feat(audit): intent ID filters, deep links, and lineage panel [axon-ca7e43df]

easel · claude · easel · commit 80e1c3dfb84c · 2026-05-07T21:22:07.000-04:00
- /audit page reads `?intent=&lt;id&gt;` URL param to pre-populate the intent
  ID filter and show a contextual banner with a link to intent detail
- intent-filtered queries use the REST fetchIntentAudit endpoint which
  returns full intent_lineage metadata for each entry
- detail panel shows an Intent Lineage section (decision, policy/schema
  version, approver, reason, origin) with a deep link to intent detail
- intent detail "Open audit log" link now carries `?intent=&lt;id&gt;` so the
  user can return to the filtered audit context
- entries loaded via the REST endpoint are already in ascending audit_id
  order, giving chronological preview → approve/reject/expire/commit view
- five new tests in intent-audit-lineage.spec.ts cover deep-link
  pre-population, lineage panel, back navigation, and chronological order
  for both committed and approved/rejected intents

Co-Authored-By: Claude Sonnet 4.6 &lt;noreply@anthropic.com&gt;
diff --git a/ui/src/routes/tenants/[tenant]/databases/[database]/audit/+page.svelte b/ui/src/routes/tenants/[tenant]/databases/[database]/audit/+page.svelte
@@ -1,9 +1,12 @@
 <script lang="ts">
+import { base } from '$app/paths';
+import { page } from '$app/state';
 import {
 	type AuditEntry,
 	type EffectiveCollectionPolicy,
 	fetchAudit,
 	fetchEffectivePolicy,
+	fetchIntentAudit,
 	revertAuditEntry,
 	rollbackTransaction,
 } from '$lib/api';
@@ -61,6 +64,7 @@ type AuditFilters = {
 	actor: string;
 	startDate: string;
 	endDate: string;
+	intentId: string;
 };
 
 let entries = $state<AuditEntry[]>([]);
@@ -71,6 +75,7 @@ const filters = $state<AuditFilters>({
 	actor: '',
 	startDate: '',
 	endDate: '',
+	intentId: page.url.searchParams.get('intent') ?? '',
 });
 let selectedEntry = $state<AuditEntry | null>(null);
 
@@ -84,6 +89,14 @@ let txRollbackConfirming = $state(false);
 let txRollbackMessage = $state<string | null>(null);
 let txRollbackError = $state<unknown>(null);
 
+const basePath = $derived(
+	`${base}/tenants/${encodeURIComponent(scope.tenant)}/databases/${encodeURIComponent(scope.database)}`,
+);
+
+function intentDetailHref(intentId: string): string {
+	return `${basePath}/intents/${encodeURIComponent(intentId)}`;
+}
+
 function txSiblingCount(txId: string | number | null | undefined): number {
 	if (!txId) return 0;
 	return entries.filter((e) => e.transaction_id === txId).length;
@@ -149,30 +162,36 @@ function formatTimestamp(timestampNs: number): string {
 async function loadEntries() {
 	loading = true;
 	try {
-		const auditFilters: {
-			collection?: string;
-			actor?: string;
-			sinceNs?: string;
-			untilNs?: string;
-		} = {};
+		if (filters.intentId && scope) {
+			// Use the REST intent-audit endpoint which returns full intent_lineage data.
+			const response = await fetchIntentAudit(filters.intentId, scope);
+			entries = response.entries;
+		} else {
+			const auditFilters: {
+				collection?: string;
+				actor?: string;
+				sinceNs?: string;
+				untilNs?: string;
+			} = {};
 
-		if (filters.collection) {
-			auditFilters.collection = filters.collection;
-		}
-		if (filters.actor) {
-			auditFilters.actor = filters.actor;
-		}
-		const sinceNs = dateToNs(filters.startDate);
-		if (sinceNs) {
-			auditFilters.sinceNs = sinceNs;
-		}
-		const untilNs = dateToNs(filters.endDate, true);
-		if (untilNs) {
-			auditFilters.untilNs = untilNs;
-		}
+			if (filters.collection) {
+				auditFilters.collection = filters.collection;
+			}
+			if (filters.actor) {
+				auditFilters.actor = filters.actor;
+			}
+			const sinceNs = dateToNs(filters.startDate);
+			if (sinceNs) {
+				auditFilters.sinceNs = sinceNs;
+			}
+			const untilNs = dateToNs(filters.endDate, true);
+			if (untilNs) {
+				auditFilters.untilNs = untilNs;
+			}
 
