feat(phase-20/23): audit log models, notification controller, traits (in-progress)

claude · claude · commit 380356268b04 · 2026-06-19T05:35:04.000Z
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01RdUGwo74JXChRCF88Yu27d
diff --git a/erp/app/Http/Controllers/Api/V1/AuditLogController.php b/erp/app/Http/Controllers/Api/V1/AuditLogController.php
@@ -0,0 +1,23 @@
+<?php
+namespace App\Http\Controllers\Api\V1;
+
+use Illuminate\Http\Request;
+use Illuminate\Http\JsonResponse;
+use App\Modules\Core\Models\AuditLog;
+
+class AuditLogController extends ApiController
+{
+    public function index(Request $request): JsonResponse
+    {
+        $tenantId = app()->has('tenant') ? app('tenant')->id : $request->user()->tenant_id;
+
+        $logs = AuditLog::where('tenant_id', $tenantId)
+            ->with('user:id,name')
+            ->when($request->action, fn($q) => $q->where('action', $request->action))
+            ->when($request->type, fn($q) => $q->where('auditable_type', 'like', "%{$request->type}%"))
+            ->latest()
+            ->paginate(50);
+
+        return $this->paginated($logs);
+    }
+}
diff --git a/erp/app/Http/Controllers/Api/V1/NotificationController.php b/erp/app/Http/Controllers/Api/V1/NotificationController.php
@@ -0,0 +1,62 @@
+<?php
+namespace App\Http\Controllers\Api\V1;
+
+use Illuminate\Http\Request;
+use Illuminate\Http\JsonResponse;
+use App\Modules\Core\Models\ErpNotification;
+
+class NotificationController extends ApiController
+{
+    public function index(Request $request): JsonResponse
+    {
+        $tenantId = app()->has('tenant') ? app('tenant')->id : $request->user()->tenant_id;
+        $userId = $request->user()->id;
+
+        $notifications = ErpNotification::where('tenant_id', $tenantId)
+            ->where('user_id', $userId)
+            ->latest()
+            ->paginate(20);
+
+        return $this->paginated($notifications);
+    }
+
+    public function unreadCount(Request $request): JsonResponse
+    {
+        $tenantId = app()->has('tenant') ? app('tenant')->id : $request->user()->tenant_id;
+        $userId = $request->user()->id;
+
+        $count = ErpNotification::where('tenant_id', $tenantId)
+            ->where('user_id', $userId)
+            ->whereNull('read_at')
+            ->count();
+
+        return $this->success(['count' => $count]);
+    }
+
+    public function markRead(Request $request, int $id): JsonResponse
+    {
+        $tenantId = app()->has('tenant') ? app('tenant')->id : $request->user()->tenant_id;
+        $userId = $request->user()->id;
+
+        $notification = ErpNotification::where('tenant_id', $tenantId)
+            ->where('user_id', $userId)
+            ->findOrFail($id);
+
+        $notification->markAsRead();
+
+        return $this->success(['message' => 'Notification marked as read']);
+    }
+
+    public function markAllRead(Request $request): JsonResponse
+    {
+        $tenantId = app()->has('tenant') ? app('tenant')->id : $request->user()->tenant_id;
+        $userId = $request->user()->id;
+
+        ErpNotification::where('tenant_id', $tenantId)
+            ->where('user_id', $userId)
+            ->whereNull('read_at')
+            ->update(['read_at' => now()]);
+
+        return $this->success(['message' => 'All notifications marked as read']);
+    }
+}
diff --git a/erp/app/Modules/Core/Models/AuditLog.php b/erp/app/Modules/Core/Models/AuditLog.php
@@ -4,44 +4,26 @@
 
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\Relations\BelongsTo;
-use Illuminate\Database\Eloquent\Relations\MorphTo;
 
 class AuditLog extends Model
 {
-    public const UPDATED_AT = null;
-
-    public $timestamps = false;
-
     protected $fillable = [
-        'user_id',
         'tenant_id',
-        'event',
+        'user_id',
         'action',
         'auditable_type',
         'auditable_id',
-        'auditable_label',
         'old_values',
         'new_values',
         'ip_address',
         'user_agent',
-        'url',
-        'module',
-        'created_at',
     ];
 
     protected $casts = [
-        'old_values'  => 'array',
-        'new_values'  => 'array',
-        'created_at'  => 'datetime',
+        'old_values' => 'array',
+        'new_values' => 'array',
     ];
 
