Simon
5529219234
- attendance handlery pouzivaji getDbNow() misto PHP date() - nova helper funkce getDbNow() v AttendanceHelpers.php - audit log: cleanup endpoint (POST) s volbou stari zaznamu - audit log: filtry na jednom radku - dashboard: aktivita prejmenovana na Audit log s odkazem Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
95 lines
2.4 KiB
PHP
95 lines
2.4 KiB
PHP
<?php
|
|
|
|
/**
|
|
* Audit Log API - prohlížení audit logu
|
|
*
|
|
* GET /api/admin/audit-log.php
|
|
* ?page=1&per_page=50&search=&action=&entity_type=&date_from=&date_to=
|
|
*/
|
|
|
|
declare(strict_types=1);
|
|
|
|
require_once dirname(__DIR__) . '/config.php';
|
|
require_once dirname(__DIR__) . '/includes/JWTAuth.php';
|
|
require_once dirname(__DIR__) . '/includes/AuditLog.php';
|
|
|
|
setCorsHeaders();
|
|
setSecurityHeaders();
|
|
setNoCacheHeaders();
|
|
header('Content-Type: application/json; charset=utf-8');
|
|
|
|
$authData = JWTAuth::requireAuth();
|
|
AuditLog::setUser($authData['user_id'], $authData['user']['username'] ?? 'unknown');
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') {
|
|
http_response_code(204);
|
|
exit;
|
|
}
|
|
|
|
if (!in_array($_SERVER['REQUEST_METHOD'], ['GET', 'POST'], true)) {
|
|
errorResponse('Method not allowed', 405);
|
|
}
|
|
|
|
requirePermission($authData, 'settings.audit');
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
|
$input = getJsonInput();
|
|
$action = $input['action'] ?? '';
|
|
|
|
if ($action !== 'cleanup') {
|
|
errorResponse('Neplatná akce');
|
|
}
|
|
|
|
$days = (int) ($input['days'] ?? 90);
|
|
$pdo = db();
|
|
|
|
if ($days === 0) {
|
|
$stmt = $pdo->query('DELETE FROM audit_logs');
|
|
$deleted = $stmt->rowCount();
|
|
$msg = $deleted > 0
|
|
? "Smazáno všech $deleted záznamů"
|
|
: 'Audit log je prázdný';
|
|
} else {
|
|
$days = max(1, $days);
|
|
$stmt = $pdo->prepare(
|
|
'DELETE FROM audit_logs WHERE created_at < DATE_SUB(NOW(), INTERVAL ? DAY)'
|
|
);
|
|
$stmt->execute([$days]);
|
|
$deleted = $stmt->rowCount();
|
|
$msg = $deleted > 0
|
|
? "Smazáno $deleted záznamů starších $days dní"
|
|
: "Žádné záznamy starší než $days dní nebyly nalezeny";
|
|
}
|
|
|
|
successResponse(['deleted' => $deleted], $msg);
|
|
}
|
|
|
|
$page = max(1, (int) ($_GET['page'] ?? 1));
|
|
$perPage = max(1, min(100, (int) ($_GET['per_page'] ?? 50)));
|
|
|
|
$filters = [];
|
|
|
|
if (!empty($_GET['search'])) {
|
|
$filters['search'] = (string) $_GET['search'];
|
|
}
|
|
|
|
if (!empty($_GET['action'])) {
|
|
$filters['action'] = (string) $_GET['action'];
|
|
}
|
|
|
|
if (!empty($_GET['entity_type'])) {
|
|
$filters['entity_type'] = (string) $_GET['entity_type'];
|
|
}
|
|
|
|
if (!empty($_GET['date_from'])) {
|
|
$filters['date_from'] = (string) $_GET['date_from'];
|
|
}
|
|
|
|
if (!empty($_GET['date_to'])) {
|
|
$filters['date_to'] = (string) $_GET['date_to'];
|
|
}
|
|
|
|
$result = AuditLog::getLogs($filters, $page, $perPage);
|
|
|
|
successResponse($result);
|