wrenn/wrenn
2
0
Fork 1
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Audit logging, Data anonymization, and OAuth flow improvements #35

Merged
pptx704 merged 8 commits from feat/compliance into dev 2026-04-21 10:09:38 +00:00
Conversation 0 Commits 8 Files Changed 25 +1200 -443
pptx704 commented 2026-04-21 10:09:26 +00:00
Owner
Copy Link
  • Full audit logging for all admin actions + admin audit page with filters
  • Anonymize audit logs on user hard-delete (GDPR compliance)
  • Email notification on account permanent deletion
  • Separate GitHub OAuth login vs signup flows with name confirmation
  • Fix audit log team assignment for admin/host-level actions
- Full audit logging for all admin actions + admin audit page with filters - Anonymize audit logs on user hard-delete (GDPR compliance) - Email notification on account permanent deletion - Separate GitHub OAuth login vs signup flows with name confirmation - Fix audit log team assignment for admin/host-level actions
pptx704 added 8 commits 2026-04-21 10:09:27 +00:00
feat: separate GitHub OAuth login/signup flows with name confirmation 6a6b489471 
Block auto-account creation when signing in via GitHub from login mode.
Signup via GitHub now shows a name confirmation dialog before redirecting
to dashboard, letting users verify/edit their display name pulled from
GitHub.

- Add intent query param to OAuth redirect, persisted in HMAC-signed state cookie
- Block registration in callback when intent=login, return no_account error
- Set wrenn_oauth_new_signup cookie on new account creation
- Frontend callback shows name confirmation dialog for new signups
- Add no_account error message to login page
feat: anonymize audit logs on user hard-delete and fix host audit log team assignment ebbbde9cd1 
Anonymize audit logs when soft-deleted users are purged after 15 days:
actor_name set to 'deleted-user', actor_id and resource_id nulled,
email stripped from member metadata. Per-user delete ensures no user
is removed without successful anonymization.

Frontend renders deleted-user as a styled red badge in audit log view.

Fix shared host create/delete audit logs landing in admin's personal
team — now correctly assigned to PlatformTeamID.
fix: admin capsule create audit log uses PlatformTeamID 684c98b0fa 
POST /v1/admin/capsules was outside the injectPlatformTeam middleware
subrouter, so audit entries landed under the admin's personal team.
fix: remove accent gradient bars from admin host dialogs edec170652 
Normalize admin host page dialogs to match design system pattern:
border + shadow only, no colored gradient strips. Align animation
timing and shadow to reference components (DestroyDialog, etc).
feat: add audit logging for all admin actions and admin audit page 7fd801c1eb 
Log every admin-panel action (user activate/deactivate, team BYOC toggle,
team delete, template delete, build create/cancel) to the audit_logs table
under PlatformTeamID with scope "admin".

Add GET /v1/admin/audit-logs endpoint and /admin/audit frontend page with
infinite scroll and hierarchical filters. Expose audit.Entry + Log() for
cloud repo extensibility.

Fix seed_platform_team down-migration FK violation by deleting dependent
rows before the team row.
Version bump d270ab7752
refactor: deduplicate audit logger with shared entry builders bb2146d838 
Replace repetitive actorFields + write boilerplate across all 25+ typed
Log methods with shared helpers: newEntry (general), newAdminEntry
(platform-level), resolveHostTeamID, and logSystemHostEvent.

Reduces logger.go from 665 to 374 lines with no behavior change.
feat: send email notification on account hard-delete 11928a172a 
Notify users via email when their account is permanently deleted after
the 15-day soft-delete grace period. Query now returns email alongside
user ID so the notification can be sent after deletion.

Email failure is logged as a warning but does not block cleanup.
pptx704 merged commit c3afd0c8a0 into dev 2026-04-21 10:09:38 +00:00
pptx704 deleted branch feat/compliance 2026-04-21 10:09:38 +00:00
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
pptx704 tksadik92
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: wrenn/wrenn#35
No description provided.
Delete Branch "feat/compliance"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?