tech/tanabata
1
1
Fork 0
Code Pull Requests Actions Releases Activity

feat(backend): audit event for pool file reordering
deploy / deploy (push) Successful in 59s
Details

Browse Source 
Reorder was the only pool-file operation that didn't record an audit
entry, unlike AddFiles (file_pool_add) and RemoveFiles
(file_pool_remove). Log file_pool_reorder on success and seed the new
action type.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
Masahiko AMANO
2026-06-16 14:04:41 +03:00
parent 47d9cae15b
commit 432b2d5b1e
2 changed files with 7 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
backend/internal/service/pool_service.go
+6 -1
View File
@@ -247,5 +247,10 @@ func (s *PoolService) Reorder(ctx context.Context, poolID uuid.UUID, fileIDs []u
if err := s.authorizeEdit(ctx, poolID); err != nil { if err := s.authorizeEdit(ctx, poolID); err != nil {
return err return err
} }
return s.pools.Reorder(ctx, poolID, fileIDs) if err := s.pools.Reorder(ctx, poolID, fileIDs); err != nil {
return err
}
objType := poolObjectType
_ = s.audit.Log(ctx, "file_pool_reorder", &objType, &poolID, map[string]any{"count": len(fileIDs)})
return nil
} }
backend/migrations/007_seed_data.sql
+1 -1
View File
@@ -30,7 +30,7 @@ INSERT INTO activity.action_types (name) VALUES
('pool_create'), ('pool_edit'), ('pool_delete'), ('pool_create'), ('pool_edit'), ('pool_delete'),
-- Relations -- Relations
('file_tag_add'), ('file_tag_remove'), ('file_tag_add'), ('file_tag_remove'),
('file_pool_add'), ('file_pool_remove'), ('file_pool_add'), ('file_pool_remove'), ('file_pool_reorder'),
-- ACL -- ACL
('acl_change'), ('acl_change'),
-- Admin -- Admin