Platform review round 2: audit logging migration, nav unification, DB indexes, and UI polish

- Migrate ~41 inline audit log calls to shared logAudit() utility across all routers - Add transaction-aware prisma parameter to logAudit() for atomic operations - Unify jury/mentor/observer navigation into shared RoleNav component - Add composite DB indexes (Evaluation, GracePeriod, AuditLog) for query performance - Fix profile page: consolidate dual save buttons, proper useEffect initialization - Enhance auth error page with MOPC branding and navigation - Improve observer dashboard with prominent read-only badge - Fix DI-3: fetch projects before bulk status update for accurate notifications - Remove unused aiBoost field from smart-assignment scoring - Add shared image-upload utility and structured logger module Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-05 21:09:06 +01:00
parent 8d0979e649
commit 002a9dbfc3
34 changed files with 1688 additions and 1782 deletions
--- a/src/server/utils/audit.ts
+++ b/src/server/utils/audit.ts
@@ -1,11 +1,19 @@
-import { prisma } from '@/lib/prisma'
-import type { Prisma } from '@prisma/client'
+import { prisma as globalPrisma } from '@/lib/prisma'
+import type { Prisma, PrismaClient } from '@prisma/client'
+
+/** Minimal Prisma-like client that supports auditLog.create (works with PrismaClient and transaction clients). */
+type AuditPrismaClient = Pick<PrismaClient, 'auditLog'>

 /**
 * Shared utility for creating audit log entries.
 * Wrapped in try-catch so audit failures never break the calling operation.
+ *
+ * @param input.prisma - Optional Prisma client instance. When omitted the global
+ *   singleton is used. Pass `ctx.prisma` from tRPC handlers so audit writes
+ *   participate in the same transaction when applicable.
 */
 export async function logAudit(input: {
+  prisma?: AuditPrismaClient
  userId?: string | null
  action: string
  entityType: string
@@ -15,7 +23,8 @@ export async function logAudit(input: {
  userAgent?: string
 }): Promise<void> {
  try {
-    await prisma.auditLog.create({
+    const db = input.prisma ?? globalPrisma
+    await db.auditLog.create({
      data: {
        userId: input.userId ?? null,
        action: input.action,