feat(core): Phase 93 — Audit Log & Activity Tracking

https://claude.ai/code/session_01RdUGwo74JXChRCF88Yu27d

Author: claude

erp/app/Modules/Core/Http/Controllers/AuditLogController.php

@@ -2,62 +2,36 @@
 
 namespace App\Modules\Core\Http\Controllers;
 
+use App\Http\Controllers\Controller;
 use App\Modules\Core\Models\AuditLog;
 use Illuminate\Http\Request;
-use Illuminate\Routing\Controller;
 use Inertia\Inertia;
 use Inertia\Response;
 
 class AuditLogController extends Controller
 {
     public function index(Request $request): Response
     {
-        // Only super-admin can view the cross-tenant audit log
-        if (! $request->user()->hasRole('super-admin')) {
-            abort(403);
-        }
+        $this->authorize('viewAny', AuditLog::class);
 
-        $query = AuditLog::with('user')
-            ->orderByDesc('created_at');
-
-        if ($event = $request->query('event')) {
-            $query->where('event', $event);
-        }
-
-        if ($userId = $request->query('user_id')) {
-            $query->where('user_id', $userId);
-        }
-
-        if ($auditableType = $request->query('auditable_type')) {
-            $query->where('auditable_type', 'like', "%{$auditableType}%");
-        }
-
-        if ($tenantId = $request->query('tenant_id')) {
-            $query->where('tenant_id', $tenantId);
-        }
-
-        if ($dateFrom = $request->query('date_from')) {
-            $query->whereDate('created_at', '>=', $dateFrom);
-        }
-
-        if ($dateTo = $request->query('date_to')) {
-            $query->whereDate('created_at', '<=', $dateTo);
-        }
-
-        $logs = $query->paginate(30)->withQueryString();
-
-        $filters = $request->only([
-            'event',
-            'user_id',
-            'auditable_type',
-            'tenant_id',
-            'date_from',
-            'date_to',
-        ]);
+        $logs = AuditLog::with('user')
+            ->when($request->action,  fn ($q) => $q->where('action', $request->action))
+            ->when($request->module,  fn ($q) => $q->where('module', $request->module))
+            ->when($request->user_id, fn ($q) => $q->where('user_id', $request->user_id))
+            ->latest('created_at')
+            ->paginate(50)
+            ->withQueryString();
 
         return Inertia::render('Core/AuditLogs/Index', [
             'logs'    => $logs,
-            'filters' => $filters,
+            'filters' => $request->only(['action', 'module', 'user_id']),
         ]);
     }
+
+    public function show(AuditLog $auditLog): Response
+    {
+        $this->authorize('view', $auditLog);
+        $auditLog->load('user');
+        return Inertia::render('Core/AuditLogs/Show', ['log' => $auditLog]);
+    }
 }

erp/app/Modules/Core/Models/AuditLog.php

@@ -16,12 +16,16 @@ class AuditLog extends Model
         'user_id',
         'tenant_id',
         'event',
+        'action',
         'auditable_type',
         'auditable_id',
+        'auditable_label',
         'old_values',
         'new_values',
         'ip_address',
         'user_agent',
+        'url',
+        'module',
         'created_at',
     ];
 
@@ -31,6 +35,8 @@ class AuditLog extends Model
         'created_at'  => 'datetime',
     ];
 
+    protected $dates = ['created_at'];
+
     public function auditable(): MorphTo
     {
         return $this->morphTo();
@@ -49,31 +55,73 @@ public function tenant(): BelongsTo
     /**
      * Record an audit log entry.
      *
-     * @param  string       $event
-     * @param  Model|null   $auditable
-     * @param  array        $oldValues
-     * @param  array        $newValues
-     * @param  int|null     $tenantId
+     * Supports two call styles:
+     *   record(string $action, $model, array $old, array $new, string $module)   -- new style
+     *   record(string $event,  $model, array $old, array $new, int    $tenantId) -- legacy style
+     *
+     * @param  string            $action
+     * @param  Model|null        $model
+     * @param  array             $oldValues
+     * @param  array             $newValues
+     * @param  string|int|null   $moduleOrTenantId
      * @return static
      */
     public static function record(
-        string $event,
-        ?Model $auditable = null,
+        string $action,
+        $model = null,
         array $oldValues = [],
         array $newValues = [],
-        ?int $tenantId = null
+        $moduleOrTenantId = null
     ): static {
+        $tenantId = null;
+        $module   = '';
+
+        if (is_int($moduleOrTenantId)) {
+            $tenantId = $moduleOrTenantId;
+        } elseif (is_string($moduleOrTenantId)) {
+            $module = $moduleOrTenantId;
+        }
+
+        if ($tenantId === null) {
+            $tenantId = auth()->user()?->tenant_id ?? 0;
+        }
+
         return static::create([
-            'user_id'        => auth()->id(),
-            'tenant_id'      => $tenantId,
-            'event'          => $event,
-            'auditable_type' => $auditable ? get_class($auditable) : null,
-            'auditable_id'   => $auditable?->getKey(),
-            'old_values'     => $oldValues ?: null,
-            'new_values'     => $newValues ?: null,
-            'ip_address'     => request()->ip(),
-            'user_agent'     => request()->userAgent(),
-            'created_at'     => now(),
+            'tenant_id'       => $tenantId,
+            'user_id'         => auth()->id(),
+            'event'           => $action,
+            'action'          => $action,
+            'auditable_type'  => $model ? get_class($model) : null,
+            'auditable_id'    => $model?->getKey(),
+            'auditable_label' => $model?->name ?? $model?->title ?? $model?->subject ?? null,
+            'old_values'      => $oldValues ?: null,
+            'new_values'      => $newValues ?: null,
+            'ip_address'      => request()?->ip(),
+            'user_agent'      => request()?->userAgent(),
+            'url'             => request()?->fullUrl(),
+            'module'          => $module,
+            'created_at'      => now(),
         ]);
     }
+
+    /**
+     * Get a human-readable summary of changes.
+     */
+    public function getChangeSummaryAttribute(): string
+    {
+        if ($this->old_values && $this->new_values) {
+            $changedKeys = array_keys(array_diff_assoc(
+                (array) $this->new_values,
+                (array) $this->old_values
+            ));
+
+            if (empty($changedKeys)) {
+                $changedKeys = array_keys((array) $this->new_values);
+            }
+
+            return implode(', ', $changedKeys) . ' changed';
+        }
+
+        return $this->action ?? $this->event ?? '';
+    }
 }

