@fuzdev/fuz_app 0.57.1 → 0.57.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/auth/audit_log_queries.d.ts.map +1 -1
- package/dist/auth/audit_log_queries.js +25 -8
- package/dist/ui/AdminAuditLog.svelte +13 -4
- package/dist/ui/AdminAuditLog.svelte.d.ts.map +1 -1
- package/dist/ui/AdminRoleGrantHistory.svelte +7 -2
- package/dist/ui/AdminRoleGrantHistory.svelte.d.ts.map +1 -1
- package/package.json +1 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"audit_log_queries.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/auth/audit_log_queries.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,KAAK,EAAC,SAAS,EAAC,MAAM,qBAAqB,CAAC;AAEnD,OAAO,EAGN,KAAK,cAAc,EACnB,KAAK,aAAa,EAClB,KAAK,aAAa,EAClB,KAAK,mBAAmB,EACxB,KAAK,8BAA8B,EACnC,KAAK,yBAAyB,EAC9B,MAAM,uBAAuB,CAAC;AAa/B,iFAAiF;AACjF,eAAO,MAAM,sCAAsC,QAAO,MACvB,CAAC;AAEpC,0CAA0C;AAC1C,eAAO,MAAM,wCAAwC,QAAO,IAE3D,CAAC;AAYF,gFAAgF;AAChF,eAAO,MAAM,qCAAqC,QAAO,MACvB,CAAC;AAEnC,0CAA0C;AAC1C,eAAO,MAAM,uCAAuC,QAAO,IAE1D,CAAC;AAEF;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,eAAO,MAAM,eAAe,GAAU,CAAC,SAAS,MAAM,EACrD,MAAM,SAAS,EACf,OAAO,aAAa,CAAC,CAAC,CAAC,EACvB,SAAQ,cAAyC,KAC/C,OAAO,CAAC,aAAa,CAoCvB,CAAC;AAEF;;;;;;GAMG;AACH,eAAO,MAAM,oBAAoB,GAChC,MAAM,SAAS,EACf,UAAU,mBAAmB,KAC3B,OAAO,CAAC,KAAK,CAAC,aAAa,CAAC,CAwC9B,CAAC;AAEF;;;;;;GAMG;AACH,eAAO,MAAM,mCAAmC,GAC/C,MAAM,SAAS,EACf,UAAU,mBAAmB,KAC3B,OAAO,CAAC,KAAK,CAAC,8BAA8B,CAAC,
|
|
1
|
+
{"version":3,"file":"audit_log_queries.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/auth/audit_log_queries.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,KAAK,EAAC,SAAS,EAAC,MAAM,qBAAqB,CAAC;AAEnD,OAAO,EAGN,KAAK,cAAc,EACnB,KAAK,aAAa,EAClB,KAAK,aAAa,EAClB,KAAK,mBAAmB,EACxB,KAAK,8BAA8B,EACnC,KAAK,yBAAyB,EAC9B,MAAM,uBAAuB,CAAC;AAa/B,iFAAiF;AACjF,eAAO,MAAM,sCAAsC,QAAO,MACvB,CAAC;AAEpC,0CAA0C;AAC1C,eAAO,MAAM,wCAAwC,QAAO,IAE3D,CAAC;AAYF,gFAAgF;AAChF,eAAO,MAAM,qCAAqC,QAAO,MACvB,CAAC;AAEnC,0CAA0C;AAC1C,eAAO,MAAM,uCAAuC,QAAO,IAE1D,CAAC;AAEF;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,eAAO,MAAM,eAAe,GAAU,CAAC,SAAS,MAAM,EACrD,MAAM,SAAS,EACf,OAAO,aAAa,CAAC,CAAC,CAAC,EACvB,SAAQ,cAAyC,KAC/C,OAAO,CAAC,aAAa,CAoCvB,CAAC;AAEF;;;;;;GAMG;AACH,eAAO,MAAM,oBAAoB,GAChC,MAAM,SAAS,EACf,UAAU,mBAAmB,KAC3B,OAAO,CAAC,KAAK,CAAC,aAAa,CAAC,CAwC9B,CAAC;AAEF;;;;;;GAMG;AACH,eAAO,MAAM,mCAAmC,GAC/C,MAAM,SAAS,EACf,UAAU,mBAAmB,KAC3B,OAAO,CAAC,KAAK,CAAC,8BAA8B,CAAC,CAwD/C,CAAC;AAEF;;;;;;;GAOG;AACH,eAAO,MAAM,uCAAuC,GACnD,MAAM,SAAS,EACf,cAA+B,EAC/B,eAAU,KACR,OAAO,CAAC,KAAK,CAAC,yBAAyB,CAAC,CAmB1C,CAAC;AAEF;;;;;;;GAOG;AACH,eAAO,MAAM,8BAA8B,GAC1C,MAAM,SAAS,EACf,QAAQ,IAAI,KACV,OAAO,CAAC,MAAM,CAMhB,CAAC"}
|
|
@@ -169,12 +169,22 @@ export const query_audit_log_list_with_usernames = async (deps, options) => {
|
|
|
169
169
|
const where = conditions.length > 0 ? `WHERE ${conditions.join(' AND ')}` : '';
|
|
170
170
|
const limit = options?.limit ?? AUDIT_LOG_DEFAULT_LIMIT;
|
|
171
171
|
const offset = options?.offset ?? 0;
|
|
172
|
+
// Chain through `actor` when `actor_id` / `target_actor_id` is set (audit
|
|
173
|
+
// events stamped post-Stage-4), falling back to the direct
|
|
174
|
+
// `account_id` / `target_account_id` JOIN for events whose principal
|
|
175
|
+
// has no actor binding (admin password reset, session revoke, etc.).