-		const response = await fetchAudit(auditFilters, scope);
-		entries = response.entries;
+			const response = await fetchAudit(auditFilters, scope);
+			entries = response.entries;
+		}
 		selectedEntry = entries[0] ?? null;
 		// Mirror selectEntry()'s policy lookup so the auto-selected first
 		// row's before/after payloads render with the correct redaction
@@ -203,6 +222,23 @@ $effect(() => {
 	</div>
 </div>
 
+{#if filters.intentId}
+	<div class="message" data-testid="audit-intent-banner">
+		Filtered by intent <code>{filters.intentId}</code>
+		<a class="inline-link" href={intentDetailHref(filters.intentId)} data-testid="audit-intent-detail-link">
+			View intent detail
+		</a>
+		<button
+			onclick={() => {
+				filters.intentId = '';
+				void loadEntries();
+			}}
+		>
+			Clear filter
+		</button>
+	</div>
+{/if}
+
 <section class="panel">
 	<div class="panel-body stack">
 		<div class="two-column">
@@ -222,6 +258,14 @@ $effect(() => {
 				<span>Until</span>
 				<input type="date" bind:value={filters.endDate} />
 			</label>
+			<label>
+				<span>Intent ID</span>
+				<input
+					bind:value={filters.intentId}
+					placeholder="Filter by intent ID"
+					data-testid="audit-intent-filter"
+				/>
+			</label>
 		</div>
 		<div class="actions">
 			<button class="primary" onclick={() => loadEntries()}>Apply Filters</button>
@@ -258,7 +302,11 @@ $effect(() => {
 					</thead>
 					<tbody>
 						{#each entries as entry}
-							<tr onclick={() => selectEntry(entry)}>
+							<tr
+								onclick={() => selectEntry(entry)}
+								data-testid="audit-entry-row"
+								data-intent-id={entry.intent_lineage?.intent_id ?? null}
+							>
 								<td>{entry.id}</td>
 								<td>{formatTimestamp(entry.timestamp_ns)}</td>
 								<td>{entry.collection}</td>
@@ -268,6 +316,9 @@ $effect(() => {
 									{#if entry.transaction_id}
 										<span class="pill">tx #{String(entry.transaction_id).substring(0, 8)}</span>
 									{/if}
+									{#if entry.intent_lineage?.intent_id}
+										<span class="pill" data-testid="audit-entry-intent-pill">intent</span>
+									{/if}
 								</td>
 								<td>{entry.actor ?? 'system'}</td>
 							</tr>
@@ -343,6 +394,45 @@ $effect(() => {
 						{/if}
 					</div>
 				{/if}
+				{#if selectedEntry.intent_lineage}
+					<div data-testid="audit-intent-lineage">
+						<h3>Intent Lineage</h3>
+						<div class="meta-grid">
+							<span>Intent ID</span>
+							<a
+								class="inline-link"
+								href={intentDetailHref(selectedEntry.intent_lineage.intent_id)}
+								data-testid="audit-intent-link"
+							>
+								{selectedEntry.intent_lineage.intent_id}
+							</a>
+							<span>Decision</span>
+							<strong data-testid="audit-lineage-decision">{selectedEntry.intent_lineage.decision}</strong>
+							<span>Policy version</span>
+							<strong data-testid="audit-lineage-policy-version">{selectedEntry.intent_lineage.policy_version}</strong>
+							<span>Schema version</span>
+							<strong>{selectedEntry.intent_lineage.schema_version}</strong>
+							{#if selectedEntry.intent_lineage.approver?.actor ?? selectedEntry.intent_lineage.approver?.user_id}
+								<span>Approver</span>
+								<code data-testid="audit-lineage-approver">
+									{selectedEntry.intent_lineage.approver?.actor ?? selectedEntry.intent_lineage.approver?.user_id}
+								</code>
+							{/if}
+							{#if selectedEntry.intent_lineage.reason}
+								<span>Reason</span>
+								<span data-testid="audit-lineage-reason">{selectedEntry.intent_lineage.reason}</span>
+							{/if}
+							{#if selectedEntry.intent_lineage.origin}
+								<span>Origin</span>
+								<code data-testid="audit-lineage-origin">
+									{[selectedEntry.intent_lineage.origin.surface, selectedEntry.intent_lineage.origin.tool_name]
+										.filter((v) => v && v.length > 0)
+										.join(': ')}
+								</code>
+							{/if}
+						</div>
+					</div>
+				{/if}
 				<div>
 					<h3>Before</h3>
 					<pre>{safeJson(selectedEntry.data_before, selectedEntry.collection)}</pre>
diff --git a/ui/src/routes/tenants/[tenant]/databases/[database]/intents/[intent]/+page.svelte b/ui/src/routes/tenants/[tenant]/databases/[database]/intents/[intent]/+page.svelte
@@ -41,7 +41,7 @@ const basePath = $derived(
 	`${base}/tenants/${encodeURIComponent(scope.tenant)}/databases/${encodeURIComponent(scope.database)}`,
 );
 const inboxHref = $derived(`${basePath}/intents`);
-const auditHref = $derived(`${basePath}/audit`);
+const auditHref = $derived(`${basePath}/audit?intent=${encodeURIComponent(intentId)}`);
 
