Files
arcadia-admin/app/lib/arcadia/audit-logs.ts
jules a907e25a7c Add Storage, Users, Secrets, Webhooks, Scheduled tasks, Audit log screens
Full management surfaces for the platform-admin tenant, mirroring the
existing Tenants pattern (DataTable + row actions + create/edit dialogs +
ConfirmDialog for destructive ops, all data-action tagged for the
command bus, useRegisterAdminContext publishing for the assistant).

- Storage (/storage): backends + credentials. Write-only secret fields,
  Validate/Activate/Deactivate/Set-default/Mark-degraded/Maintenance.
- Users (/users): tabs for Users, Invitations, Roles. Per-user View
  drawer with profile, role add/remove, API keys (one-time reveal on
  create), usage + quota.
- Secrets (/secrets): /api/v1/admin/secrets — create/rotate/rollback,
  versions dialog, enable/disable, generate-value helper.
- Webhooks (/webhooks): CRUD, pause/resume, regenerate-secret with
  one-time reveal, send test event, deliveries dialog.
- Scheduled tasks (/scheduled-tasks): cron CRUD, run-now trigger,
  enable/disable, expandable run history.
- Audit log (/activity): replaces the empty stub. Filter by severity,
  resource type, date range; click for full JSON detail.

All endpoints are hand-rolled HTTP because most aren't covered by the
generated OpenAPI typed paths yet — switch to arcadia.typed.* when the
backend wires them into OpenApiSpex.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-01 22:50:09 +10:00

77 lines
1.9 KiB
TypeScript

// Audit log + observability helpers.
// All endpoints are read-only; the backend writes audit events itself.
import type { ArcadiaClient } from "@crema/arcadia-client"
export type AuditSeverity = "info" | "warning" | "error" | "critical" | string
export interface AuditUser {
id: string
email: string
name: string
}
export interface AuditLog {
id: string
tenant_id: string
user_id: string | null
user: AuditUser | null
action: string
resource_type: string
resource_id: string | null
changes: Record<string, unknown> | null
metadata: Record<string, unknown> | null
severity: AuditSeverity
ip_address: string | null
user_agent: string | null
inserted_at: string
}
export interface AuditListParams {
action?: string
resource_type?: string
severity?: AuditSeverity
user_id?: string
from?: string // ISO8601
to?: string
limit?: number
offset?: number
}
export interface AuditStats {
total: number
by_action: Record<string, number>
by_severity: Record<string, number>
by_resource_type: Record<string, number>
[key: string]: unknown
}
export async function listAuditLogs(
arcadia: ArcadiaClient,
params?: AuditListParams,
): Promise<AuditLog[]> {
const res = await arcadia.GET<{ data: AuditLog[] }>(
"/api/v1/observability/audit_logs",
{ params: params as Record<string, string | number | boolean | null | undefined> },
)
return res.data
}
export async function getAuditLog(arcadia: ArcadiaClient, id: string): Promise<AuditLog> {
const res = await arcadia.GET<{ data: AuditLog }>(
`/api/v1/observability/audit_logs/${id}`,
)
return res.data
}
export async function getAuditStats(
arcadia: ArcadiaClient,
params?: { from?: string; to?: string },
): Promise<AuditStats> {
const res = await arcadia.GET<{ data: AuditStats }>(
"/api/v1/observability/audit_stats",
{ params: params as Record<string, string | undefined> },
)
return res.data
}