feat(audit): harden API audit log redaction and schema
- Change query_json column from TEXT to JSON, ip/user_agent to CHAR(64) for PII redaction compliance - Update repository, service, and views for hardened schema - Add architecture contract test for security logging redaction - Add search resource provider test coverage - Include DB migration script for existing installs Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -42,6 +42,16 @@ class AuditSearchResourceProviderTest extends TestCase
|
||||
$this->assertSame('audit.system.view', $resources['system-audit']['permission']);
|
||||
}
|
||||
|
||||
public function testApiAuditSearchSqlIncludesUserAgentHashField(): void
|
||||
{
|
||||
$resources = $this->provider->resources();
|
||||
$apiAudit = $resources['api-audit'];
|
||||
|
||||
$this->assertStringContainsString('user_agent like ?', $apiAudit['count_sql']);
|
||||
$this->assertStringContainsString('user_agent like ?', $apiAudit['preview_sql']);
|
||||
$this->assertStringContainsString('user_agent like ?', $apiAudit['result_sql']);
|
||||
}
|
||||
|
||||
public function testMapApiAuditItem(): void
|
||||
{
|
||||
$row = [
|
||||
|
||||
Reference in New Issue
Block a user