feat(audit-log-filters): Audit-Log mit Filter (user, action, date-range) [tsc:fail]

.phase18-state.json

@@ -1,5 +1,8 @@
 {
   "completed_features": [],
-  "current_feature": "api-key-management",
+  "current_feature": "audit-log-filters",
-  "started_at": "2026-05-23T07:29:44.977564"
+  "started_at": "2026-05-23T07:29:44.977564",
+  "attempted_features": [
+    "api-key-management"
+  ]
 }

GENERATION_LOG.md

@@ -2152,3 +2152,22 @@ src/index.ts(27,25): error TS2769: No overload matches this call.
   Overload 2 of 3, '(plugin: FastifyPluginAsync<{ limits: { fileSize: number; }; }, RawServerDefault, FastifyTypeProvider, FastifyBaseLogger>, opts?: FastifyRegisterOptions<...> | undefined): FastifyInstance<...> & PromiseLike<...>', gave the following error.
     Argument of type 'Promise<FastifyMultipartPlugin>' is not assignable to parameter of type 'FastifyPluginAsync<{ limits: { fileSize: number; }; }, RawServerDefault, FastifyTypeProvider, FastifyBaseLogger>'.
       Type 'Promise<FastifyMultipartPlugin>' provides no match for the signature '(instance: FastifyInstance<RawServerDefault, IncomingMessage, ServerResponse<IncomingMessage>, FastifyBaseLogger, FastifyTy
+- `07:31:45` **INFO**   Committed feature api-key-management
+- `07:31:45` **INFO**   Pushed: rc=0
+
+## Phase-3 Feature: audit-log-filters (2026-05-23 07:31:45)
+
+- `07:31:45` **INFO** Description: Audit-Log mit Filter (user, action, date-range)
+- `07:31:45` **INFO**   Generating apps/api/src/routes/audit-log.ts (ERWEITERT — behalte GET /. Füge Query-Params ?userId=, ?action=, ?from…)
+- `07:31:58` **INFO**     wrote 1346 chars in 12.9s (attempt 1)
+- `07:31:58` **INFO**   Generating apps/web/src/pages/AuditLog.tsx (ERWEITERT — behalte Tabelle. Füge Filter-Bar: User-Select, Action-Sear…)
+- `07:32:55` **INFO**     wrote 6761 chars in 56.5s (attempt 1)
+- `07:32:55` **INFO** Running tsc --noEmit on api…
+- `07:32:56` **WARN**   tsc errors:
+src/index.ts(27,25): error TS2769: No overload matches this call.
+  Overload 1 of 3, '(plugin: FastifyPluginCallback<{ limits: { fileSize: number; }; }, RawServerDefault, FastifyTypeProvider, FastifyBaseLogger>, opts?: FastifyRegisterOptions<...> | undefined): FastifyInstance<...> & PromiseLike<...>', gave the following error.
+    Argument of type 'Promise<FastifyMultipartPlugin>' is not assignable to parameter of type 'FastifyPluginCallback<{ limits: { fileSize: number; }; }, RawServerDefault, FastifyTypeProvider, FastifyBaseLogger>'.
+      Type 'Promise<FastifyMultipartPlugin>' provides no match for the signature '(instance: FastifyInstance<RawServerDefault, IncomingMessage, ServerResponse<IncomingMessage>, FastifyBaseLogger, FastifyTypeProvider>, opts: { ...; }, done: (err?: Error | undefined) => void): void'.
+  Overload 2 of 3, '(plugin: FastifyPluginAsync<{ limits: { fileSize: number; }; }, RawServerDefault, FastifyTypeProvider, FastifyBaseLogger>, opts?: FastifyRegisterOptions<...> | undefined): FastifyInstance<...> & PromiseLike<...>', gave the following error.
+    Argument of type 'Promise<FastifyMultipartPlugin>' is not assignable to parameter of type 'FastifyPluginAsync<{ limits: { fileSize: number; }; }, RawServerDefault, FastifyTypeProvider, FastifyBaseLogger>'.
+      Type 'Promise<FastifyMultipartPlugin>' provides no match for the signature '(instance: FastifyInstance<RawServerDefault, IncomingMessage, ServerResponse<IncomingMessage>, FastifyBaseLogger, FastifyTy

apps/api/src/db/schema.ts

@@ -122,3 +122,19 @@ export const apiKeys = pgTable("api_keys", {
   lastUsedAt: timestamp("last_used_at"),
   revokedAt: timestamp("revoked_at"),
 })
+export const timeEntryComments = pgTable("time_entry_comments", {
+  id: uuid("id").primaryKey().defaultRandom(),
+  entryId: uuid("entry_id").notNull().references(() => timeEntries.id, { onDelete: "cascade" }),
+  userId: uuid("user_id").notNull().references(() => users.id, { onDelete: "cascade" }),
+  body: text("body").notNull(),
+  createdAt: timestamp("created_at").notNull().defaultNow(),
+})
+
+export const savedViews = pgTable("saved_views", {
+  id: uuid("id").primaryKey().defaultRandom(),
+  userId: uuid("user_id").notNull().references(() => users.id, { onDelete: "cascade" }),
+  name: text("name").notNull(),
+  entityType: text("entity_type").notNull(),
+  filters: text("filters").notNull(),
+  createdAt: timestamp("created_at").notNull().defaultNow(),
+})

apps/api/src/routes/audit-log.ts

@@ -1,7 +1,7 @@
 import { FastifyInstance } from "fastify"
 import { db } from "../db"
 import { auditLog } from "../db/schema"
-import { desc } from "drizzle-orm"
+import { desc, and, eq, gte, lte } from "drizzle-orm"
 
 export default async function auditLogRoutes(fastify: FastifyInstance) {
   fastify.addHook("preHandler", async (request, reply) => {
@@ -21,11 +21,25 @@ export default async function auditLogRoutes(fastify: FastifyInstance) {
       return reply.code(403).send({ message: "Forbidden: Admin role required" })
     }
 
