payservedb 6.5.4 → 6.5.5

package/index.js

@@ -204,6 +204,8 @@ const models = {
   MasterWorkplan: require("./src/models/master_workplan"),
   MasterWorkplanChild: require("./src/models/master_workplan_child"),
   DutyRosterChecklist: require("./src/models/dutyRosterChecklist"),
+  AuditTrail: require("./src/models/auditTrail"),
+  // auditTrial
 };
 
 // Function to get models dynamically from a specific database connection

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "payservedb",
-  "version": "6.5.4",
+  "version": "6.5.5",
   "main": "index.js",
   "scripts": {
     "test": "echo \"Error: no test specified\" && exit 1"

package/src/models/auditTrail.js

@@ -0,0 +1,320 @@
+const mongoose = require("mongoose");
+
+// User details sub-schema (from JWT token)
+const userDetailsSchema = new mongoose.Schema(
+  {
+    userId: {
+      type: String,
+      required: true,
+    },
+    email: {
+      type: String,
+      required: true,
+    },
+    fullName: {
+      type: String,
+      required: true,
+    },
+    role: {
+      type: String,
+      required: true,
+    },
+    phoneNumber: {
+      type: String,
+      required: false,
+    },
+    facilityId: {
+      type: String,
+      required: false,
+    },
+    permissions: {
+      type: mongoose.Schema.Types.Mixed,
+      required: false,
+    },
+    tokenExpiry: {
+      type: Date,
+      required: false,
+    },
+    tokenIssued: {
+      type: Date,
+      required: false,
+    },
+  },
+  { _id: false }
+);
+
+// Main audit trail schema
+const auditTrailSchema = new mongoose.Schema(
+  {
+    // Basic request information
+    timestamp: {
+      type: Date,
+      required: true,
+      default: Date.now,
+    },
+    method: {
+      type: String,
+      enum: ["GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS", "HEAD"],
+      required: true,
+    },
+    url: {
+      type: String,
+      required: true,
+    },
+    ip_address: {
+      type: String,
+      required: true,
+    },
+    platform: {
+      type: String,
+      required: true,
+    },
+
+    // Authorization and user information
+    is_authorized: {
+      type: Boolean,
+      required: true,
+      default: false,
+    },
+    user_details: {
+      type: userDetailsSchema,
+      required: false,
+    },
+
+    // Device and browser information
+    browser: {
+      type: String,
+      required: true,
+      default: "unknown",
+    },
+    operating_system: {
+      type: String,
+      required: true,
+      default: "unknown",
+    },
+    device_type: {
+      type: String,
+      enum: ["desktop", "mobile", "tablet", "unknown"],
+      required: true,
+      default: "unknown",
+    },
+    user_agent: {
+      type: String,
+      required: false,
+    },
+
+    // Request data
+    request_data: {
+      type: mongoose.Schema.Types.Mixed,
+      required: false,
+    },
+    query_params: {
+      type: mongoose.Schema.Types.Mixed,
+      required: false,
+      default: {},
+    },
+    route_params: {
+      type: mongoose.Schema.Types.Mixed,
+      required: false,
+      default: {},
+    },
+
+    // Activity information
+    activity: {
+      type: String,
+      required: true,
+    },
+
+    // Method-specific data
+    previous_data: {
+      type: mongoose.Schema.Types.Mixed,
+      required: false,
+    },
+    deleted_data: {
+      type: mongoose.Schema.Types.Mixed,
+      required: false,
+    },
+
+    // Custom additional data
+    custom_data: {
+      type: mongoose.Schema.Types.Mixed,
+      required: false,
+    },
+
+    // Request tracking
+    request_id: {
+      type: String,
+      required: false,
+    },
+  },
+  {
+    timestamps: true,
+  }
+);
+
+// Pre-save middleware for data validation and cleanup
+auditTrailSchema.pre("save", function (next) {
+  // Ensure timestamp is set
+  if (!this.timestamp) {
+    this.timestamp = new Date();
+  }
+
+  // Validate that authorized requests have user details
+  if (this.is_authorized && !this.user_details) {
+    console.warn("Authorized request without user details detected");
+  }
+
+  // Ensure query_params and route_params are objects
+  if (!this.query_params || typeof this.query_params !== "object") {
+    this.query_params = {};
+  }
+  if (!this.route_params || typeof this.route_params !== "object") {
+    this.route_params = {};
+  }
+
+  // Set browser to unknown if not provided
+  if (!this.browser) {
+    this.browser = "unknown";
+  }
+
+  // Set operating_system to unknown if not provided
+  if (!this.operating_system) {
+    this.operating_system = "unknown";
+  }
+
+  next();
+});
+
+// Static methods for common queries
+auditTrailSchema.statics.findByUser = function (userId, startDate, endDate) {
+  const query = { "user_details.userId": userId };