 let intent = $state<MutationIntent | null>(null);
 let auditEntries = $state<AuditEntry[]>([]);
diff --git a/ui/tests/e2e/intent-audit-lineage.spec.ts b/ui/tests/e2e/intent-audit-lineage.spec.ts
@@ -5,7 +5,9 @@ import {
 	TASK_COLLECTION,
 	activateProposedPolicy,
 	approveIntent,
+	commitIntent,
 	createBudgetRecord,
+	dbAuditUrl,
 	dbIntentUrl,
 	dbIntentsUrl,
 	graphqlPath,
@@ -143,3 +145,152 @@ test.describe('Intent audit lineage', () => {
 		expect(metadata.new_policy_version).toBe('2');
 	});
 });
+
+test.describe('Intent audit deep link and lineage panel', () => {
+	test('deep link filters /audit by intent ID and pre-populates filter', async ({
+		page,
+		request,
+	}) => {
+		const db = await seedApprovalCollections(request, 'audit-deeplink');
+		await createBudgetRecord(request, db, TASK_COLLECTION, 'task-dl');
+		const intent = await previewBudgetIntent(request, db, 'task-dl', 6_000, {
+			agentId: 'tool.commit-dl',
+		});
+		await commitIntent(request, db, intent);
+
+		await routeGraphqlAs(page, 'finance-agent');
+		await page.goto(`${dbAuditUrl(db)}?intent=${encodeURIComponent(intent.intentId)}`);
+
+		// Filter field pre-populated from URL param
+		await expect(page.getByTestId('audit-intent-filter')).toHaveValue(intent.intentId);
+
+		// Banner shows the filtered intent ID
+		await expect(page.getByTestId('audit-intent-banner')).toBeVisible();
+		await expect(page.getByTestId('audit-intent-banner')).toContainText(intent.intentId);
+
+		// Entries are present; preview comes before commit (chronological order)
+		await expect(page.locator('[data-testid="audit-entry-row"]').first()).toBeVisible();
+		const operations = await page
+			.locator('[data-testid="audit-entry-row"] td:nth-child(5)')
+			.allTextContents();
+		const previewIdx = operations.findIndex((op) => op.includes('mutation_intent.preview'));
+		const commitIdx = operations.findIndex((op) => op.includes('intent.commit'));
+		expect(previewIdx).toBeGreaterThanOrEqual(0);
+		expect(commitIdx).toBeGreaterThan(previewIdx);
+	});
+
+	test('shows intent lineage panel when an intent audit entry is selected', async ({
+		page,
+		request,
+	}) => {
+		const db = await seedApprovalCollections(request, 'audit-lineage-panel');
+		await createBudgetRecord(request, db, TASK_COLLECTION, 'task-lp');
+		const intent = await previewBudgetIntent(request, db, 'task-lp', 6_000, {
+			agentId: 'tool.panel-test',
+		});
+		await commitIntent(request, db, intent);
+
+		await routeGraphqlAs(page, 'finance-agent');
+		await page.goto(`${dbAuditUrl(db)}?intent=${encodeURIComponent(intent.intentId)}`);
+
+		// Click the commit row to select it
+		const commitRow = page.locator('[data-testid="audit-entry-row"]', {
+			has: page.locator('td', { hasText: 'intent.commit' }),
+		});
+		await expect(commitRow).toBeVisible();
+		await commitRow.click();
+
+		// Lineage panel is visible in the detail section
+		await expect(page.getByTestId('audit-intent-lineage')).toBeVisible();
+
+		// Intent link navigates to the correct intent detail page
+		const intentLink = page.getByTestId('audit-intent-link');
+		await expect(intentLink).toBeVisible();
+		await expect(intentLink).toContainText(intent.intentId);
+		const href = await intentLink.getAttribute('href');
+		expect(href).toContain(encodeURIComponent(intent.intentId));
+	});
+
+	test('intent detail "open audit log" links to filtered audit view and back', async ({
+		page,
+		request,
+	}) => {
+		const db = await seedApprovalCollections(request, 'audit-backlink');
+		await createBudgetRecord(request, db, TASK_COLLECTION, 'task-back');
