app/api/admin/audit-log.php

<?php

/**
 * Audit Log API - prohlížení audit logu
 *
 * GET /api/admin/audit-log.php
 *   ?page=1&per_page=50&search=&action=&entity_type=&date_from=&date_to=
 */

declare(strict_types=1);

require_once dirname(__DIR__) . '/config.php';
require_once dirname(__DIR__) . '/includes/JWTAuth.php';
require_once dirname(__DIR__) . '/includes/AuditLog.php';

setCorsHeaders();
setSecurityHeaders();
setNoCacheHeaders();
header('Content-Type: application/json; charset=utf-8');

$authData = JWTAuth::requireAuth();
AuditLog::setUser($authData['user_id'], $authData['user']['username'] ?? 'unknown');

if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') {
    http_response_code(204);
    exit;
}

if ($_SERVER['REQUEST_METHOD'] !== 'GET') {
    errorResponse('Method not allowed', 405);
}

requirePermission($authData, 'settings.audit');

$page = max(1, (int) ($_GET['page'] ?? 1));
$perPage = max(1, min(100, (int) ($_GET['per_page'] ?? 50)));

$filters = [];

if (!empty($_GET['search'])) {
    $filters['search'] = (string) $_GET['search'];
}

if (!empty($_GET['action'])) {
    $filters['action'] = (string) $_GET['action'];
}

if (!empty($_GET['entity_type'])) {
    $filters['entity_type'] = (string) $_GET['entity_type'];
}

if (!empty($_GET['date_from'])) {
    $filters['date_from'] = (string) $_GET['date_from'];
}

if (!empty($_GET['date_to'])) {
    $filters['date_to'] = (string) $_GET['date_to'];
}

$result = AuditLog::getLogs($filters, $page, $perPage);

successResponse($result);