logaritmisk/biggus-dickus
1
0
Fork 0
Code Issues 17 Pull Requests Actions Packages Projects Releases Wiki Activity

Audit vocabulary/term/authority creation (admin writes currently unaudited) #21

New Issue
Closed
opened 2026-06-02 21:01:55 +00:00 by logaritmisk · 0 comments
logaritmisk commented 2026-06-02 21:01:55 +00:00
Owner
Copy Link
Copy Source

Context

The admin CRUD surface (merged to main at c4e0c4c) added write endpoints for controlled vocabularies, terms, and authority records:

  • POST /api/admin/vocabulariesdb::vocab::create_vocabulary
  • POST /api/admin/vocabularies/{id}/termsdb::vocab::add_term
  • POST /api/admin/authoritiesdb::authority::create_authority

Unlike catalogue object writes (which now record AuditActor::User(<real uuid>)), these three creation paths are not audited — the underlying db functions take no AuditActor argument, so there is no audit path to thread a user through.

This was a deliberate, documented MVP deferral (see docs/plans/2026-06-02-admin-crud.md → "Notes for follow-on plans"), not an oversight.

Task

  • Add an AuditActor parameter to db::vocab::create_vocabulary / add_term and db::authority::create_authority.
  • Record an audit entry on each (consistent with how object/user writes are audited).
  • Thread the authenticated user (actor(&auth.user)) through the three admin handlers in crates/api/src/admin_vocab.rs and crates/api/src/admin_authorities.rs.

Acceptance

  • Creating a vocabulary, term, or authority via the admin API writes an audit entry attributing the real acting user.
  • Existing tests stay green; add coverage asserting the audit row is written.
## Context The admin CRUD surface (merged to `main` at `c4e0c4c`) added write endpoints for controlled vocabularies, terms, and authority records: - `POST /api/admin/vocabularies` → `db::vocab::create_vocabulary` - `POST /api/admin/vocabularies/{id}/terms` → `db::vocab::add_term` - `POST /api/admin/authorities` → `db::authority::create_authority` Unlike catalogue **object** writes (which now record `AuditActor::User(<real uuid>)`), these three creation paths are **not audited** — the underlying `db` functions take no `AuditActor` argument, so there is no audit path to thread a user through. This was a deliberate, documented MVP deferral (see `docs/plans/2026-06-02-admin-crud.md` → "Notes for follow-on plans"), not an oversight. ## Task - Add an `AuditActor` parameter to `db::vocab::create_vocabulary` / `add_term` and `db::authority::create_authority`. - Record an audit entry on each (consistent with how object/user writes are audited). - Thread the authenticated user (`actor(&auth.user)`) through the three admin handlers in `crates/api/src/admin_vocab.rs` and `crates/api/src/admin_authorities.rs`. ## Acceptance - Creating a vocabulary, term, or authority via the admin API writes an audit entry attributing the real acting user. - Existing tests stay green; add coverage asserting the audit row is written.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
logaritmisk
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: logaritmisk/biggus-dickus#21
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?