sourcebot/packages/web/src/app/api/(server)/ee/audit/route.ts

'use server';

import { NextRequest } from "next/server";
import { fetchAuditRecords } from "@/ee/features/audit/actions";
import { isServiceError } from "@/lib/utils";
import { serviceErrorResponse } from "@/lib/serviceError";
import { StatusCodes } from "http-status-codes";
import { ErrorCode } from "@/lib/errorCodes";
import { env } from "@sourcebot/shared";
import { getEntitlements } from "@sourcebot/shared";

export const GET = async (request: NextRequest) => {
  const domain = request.headers.get("X-Org-Domain");
  const apiKey = request.headers.get("X-Sourcebot-Api-Key") ?? undefined;

  if (!domain) {
    return serviceErrorResponse({
      statusCode: StatusCodes.BAD_REQUEST,
      errorCode: ErrorCode.MISSING_ORG_DOMAIN_HEADER,
      message: "Missing X-Org-Domain header",
    });
  } 

  if (env.SOURCEBOT_EE_AUDIT_LOGGING_ENABLED === 'false') {
    return serviceErrorResponse({
      statusCode: StatusCodes.NOT_FOUND,
      errorCode: ErrorCode.NOT_FOUND,
      message: "Audit logging is not enabled",
    });
  }

  const entitlements = getEntitlements();
  if (!entitlements.includes('audit')) {
    return serviceErrorResponse({
      statusCode: StatusCodes.FORBIDDEN,
      errorCode: ErrorCode.NOT_FOUND,
      message: "Audit logging is not enabled for your license",
    });
  }

  const result = await fetchAuditRecords(domain, apiKey);
  if (isServiceError(result)) {
    return serviceErrorResponse(result);
  }
  return Response.json(result);
};
feat(audit-logging): Adds audit logging support (#355) * add audit factory skeleton * add additional audit events * add more audit logs * delete account join request when redeeming an invite * add audit event for account request removed * wip api to fetch audits * add check for audit with public access and entitlement * fix issues with merge * add docs for audit logs * add proper audit log for audit fetch and proper handling of api key hash in audit * format nit * feedback 2025-06-18 17:50:36 +00:00			`'use server';`

			`import { NextRequest } from "next/server";`
			`import { fetchAuditRecords } from "@/ee/features/audit/actions";`
			`import { isServiceError } from "@/lib/utils";`
			`import { serviceErrorResponse } from "@/lib/serviceError";`
			`import { StatusCodes } from "http-status-codes";`
			`import { ErrorCode } from "@/lib/errorCodes";`
feat(web,worker): Environment overrides (#597) 2025-11-05 05:22:31 +00:00			`import { env } from "@sourcebot/shared";`
feat(audit-logging): Adds audit logging support (#355) * add audit factory skeleton * add additional audit events * add more audit logs * delete account join request when redeeming an invite * add audit event for account request removed * wip api to fetch audits * add check for audit with public access and entitlement * fix issues with merge * add docs for audit logs * add proper audit log for audit fetch and proper handling of api key hash in audit * format nit * feedback 2025-06-18 17:50:36 +00:00			`import { getEntitlements } from "@sourcebot/shared";`

			`export const GET = async (request: NextRequest) => {`
			`const domain = request.headers.get("X-Org-Domain");`
			`const apiKey = request.headers.get("X-Sourcebot-Api-Key") ?? undefined;`

			`if (!domain) {`
			`return serviceErrorResponse({`
			`statusCode: StatusCodes.BAD_REQUEST,`
			`errorCode: ErrorCode.MISSING_ORG_DOMAIN_HEADER,`
			`message: "Missing X-Org-Domain header",`
			`});`
			`}`

			`if (env.SOURCEBOT_EE_AUDIT_LOGGING_ENABLED === 'false') {`
			`return serviceErrorResponse({`
			`statusCode: StatusCodes.NOT_FOUND,`
			`errorCode: ErrorCode.NOT_FOUND,`
			`message: "Audit logging is not enabled",`
			`});`
			`}`

			`const entitlements = getEntitlements();`
			`if (!entitlements.includes('audit')) {`
			`return serviceErrorResponse({`
			`statusCode: StatusCodes.FORBIDDEN,`
			`errorCode: ErrorCode.NOT_FOUND,`
			`message: "Audit logging is not enabled for your license",`
			`});`
			`}`

			`const result = await fetchAuditRecords(domain, apiKey);`
			`if (isServiceError(result)) {`
			`return serviceErrorResponse(result);`
			`}`
			`return Response.json(result);`
			`};`