Technical Documentation: Settings - Audit Logs

Architecture

Audit Logs are implemented as a "Write-Once" journaling system within the Go Backend. They are decoupled from standard application logs to ensure their integrity.

Technical Details

• File Path: lib/screens/settings_screen.dart (Audit Tab)
• Data Model: AuditEntry
  • id: Unique UUID.
  • timestamp: High-precision microsecond mark.
  • user_id: ForeignKey to the user management table.
  • action: Specific opcode (e.g., MAP_DELETE, ROUTE_SAVE).
  • details: JSON payload of the specific change made.
  • ip_address: Source IP of the requesting client.

Implementation Details

• Interceptors: The Go backend uses a "Middleware" pattern to automatically inject an Audit Log entry for any incoming REST request marked as ActionType: Sensitive.
• Search Engine: Powered by a customized SQL query that allows for multi-field filtering (by user, by action, or by date range).
• Export Engine: Uses a backend library to generate secure, paginated CSV/PDF documents from the audit database on request.

Security

• Access Control: Only users with the Role: SUPER_ADMIN can view the Audit Logs tab.
• Integrity: The audit database is optimized for INSERT operations and permissions are severely restricted for DELETE or UPDATE commands.