome;
|
|
|
|
|
use MintyPHP\Module\Audit\Service\SystemAuditService;
|
2026-03-04 15:56:58 +01:00
|
|
|
use MintyPHP\Support\Guard;
|
|
|
|
|
|
|
|
|
|
Guard::requireLogin();
|
refactor(audit): extract audit domain into self-contained module
Move the entire audit subsystem (system audit, API audit, import audit,
user lifecycle audit, frontend telemetry) from core into modules/audit/.
Core decoupling via interface-based injection:
- AuditRecorderInterface replaces SystemAuditService in 10+ core services
- UserLifecycleAuditInterface / ImportAuditInterface for specialized flows
- NullAuditRecorder fallback when audit module is disabled
- ApiBootstrap/ApiResponse use null-safe callable resolvers
Module structure (modules/audit/):
- Manifest with routes, permissions, scheduler jobs, authorization policy
- 9 services, 8 repositories, 6 domain enums, 4 job handlers
- 33 page files, 4 JS files, 8 test files, migration scripts, i18n
Core cleanup:
- OperationsAuthorizationPolicy, UiCapabilityMap, PermissionService
surgically cleaned of audit-specific constants
- Sidebar template cleared of hardcoded audit navigation
- AuditModuleIsolationContractTest ensures no future core→module coupling
All quality gates pass: 1346 tests (19,276 assertions), PHPStan level 5
clean, architecture contracts verified.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-25 21:12:49 +01:00
|
|
|
Guard::requireAbilityOrForbidden(AuditAuthorizationPolicy::ABILITY_SYSTEM_AUDIT_VIEW);
|
2026-03-04 15:56:58 +01:00
|
|
|
gridRequireGetRequest();
|
|
|
|
|
|
|
|
|
|
$filters = gridParseFiltersFromSchemaFile(__DIR__ . '/filter-schema.php');
|
|
|
|
|
|
|
|
|
|
$result = app(SystemAuditService::class)->listPaged($filters);
|
|
|
|
|
|
|
|
|
|
$rows = [];
|
|
|
|
|
foreach ((array) ($result['rows'] ?? []) as $row) {
|
|
|
|
|
$outcome = SystemAuditOutcome::normalizeOr((string) ($row['outcome'] ?? ''), SystemAuditOutcome::Success);
|
|
|
|
|
$channel = SystemAuditChannel::normalizeOr((string) ($row['channel'] ?? ''), SystemAuditChannel::Web);
|
|
|
|
|
|
|
|
|
|
$actorLabel = trim((string) ($row['actor_user_display_name'] ?? ''));
|
|
|
|
|
if ($actorLabel === '') {
|
|
|
|
|
$actorLabel = trim((string) ($row['actor_user_email'] ?? ''));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$rows[] = [
|
|
|
|
|
'id' => (int) ($row['id'] ?? 0),
|
|
|
|
|
'created_at' => dt((string) ($row['created_at'] ?? '')),
|
|
|
|
|
'event_type' => (string) ($row['event_type'] ?? ''),
|
|
|
|
|
'outcome' => $outcome->value,
|
|
|
|
|
'outcome_badge' => $outcome->badgeVariant(),
|
|
|
|
|
'outcome_label' => t($outcome->labelToken()),
|
|
|
|
|
'channel' => strtoupper($channel->labelToken()),
|
|
|
|
|
'actor_user_id' => (int) ($row['actor_user_id'] ?? 0),
|
|
|
|
|
'actor_user_uuid' => (string) ($row['actor_user_uuid'] ?? ''),
|
|
|
|
|
'actor_user_label' => $actorLabel !== '' ? $actorLabel : '-',
|
|
|
|
|
'target_type' => (string) ($row['target_type'] ?? ''),
|
|
|
|
|
'target_uuid' => (string) ($row['target_uuid'] ?? ''),
|
|
|
|
|
'request_id' => (string) ($row['request_id'] ?? ''),
|
|
|
|
|
'error_code' => (string) ($row['error_code'] ?? ''),
|
|
|
|
|
];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
gridJsonDataResult($rows, (int) ($result['total'] ?? 0));
|