from datetime import datetime from fastapi import APIRouter, Depends, Query from sqlalchemy.orm import Session from app.api.deps import get_current_user, get_db from app.api.permissions import require_read from app.models.permission_audit_log import PermissionAuditLog from app.models.user import User from common_logging import get_logger router = APIRouter() logger = get_logger(__name__) @router.get("/audit-logs", dependencies=[Depends(require_read("audit_logs"))]) def get_audit_logs( user_id: int | None = Query(None), action_type: str | None = Query(None), resource: str | None = Query(None), start_date: datetime | None = Query(None), end_date: datetime | None = Query(None), skip: int = Query(0, ge=0), limit: int = Query(100, ge=1, le=1000), db: Session = Depends(get_db), current_user: User = Depends(get_current_user), ): query = db.query(PermissionAuditLog).filter( not PermissionAuditLog.is_deleted, PermissionAuditLog.tenant_id == current_user.tenant_id, ) if user_id: query = query.filter(PermissionAuditLog.user_id == user_id) if action_type: query = query.filter(PermissionAuditLog.action_type == action_type) if resource: query = query.filter(PermissionAuditLog.resource == resource) if start_date: query = query.filter(PermissionAuditLog.created_at >= start_date) if end_date: query = query.filter(PermissionAuditLog.created_at <= end_date) total = query.count() logs = query.order_by(PermissionAuditLog.created_at.desc()).offset(skip).limit(limit).all() logger.bind(tenant_id=current_user.tenant_id, user_id=current_user.id).info("Audit logs queried") return { "total": total, "items": [ { "id": log.id, "action_type": log.action_type, "user_id": log.user_id, "tenant_id": log.tenant_id, "resource": log.resource, "action": log.action, "role_id": log.role_id, "result": log.result, "ip_address": log.ip_address, "request_path": log.request_path, "created_at": log.created_at, } for log in logs ], }