+    const { userId, action, from, to } = request.query as { 
+      userId?: string, 
+      action?: string, 
+      from?: string, 
+      to?: string 
+    }
+
+    const conds = []
+    if (userId) conds.push(eq(auditLog.userId, userId))
+    if (action) conds.push(eq(auditLog.action, action))
+    if (from) conds.push(gte(auditLog.createdAt, new Date(from)))
+    if (to) conds.push(lte(auditLog.createdAt, new Date(to)))
+
     const logs = await db
       .select()
       .from(auditLog)
+      .where(conds.length ? and(...conds) : undefined as any)
       .orderBy(desc(auditLog.createdAt))
-      .limit(100)
+      .limit(1000)
 
     return logs
   })

apps/web/src/pages/AuditLog.tsx

@@ -7,6 +7,13 @@ export default function AuditLog() {
   const [me, setMe] = useState<{ role: string } | null>(null)
   const [isMeLoading, setIsMeLoading] = useState(true)
   
+  const [filters, setFilters] = useState({
+    userId: "",
+    action: "",
+    startDate: "",
+    endDate: ""
+  })
+
   const { data: currentUser } = useQuery({
     queryKey: ["me"],
     queryFn: () => api.getMe(),
@@ -17,8 +24,8 @@ export default function AuditLog() {
   })
 
   const { data: logs, isLoading, isError } = useQuery({
-    queryKey: ["auditLogs"],
+    queryKey: ["auditLogs", filters],
-    queryFn: () => api.listAuditLog(),
+    queryFn: () => api.listAuditLog(filters),
     enabled: !!currentUser && currentUser.role === "admin"
   })
 
@@ -37,16 +44,81 @@ export default function AuditLog() {
     )
   }
 
+  const handleFilterChange = (e: React.ChangeEvent<HTMLInputElement | HTMLSelectElement>) => {
+    const { name, value } = e.target
+    setFilters(prev => ({ ...prev, [name]: value }))
+  }
+
+  const resetFilters = () => {
+    setFilters({ userId: "", action: "", startDate: "", endDate: "" })
+  }
+
   if (isLoading) return <div className="p-6 text-gray-500">Loading audit logs...</div>
   if (isError) return <div className="p-6 text-red-500">Error loading audit logs.</div>
 
   return (
     <div className="p-6 max-w-6xl mx-auto space-y-8">
-      <header>
+      <header className="flex justify-between items-end">
+        <div>
           <h1 className="text-2xl font-bold text-gray-900">Audit Log</h1>
           <p className="text-gray-500">System-wide activity and security events</p>
+        </div>
+        <button 
+          onClick={resetFilters}
+          className="text-sm text-blue-600 hover:text-blue-800 font-medium transition-colors"
+        >
+          Reset Filters
+        </button>
       </header>
 
+      <div className="grid grid-cols-1 md:grid-cols-4 gap-4 bg-gray-50 p-4 rounded-lg border border-gray-200">
+        <div className="flex flex-col gap-1">
+          <label className="text-xs font-semibold text-gray-600 uppercase">User ID</label>
+          <input 
+            name="userId"
+            value={filters.userId}
+            onChange={handleFilterChange}
+            placeholder="Search user..."
+            className="px-3 py-2 border border-gray-300 rounded-md text-sm focus:ring-2 focus:ring-blue-500 outline-none"
+          />
+        </div>
+        <div className="flex flex-col gap-1">
+          <label className="text-xs font-semibold text-gray-600 uppercase">Action</label>
+          <select 
+            name="action"
+            value={filters.action}
+            onChange={handleFilterChange}
+            className="px-3 py-2 border border-gray-300 rounded-md text-sm focus:ring-2 focus:ring-blue-500 outline-none bg-white"
+          >
+            <option value="">All Actions</option>
+            <option value="create">Create</option>
+            <option value="update">Update</option>
+            <option value="delete">Delete</option>
+            <option value="login">Login</option>
+          </select>
+        </div>
+        <div className="flex flex-col gap-1">
+          <label className="text-xs font-semibold text-gray-600 uppercase">From</label>
+          <input 
+            type="date"
+            name="startDate"
+            value={filters.startDate}
+            onChange={handleFilterChange}
+            className="px-3 py-2 border border-gray-300 rounded-md text-sm focus:ring-2 focus:ring-blue-500 outline-none"
+          />
+        </div>
+        <div className="flex flex-col gap-1">
+          <label className="text-xs font-semibold text-gray-600 uppercase">To</label>
+          <input 
+            type="date"
+            name="endDate"
+            value={filters.endDate}
+            onChange={handleFilterChange}
+            className="px-3 py-2 border border-gray-300 rounded-md text-sm focus:ring-2 focus:ring-blue-500 outline-none"
+          />
+        </div>
+      </div>
+
       <div className="bg-white border border-gray-200 rounded-lg shadow-sm overflow-hidden">
         <div className="overflow-x-auto">
           <table className="w-full text-left border-collapse">
@@ -85,7 +157,7 @@ export default function AuditLog() {
               ) : (
                 <tr>
                   <td colSpan={4} className="px-6 py-12 text-center text-gray-500">
-                    No audit logs found.
+                    No audit logs found matching the current filters.
                   </td>
                 </tr>
               )}