28 lines
1.0 KiB
Python
28 lines
1.0 KiB
Python
from datetime import datetime
|
|
from app.extensions import db
|
|
|
|
|
|
class AuditLog(db.Model):
|
|
"""Immutable audit trail for all sensitive operations."""
|
|
__tablename__ = 'audit_log'
|
|
|
|
id = db.Column(db.Integer, primary_key=True)
|
|
|
|
table_name = db.Column(db.String(100), nullable=False)
|
|
record_id = db.Column(db.Integer, nullable=True)
|
|
action = db.Column(db.String(50), nullable=False) # create | update | delete | mask | assign | return | import
|
|
|
|
# JSON snapshots
|
|
old_values = db.Column(db.Text, nullable=True)
|
|
new_values = db.Column(db.Text, nullable=True)
|
|
|
|
performed_by_id = db.Column(db.Integer, db.ForeignKey('admin_users.id'), nullable=True)
|
|
performed_at = db.Column(db.DateTime, default=datetime.utcnow, nullable=False)
|
|
ip_address = db.Column(db.String(50), nullable=True)
|
|
description = db.Column(db.String(500), nullable=True)
|
|
|
|
performed_by = db.relationship('AdminUser', foreign_keys=[performed_by_id])
|
|
|
|
def __repr__(self):
|
|
return f'<AuditLog {self.action} on {self.table_name}#{self.record_id}>'
|