gitcaddy-vault/services/audit.go

// Copyright 2026 MarketAlly. All rights reserved.
// Proprietary and confidential.

package services

import (
	"context"

	"git.marketally.com/gitcaddy/gitcaddy-vault/models"

	"code.gitcaddy.com/server/v3/models/db"
	user_model "code.gitcaddy.com/server/v3/models/user"
)

// ListAuditEntries lists audit entries for a repository
func ListAuditEntries(ctx context.Context, repoID int64, page, pageSize int) ([]*models.VaultAuditEntry, int64, error) {
	if page <= 0 {
		page = 1
	}
	if pageSize <= 0 {
		pageSize = 50
	}

	sess := db.GetEngine(ctx).Where("repo_id = ?", repoID)

	// Get total count
	total, err := sess.Count(new(models.VaultAuditEntry))
	if err != nil {
		return nil, 0, err
	}

	// Get paginated results
	var entries []*models.VaultAuditEntry
	if err := db.GetEngine(ctx).
		Where("repo_id = ?", repoID).
		OrderBy("timestamp DESC").
		Limit(pageSize, (page-1)*pageSize).
		Find(&entries); err != nil {
		return nil, 0, err
	}

	// Populate computed fields
	for _, entry := range entries {
		// Get secret name
		if entry.SecretID > 0 {
			secret := &models.VaultSecret{}
			if has, _ := db.GetEngine(ctx).ID(entry.SecretID).Get(secret); has {
				entry.SecretName = secret.Name
			}
		}

		// Get user name
		if entry.UserID > 0 {
			user, err := user_model.GetUserByID(ctx, entry.UserID)
			if err == nil && user != nil {
				entry.UserName = user.Name
			}
		}
	}

	return entries, total, nil
}

// CreateAuditEntry creates a new audit entry
func CreateAuditEntry(ctx context.Context, entry *models.VaultAuditEntry) error {
	_, err := db.GetEngine(ctx).Insert(entry)
	return err
}