mirror of
https://github.com/tiennm99/goclaw.git
synced 2026-06-11 20:10:59 +00:00
viettranx
e1cb5c411b
Replace per-handler `token string` field with package-level `pkgGatewayToken` via `InitGatewayToken()`, matching the existing pattern for `pkgAPIKeyCache`, `pkgOwnerIDs`, etc. - Remove `token` from ~30 HTTP handler structs and constructors - Simplify `requireAuth(minRole, next)` signature (was 3 params) - Simplify `resolveAuth(r)` signature (was 2 params) - Rename `resolveAuthBearer` → `resolveAuthWithBearer` (clearer) - Add `store.WithRole()`/`RoleFromContext()` to propagate caller role through context - Inject role into context in `requireAuth` and `requireAuthBearer`
84 lines
2.1 KiB
Go
84 lines
2.1 KiB
Go
package http
|
|
|
|
import (
|
|
"net/http"
|
|
"strconv"
|
|
|
|
"github.com/nextlevelbuilder/goclaw/internal/permissions"
|
|
"github.com/nextlevelbuilder/goclaw/internal/store"
|
|
)
|
|
|
|
// ActivityHandler handles activity audit log endpoints.
|
|
type ActivityHandler struct {
|
|
activity store.ActivityStore
|
|
}
|
|
|
|
// NewActivityHandler creates a handler for activity log endpoints.
|
|
func NewActivityHandler(activity store.ActivityStore) *ActivityHandler {
|
|
return &ActivityHandler{activity: activity}
|
|
}
|
|
|
|
// RegisterRoutes registers activity routes on the given mux.
|
|
func (h *ActivityHandler) RegisterRoutes(mux *http.ServeMux) {
|
|
mux.HandleFunc("GET /v1/activity", h.authMiddleware(h.handleList))
|
|
}
|
|
|
|
func (h *ActivityHandler) authMiddleware(next http.HandlerFunc) http.HandlerFunc {
|
|
return requireAuth("", next)
|
|
}
|
|
|
|
func (h *ActivityHandler) handleList(w http.ResponseWriter, r *http.Request) {
|
|
opts := store.ActivityListOpts{
|
|
Limit: 50,
|
|
Offset: 0,
|
|
}
|
|
|
|
if v := r.URL.Query().Get("actor_type"); v != "" {
|
|
opts.ActorType = v
|
|
}
|
|
if v := r.URL.Query().Get("actor_id"); v != "" {
|
|
opts.ActorID = v
|
|
}
|
|
|
|
// Non-admin callers may only see their own activity logs.
|
|
auth := resolveAuth(r)
|
|
if !permissions.HasMinRole(auth.Role, permissions.RoleAdmin) {
|
|
callerID := store.UserIDFromContext(r.Context())
|
|
opts.ActorID = callerID
|
|
}
|
|
if v := r.URL.Query().Get("action"); v != "" {
|
|
opts.Action = v
|
|
}
|
|
if v := r.URL.Query().Get("entity_type"); v != "" {
|
|
opts.EntityType = v
|
|
}
|
|
if v := r.URL.Query().Get("entity_id"); v != "" {
|
|
opts.EntityID = v
|
|
}
|
|
if v := r.URL.Query().Get("limit"); v != "" {
|
|
if n, err := strconv.Atoi(v); err == nil && n > 0 && n <= 200 {
|
|
opts.Limit = n
|
|
}
|
|
}
|
|
if v := r.URL.Query().Get("offset"); v != "" {
|
|
if n, err := strconv.Atoi(v); err == nil && n >= 0 {
|
|
opts.Offset = n
|
|
}
|
|
}
|
|
|
|
logs, err := h.activity.List(r.Context(), opts)
|
|
if err != nil {
|
|
writeJSON(w, http.StatusInternalServerError, map[string]string{"error": err.Error()})
|
|
return
|
|
}
|
|
|
|
total, _ := h.activity.Count(r.Context(), opts)
|
|
|
|
writeJSON(w, http.StatusOK, map[string]any{
|
|
"logs": logs,
|
|
"total": total,
|
|
"limit": opts.Limit,
|
|
"offset": opts.Offset,
|
|
})
|
|
}
|