KanzlAI-mGMT

m/KanzlAI-mGMT

Fork 0

Commit Graph

Author	SHA1	Message	Date
m	b36247dfb9	feat: append-only audit trail for all mutations (P0) - Database: kanzlai.audit_log table with RLS, append-only policies (no UPDATE/DELETE), indexes for entity, user, and time queries - Backend: AuditService.Log() with context-based tenant/user/IP/UA extraction, wired into all 7 services (case, deadline, appointment, document, note, party, tenant) - API: GET /api/audit-log with entity_type, entity_id, user_id, from/to date, and pagination filters - Frontend: Protokoll tab on case detail page with chronological audit entries, diff preview, and pagination Required by § 50 BRAO and DSGVO Art. 5(2).	2026-03-30 11:02:28 +02:00
m	9bd8cc9e07	feat: add document upload/download backend (Phase 2K) - StorageClient for Supabase Storage REST API (upload, download, delete) - DocumentService with CRUD operations + storage integration - DocumentHandler with multipart form upload support (50MB limit) - Routes: GET/POST /api/cases/{id}/documents, GET/DELETE /api/documents/{docId} - file_path format: {tenant_id}/{case_id}/{uuid}_{filename} - Case events logged on upload/delete - Added SUPABASE_SERVICE_KEY to config for server-side storage access - Fixed pre-existing duplicate writeJSON/writeError in appointments.go	2026-03-25 13:40:19 +01:00

Author

SHA1

Message

Date

b36247dfb9

feat: append-only audit trail for all mutations (P0)

- Database: kanzlai.audit_log table with RLS, append-only policies
  (no UPDATE/DELETE), indexes for entity, user, and time queries
- Backend: AuditService.Log() with context-based tenant/user/IP/UA
  extraction, wired into all 7 services (case, deadline, appointment,
  document, note, party, tenant)
- API: GET /api/audit-log with entity_type, entity_id, user_id,
  from/to date, and pagination filters
- Frontend: Protokoll tab on case detail page with chronological
  audit entries, diff preview, and pagination

Required by § 50 BRAO and DSGVO Art. 5(2).

2026-03-30 11:02:28 +02:00

9bd8cc9e07

feat: add document upload/download backend (Phase 2K)

- StorageClient for Supabase Storage REST API (upload, download, delete)
- DocumentService with CRUD operations + storage integration
- DocumentHandler with multipart form upload support (50MB limit)
- Routes: GET/POST /api/cases/{id}/documents, GET/DELETE /api/documents/{docId}
- file_path format: {tenant_id}/{case_id}/{uuid}_{filename}
- Case events logged on upload/delete
- Added SUPABASE_SERVICE_KEY to config for server-side storage access
- Fixed pre-existing duplicate writeJSON/writeError in appointments.go

2026-03-25 13:40:19 +01:00

2 Commits