🏠 Overview 🧩 Components 🧩 Audit Service

Audit Service

Component Detail

Service Layer high complexity Shared Component backend
2
Dependencies
17
Dependents
14
Entities
0
Integrations

Description

Core append-only backend utility that writes immutable audit log entries. Called by all authentication flows and every write operation across the platform - this service must never be bypassed. Uses INSERT-only semantics enforced at both the application layer and via a PostgreSQL role restriction. Each entry captures event_type, actor_id, actor_role, target_entity_type, target_entity_id, organization_id, ip_address, user_agent, and a JSON metadata blob.

Feature: Audit Log

audit-service

Responsibilities

  • Write immutable audit log entries using INSERT-only semantics
  • Capture full event context including actor, target, organization, IP, and user agent
  • Operate as a shared utility called by all write operations and auth flows
  • Use the dedicated audit_log write role to enforce append-only database access
  • Support fire-and-forget async writes to avoid blocking the primary operation

Interfaces

log(event: AuditEvent): Promise<void>
logAuthEvent(type: AuthEventType, actorId: string, metadata: object): Promise<void>
logAdminAction(type: AdminActionType, actorId: string, targetEntityType: string, targetEntityId: string, orgId: string, metadata: object): Promise<void>
logDataAccess(actorId: string, targetEntityType: string, targetEntityId: string, orgId: string, metadata: object): Promise<void>

Relationships

Dependencies (2)

Components this component depends on

infrastructure Audit Append Enforcement data Audit Logs Table

Dependents (17)

Components that depend on this component

service Proxy Registration Service infrastructure Proxy Audit Interceptor service Export Generation Service service Certificate Admin Service service Feed Service service Role Assignment Service service Bulk User Service service Activity Approval Service service Duplicate Detection Service service Activity Flag Service service Expense Approval Service service Threshold Rules Service infrastructure Rule Change Audit Logger service Organization Config Service service Module Configuration Service service Audit Query Service service Session Revocation Service

Related Data Entities (14)

Data entities managed by this component

Activity 25 fields core Assignment 19 fields core Audit Log 17 fields audit Confidentiality Declaration 17 fields core Course Enrollment 15 fields core Event 18 fields core Expense Claim 24 fields core Export Log 21 fields audit Organization 21 fields core Organization Membership 18 fields core Refresh Token 15 fields core Session 16 fields core User 24 fields core User Role 13 fields core