feat: Advanced audit log, ORGUSD Soroban contract & standardized API errors#854
Merged
Conversation
…ldado#696) - Add migration 048 creating append-only admin_audit_log table with severity levels, resource snapshots, actor context, and request correlation; enforced via PostgreSQL rules (no UPDATE/DELETE). - Add AdminAuditService with log(), list() (filtering by action type, resource type, actor, severity, date range), summary() (aggregated counts), and exportCsv() (max 10 000 rows). - Add adminAuditRoutes.ts exposing GET /api/v1/admin-audit, /summary, and /export behind EMPLOYER JWT + org isolation guards. - Add auditAction() middleware factory for fire-and-forget logging on mutating routes without blocking the main request path. - Register /admin-audit in v1 router with dataRateLimit. - Add comprehensive unit/integration tests for all service methods. Closes Gildado#696 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Gildado#187) - Implement OrgUsdContract in Rust using the Soroban SDK with: • Admin-gated minting with positive-amount guard. • Per-account authorization (mirrors Stellar auth_required flag). • Freeze / unfreeze for regulatory holds (auth_revocable). • Transfer with sender-auth, dual active-account checks, and self-transfer guard. • Burn (holder-initiated) and admin clawback, both reducing total supply. • SEP-0034 metadata (name, version, author). • Typed errors via #[contracterror] with repr(u32) codes. • Events for every state transition (mint, transfer, burn, etc.). - Add comprehensive unit tests covering the full issuance flow: initialize, authorize, mint, transfer, burn, clawback, freeze, and all error paths (unauthorized, frozen, insufficient funds, etc.). - Register contracts/orgusd in the Cargo workspace. Closes Gildado#186 Closes Gildado#187 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Add errorHandlerMiddleware.ts — a single Express error-handler that
maps every error type to the canonical shape:
{ code: string, message: string, details: unknown[], requestId }
covering ZodError (400 + per-field details), HTTP-tagged errors
(4xx with code inference), client-side JS errors (TypeError /
RangeError / SyntaxError → 400), and unhandled exceptions (500,
message redacted in production).
- Replace the inline catch-all handler in app.ts with a call to
errorHandlerMiddleware so all routes share the same error format.
- Add comprehensive integration tests covering ZodError, HTTP-tagged
errors for all common status codes, JS error types, production vs
development message visibility, and shape compliance across error
types.
Closes Gildado#341
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…ildado#186, Gildado#187, Gildado#341 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
@Samuel1505 Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits. You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR resolves four open issues across the backend and smart-contract layers of PayD.
Closes #696
Closes #186
Closes #187
Closes #341
Summary of Changes
Issue #696 — Advanced Audit Log for All Admin Actions (backend)
backend/src/db/migrations/048_create_admin_audit_log.sql— New append-onlyadmin_audit_logtable with 6 covering indexes, PostgreSQL rules preventing UPDATE/DELETE, and JSONBold_state/new_statecolumns for diff-style auditing.backend/src/services/adminAuditService.ts— Service withlog(),list()(multi-filter pagination by action type, resource type, actor, severity, date range),summary()(aggregated counts for dashboards), andexportCsv()(up to 10 000 rows).backend/src/routes/adminAuditRoutes.ts—GET /api/v1/admin-audit(list),/summary, and/exportbehind EMPLOYER JWT + org-isolation guards with Swagger docs.backend/src/middlewares/adminAuditMiddleware.ts—auditAction()factory: fire-and-forget middleware that wraps any mutating route and appends a structured audit entry without blocking the response path.backend/src/routes/v1/index.ts— Register/admin-auditunderdataRateLimit.backend/src/services/__tests__/adminAuditService.test.ts— Unit tests for all service methods including filter combinations, CSV escaping, and error swallowing.Issues #186 / #187 — ORGUSD Custom Asset on Stellar Testnet (Soroban contract)
contracts/orgusd/Cargo.toml— Package manifest inheriting workspace version, authors, and license.contracts/orgusd/src/lib.rs— Full Soroban contract implementing:initialize(admin)— one-shot setupauthorize(account)/revoke(account)— mirrors Stellarauth_required/auth_revocablefreeze(account)/unfreeze(account)— regulatory holdmint(to, amount)— admin-only issuancetransfer(from, to, amount)— with auth, dual active-account checks, self-transfer guardburn(from, amount)/clawback(from, amount)— holder and admin token destructionname,version,author)#[contracterror]enum (9 variants) and#[contractevent]for every state transitionCargo.toml— Addedcontracts/orgusdto workspace members.Issue #341 — Standardize API Error Response Format (backend)
backend/src/middlewares/errorHandlerMiddleware.ts— Central Express error handler that maps every error type to the canonical shape{ code, message, details, requestId }:ZodError→ 400VALIDATION_ERRORwith per-field detailserr.codeTypeError/RangeError/SyntaxError→ 400BAD_REQUESTINTERNAL_ERROR(message redacted in production)backend/src/app.ts— Replace the inline catch-all handler witherrorHandlerMiddleware.backend/src/__tests__/errorHandlerMiddleware.test.ts— 18 integration tests covering all error categories, production/development message visibility, non-Error thrown values, and shape compliance.Test Plan
cd backend && npm test— all existing tests pass;adminAuditService.test.tsanderrorHandlerMiddleware.test.tspass048_create_admin_audit_log.sqlagainst a local database; confirm table, indexes, and rules are createdGET /api/v1/admin-auditwith a valid EMPLOYER JWT →{ success: true, data: [], total: 0 }GET /api/v1/admin-audit/summary→{ success: true, data: { totalActions: 0, ... } }GET /api/v1/admin-audit/export→text/csvwith correct header row{ code: "VALIDATION_ERROR", details: [...] }{ code: "NOT_FOUND", message: "...", details: [] }cargo test -p orgusd— all 20 contract unit tests pass (requires Soroban toolchain)🤖 Generated with Claude Code