-    protected $dates = ['created_at'];
-
-    public function auditable(): MorphTo
-    {
-        return $this->morphTo();
-    }
-
     public function user(): BelongsTo
     {
         return $this->belongsTo(\App\Models\User::class);
@@ -55,15 +37,11 @@ public function tenant(): BelongsTo
     /**
      * Record an audit log entry.
      *
-     * Supports two call styles:
-     *   record(string $action, $model, array $old, array $new, string $module)   -- new style
-     *   record(string $event,  $model, array $old, array $new, int    $tenantId) -- legacy style
-     *
-     * @param  string            $action
-     * @param  Model|null        $model
-     * @param  array             $oldValues
-     * @param  array             $newValues
-     * @param  string|int|null   $moduleOrTenantId
+     * @param  string       $action
+     * @param  Model|null   $model
+     * @param  array        $oldValues
+     * @param  array        $newValues
+     * @param  mixed        $moduleOrTenantId  ignored (kept for backward compat)
      * @return static
      */
     public static function record(
@@ -74,33 +52,25 @@ public static function record(
         $moduleOrTenantId = null
     ): static {
         $tenantId = null;
-        $module   = '';
 
         if (is_int($moduleOrTenantId)) {
             $tenantId = $moduleOrTenantId;
-        } elseif (is_string($moduleOrTenantId)) {
-            $module = $moduleOrTenantId;
         }
 
         if ($tenantId === null) {
-            $tenantId = auth()->user()?->tenant_id ?? 0;
+            $tenantId = $model->tenant_id ?? auth()->user()?->tenant_id ?? 0;
         }
 
         return static::create([
-            'tenant_id'       => $tenantId,
-            'user_id'         => auth()->id(),
-            'event'           => $action,
-            'action'          => $action,
-            'auditable_type'  => $model ? get_class($model) : null,
-            'auditable_id'    => $model?->getKey(),
-            'auditable_label' => $model?->name ?? $model?->title ?? $model?->subject ?? null,
-            'old_values'      => $oldValues ?: null,
-            'new_values'      => $newValues ?: null,
-            'ip_address'      => request()?->ip(),
-            'user_agent'      => request()?->userAgent(),
-            'url'             => request()?->fullUrl(),
-            'module'          => $module,
-            'created_at'      => now(),
+            'tenant_id'      => $tenantId,
+            'user_id'        => auth()->id(),
+            'action'         => $action,
+            'auditable_type' => $model ? get_class($model) : null,
+            'auditable_id'   => $model?->getKey(),
+            'old_values'     => $oldValues ?: null,
+            'new_values'     => $newValues ?: null,
+            'ip_address'     => request()?->ip(),
+            'user_agent'     => request()?->userAgent(),
         ]);
     }
 
@@ -122,6 +92,6 @@ public function getChangeSummaryAttribute(): string
             return implode(', ', $changedKeys) . ' changed';
         }
 
-        return $this->action ?? $this->event ?? '';
+        return $this->action ?? '';
     }
 }
diff --git a/erp/app/Modules/Core/Models/ErpNotification.php b/erp/app/Modules/Core/Models/ErpNotification.php
@@ -0,0 +1,35 @@
+<?php
+namespace App\Modules\Core\Models;
+
+use Illuminate\Database\Eloquent\Model;
+use Illuminate\Database\Eloquent\Relations\BelongsTo;
+use App\Models\User;
+
+class ErpNotification extends Model
+{
+    protected $table = 'erp_notifications';
+
+    protected $fillable = [
+        'tenant_id', 'user_id', 'type', 'title', 'message', 'data', 'read_at',
+    ];
+
+    protected $casts = [
+        'data'    => 'array',
+        'read_at' => 'datetime',
+    ];
+
+    public function user(): BelongsTo
+    {
+        return $this->belongsTo(User::class);
+    }
+
+    public function markAsRead(): void
+    {
+        $this->update(['read_at' => now()]);
+    }
+
+    public function isRead(): bool
+    {
+        return $this->read_at !== null;
+    }
+}
diff --git a/erp/app/Modules/Core/Observers/AuditLogObserver.php b/erp/app/Modules/Core/Observers/AuditLogObserver.php
@@ -30,14 +30,14 @@ public function deleted(Model $model): void
         $this->log('deleted', $model, $model->getOriginal(), []);
     }
 
-    private function log(string $event, Model $model, array $old, array $new): void
+    private function log(string $action, Model $model, array $old, array $new): void
     {
         $tenantId = $this->resolveTenantId($model);
 
