Add system phase 4 audits

- Add audit logging for system maintenance operations (cache/orphaned images/manual cleanup) - Log account deletion request handling (requests/confirm/cancel) - Log security actions (admin password resets, MFA enforcement changes, account lockouts)
2025-12-22 10:51:12 -05:00 · 2025-11-11 14:49:11 +00:00
parent 466c549e4a
commit 82b85e3284
5 changed files with 62 additions and 0 deletions
--- a/supabase/functions/cancel-account-deletion/index.ts
+++ b/supabase/functions/cancel-account-deletion/index.ts
@@ -76,6 +76,17 @@ export default createEdgeFunction(
      throw profileError;
    }

+    // Log to system activity log
+    await supabaseClient.rpc('log_system_activity', {
+      _user_id: context.userId,
+      _action: 'account_deletion_cancelled',
+      _details: {
+        request_id: deletionRequest.id,
+        cancellation_reason: cancellation_reason || 'User cancelled',
+        account_reactivated: true,
+      }
+    });
+
    // Send cancellation email
    const forwardEmailKey = Deno.env.get('FORWARDEMAIL_API_KEY');
    const fromEmail = Deno.env.get('FROM_EMAIL_ADDRESS') || 'noreply@thrillwiki.com';
--- a/supabase/functions/confirm-account-deletion/index.ts
+++ b/supabase/functions/confirm-account-deletion/index.ts
@@ -89,6 +89,17 @@ export default createEdgeFunction(
      throw updateError;
    }

+    // Log to system activity log
+    await supabaseClient.rpc('log_system_activity', {
+      _user_id: context.userId,
+      _action: 'account_deletion_confirmed',
+      _details: {
+        request_id: deletionRequest.id,
+        scheduled_deletion_at: deletionRequest.scheduled_deletion_at,
+        account_deactivated: true,
+      }
+    });
+
    // Send confirmation email
    const forwardEmailKey = Deno.env.get('FORWARDEMAIL_API_KEY');
    const fromEmail = Deno.env.get('FROM_EMAIL_ADDRESS') || 'noreply@thrillwiki.com';
--- a/supabase/functions/request-account-deletion/index.ts
+++ b/supabase/functions/request-account-deletion/index.ts
@@ -82,6 +82,16 @@ const handler = createEdgeFunction(
    const forwardEmailKey = Deno.env.get('FORWARDEMAIL_API_KEY');
    const fromEmail = Deno.env.get('FROM_EMAIL_ADDRESS') || 'noreply@thrillwiki.com';

+    // Log to system activity log
+    await supabaseClient.rpc('log_system_activity', {
+      _user_id: context.userId,
+      _action: 'account_deletion_requested',
+      _details: {
+        request_id: deletionRequest.id,
+        scheduled_deletion_at: scheduledDeletionAt.toISOString(),
+      }
+    });
+
    if (forwardEmailKey && userEmail) {
      try {
        await fetch('https://api.forwardemail.net/v1/emails', {