Aegis/backend/app/services/audit_service.py

"""Audit logging with request context and integrity hashing."""

# Enable future language features for compatibility
from __future__ import annotations

# Import hashlib
import hashlib

# Import datetime, timezone from datetime
from datetime import datetime, timezone

# Import UUID from uuid
from uuid import UUID

# Import Session from sqlalchemy.orm
from sqlalchemy.orm import Session

# Import request_ip, request_user_agent from app.middleware.request_context
from app.middleware.request_context import request_ip, request_user_agent

# Import AuditLog from app.models.audit
from app.models.audit import AuditLog


# Define function _integrity_payload
def _integrity_payload(entry: AuditLog) -> str:
    # Assign ts = entry.timestamp
    ts = entry.timestamp
    # Check: ts is None
    if ts is None:
        # Assign ts = datetime.now(timezone.utc)
        ts = datetime.now(timezone.utc)
    # Assign user_part = str(entry.user_id) if entry.user_id else ""
    user_part = str(entry.user_id) if entry.user_id else ""
    # Assign entity_type = entry.entity_type or ""
    entity_type = entry.entity_type or ""
    # Assign entity_id = entry.entity_id or ""
    entity_id = entry.entity_id or ""
    # Return f"{user_part}:{entry.action}:{entity_type}:{entity_id}:{ts.isoforma...
    return f"{user_part}:{entry.action}:{entity_type}:{entity_id}:{ts.isoformat()}"


# Define function compute_integrity_hash
def compute_integrity_hash(entry: AuditLog) -> str:
    """Return the SHA-256 hex digest for an audit log entry."""
    # Return hashlib.sha256(_integrity_payload(entry).encode()).hexdigest()
    return hashlib.sha256(_integrity_payload(entry).encode()).hexdigest()


# Define function verify_audit_integrity
def verify_audit_integrity(entry: AuditLog) -> bool:
    """Return whether the stored hash matches the entry's current fields."""
    # Check: not entry.integrity_hash
    if not entry.integrity_hash:
        # Return False
        return False
    # Return entry.integrity_hash == compute_integrity_hash(entry)
    return entry.integrity_hash == compute_integrity_hash(entry)


# Define function log_action
def log_action(
    # Entry: db
    db: Session,
    # Entry: user_id
    user_id: UUID | None,
    # Entry: action
    action: str,
    # Entry: entity_type
    entity_type: str | None = None,
    # Entry: entity_id
    entity_id: str | None = None,
    # Entry: details
    details: dict | None = None,
    *,
    # Entry: ip_address
    ip_address: str | None = None,
    # Entry: user_agent
    user_agent: str | None = None,
    # Entry: session_id
    session_id: str | None = None,
) -> AuditLog:
    """Record an audit event. Does not commit — the caller owns the transaction."""
    # Assign ip = ip_address if ip_address is not None else request_ip.get("")
    ip = ip_address if ip_address is not None else request_ip.get("")
    # Assign ua = user_agent if user_agent is not None else request_user_agent.get("")
    ua = user_agent if user_agent is not None else request_user_agent.get("")

    # Assign entry = AuditLog(
    entry = AuditLog(
        # Keyword argument: user_id
        user_id=user_id,
        # Keyword argument: action
        action=action,
        # Keyword argument: entity_type
        entity_type=entity_type,
        # Keyword argument: entity_id
        entity_id=str(entity_id) if entity_id else None,
        # Keyword argument: details
        details=details,
        # Keyword argument: ip_address
        ip_address=ip or None,
        # Keyword argument: user_agent
        user_agent=ua or None,
        # Keyword argument: session_id
        session_id=session_id,
        timestamp=datetime.now(timezone.utc),
    )
    # Stage new record(s) for database insertion
    db.add(entry)
    # Flush changes to DB without committing the transaction
    db.flush()
    # Reload from DB so the timestamp is in DB-stable format before hashing.
    # Without this, a round-trip through the DB (e.g. refresh after commit) can
    # return a timestamp with different precision/timezone, causing hash mismatch.
    db.refresh(entry)
    # Assign entry.integrity_hash = compute_integrity_hash(entry)
    entry.integrity_hash = compute_integrity_hash(entry)
    # Return entry
    return entry