erp/app/Modules/Core/Policies/AuditLogPolicy.php

@@ -0,0 +1,18 @@
+<?php
+
+namespace App\Modules\Core\Policies;
+
+use App\Models\User;
+
+class AuditLogPolicy
+{
+    public function viewAny(User $user): bool
+    {
+        return $user->hasRole(['super-admin', 'admin']);
+    }
+
+    public function view(User $user, $model): bool
+    {
+        return $user->hasRole(['super-admin', 'admin']);
+    }
+}

erp/app/Modules/Core/Providers/CoreServiceProvider.php

@@ -2,9 +2,12 @@
 
 namespace App\Modules\Core\Providers;
 
+use App\Modules\Core\Models\AuditLog;
+use App\Modules\Core\Policies\AuditLogPolicy;
 use App\Modules\Finance\Providers\FinanceServiceProvider;
 use App\Modules\HR\Providers\HRServiceProvider;
 use App\Modules\Inventory\Providers\InventoryServiceProvider;
+use Illuminate\Support\Facades\Gate;
 use Illuminate\Support\ServiceProvider;
 
 class CoreServiceProvider extends ServiceProvider
@@ -19,5 +22,6 @@ public function register(): void
     public function boot(): void
     {
         $this->loadRoutesFrom(__DIR__ . '/../routes/core.php');
+        Gate::policy(AuditLog::class, AuditLogPolicy::class);
     }
 }

erp/app/Modules/Core/routes/core.php

@@ -1,6 +1,7 @@
 <?php
 
-use App\Http\Controllers\Admin\AuditLogController;
+use App\Modules\Core\Http\Controllers\AuditLogController;
+use App\Http\Controllers\Admin\AuditLogController as AdminAuditLogController;
 use App\Http\Controllers\Admin\UserController;
 use App\Http\Controllers\AnalyticsController;
 use App\Http\Controllers\DashboardController;
@@ -33,6 +34,10 @@
 
     Route::prefix('admin')->name('admin.')->group(function () {
         Route::resource('users', UserController::class)->names('users');
-        Route::get('audit-log', [AuditLogController::class, 'index'])->name('audit-log.index');
+        Route::get('audit-log', [AdminAuditLogController::class, 'index'])->name('audit-log.index');
+    });
+
+    Route::middleware(['web', 'auth', 'verified'])->prefix('core')->name('core.')->group(function () {
+        Route::resource('audit-logs', AuditLogController::class)->only(['index', 'show']);
     });
 });

erp/database/migrations/2026_07_23_100001_create_audit_logs_table.php

@@ -0,0 +1,25 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+return new class extends Migration
+{
+    public function up(): void
+    {
+        Schema::table('audit_logs', function (Blueprint $table) {
+            $table->string('action')->nullable()->after('event');
+            $table->string('auditable_label')->nullable()->after('auditable_id');
+            $table->string('url')->nullable()->after('user_agent');
+            $table->string('module')->nullable()->after('url');
+        });
+    }
+
+    public function down(): void
+    {
+        Schema::table('audit_logs', function (Blueprint $table) {
+            $table->dropColumn(['action', 'auditable_label', 'url', 'module']);
+        });
+    }
+};

erp/resources/js/Components/Layout/Sidebar.tsx

@@ -183,6 +183,19 @@ const navItems: NavItem[] = [
         href: '/analytics',
         icon: analyticsIcon,
     },
+    {
+        label: 'System',
+        href: '/core/audit-logs',
+        icon: (
+            <svg className="h-5 w-5" fill="none" stroke="currentColor" strokeWidth={1.75} viewBox="0 0 24 24">
+                <path strokeLinecap="round" strokeLinejoin="round" d="M9 12h3.75M9 15h3.75M9 18h3.75m3 .75H18a2.25 2.25 0 002.25-2.25V6.108c0-1.135-.845-2.098-1.976-2.192a48.424 48.424 0 00-1.123-.08m-5.801 0c-.065.21-.1.433-.1.664 0 .414.336.75.75.75h4.5a.75.75 0 00.75-.75 2.25 2.25 0 00-.1-.664m-5.8 0A2.251 2.251 0 0113.5 2.25H15c1.012 0 1.867.668 2.15 1.586m-5.8 0c-.376.023-.75.05-1.124.08C9.095 4.01 8.25 4.973 8.25 6.108V8.25m0 0H4.875c-.621 0-1.125.504-1.125 1.125v11.25c0 .621.504 1.125 1.125 1.125h9.75c.621 0 1.125-.504 1.125-1.125V9.375c0-.621-.504-1.125-1.125-1.125H8.25zM6.75 12h.008v.008H6.75V12zm0 3h.008v.008H6.75V15zm0 3h.008v.008H6.75V18z" />
+            </svg>
+        ),
+        permission: 'finance.view',
+        children: [
+            { label: 'Audit Log', href: '/core/audit-logs', icon: <span /> },
+        ],
+    },
     {
         label: 'Admin',
         href: '/admin/users',