dohertj2/scadalink-design
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

docs(audit): roadmap corrections after M6

Browse Source 
M7 head records M6 realities:
- IAuditCentralHealthSnapshot exists; M7 dashboard reads it.
- SiteHealthReport.SiteAuditBacklog ready for per-site tiles.
- IAuditLogRepository.QueryAsync is the page's data source.
- Pre-existing AuditLog.razor rename to ConfigurationAuditLog.razor
  needs verification.
- OperationalAudit + AuditExport permission strings need to exist.
- Real gRPC pull client still deferred; doesn't gate M7.
This commit is contained in:
Joseph Doherty
2026-05-20 19:42:54 -04:00
parent 6d7a03e099
commit 8c2382c2bc
1 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
docs/plans/2026-05-20-audit-log-code-roadmap.md
View File

@@ -1245,6 +1245,15 @@ The design for both is merged on `main` (`alog.md` cached-call tracking section;
## M7 — Central UI: new Audit Log page + drill-ins + KPI tiles ## M7 — Central UI: new Audit Log page + drill-ins + KPI tiles
> **M6 realities to honor:**
> - **`IAuditCentralHealthSnapshot`** (M6 Bundle E) exists as the central aggregator for `CentralAuditWriteFailures`, `AuditRedactionFailure`, and per-site `SiteAuditTelemetryStalled`. M7's Health dashboard tiles should read this snapshot.
> - **`SiteHealthReport.SiteAuditBacklog`** (`SiteAuditBacklogSnapshot` — count + age + bytes) is on the existing per-site report. M7's per-site tiles can surface this without new wiring.
> - **`IAuditLogRepository.QueryAsync`** (M1 Bundle D) is the data source for the Audit Log page; uses keyset paging on (OccurredAtUtc desc, EventId desc).
> - **`IAuditLogRepository.GetPartitionBoundariesOlderThanAsync`** (M6 Bundle C) — surfaces existing partitions; M7 Export feature could leverage but isn't required.
> - **Pre-existing `Components/Pages/Monitoring/AuditLog.razor`** (the IAuditService config-change viewer from before M1) must be renamed in code to `ConfigurationAuditLog.razor` with URL `/audit/configuration` — the doc-renaming was completed pre-M1 but the .razor file rename hasn't been verified.
> - **Permissions**: `OperationalAudit` (read) and `AuditExport` (export) permission strings need to exist in the security model — verify before M7.
> - **Real gRPC pull client still deferred from M6** — M7 doesn't depend on it.
**Goal:** User-visible Audit Log: filter bar, results grid (custom Blazor + Bootstrap, no third-party grid), drilldown drawer with cURL / "show all events" / redaction indicators / pretty-printed payloads. 6 drill-in entry points from existing pages. 3 KPI tiles on Health dashboard. **Goal:** User-visible Audit Log: filter bar, results grid (custom Blazor + Bootstrap, no third-party grid), drilldown drawer with cURL / "show all events" / redaction indicators / pretty-printed payloads. 6 drill-in entry points from existing pages. 3 KPI tiles on Health dashboard.
**Affected projects:** `CentralUI`, `CentralUI.Tests`, `CentralUI.PlaywrightTests`. **Affected projects:** `CentralUI`, `CentralUI.Tests`, `CentralUI.PlaywrightTests`.