36 lines
1.4 KiB
TypeScript
36 lines
1.4 KiB
TypeScript
import { Router } from 'express';
|
|
import { authenticate, requirePermission } from '../middleware/auth.js';
|
|
import * as auditLogController from '../controllers/auditLog.controller.js';
|
|
|
|
const router = Router();
|
|
|
|
// Alle Routen erfordern Authentifizierung
|
|
router.use(authenticate);
|
|
|
|
// Audit-Logs abrufen
|
|
router.get('/', requirePermission('audit:read'), auditLogController.getAuditLogs);
|
|
|
|
// Audit-Logs exportieren (muss VOR /:id stehen!)
|
|
router.get('/export', requirePermission('audit:read'), auditLogController.exportAuditLogs);
|
|
|
|
// Audit-Logs für einen Kunden (DSGVO)
|
|
router.get('/customer/:customerId', requirePermission('audit:read'), auditLogController.getAuditLogsByCustomer);
|
|
|
|
// Einzelnes Audit-Log abrufen
|
|
router.get('/:id', requirePermission('audit:read'), auditLogController.getAuditLogById);
|
|
|
|
// Hash-Ketten-Integrität prüfen
|
|
router.post('/verify', requirePermission('audit:read'), auditLogController.verifyIntegrity);
|
|
|
|
// Hash-Kette reparieren
|
|
router.post('/rehash', requirePermission('audit:admin'), auditLogController.rehashAll);
|
|
|
|
// Retention-Policies
|
|
router.get('/retention-policies', requirePermission('audit:admin'), auditLogController.getRetentionPolicies);
|
|
router.put('/retention-policies/:id', requirePermission('audit:admin'), auditLogController.updateRetentionPolicy);
|
|
|
|
// Retention-Cleanup manuell ausführen
|
|
router.post('/cleanup', requirePermission('audit:admin'), auditLogController.runRetentionCleanup);
|
|
|
|
export default router;
|