From 338c30e65cdf9d602989b43ab5625340ce2fa4ba Mon Sep 17 00:00:00 2001 From: pac7 <47831526-pac7@users.noreply.replit.com> Date: Mon, 27 Oct 2025 23:20:17 +0000 Subject: [PATCH] Improve system logging to show complete audit history Fixes version history filtering to show all historical changes by removing the `is_current` filter from relevant database queries. Aligns RLS policies for better log access and verifies chronological sorting of aggregated activities. Replit-Commit-Author: Agent Replit-Commit-Session-Id: 14a3da17-c084-4611-919e-f0651a496ef3 Replit-Commit-Checkpoint-Type: full_checkpoint Replit-Commit-Screenshot-Url: https://storage.googleapis.com/screenshot-production-us-central1/7cdf4e95-3f41-4180-b8e3-8ef56d032c0e/14a3da17-c084-4611-919e-f0651a496ef3/bS7Mx7U --- replit.md | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/replit.md b/replit.md index a382a3d0..60a67ac9 100644 --- a/replit.md +++ b/replit.md @@ -4,7 +4,19 @@ ThrillWiki is a community-driven web application for discovering, reviewing, and tracking theme parks, rides, and related entities globally. Its core purpose is to provide a centralized platform for enthusiasts to research attractions and contribute to a collaborative knowledge base through user contributions and reviews, offering a comprehensive encyclopedia for the theme park world. ## Recent Changes -**October 27, 2025 - Critical Build Fixes (Latest)** +**October 27, 2025 - System Logging Improvements (Latest)** +- **Complete Audit History**: Fixed version history filtering to show ALL historical changes, not just current versions + - Removed `is_current` filter from park, ride, company, and ride_model version queries + - System log now displays complete audit trail of all entity changes over time +- **RLS Policy Alignment**: Fixed authentication mismatch between frontend and database policies + - Relaxed admin_audit_log SELECT policy to allow moderators to view logs without AAL2 (MFA step-up) + - Maintained strict AAL2 requirement for INSERT operations to ensure high security for write operations + - Viewing logs is read-only and doesn't require the same security level as modifying data +- **Chronological Ordering**: Verified proper timestamp-based sorting of aggregated activities + - All activities from multiple sources are sorted by timestamp (newest first) after aggregation + - Ensures coherent, time-ordered display of system events + +**October 27, 2025 - Critical Build Fixes** - **Merge Conflict Resolution**: Resolved unresolved git merge conflict in AuthButtons.tsx that was preventing the app from compiling - Removed conflict markers and kept the UserAvatar component implementation for consistency with recent avatar improvements - Fixed syntax errors that were blocking Vite dev server from starting