🏠 Overview 🎯 Features 🎯 Audit Log

Audit Log

Feature Detail

medium complexity extracted Security & Audit Confidence: 100%
3
Components
4
Shared
0
User Stories
Yes
Analyzed

Description

The Audit Log provides a tamper-evident, chronological record of all significant actions within an organization's Meander environment: authentication events, administrative changes (invitations, role assignments, deactivations), data access in sensitive areas, and every Global Admin support-access session start and end. Each entry records who acted, what changed, when, and from which session. The log is scoped per organization, accessible only to org admins and authorized global admins, and supports filtering by date range, event type, and user. Export is available for compliance and regulatory review. Entries are append-only - no modification or deletion is permitted after writing.

Sources & reasoning

Line 259 states an explicit hard requirement: every Global Admin support-access session must be logged in the org's audit trail. admin-security is always-on (line 241), fixing the target release at MVP. GDPR obligations for health data and encrypted assignments reinforce the critical priority; no later phase can satisfy the compliance requirement that audit trail coverage begins from day one.

  • docs/source/likeperson.md · line 259
    Every support-access session is logged in the org's audit trail.
  • docs/source/likeperson.md · line 239-241
    Always-on core. A small set of modules is non-toggleable because the operational products are meaningless without them... Admin Web Portal: `admin-dashboard`, `admin-user-management`, `admin-organization`, `admin-security`.

Analysis

Business Value

The source documentation explicitly requires that every Global Admin support-access session be logged in the org's audit trail (line 259), making this feature a hard product requirement. All four partner organizations operate under GDPR and sector-specific data protection rules; a verifiable audit trail is a compliance prerequisite for processing health-related information, encrypted assignments, and financial reimbursement data. The audit log also provides the evidentiary basis for any future data protection authority audit or incident investigation, reducing legal risk for both Norse Digital Products and its partners. Organizations can independently verify what Global Admins accessed during support sessions, which is essential for maintaining trust in the multi-tenant model.

Implementation Notes

AuditLogService writes entries transactionally alongside the operations they record using service-layer interceptors, ensuring no auditable action can succeed without a log entry. The audit_logs table includes organization_id, user_id, action_type, target_entity, target_id, before_state (JSON), after_state (JSON), session_id, and created_at. A composite index on (organization_id, created_at) supports performant filtered queries. No UPDATE or DELETE paths exist in application code for this table. AuditLogPage renders a paginated, filterable list via Next.js SSR. Global Admin support-access session events are written automatically by SessionManagementService without requiring per-feature instrumentation. Export produces a complete log file for a selected date range.

Components (7)

User Interface (1)

ui AuditLogPage medium

Service Layer (1)

service AuditLogService medium

Data Layer (1)

data AuditLogRepository medium

Shared Components

These components are reused across multiple features

User Stories

No user stories have been generated for this feature yet.