feat: enhance audit logging and add company name to audit entries

- Integrated detailed audit logging for update and delete actions in the CommonCodeController and DDLController. - Added company name retrieval to the audit log entries for better traceability. - Updated the audit log service to include company name in the log entries. - Modified the frontend audit log page to display company names alongside company codes for improved clarity. Made-with: Cursor
2026-03-12 05:14:27 +09:00
parent fd90e3d761
commit b1e50f2e0a
14 changed files with 462 additions and 142 deletions
--- a/backend-node/src/controllers/categoryTreeController.ts
+++ b/backend-node/src/controllers/categoryTreeController.ts
@@ -6,6 +6,7 @@ import { Router, Request, Response } from "express";
 import { categoryTreeService, CreateCategoryValueInput, UpdateCategoryValueInput } from "../services/categoryTreeService";
 import { logger } from "../utils/logger";
 import { authenticateToken } from "../middleware/authMiddleware";
+import { auditLogService, getClientIp } from "../services/auditLogService";

 const router = Router();

@@ -16,6 +17,7 @@ router.use(authenticateToken);
 interface AuthenticatedRequest extends Request {
  user?: {
    userId: string;
+    userName: string;
    companyCode: string;
  };
 }
@@ -157,6 +159,21 @@ router.post("/test/value", async (req: AuthenticatedRequest, res: Response) => {

    const value = await categoryTreeService.createCategoryValue(companyCode, input, createdBy);

+    auditLogService.log({
+      companyCode,
+      userId: req.user?.userId || "",
+      userName: req.user?.userName,
+      action: "CREATE",
+      resourceType: "CODE_CATEGORY",
+      resourceId: String(value.valueId),
+      resourceName: input.valueLabel,
+      tableName: "category_values",
+      summary: `카테고리 값 "${input.valueLabel}" 생성 (${input.tableName}.${input.columnName})`,
+      changes: { after: { tableName: input.tableName, columnName: input.columnName, valueCode: input.valueCode, valueLabel: input.valueLabel } },
+      ipAddress: getClientIp(req),
+      requestPath: req.originalUrl,
+    });
+
    res.json({
      success: true,
      data: value,
@@ -182,6 +199,7 @@ router.put("/test/value/:valueId", async (req: AuthenticatedRequest, res: Respon
    const companyCode = req.user?.companyCode || "*";
    const updatedBy = req.user?.userId;

+    const beforeValue = await categoryTreeService.getCategoryValue(companyCode, Number(valueId));
    const value = await categoryTreeService.updateCategoryValue(companyCode, Number(valueId), input, updatedBy);

    if (!value) {
@@ -191,6 +209,24 @@ router.put("/test/value/:valueId", async (req: AuthenticatedRequest, res: Respon
      });
    }

+    auditLogService.log({
+      companyCode,
+      userId: req.user?.userId || "",
+      userName: req.user?.userName,
+      action: "UPDATE",
+      resourceType: "CODE_CATEGORY",
+      resourceId: valueId,
+      resourceName: value.valueLabel,
+      tableName: "category_values",
+      summary: `카테고리 값 "${value.valueLabel}" 수정 (${value.tableName}.${value.columnName})`,
+      changes: {
+        before: beforeValue ? { valueLabel: beforeValue.valueLabel, valueCode: beforeValue.valueCode } : undefined,
+        after: input,
+      },
+      ipAddress: getClientIp(req),
+      requestPath: req.originalUrl,
+    });
+
    res.json({
      success: true,
      data: value,
@@ -239,6 +275,7 @@ router.delete("/test/value/:valueId", async (req: AuthenticatedRequest, res: Res
    const { valueId } = req.params;
    const companyCode = req.user?.companyCode || "*";

+    const beforeValue = await categoryTreeService.getCategoryValue(companyCode, Number(valueId));
    const success = await categoryTreeService.deleteCategoryValue(companyCode, Number(valueId));

    if (!success) {
@@ -248,6 +285,21 @@ router.delete("/test/value/:valueId", async (req: AuthenticatedRequest, res: Res
      });
    }

+    auditLogService.log({
+      companyCode,
+      userId: req.user?.userId || "",
+      userName: req.user?.userName,
+      action: "DELETE",
+      resourceType: "CODE_CATEGORY",
+      resourceId: valueId,
+      resourceName: beforeValue?.valueLabel || valueId,
+      tableName: "category_values",
+      summary: `카테고리 값 "${beforeValue?.valueLabel || valueId}" 삭제 (${beforeValue?.tableName || ""}.${beforeValue?.columnName || ""})`,
+      changes: beforeValue ? { before: { valueLabel: beforeValue.valueLabel, valueCode: beforeValue.valueCode, tableName: beforeValue.tableName, columnName: beforeValue.columnName } } : undefined,
+      ipAddress: getClientIp(req),
+      requestPath: req.originalUrl,
+    });
+
    res.json({
      success: true,
      message: "삭제되었습니다",