app-service/backend/app/models/audit_log.py

"""Audit log database model for tracking user actions."""

import uuid
from sqlalchemy import Column, String, Text, ForeignKey, Index
from sqlalchemy.sql import func
from sqlalchemy.types import DateTime

from app.db.base import Base


class AuditLog(Base):
    """Audit log model for tracking user actions and system events."""

    __tablename__ = "audit_logs"

    id = Column(String(36), primary_key=True, default=lambda: str(uuid.uuid4()))

    # Who performed the action
    user_id = Column(String(36), ForeignKey("users.id", ondelete="SET NULL"), nullable=True, index=True)
    username = Column(String(100), nullable=True)  # Stored for history even if user deleted

    # What action was performed
    action = Column(String(50), nullable=False, index=True)  # login, logout, create, update, delete, etc.
    resource_type = Column(String(50), nullable=True, index=True)  # user, setting, api_key, etc.
    resource_id = Column(String(255), nullable=True)  # ID of affected resource

    # Additional details
    details = Column(Text, nullable=True)  # JSON string with extra info

    # Request context
    ip_address = Column(String(45), nullable=True)  # IPv6 max length
    user_agent = Column(String(500), nullable=True)

    # Status
    status = Column(String(20), default="success")  # success, failure, error

    # Timestamp
    created_at = Column(DateTime, server_default=func.now(), nullable=False, index=True)

    # Composite indexes for common queries
    __table_args__ = (
        Index('ix_audit_user_action', 'user_id', 'action'),
        Index('ix_audit_resource', 'resource_type', 'resource_id'),
        Index('ix_audit_created_at_desc', created_at.desc()),
    )

    def __repr__(self):
        return f"<AuditLog(id={self.id}, user={self.username}, action={self.action})>"