feat(admin): capture ip_address + user_agent in org-settings audit log#3477
Merged
Conversation
4 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Refs #3466
Adds
ip_addressanduser_agentfields to thedetailsJSONB block of theorganization_settings_updatedaudit log entry (PATCH /api/organizations/:orgId/settings). This is Improvement 1 from the issue; Improvement 2 (thedisabled_atcolumn + trigger change) remains on the parent issue pending a design decision on cohort semantics.Non-breaking justification: Adds two new keys to an existing
Record<string, any>JSONBdetailsfield. The audit log table has no column constraints ondetails; no schema migration is needed. Existing audit queries that readdetailsare unaffected — they ignore unknown keys.Implementation notes:
ip_addressplaced before...updatesspread so payload keys can never silently overwrite it.user_agentsanitized (control chars stripped, 512-char truncation) before insertion into JSONB to prevent log-pipeline injection.req.get('user-agent')(lowercase) matches the established convention inhttp.tslines 6340–6352.req.ipis correct giventrust proxy 1is set inhttp.ts:581for Fly.io's single-proxy topology.Nits surfaced (not fixed):
trust proxy 1inhttp.tsnoting the assumed proxy topology would help future infra changes. Out of scope for this PR."") passes through as""rather thannull; harmless for forensics.Pre-PR review:
ip_address/user_agentbefore...updates), sanitization regex is linear (not polynomial),req.ip+ trust-proxy usage sound; two nits surfaced above, none blockingip_addresskey and lowercaseuser-agentheader match codebase conventions; no collision risk with existing audit log queries or exportsSession: https://claude.ai/code/session_01UcPQT3fEmyDhNj2GWZDD3S
Generated by Claude Code