roof/pic
1
0
Fork 0
Code Issues Pull Requests Actions Wiki Activity

feat: audit/change log — owner-visible record of who changed what
Unit Tests / test (push) Successful in 12m47s
Details

Browse Source 
Add AuditManager (api/audit_manager.py): JSONL append-only log at
data/api/audit/audit.log with SHA-256 hash chain for tamper detection,
verify endpoint, size-based rotation, and automatic redaction of secret
fields before any entry is written. Supports structured query (actor,
action, date range) and CSV export.

Wire an @app.after_request hook in app.py that fires on every mutating
/api/* request: captures actor, role, remote IP, and maps the route +
method to a human-readable action via ROUTE_ACTION_MAP. Explicit audit
entries for password_change and password_reset are added in
auth_routes.py so those events record the actor without logging secret
values.

Expose an admin-only blueprint (api/routes/audit.py):
  GET /api/audit          — paginated query
  GET /api/audit/export   — CSV download
  GET /api/audit/verify   — hash-chain integrity check

Register AuditManager in managers.py and add api/audit to
config_manager.py critical_data_paths so it is included in backups and
restored with other persistent state.

Add Activity page (webui/src/pages/Activity.jsx, admin-only) reachable
from the nav in App.jsx. New auditAPI helper in api.js covers all three
endpoints.

Tests: test_audit_manager.py (unit: hash chain, redaction, rotation,
query, csv, verify) and test_audit_hook_routes.py (integration: hook
fires on mutating routes, skips safe methods, records actor/ip/action,
backup-inclusion assertion).

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
This commit is contained in:
Dmitrii Iurco
2026-06-10 20:19:38 -04:00
parent 13074f56cb
commit 8b50fb1036
12 changed files with 1246 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
api/config_manager.py
+4 -1
View File
@@ -520,6 +520,8 @@ class ConfigManager:
'api/peer_service_credentials.json',
'api/cell_links.json',
'api/ddns_token',
# Append-only audit trail (who changed what) + rotated segments
'api/audit',
# WireGuard key material (server + peers) and live confs
'wireguard/keys',
'wireguard/wg_confs',
@@ -688,8 +690,9 @@ class ConfigManager:
for rel in ('api/peers.json', 'api/peer_service_credentials.json'):
self._restore_data_path(backup_path, rel)
# (4) Cell-to-cell links / permissions
# (4) Cell-to-cell links / permissions + audit trail
self._restore_data_path(backup_path, 'api/cell_links.json')
self._restore_data_path(backup_path, 'api/audit')
# (5) Caddy issued certs/ACME, DNS Corefile + zones (generated files are
# reapplied below, but restoring them gives a correct starting point).