+		const intent = await previewBudgetIntent(request, db, 'task-back', 6_000);
+		await commitIntent(request, db, intent);
+
+		await routeGraphqlAs(page, 'finance-agent');
+		await page.goto(dbIntentUrl(db, intent.intentId));
+
+		// The "Open audit log" link should carry the intent ID as a filter param
+		const auditLink = page.getByRole('link', { name: 'Open audit log' });
+		await expect(auditLink).toBeVisible();
+		const href = await auditLink.getAttribute('href');
+		expect(href).toMatch(/\/audit/);
+		expect(href).toContain(encodeURIComponent(intent.intentId));
+
+		// Click through; the audit page should show the filtered view
+		await auditLink.click();
+		await expect(page).toHaveURL(new RegExp('/audit'));
+		await expect(page.getByTestId('audit-intent-filter')).toHaveValue(intent.intentId);
+		await expect(page.getByTestId('audit-intent-banner')).toBeVisible();
+
+		// Clearing the intent filter dismisses the banner
+		await page.getByTestId('audit-intent-banner').getByRole('button', { name: 'Clear filter' }).click();
+		await expect(page.getByTestId('audit-intent-banner')).not.toBeVisible();
+	});
+
+	test('shows preview and approval events for approved intent in chronological order', async ({
+		page,
+		request,
+	}) => {
+		const db = await seedApprovalCollections(request, 'audit-order-approve');
+		await createBudgetRecord(request, db, TASK_COLLECTION, 'task-order');
+		const intent = await previewBudgetIntent(request, db, 'task-order', 20_001, {
+			agentId: 'tool.order-test',
+		});
+		await approveIntent(request, db, intent.intentId);
+
+		await routeGraphqlAs(page, 'finance-agent');
+		await page.goto(`${dbAuditUrl(db)}?intent=${encodeURIComponent(intent.intentId)}`);
+
+		await expect(page.locator('[data-testid="audit-entry-row"]').first()).toBeVisible();
+		const operations = await page
+			.locator('[data-testid="audit-entry-row"] td:nth-child(5)')
+			.allTextContents();
+		const previewIdx = operations.findIndex((op) => op.includes('mutation_intent.preview'));
+		const approveIdx = operations.findIndex((op) => op.includes('intent.approve'));
+		expect(previewIdx).toBeGreaterThanOrEqual(0);
+		expect(approveIdx).toBeGreaterThan(previewIdx);
+	});
+
+	test('shows rejection event for rejected intent in chronological order', async ({
+		page,
+		request,
+	}) => {
+		const db = await seedApprovalCollections(request, 'audit-reject-lineage');
+		const ids = await seedIntentStates(request, db);
+
+		await routeGraphqlAs(page, 'finance-agent');
+		await page.goto(`${dbAuditUrl(db)}?intent=${encodeURIComponent(ids.rejected)}`);
+
+		await expect(page.locator('[data-testid="audit-entry-row"]').first()).toBeVisible();
+		const operations = await page
+			.locator('[data-testid="audit-entry-row"] td:nth-child(5)')
+			.allTextContents();
+		const previewIdx = operations.findIndex((op) => op.includes('mutation_intent.preview'));
+		const rejectIdx = operations.findIndex((op) => op.includes('intent.reject'));
+		expect(previewIdx).toBeGreaterThanOrEqual(0);
+		expect(rejectIdx).toBeGreaterThan(previewIdx);
+
+		// Select the reject entry and verify lineage panel shows the intent link
+		const rejectRow = page.locator('[data-testid="audit-entry-row"]', {
+			has: page.locator('td', { hasText: 'intent.reject' }),
+		});
+		await rejectRow.click();
+		await expect(page.getByTestId('audit-intent-lineage')).toBeVisible();
+		await expect(page.getByTestId('audit-intent-link')).toBeVisible();
+		await expect(page.getByTestId('audit-lineage-decision')).toContainText('needs_approval');
+	});
+});