|
|
176
|
+
// Under v1 1:1 the two branches resolve to the same username; the
|
|
177
|
+
// chain is forensic future-proofing for N:1 multi-actor.
|
|
172
178
|
return deps.db.query(`SELECT al.*,
|
|
173
|
-
|
|
174
|
-
|
|
179
|
+
COALESCE(origin_act_acc.username, origin_acc.username) AS username,
|
|
180
|
+
COALESCE(target_act_acc.username, target_acc.username) AS target_username
|
|
175
181
|
FROM audit_log al
|
|
176
|
-
LEFT JOIN
|
|
177
|
-
LEFT JOIN account
|
|
182
|
+
LEFT JOIN actor origin_act ON origin_act.id = al.actor_id
|
|
183
|
+
LEFT JOIN account origin_act_acc ON origin_act_acc.id = origin_act.account_id
|
|
184
|
+
LEFT JOIN account origin_acc ON origin_acc.id = al.account_id
|
|
185
|
+
LEFT JOIN actor target_act ON target_act.id = al.target_actor_id
|
|
186
|
+
LEFT JOIN account target_act_acc ON target_act_acc.id = target_act.account_id
|
|
187
|
+
LEFT JOIN account target_acc ON target_acc.id = al.target_account_id
|
|
178
188
|
${where} ORDER BY al.seq DESC LIMIT $${param_index++} OFFSET $${param_index}`, [...params, limit, offset]);
|
|
179
189
|
};
|
|
180
190
|
/**
|
|
@@ -186,12 +196,19 @@ export const query_audit_log_list_with_usernames = async (deps, options) => {
|
|
|
186
196
|
* @returns role_grant history events with `username` and `target_username`
|
|
187
197
|
*/
|
|
188
198
|
export const query_audit_log_list_role_grant_history = async (deps, limit = AUDIT_LOG_DEFAULT_LIMIT, offset = 0) => {
|
|
199
|
+
// Same actor-chained JOIN as `query_audit_log_list_with_usernames` —
|
|
200
|
+
// see the comment there for rationale (forensic future-proofing for
|
|
201
|
+
// N:1 multi-actor; v1 1:1 picks the same username via either branch).
|
|
189
202
|
return deps.db.query(`SELECT al.*,
|
|
190
|
-
|
|
191
|
-
|
|
203
|
+
COALESCE(origin_act_acc.username, origin_acc.username) AS username,
|
|
204
|
+
COALESCE(target_act_acc.username, target_acc.username) AS target_username
|
|
192
205
|
FROM audit_log al
|
|
193
|
-
LEFT JOIN
|
|
194
|
-
LEFT JOIN account
|
|
206
|
+
LEFT JOIN actor origin_act ON origin_act.id = al.actor_id
|
|
207
|
+
LEFT JOIN account origin_act_acc ON origin_act_acc.id = origin_act.account_id
|
|
208
|
+
LEFT JOIN account origin_acc ON origin_acc.id = al.account_id
|
|
209
|
+
LEFT JOIN actor target_act ON target_act.id = al.target_actor_id
|
|
210
|
+
LEFT JOIN account target_act_acc ON target_act_acc.id = target_act.account_id
|
|
211
|
+
LEFT JOIN account target_acc ON target_acc.id = al.target_account_id
|
|
195
212
|
WHERE al.event_type IN ('role_grant_create', 'role_grant_revoke')
|
|
196
213
|
ORDER BY al.seq DESC LIMIT $1 OFFSET $2`, [limit, offset]);
|
|
197
214
|
};
|
|
@@ -58,12 +58,17 @@
|
|
|
58
58
|
load();
|
|
59
59
|
};
|
|
60
60
|
|
|
61
|
+
// Primary identity is actor-grain (`actor_id` / `target_actor_id`,
|
|
62
|
+
// Stage 4 columns); falls back to the account-grain pair for events
|
|
63
|
+
// whose principal has no actor binding (admin verbs). The username
|
|
64
|
+
// resolver in the query chains the same fallback, so the displayed
|
|
65
|
+
// label is identical under v1 1:1.
