fix permissions on audit endpoint

packages/web/src/ee/features/audit/actions.ts

@@ -5,10 +5,11 @@ import { getAuditService } from "@/ee/features/audit/factory";
 import { ErrorCode } from "@/lib/errorCodes";
 import { ServiceError } from "@/lib/serviceError";
 import { prisma } from "@/prisma";
-import { withAuthV2 } from "@/withAuthV2";
+import { withAuthV2, withMinimumOrgRole } from "@/withAuthV2";
 import { createLogger } from "@sourcebot/shared";
 import { StatusCodes } from "http-status-codes";
 import { AuditEvent } from "./types";
+import { OrgRole } from "@sourcebot/db";
 
 const auditService = getAuditService();
 const logger = createLogger('audit-utils');
@@ -25,7 +26,8 @@ export const createAuditAction = async (event: Omit<AuditEvent, 'sourcebotVersio
 );
 
 export const fetchAuditRecords = async () => sew(() =>
-    withAuthV2(async ({ user, org }) => {
+    withAuthV2(async ({ user, org, role }) =>
+        withMinimumOrgRole(role, OrgRole.OWNER, async () => {
             try {
                 const auditRecords = await prisma.audit.findMany({
                     where: {
@@ -58,5 +60,5 @@ export const fetchAuditRecords = async () => sew(() =>
                     message: "Failed to fetch audit logs",
                 } satisfies ServiceError;
             }
-    })
+        }))
 );