feat(api): GET /api/agent/audit — the user's agent write history #348
Labels
No labels
area:auth
area:ci
area:db
area:infra
area:native
area:pwa
area:service
epic
feature
foundation
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
james/carol#348
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
First half of epic #47's "audit log + undo" linked ticket: the read surface over the already-captured trail. The commit path writes one append-only
audit_eventsrow per applied proposal with before/after snapshots (#51, migration 023), but there's no way to list them — so the PWA can't show "what Carol changed." This adds that endpoint; undo is a separate follow-up (it needs real reversal-semantics design — conflict detection, re-creating ids, child rows, whether undo is itself audited).Scope
GET /api/agent/audit— cursor-paginated (newest first) list of the authenticated user's audit events. DTO:id,entityType,entityId,action,tool,before,after(JSON snapshots decoded to structured values — null on create/delete respectively),proposalId,createdAt.user_id-scoped + FK-cascade).(created_at, id), mirroring the conversations list (zTimestampIdCursor+paginatedResponse). NewAuditEventsRepository.listPageByUser; the existinglistByUser(returns all) stays for internal callers/tests.Out of scope (follow-ups)
POST /api/agent/audit/{id}/undoreversing a write from its before/after snapshot. Own ticket + design.@carol/api-clienthook + history UI.Part of epic #47.