|
|
61
66
|
const columns: Array<DatatableColumn<AuditLogEventWithUsernamesJson>> = [
|
|
62
67
|
{key: 'created_at', label: 'time', width: 100},
|
|
63
68
|
{key: 'event_type', label: 'event', width: 200},
|
|
64
69
|
{key: 'outcome', label: 'outcome', width: 100},
|
|
65
|
-
{key: '
|
|
66
|
-
{key: '
|
|
70
|
+
{key: 'actor_id', label: 'actor', width: 130},
|
|
71
|
+
{key: 'target_actor_id', label: 'target', width: 130},
|
|
67
72
|
{key: 'ip', label: 'ip', width: 130},
|
|
68
73
|
{key: 'metadata', label: 'metadata', width: 200},
|
|
69
74
|
];
|
|
@@ -114,20 +119,24 @@
|
|
|
114
119
|
>
|
|
115
120
|
{row.outcome}
|
|
116
121
|
</span>
|
|
117
|
-
{:else if column.key === '
|
|
122
|
+
{:else if column.key === 'actor_id'}
|
|
118
123
|
<span class="text_50">
|
|
119
124
|
{#if row.username}
|
|
120
125
|
{row.username}
|
|
126
|
+
{:else if row.actor_id}
|
|
127
|
+
{truncate_uuid(row.actor_id)}
|
|
121
128
|
{:else if row.account_id}
|
|
122
129
|
{truncate_uuid(row.account_id)}
|
|
123
130
|
{:else}
|
|
124
131
|
-
|
|
125
132
|
{/if}
|
|
126
133
|
</span>
|
|
127
|
-
{:else if column.key === '
|
|
134
|
+
{:else if column.key === 'target_actor_id'}
|
|
128
135
|
<span class="text_50">
|
|
129
136
|
{#if row.target_username}
|
|
130
137
|
{row.target_username}
|
|
138
|
+
{:else if row.target_actor_id}
|
|
139
|
+
{truncate_uuid(row.target_actor_id)}
|
|
131
140
|
{:else if row.target_account_id}
|
|
132
141
|
{truncate_uuid(row.target_account_id)}
|
|
133
142
|
{:else}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"AdminAuditLog.svelte.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/ui/AdminAuditLog.svelte"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"AdminAuditLog.svelte.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/ui/AdminAuditLog.svelte"],"names":[],"mappings":"AAyKA,QAAA,MAAM,aAAa,2DAAwC,CAAC;AAC5D,KAAK,aAAa,GAAG,UAAU,CAAC,OAAO,aAAa,CAAC,CAAC;AACtD,eAAe,aAAa,CAAC"}
|
|
@@ -72,10 +72,15 @@
|
|
|
72
72
|
{/if}
|
|
73
73
|
{/if}
|
|
74
74
|
{:else if column.key === 'username'}
|
|
75
|
-
|
|
75
|
+
<!-- Prefer actor-grain id in the truncated fallback; account is
|
|
76
|
+
the second fallback for events with no actor binding. -->
|
|
77
|
+
<span class="text_50"
|
|
78
|
+
>{row.username ?? truncate_uuid(row.actor_id ?? row.account_id ?? '?')}</span
|
|
79
|
+
>
|
|
76
80
|
{:else if column.key === 'target_username'}
|
|
77
81
|
<span class="text_50"
|
|
78
|
-
>{row.target_username ??
|
|
82
|
+
>{row.target_username ??
|
|
83
|
+
truncate_uuid(row.target_actor_id ?? row.target_account_id ?? '?')}</span
|
|
79
84
|
>
|
|
80
85
|
{:else if column.key === 'created_at'}
|
|
81
86
|
<span title={format_datetime_local(row.created_at)}>
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"AdminRoleGrantHistory.svelte.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/ui/AdminRoleGrantHistory.svelte"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"AdminRoleGrantHistory.svelte.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/ui/AdminRoleGrantHistory.svelte"],"names":[],"mappings":"AAmGA,QAAA,MAAM,qBAAqB,2DAAwC,CAAC;AACpE,KAAK,qBAAqB,GAAG,UAAU,CAAC,OAAO,qBAAqB,CAAC,CAAC;AACtE,eAAe,qBAAqB,CAAC"}
|