|
| 1 | +package adminaudit |
| 2 | + |
| 3 | +import ( |
| 4 | + "context" |
| 5 | + "database/sql" |
| 6 | + "fmt" |
| 7 | + "strings" |
| 8 | + "time" |
| 9 | +) |
| 10 | + |
| 11 | +// PostgresStore implements Store using PostgreSQL. |
| 12 | +type PostgresStore struct { |
| 13 | + db *sql.DB |
| 14 | +} |
| 15 | + |
| 16 | +// NewPostgresStore creates a new PostgreSQL-backed admin audit store. |
| 17 | +func NewPostgresStore(db *sql.DB) *PostgresStore { |
| 18 | + return &PostgresStore{db: db} |
| 19 | +} |
| 20 | + |
| 21 | +func (s *PostgresStore) Migrate(ctx context.Context) error { |
| 22 | + stmts := []string{ |
| 23 | + `CREATE TABLE IF NOT EXISTS admin_audit_log ( |
| 24 | + id TEXT PRIMARY KEY, |
| 25 | + admin_user_id TEXT NOT NULL, |
| 26 | + action TEXT NOT NULL, |
| 27 | + target_type TEXT NOT NULL DEFAULT '', |
| 28 | + target_id TEXT NOT NULL DEFAULT '', |
| 29 | + details TEXT DEFAULT '', |
| 30 | + ip_address TEXT DEFAULT '', |
| 31 | + created_at TIMESTAMPTZ NOT NULL DEFAULT NOW() |
| 32 | + )`, |
| 33 | + `CREATE INDEX IF NOT EXISTS idx_admin_audit_admin ON admin_audit_log(admin_user_id, created_at DESC)`, |
| 34 | + `CREATE INDEX IF NOT EXISTS idx_admin_audit_time ON admin_audit_log(created_at DESC)`, |
| 35 | + } |
| 36 | + for _, stmt := range stmts { |
| 37 | + if _, err := s.db.ExecContext(ctx, stmt); err != nil { |
| 38 | + return fmt.Errorf("admin audit migrate: %w", err) |
| 39 | + } |
| 40 | + } |
| 41 | + return nil |
| 42 | +} |
| 43 | + |
| 44 | +func (s *PostgresStore) Insert(ctx context.Context, event *AdminAuditEvent) error { |
| 45 | + _, err := s.db.ExecContext(ctx, |
| 46 | + `INSERT INTO admin_audit_log (id, admin_user_id, action, target_type, target_id, details, ip_address, created_at) |
| 47 | + VALUES ($1, $2, $3, $4, $5, $6, $7, $8)`, |
| 48 | + event.ID, event.AdminUserID, event.Action, event.TargetType, |
| 49 | + event.TargetID, event.Details, event.IPAddress, |
| 50 | + event.CreatedAt.UTC(), |
| 51 | + ) |
| 52 | + return err |
| 53 | +} |
| 54 | + |
| 55 | +func (s *PostgresStore) List(ctx context.Context, adminUserID, action, targetType string, since time.Time, limit, offset int) ([]AdminAuditEvent, int, error) { |
| 56 | + if limit <= 0 { |
| 57 | + limit = 50 |
| 58 | + } |
| 59 | + |
| 60 | + var where []string |
| 61 | + var args []any |
| 62 | + paramIdx := 1 |
| 63 | + |
| 64 | + if adminUserID != "" { |
| 65 | + where = append(where, fmt.Sprintf("admin_user_id = $%d", paramIdx)) |
| 66 | + args = append(args, adminUserID) |
| 67 | + paramIdx++ |
| 68 | + } |
| 69 | + if action != "" { |
| 70 | + where = append(where, fmt.Sprintf("action = $%d", paramIdx)) |
| 71 | + args = append(args, action) |
| 72 | + paramIdx++ |
| 73 | + } |
| 74 | + if targetType != "" { |
| 75 | + where = append(where, fmt.Sprintf("target_type = $%d", paramIdx)) |
| 76 | + args = append(args, targetType) |
| 77 | + paramIdx++ |
| 78 | + } |
| 79 | + if !since.IsZero() { |
| 80 | + where = append(where, fmt.Sprintf("created_at >= $%d", paramIdx)) |
| 81 | + args = append(args, since.UTC()) |
| 82 | + paramIdx++ |
| 83 | + } |
| 84 | + |
| 85 | + whereClause := "" |
| 86 | + if len(where) > 0 { |
| 87 | + whereClause = "WHERE " + strings.Join(where, " AND ") |
| 88 | + } |
| 89 | + |
| 90 | + // Count total. |
| 91 | + var total int |
| 92 | + countQuery := fmt.Sprintf("SELECT COUNT(*) FROM admin_audit_log %s", whereClause) |
| 93 | + if err := s.db.QueryRowContext(ctx, countQuery, args...).Scan(&total); err != nil { |
| 94 | + return nil, 0, err |
| 95 | + } |
| 96 | + |
| 97 | + // Fetch page. |
| 98 | + query := fmt.Sprintf( |
| 99 | + "SELECT id, admin_user_id, action, target_type, target_id, details, ip_address, created_at FROM admin_audit_log %s ORDER BY created_at DESC LIMIT $%d OFFSET $%d", |
| 100 | + whereClause, paramIdx, paramIdx+1, |
| 101 | + ) |
| 102 | + pageArgs := append(args, limit, offset) |
| 103 | + rows, err := s.db.QueryContext(ctx, query, pageArgs...) |
| 104 | + if err != nil { |
| 105 | + return nil, 0, err |
| 106 | + } |
| 107 | + defer rows.Close() |
| 108 | + |
| 109 | + var events []AdminAuditEvent |
| 110 | + for rows.Next() { |
| 111 | + var e AdminAuditEvent |
| 112 | + if err := rows.Scan(&e.ID, &e.AdminUserID, &e.Action, &e.TargetType, &e.TargetID, &e.Details, &e.IPAddress, &e.CreatedAt); err != nil { |
| 113 | + return nil, 0, err |
| 114 | + } |
| 115 | + events = append(events, e) |
| 116 | + } |
| 117 | + return events, total, rows.Err() |
| 118 | +} |
| 119 | + |
| 120 | +func (s *PostgresStore) Close() error { |
| 121 | + return nil // shared db, don't close |
| 122 | +} |
0 commit comments