fix(audit-log): credential-set org IDs, workspace deletion FK, actorId fallback, string literal action

This commit is contained in:
waleed
2026-02-17 23:52:16 -08:00
parent 7e394ad616
commit 4eb4fe76b6
7 changed files with 13 additions and 10 deletions

View File

@@ -177,7 +177,7 @@ export async function POST(req: NextRequest, { params }: { params: Promise<{ id:
})
recordAudit({
workspaceId: result.set.organizationId,
workspaceId: null,
actorId: session.user.id,
action: AuditAction.CREDENTIAL_SET_INVITATION_CREATED,
resourceType: AuditResourceType.CREDENTIAL_SET,
@@ -250,7 +250,7 @@ export async function DELETE(req: NextRequest, { params }: { params: Promise<{ i
)
recordAudit({
workspaceId: result.set.organizationId,
workspaceId: null,
actorId: session.user.id,
action: AuditAction.CREDENTIAL_SET_INVITATION_REVOKED,
resourceType: AuditResourceType.CREDENTIAL_SET,

View File

@@ -179,7 +179,7 @@ export async function DELETE(req: NextRequest, { params }: { params: Promise<{ i
})
recordAudit({
workspaceId: result.set.organizationId,
workspaceId: null,
actorId: session.user.id,
action: AuditAction.CREDENTIAL_SET_MEMBER_REMOVED,
resourceType: AuditResourceType.CREDENTIAL_SET,

View File

@@ -133,7 +133,7 @@ export async function PUT(req: NextRequest, { params }: { params: Promise<{ id:
const [updated] = await db.select().from(credentialSet).where(eq(credentialSet.id, id)).limit(1)
recordAudit({
workspaceId: result.set.organizationId,
workspaceId: null,
actorId: session.user.id,
action: AuditAction.CREDENTIAL_SET_UPDATED,
resourceType: AuditResourceType.CREDENTIAL_SET,
@@ -190,7 +190,7 @@ export async function DELETE(req: NextRequest, { params }: { params: Promise<{ i
logger.info('Deleted credential set', { credentialSetId: id, userId: session.user.id })
recordAudit({
workspaceId: result.set.organizationId,
workspaceId: null,
actorId: session.user.id,
action: AuditAction.CREDENTIAL_SET_DELETED,
resourceType: AuditResourceType.CREDENTIAL_SET,

View File

@@ -167,7 +167,7 @@ export async function POST(req: Request) {
})
recordAudit({
workspaceId: organizationId,
workspaceId: null,
actorId: session.user.id,
action: AuditAction.CREDENTIAL_SET_CREATED,
resourceType: AuditResourceType.CREDENTIAL_SET,

View File

@@ -18,7 +18,7 @@ import { and, eq } from 'drizzle-orm'
import { type NextRequest, NextResponse } from 'next/server'
import { z } from 'zod'
import { getEmailSubject, renderInvitationEmail } from '@/components/emails'
import { AuditResourceType, recordAudit } from '@/lib/audit/log'
import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
import { getSession } from '@/lib/auth'
import { hasAccessControlAccess } from '@/lib/billing'
import { syncUsageLimitsFromSubscription } from '@/lib/billing/core/usage'
@@ -556,7 +556,10 @@ export async function PUT(
recordAudit({
workspaceId: null,
actorId: session.user.id,
action: status === 'accepted' ? 'org_invitation.accepted' : 'org_invitation.updated',
action:
status === 'accepted'
? AuditAction.ORG_INVITATION_ACCEPTED
: AuditAction.ORG_INVITATION_UPDATED,
resourceType: AuditResourceType.ORGANIZATION,
resourceId: organizationId,
actorName: session.user.name ?? undefined,

View File

@@ -341,7 +341,7 @@ export async function DELETE(
recordAudit({
workspaceId: workflowData?.workspaceId || null,
actorId: session?.user?.id || '',
actorId: session!.user.id,
actorName: session?.user?.name,
actorEmail: session?.user?.email,
action: AuditAction.WORKFLOW_UNDEPLOYED,

View File

@@ -283,7 +283,7 @@ export async function DELETE(
})
recordAudit({
workspaceId,
workspaceId: null,
actorId: session.user.id,
actorName: session.user.name,
actorEmail: session.user.email,