         AuditLog::create([
             'user_id'        => Auth::id(),
             'tenant_id'      => $tenantId,
-            'event'          => $event,
+            'action'         => $action,
             'auditable_type' => get_class($model),
             'auditable_id'   => $model->getKey(),
             'old_values'     => $old ?: null,
diff --git a/erp/app/Modules/Finance/Models/Contact.php b/erp/app/Modules/Finance/Models/Contact.php
@@ -4,6 +4,7 @@
 
 use App\Modules\Core\Traits\BelongsToTenant;
 use App\Modules\Core\Traits\HasAuditLog;
+use App\Traits\LogsActivity;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\Relations\BelongsTo;
 use Illuminate\Database\Eloquent\Relations\HasMany;
@@ -14,6 +15,7 @@ class Contact extends Model
 {
     use BelongsToTenant;
     use HasAuditLog;
+    use LogsActivity;
     use SoftDeletes;
 
     protected $fillable = [
diff --git a/erp/app/Modules/Finance/Models/Invoice.php b/erp/app/Modules/Finance/Models/Invoice.php
@@ -5,6 +5,7 @@
 use App\Models\User;
 use App\Modules\Core\Traits\BelongsToTenant;
 use App\Modules\Core\Traits\HasAuditLog;
+use App\Traits\LogsActivity;
 use App\Modules\Finance\Traits\HasLineItemTotals;
 use App\Modules\Finance\Traits\HasAttachments;
 use App\Modules\Finance\Traits\HasStatusTransitions;
@@ -17,6 +18,7 @@ class Invoice extends Model
 {
     use BelongsToTenant;
     use HasAuditLog;
+    use LogsActivity;
     use SoftDeletes;
     use HasLineItemTotals;
     use HasAttachments;
diff --git a/erp/app/Modules/HR/Models/Employee.php b/erp/app/Modules/HR/Models/Employee.php
@@ -4,6 +4,7 @@
 
 use App\Models\User;
 use App\Modules\Core\Traits\BelongsToTenant;
+use App\Traits\LogsActivity;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\Relations\BelongsTo;
 use Illuminate\Database\Eloquent\Relations\HasMany;
@@ -12,6 +13,7 @@
 class Employee extends Model
 {
     use BelongsToTenant;
+    use LogsActivity;
     use SoftDeletes;
 
     protected $fillable = [
diff --git a/erp/app/Modules/Inventory/Models/Product.php b/erp/app/Modules/Inventory/Models/Product.php
@@ -4,6 +4,7 @@
 
 use App\Modules\Core\Traits\BelongsToTenant;
 use App\Modules\Core\Traits\HasAuditLog;
+use App\Traits\LogsActivity;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\Relations\BelongsTo;
 use Illuminate\Database\Eloquent\Relations\BelongsToMany;
@@ -14,6 +15,7 @@ class Product extends Model
 {
     use BelongsToTenant;
     use HasAuditLog;
+    use LogsActivity;
     use SoftDeletes;
 
     protected $fillable = [
diff --git a/erp/app/Services/NotificationService.php b/erp/app/Services/NotificationService.php
@@ -2,13 +2,37 @@
 
 namespace App\Services;
 
+use App\Modules\Core\Models\ErpNotification;
 use App\Modules\Finance\Models\Invoice;
 use App\Modules\HR\Models\LeaveRequest;
 use App\Modules\Inventory\Models\Product;
+use App\Events\Notifications\ErpNotification as ErpNotificationEvent;
 use Illuminate\Support\Facades\Cache;
 
 class NotificationService
 {
+    /**
+     * Send a persistent in-app notification and broadcast via WebSocket.
+     */
+    public static function send(int $tenantId, int $userId, string $type, string $title, string $message, array $data = []): ErpNotification
+    {
+        $notification = ErpNotification::create([
+            'tenant_id' => $tenantId,
+            'user_id'   => $userId,
+            'type'      => $type,
+            'title'     => $title,
+            'message'   => $message,
+            'data'      => $data,
+        ]);
+
+        broadcast(new ErpNotificationEvent($tenantId, $type, $title, $message, $data));
+
+        return $notification;
+    }
+
+    /**
+     * Get summary notifications for sidebar bell (cached, page-load driven).
+     */
     public static function forUser(\App\Models\User $user): array
     {
         $tenantId = $user->tenant_id;
diff --git a/erp/app/Traits/LogsActivity.php b/erp/app/Traits/LogsActivity.php
diff --git a/erp/database/migrations/2026_06_19_000002_create_erp_notifications_table.php b/erp/database/migrations/2026_06_19_000002_create_erp_notifications_table.php
diff --git a/erp/database/migrations/2026_07_23_100001_create_audit_logs_table.php b/erp/database/migrations/2026_07_23_100001_create_audit_logs_table.php
diff --git a/erp/routes/api.php b/erp/routes/api.php
diff --git a/erp/tests/Feature/AuditLog/AuditLogTest.php b/erp/tests/Feature/AuditLog/AuditLogTest.php
