| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950 |
- from fastapi import APIRouter, Depends, HTTPException, Query
- from typing import List, Optional
- import db
- import auth_utils
- router = APIRouter(prefix="/admin", tags=["admin"])
- @router.get("/audit-logs")
- async def get_audit_logs(
- page: int = Query(1, ge=1),
- size: int = Query(50, ge=1, le=100),
- action: Optional[str] = None,
- token: str = Depends(auth_utils.oauth2_scheme)
- ):
- payload = auth_utils.decode_token(token)
- if not payload or payload.get("role") != 'admin':
- raise HTTPException(status_code=403, detail="Admin role required")
-
- offset = (page - 1) * size
-
- query = """
- SELECT a.*, u.email as user_email
- FROM audit_logs a
- LEFT JOIN users u ON a.user_id = u.id
- """
- params = []
-
- if action:
- query += " WHERE a.action = %s"
- params.append(action)
-
- query += " ORDER BY a.created_at DESC LIMIT %s OFFSET %s"
- params.extend([size, offset])
-
- logs = db.execute_query(query, tuple(params))
-
- # Total count for pagination
- count_query = "SELECT COUNT(*) as total FROM audit_logs"
- if action:
- count_query += " WHERE action = %s"
- total = db.execute_query(count_query, (action,))
- else:
- total = db.execute_query(count_query)
-
- return {
- "logs": logs,
- "total": total[0]['total'],
- "page": page,
- "size": size
- }
|
