ChrisChen/ROLAC
1
0
Fork 0
Code Issues 66 Pull Requests Actions Packages Projects Releases Wiki Activity

Add audit logs.
ci-cd-vm / ci-cd (push) Successful in 4m2s
Details

Browse Source
This commit is contained in:
Chris Chen
2026-06-23 12:13:47 -07:00
parent 870eeec82a
commit 62592c29ae
106 changed files with 2522 additions and 311 deletions
Download Patch File Download Diff File Expand all files Collapse all files
API/ROLAC.API/Services/UserManagementService.cs
+23 -1
View File
@@ -5,6 +5,8 @@ using ROLAC.API.Data;
using ROLAC.API.DTOs.Shared;
using ROLAC.API.DTOs.Users;
using ROLAC.API.Entities;
using ROLAC.API.Entities.Logging;
using ROLAC.API.Services.Logging;
namespace ROLAC.API.Services;
@@ -12,11 +14,13 @@ public class UserManagementService : IUserManagementService
{
private readonly UserManager<AppUser> _userManager;
private readonly AppDbContext _db;
private readonly IAuditLogger _audit;
public UserManagementService(UserManager<AppUser> userManager, AppDbContext db)
public UserManagementService(UserManager<AppUser> userManager, AppDbContext db, IAuditLogger audit)
{
_userManager = userManager;
_db = db;
_audit = audit;
}
// ── GetPaged ─────────────────────────────────────────────────────────────
@@ -154,6 +158,12 @@ public class UserManagementService : IUserManagementService
await _userManager.AddToRolesAsync(user, request.Roles);
_audit.Write(
AuditActions.RoleChanged, AuditCategories.Security, LogLevelEnum.Warning,
entityName: nameof(AppUser), entityId: user.Id,
summary: $"User created: {user.Email} with roles [{string.Join(", ", request.Roles)}]",
after: new { user.Email, Roles = request.Roles });
return new CreateUserResult { UserId = user.Id, TempPassword = tempPassword };
}
@@ -182,6 +192,13 @@ public class UserManagementService : IUserManagementService
var toAdd = request.Roles.Except(currentRoles).ToList();
if (toRemove.Count > 0) await _userManager.RemoveFromRolesAsync(user, toRemove);
if (toAdd.Count > 0) await _userManager.AddToRolesAsync(user, toAdd);
if (toRemove.Count > 0 || toAdd.Count > 0)
_audit.Write(
AuditActions.RoleChanged, AuditCategories.Security, LogLevelEnum.Warning,
entityName: nameof(AppUser), entityId: user.Id,
summary: $"Roles changed for {user.Email}",
before: new { Roles = currentRoles }, after: new { Roles = request.Roles });
}
// ── Deactivate ───────────────────────────────────────────────────────────
@@ -193,6 +210,11 @@ public class UserManagementService : IUserManagementService
user.IsActive = false;
user.LockoutEnd = DateTimeOffset.MaxValue;
await _userManager.UpdateAsync(user);
_audit.Write(
AuditActions.UserDeactivated, AuditCategories.Security, LogLevelEnum.Warning,
entityName: nameof(AppUser), entityId: user.Id,
summary: $"User deactivated: {user.Email}");
}
// ── ResetPassword ────────────────────────────────────────────────────────