/** * AuditLogController - Controller de Logs de Auditoría * * Endpoints REST para consulta de logs de auditoría. * * @module Admin */ import { Router, Request, Response, NextFunction } from 'express'; import { DataSource } from 'typeorm'; import { AuditLogService, AuditLogFilters } from '../services/audit-log.service'; import { AuthMiddleware } from '../../auth/middleware/auth.middleware'; import { AuthService } from '../../auth/services/auth.service'; import { AuditLog } from '../entities/audit-log.entity'; import { User } from '../../core/entities/user.entity'; import { Tenant } from '../../core/entities/tenant.entity'; import { RefreshToken } from '../../auth/entities/refresh-token.entity'; interface ServiceContext { tenantId: string; userId?: string; } export function createAuditLogController(dataSource: DataSource): Router { const router = Router(); // Repositorios const auditLogRepository = dataSource.getRepository(AuditLog); const userRepository = dataSource.getRepository(User); const tenantRepository = dataSource.getRepository(Tenant); const refreshTokenRepository = dataSource.getRepository(RefreshToken); // Servicios const auditLogService = new AuditLogService(auditLogRepository); const authService = new AuthService(userRepository, tenantRepository, refreshTokenRepository as any); const authMiddleware = new AuthMiddleware(authService, dataSource); // Helper para crear contexto const getContext = (req: Request): ServiceContext => { if (!req.tenantId) { throw new Error('Tenant ID is required'); } return { tenantId: req.tenantId, userId: req.user?.sub, }; }; /** * GET /audit-logs */ router.get('/', authMiddleware.authenticate, authMiddleware.authorize('admin', 'director', 'auditor'), async (req: Request, res: Response, next: NextFunction): Promise => { try { if (!req.tenantId) { res.status(400).json({ error: 'Bad Request', message: 'Tenant ID required' }); return; } const page = parseInt(req.query.page as string) || 1; const limit = Math.min(parseInt(req.query.limit as string) || 50, 200); const filters: AuditLogFilters = {}; if (req.query.userId) filters.userId = req.query.userId as string; if (req.query.category) filters.category = req.query.category as any; if (req.query.action) filters.action = req.query.action as any; if (req.query.severity) filters.severity = req.query.severity as any; if (req.query.entityType) filters.entityType = req.query.entityType as string; if (req.query.entityId) filters.entityId = req.query.entityId as string; if (req.query.module) filters.module = req.query.module as string; if (req.query.isSuccess !== undefined) filters.isSuccess = req.query.isSuccess === 'true'; if (req.query.dateFrom) filters.dateFrom = new Date(req.query.dateFrom as string); if (req.query.dateTo) filters.dateTo = new Date(req.query.dateTo as string); if (req.query.ipAddress) filters.ipAddress = req.query.ipAddress as string; if (req.query.search) filters.search = req.query.search as string; const result = await auditLogService.findWithFilters(getContext(req), filters, page, limit); res.status(200).json({ success: true, data: result.data, pagination: { total: result.total, page: result.page, limit: result.limit, totalPages: result.totalPages }, }); } catch (error) { next(error); } }); /** * GET /audit-logs/stats */ router.get('/stats', authMiddleware.authenticate, authMiddleware.authorize('admin', 'director', 'auditor'), async (req: Request, res: Response, next: NextFunction): Promise => { try { if (!req.tenantId) { res.status(400).json({ error: 'Bad Request', message: 'Tenant ID required' }); return; } const days = parseInt(req.query.days as string) || 30; const stats = await auditLogService.getStats(getContext(req), days); res.status(200).json({ success: true, data: stats }); } catch (error) { next(error); } }); /** * GET /audit-logs/critical */ router.get('/critical', authMiddleware.authenticate, authMiddleware.authorize('admin', 'director'), async (req: Request, res: Response, next: NextFunction): Promise => { try { if (!req.tenantId) { res.status(400).json({ error: 'Bad Request', message: 'Tenant ID required' }); return; } const days = parseInt(req.query.days as string) || 7; const limit = Math.min(parseInt(req.query.limit as string) || 100, 500); const logs = await auditLogService.getCriticalLogs(getContext(req), days, limit); res.status(200).json({ success: true, data: logs }); } catch (error) { next(error); } }); /** * GET /audit-logs/failed */ router.get('/failed', authMiddleware.authenticate, authMiddleware.authorize('admin', 'director'), async (req: Request, res: Response, next: NextFunction): Promise => { try { if (!req.tenantId) { res.status(400).json({ error: 'Bad Request', message: 'Tenant ID required' }); return; } const hours = parseInt(req.query.hours as string) || 24; const limit = Math.min(parseInt(req.query.limit as string) || 100, 500); const logs = await auditLogService.getFailedLogs(getContext(req), hours, limit); res.status(200).json({ success: true, data: logs }); } catch (error) { next(error); } }); /** * GET /audit-logs/entity/:type/:id */ router.get('/entity/:type/:id', authMiddleware.authenticate, authMiddleware.authorize('admin', 'director', 'auditor'), async (req: Request, res: Response, next: NextFunction): Promise => { try { if (!req.tenantId) { res.status(400).json({ error: 'Bad Request', message: 'Tenant ID required' }); return; } const page = parseInt(req.query.page as string) || 1; const limit = Math.min(parseInt(req.query.limit as string) || 20, 100); const result = await auditLogService.findByEntity( getContext(req), req.params.type, req.params.id, page, limit ); res.status(200).json({ success: true, data: result.data, pagination: { total: result.total, page: result.page, limit: result.limit, totalPages: result.totalPages }, }); } catch (error) { next(error); } }); /** * GET /audit-logs/user/:userId */ router.get('/user/:userId', authMiddleware.authenticate, authMiddleware.authorize('admin', 'director', 'auditor'), async (req: Request, res: Response, next: NextFunction): Promise => { try { if (!req.tenantId) { res.status(400).json({ error: 'Bad Request', message: 'Tenant ID required' }); return; } const page = parseInt(req.query.page as string) || 1; const limit = Math.min(parseInt(req.query.limit as string) || 50, 200); const result = await auditLogService.findByUser( getContext(req), req.params.userId, page, limit ); res.status(200).json({ success: true, data: result.data, pagination: { total: result.total, page: result.page, limit: result.limit, totalPages: result.totalPages }, }); } catch (error) { next(error); } }); /** * POST /audit-logs/cleanup * Cleanup expired logs */ router.post('/cleanup', authMiddleware.authenticate, authMiddleware.authorize('admin'), async (req: Request, res: Response, next: NextFunction): Promise => { try { if (!req.tenantId) { res.status(400).json({ error: 'Bad Request', message: 'Tenant ID required' }); return; } const deleted = await auditLogService.cleanupExpiredLogs(getContext(req)); res.status(200).json({ success: true, message: `Cleaned up ${deleted} expired audit logs`, data: { deleted }, }); } catch (error) { next(error); } }); return router; } export default createAuditLogController;