+  if (startDate || endDate) {
+    query.timestamp = {};
+    if (startDate) query.timestamp.$gte = startDate;
+    if (endDate) query.timestamp.$lte = endDate;
+  }
+  return this.find(query).sort({ timestamp: -1 });
+};
+
+auditTrailSchema.statics.findByActivity = function (activity, limit = 100) {
+  return this.find({ activity: new RegExp(activity, "i") })
+    .sort({ timestamp: -1 })
+    .limit(limit);
+};
+
+auditTrailSchema.statics.findByFacility = function (facilityId, startDate, endDate) {
+  const query = { "route_params.facilityId": facilityId };
+  if (startDate || endDate) {
+    query.timestamp = {};
+    if (startDate) query.timestamp.$gte = startDate;
+    if (endDate) query.timestamp.$lte = endDate;
+  }
+  return this.find(query).sort({ timestamp: -1 });
+};
+
+auditTrailSchema.statics.findByAsset = function (assetId, startDate, endDate) {
+  const query = { "route_params.assetId": assetId };
+  if (startDate || endDate) {
+    query.timestamp = {};
+    if (startDate) query.timestamp.$gte = startDate;
+    if (endDate) query.timestamp.$lte = endDate;
+  }
+  return this.find(query).sort({ timestamp: -1 });
+};
+
+auditTrailSchema.statics.findByIP = function (ipAddress, startDate, endDate) {
+  const query = { ip_address: ipAddress };
+  if (startDate || endDate) {
+    query.timestamp = {};
+    if (startDate) query.timestamp.$gte = startDate;
+    if (endDate) query.timestamp.$lte = endDate;
+  }
+  return this.find(query).sort({ timestamp: -1 });
+};
+
+auditTrailSchema.statics.findByMethod = function (method, startDate, endDate) {
+  const query = { method: method.toUpperCase() };
+  if (startDate || endDate) {
+    query.timestamp = {};
+    if (startDate) query.timestamp.$gte = startDate;
+    if (endDate) query.timestamp.$lte = endDate;
+  }
+  return this.find(query).sort({ timestamp: -1 });
+};
+
+// Instance methods
+auditTrailSchema.methods.getActivityType = function () {
+  if (this.activity.includes("Create")) return "CREATE";
+  if (this.activity.includes("Update")) return "UPDATE";
+  if (this.activity.includes("Delete")) return "DELETE";
+  if (this.activity.includes("Login")) return "AUTH";
+  return "OTHER";
+};
+
+auditTrailSchema.methods.isSuccessful = function () {
+  return this.activity.includes("Success") || 
+         (!this.activity.includes("Failed") && 
+          !this.activity.includes("Error") && 
+          !this.activity.includes("Not Found"));
+};
+
+auditTrailSchema.methods.hasDataChanges = function () {
+  return !!(this.previous_data || this.deleted_data);
+};
+
+// Create indexes for efficient queries
+auditTrailSchema.index({ timestamp: -1 }); // Recent activities first
+auditTrailSchema.index({ "user_details.userId": 1, timestamp: -1 }); // User activity history
+auditTrailSchema.index({ "user_details.email": 1, timestamp: -1 }); // User by email
+auditTrailSchema.index({ ip_address: 1, timestamp: -1 }); // IP-based queries
+auditTrailSchema.index({ method: 1, timestamp: -1 }); // Method-based queries
+auditTrailSchema.index({ activity: 1, timestamp: -1 }); // Activity-based queries
+auditTrailSchema.index({ platform: 1, timestamp: -1 }); // Platform-based queries
+auditTrailSchema.index({ "route_params.facilityId": 1, timestamp: -1 }); // Facility-based queries
+auditTrailSchema.index({ "route_params.assetId": 1, timestamp: -1 }); // Asset-based queries
+auditTrailSchema.index({ is_authorized: 1, timestamp: -1 }); // Authorization status
+auditTrailSchema.index({ device_type: 1, timestamp: -1 }); // Device type queries
+auditTrailSchema.index({ browser: 1, timestamp: -1 }); // Browser-based queries
+
+// Compound indexes for common query patterns
+auditTrailSchema.index({ "user_details.userId": 1, activity: 1, timestamp: -1 }); // User + activity
+auditTrailSchema.index({ "route_params.facilityId": 1, method: 1, timestamp: -1 }); // Facility + method
+auditTrailSchema.index({ ip_address: 1, "user_details.userId": 1, timestamp: -1 }); // IP + user correlation
+
+// Text search index for searching activities and user details
+auditTrailSchema.index({
+  activity: "text",
+  "user_details.email": "text",
+  "user_details.fullName": "text",
+  url: "text",
+});
+
+// Activity type constants
+auditTrailSchema.statics.ACTIVITY_TYPES = {
+  CREATE: "CREATE",
+  UPDATE: "UPDATE", 
+  DELETE: "DELETE",
+  AUTH: "AUTH",
+  OTHER: "OTHER",
+};
+
+// Method constants
+auditTrailSchema.statics.METHODS = {
+  GET: "GET",
+  POST: "POST",
+  PUT: "PUT",
+  PATCH: "PATCH",
+  DELETE: "DELETE",
+  OPTIONS: "OPTIONS",
+  HEAD: "HEAD",
+};
+
+// Device type constants
+auditTrailSchema.statics.DEVICE_TYPES = {
+  DESKTOP: "desktop",
+  MOBILE: "mobile",
+  TABLET: "tablet",
+  UNKNOWN: "unknown",
+};
+
+module.exports = mongoose.model("AuditTrail", auditTrailSchema);