feat(auditlog): inbound audit rows carry ExecutionId

2026-05-21 15:44:17 -04:00
parent 6aac4c8ed7
commit cfd8f1ecf4
2 changed files with 19 additions and 10 deletions
--- a/src/ScadaLink.InboundAPI/Middleware/AuditWriteMiddleware.cs
+++ b/src/ScadaLink.InboundAPI/Middleware/AuditWriteMiddleware.cs
@@ -145,17 +145,21 @@ public sealed class AuditWriteMiddleware
                OccurredAtUtc = DateTime.UtcNow,
                Channel = AuditChannel.ApiInbound,
                Kind = kind,
-                // Audit Log #23: a fresh per-request correlation id so the
+                // Audit Log #23: a fresh per-request execution id so the
                // inbound row carries a request identifier (closes the design
                // gap that inbound rows should be correlatable).
                //
                // This id is intentionally request-local: it is NOT bridged to
                // RouteHelper's routed-call correlation id or to
                // HttpContext.TraceIdentifier. Threading an inbound request's
-                // correlation id through to the routed script execution (so an
+                // execution id through to the routed script execution (so an
                // inbound call and the outbound API/DB rows it triggers share
                // one id) is a deliberate future follow-up, out of scope here.
-                CorrelationId = Guid.NewGuid(),
+                ExecutionId = Guid.NewGuid(),
+                // CorrelationId is purely the per-operation-lifecycle id; an
+                // inbound request is a one-shot from the audit row's
+                // perspective with no multi-row operation to correlate.
+                CorrelationId = null,
                Actor = actor,
                Target = methodName,
                Status = status,