MOPC/MOPC-Portal
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: granular file access audit logging (viewed/opened/downloaded)
Some checks failed
Build and Push Docker Image / build (push) Has been cancelled
Details

Browse Source 
Replace single FILE_DOWNLOADED action with three granular actions:
- FILE_VIEWED: inline preview loaded in the UI
- FILE_OPENED: file opened in a new browser tab
- FILE_DOWNLOADED: explicit download button clicked

Add 'purpose' field to getDownloadUrl input (preview/open/download).
All client callers updated to pass the appropriate purpose.
Audit page updated with new filter options and color mappings.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Matt
2026-03-04 18:18:28 +01:00
parent 503a375701
commit c8c26beed2
6 changed files with 32 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/components/shared/file-viewer.tsx
View File

@@ -240,7 +240,7 @@ function FileItem({ file }: { file: ProjectFile }) {
const Icon = getFileIcon(file.fileType, file.mimeType)
const { data: urlData, isLoading: isLoadingUrl } = trpc.file.getDownloadUrl.useQuery(
{ bucket: file.bucket, objectKey: file.objectKey },
{ bucket: file.bucket, objectKey: file.objectKey, purpose: 'preview' as const },
{ enabled: showPreview }
)
@@ -440,7 +440,7 @@ function VersionDownloadButton({ bucket, objectKey }: { bucket: string; objectKe
const [downloading, setDownloading] = useState(false)
const { refetch } = trpc.file.getDownloadUrl.useQuery(
{ bucket, objectKey },
{ bucket, objectKey, purpose: 'open' as const },
{ enabled: false }
)
@@ -537,7 +537,7 @@ function FileOpenButton({ file, className, label }: { file: ProjectFile; classNa
const [loading, setLoading] = useState(false)
const { refetch } = trpc.file.getDownloadUrl.useQuery(
{ bucket: file.bucket, objectKey: file.objectKey },
{ bucket: file.bucket, objectKey: file.objectKey, purpose: 'open' as const },
{ enabled: false }
)
@@ -590,7 +590,7 @@ function FileDownloadButton({ file, className, label }: { file: ProjectFile; cla
const [downloading, setDownloading] = useState(false)
const { refetch } = trpc.file.getDownloadUrl.useQuery(
{ bucket: file.bucket, objectKey: file.objectKey, forDownload: true, fileName: file.fileName },
{ bucket: file.bucket, objectKey: file.objectKey, forDownload: true, fileName: file.fileName, purpose: 'download' as const },
{ enabled: false }
)
@@ -746,7 +746,7 @@ function CompactFileItem({ file }: { file: ProjectFile }) {
const Icon = getFileIcon(file.fileType, file.mimeType)
const { refetch } = trpc.file.getDownloadUrl.useQuery(
{ bucket: file.bucket, objectKey: file.objectKey },
{ bucket: file.bucket, objectKey: file.objectKey, purpose: 'open' as const },
{ enabled: false }
)

6
src/components/shared/requirement-upload-slot.tsx
View File

@@ -72,7 +72,7 @@ interface RequirementUploadSlotProps {
function ViewFileButton({ bucket, objectKey }: { bucket: string; objectKey: string }) {
const { data } = trpc.file.getDownloadUrl.useQuery(
{ bucket, objectKey, forDownload: false },
{ bucket, objectKey, forDownload: false, purpose: 'open' as const },
{ staleTime: 10 * 60 * 1000 }
)
const href = typeof data === 'string' ? data : data?.url
@@ -87,7 +87,7 @@ function ViewFileButton({ bucket, objectKey }: { bucket: string; objectKey: stri
function DownloadFileButton({ bucket, objectKey, fileName }: { bucket: string; objectKey: string; fileName: string }) {
const { data } = trpc.file.getDownloadUrl.useQuery(
{ bucket, objectKey, forDownload: true, fileName },
{ bucket, objectKey, forDownload: true, fileName, purpose: 'download' as const },
{ staleTime: 10 * 60 * 1000 }
)
const href = typeof data === 'string' ? data : data?.url
@@ -229,7 +229,7 @@ export function RequirementUploadSlot({
// Fetch preview URL only when preview is toggled on
const { data: previewUrlData, isLoading: isLoadingPreview } = trpc.file.getDownloadUrl.useQuery(
{ bucket: existingFile?.bucket || '', objectKey: existingFile?.objectKey || '', forDownload: false },
{ bucket: existingFile?.bucket || '', objectKey: existingFile?.objectKey || '', forDownload: false, purpose: 'preview' as const },
{ enabled: showPreview && !!existingFile?.bucket && !!existingFile?.objectKey, staleTime: 10 * 60 * 1000 }
)
const previewUrl = typeof previewUrlData === 'string' ? previewUrlData : previewUrlData?.url