feat(10-01): add audit event logging to config backup operations

- config_snapshot_created event after successful snapshot INSERT - config_snapshot_skipped_duplicate event on dedup match - config_diff_generated event after diff INSERT - config_backup_manual_trigger event on manual trigger success - All log_action calls wrapped in try/except for safety Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-12 23:44:00 -05:00
parent 50211d1853
commit 1a1ceb2cb1
4 changed files with 68 additions and 2 deletions
--- a/backend/app/routers/config_backups.py
+++ b/backend/app/routers/config_backups.py
@@ -837,6 +837,23 @@ async def trigger_config_snapshot(
    reply_data = json.loads(reply.data)

    if reply_data.get("status") == "success":
+        try:
+            from app.services.audit_service import log_action
+            await log_action(
+                db,
+                tenant_id,
+                current_user.user_id,
+                "config_backup_manual_trigger",
+                resource_type="config_snapshot",
+                device_id=device_id,
+                details={
+                    "sha256_hash": reply_data.get("sha256_hash"),
+                    "triggered_by": str(current_user.user_id),
+                },
+                ip_address=request.client.host if request.client else None,
+            )
+        except Exception:
+            pass
        return {
            "status": "success",
            "sha256_hash": reply_data.get("sha256_hash"),