Full management surfaces for the platform-admin tenant, mirroring the existing Tenants pattern (DataTable + row actions + create/edit dialogs + ConfirmDialog for destructive ops, all data-action tagged for the command bus, useRegisterAdminContext publishing for the assistant). - Storage (/storage): backends + credentials. Write-only secret fields, Validate/Activate/Deactivate/Set-default/Mark-degraded/Maintenance. - Users (/users): tabs for Users, Invitations, Roles. Per-user View drawer with profile, role add/remove, API keys (one-time reveal on create), usage + quota. - Secrets (/secrets): /api/v1/admin/secrets — create/rotate/rollback, versions dialog, enable/disable, generate-value helper. - Webhooks (/webhooks): CRUD, pause/resume, regenerate-secret with one-time reveal, send test event, deliveries dialog. - Scheduled tasks (/scheduled-tasks): cron CRUD, run-now trigger, enable/disable, expandable run history. - Audit log (/activity): replaces the empty stub. Filter by severity, resource type, date range; click for full JSON detail. All endpoints are hand-rolled HTTP because most aren't covered by the generated OpenAPI typed paths yet — switch to arcadia.typed.* when the backend wires them into OpenApiSpex. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
77 lines
1.9 KiB
TypeScript
77 lines
1.9 KiB
TypeScript
// Audit log + observability helpers.
|
|
// All endpoints are read-only; the backend writes audit events itself.
|
|
|
|
import type { ArcadiaClient } from "@crema/arcadia-client"
|
|
|
|
export type AuditSeverity = "info" | "warning" | "error" | "critical" | string
|
|
|
|
export interface AuditUser {
|
|
id: string
|
|
email: string
|
|
name: string
|
|
}
|
|
|
|
export interface AuditLog {
|
|
id: string
|
|
tenant_id: string
|
|
user_id: string | null
|
|
user: AuditUser | null
|
|
action: string
|
|
resource_type: string
|
|
resource_id: string | null
|
|
changes: Record<string, unknown> | null
|
|
metadata: Record<string, unknown> | null
|
|
severity: AuditSeverity
|
|
ip_address: string | null
|
|
user_agent: string | null
|
|
inserted_at: string
|
|
}
|
|
|
|
export interface AuditListParams {
|
|
action?: string
|
|
resource_type?: string
|
|
severity?: AuditSeverity
|
|
user_id?: string
|
|
from?: string // ISO8601
|
|
to?: string
|
|
limit?: number
|
|
offset?: number
|
|
}
|
|
|
|
export interface AuditStats {
|
|
total: number
|
|
by_action: Record<string, number>
|
|
by_severity: Record<string, number>
|
|
by_resource_type: Record<string, number>
|
|
[key: string]: unknown
|
|
}
|
|
|
|
export async function listAuditLogs(
|
|
arcadia: ArcadiaClient,
|
|
params?: AuditListParams,
|
|
): Promise<AuditLog[]> {
|
|
const res = await arcadia.GET<{ data: AuditLog[] }>(
|
|
"/api/v1/observability/audit_logs",
|
|
{ params: params as Record<string, string | number | boolean | null | undefined> },
|
|
)
|
|
return res.data
|
|
}
|
|
|
|
export async function getAuditLog(arcadia: ArcadiaClient, id: string): Promise<AuditLog> {
|
|
const res = await arcadia.GET<{ data: AuditLog }>(
|
|
`/api/v1/observability/audit_logs/${id}`,
|
|
)
|
|
return res.data
|
|
}
|
|
|
|
export async function getAuditStats(
|
|
arcadia: ArcadiaClient,
|
|
params?: { from?: string; to?: string },
|
|
): Promise<AuditStats> {
|
|
const res = await arcadia.GET<{ data: AuditStats }>(
|
|
"/api/v1/observability/audit_stats",
|
|
{ params: params as Record<string, string | undefined> },
|
|
)
|
|
return res.data
|
|
}
|