Feature: User Audit Log

[iammajid]

This pull request extends the audit log by adding entries for

• UserAccountReset
• UserKeysChange
• UserSetupCodeChange

Fixes #279

[coderabbitai]

Walkthrough

This pull request expands the audit logging functionality by introducing three new user account event types: UserAccountResetEvent, UserKeysChangeEvent, and UserSetupCodeChangeEvent. These events are integrated into the AuditLogResource with updated JSON serialization annotations and DTO mappings. New JPA entity classes and SQL table definitions have been added to persist these events. The event logging methods in EventLogger are updated to include logging for account resets, key changes, and setup code changes. The user update endpoints in UsersResource have been modified to trigger appropriate logging when changes occur. On the frontend, the audit log data types have been extended, new Vue components have been introduced to display the additional event details, and localization entries have been updated accordingly. Minor adjustments were also made in the InitialSetup.vue component to modify the execution order of key operations.

Possibly related PRs

• Web of Trust Setup #305: The changes in the main PR are related to the introduction of new event types and their handling in the AuditLogResource class, while the retrieved PR focuses on adding a new event type for Web of Trust settings, specifically SettingWotUpdateEvent, which is also integrated into the AuditLogResource.

Suggested reviewers

• overheadhunter

Tip

🌐 Web search-backed reviews and chat

• We have enabled web search-based reviews and chat for all users. This feature allows CodeRabbit to access the latest documentation and information on the web.
• You can disable this feature by setting web_search: false in the knowledge_base settings.
• Please share any feedback in the Discord discussion.

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between ba3d566 and efa9f65.

📒 Files selected for processing (2)

• backend/src/main/java/org/cryptomator/hub/api/UsersResource.java (3 hunks)
• backend/src/main/java/org/cryptomator/hub/entities/events/EventLogger.java (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (2)

• backend/src/main/java/org/cryptomator/hub/entities/events/EventLogger.java
• backend/src/main/java/org/cryptomator/hub/api/UsersResource.java

⏰ Context from checks skipped due to timeout of 90000ms (1)

• GitHub Check: Build and Test

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR. (Beta)
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 4

♻️ Duplicate comments (1)

frontend/src/components/AuditLogDetailsUserAccountSetupComplete.vue (1)

32-36: 🛠️ Refactor suggestion

Handle potential errors in authority resolution.

Similar to AuditLogDetailsUserAccountReset.vue, the onMounted hook should handle potential errors when fetching authority details.

🧹 Nitpick comments (6)

backend/src/main/java/org/cryptomator/hub/entities/events/UserAccountResetEvent.java (2)

15-18: Add field constraints and validation.

Consider enhancing the resetBy field with additional constraints:

1. Add nullability constraint
2. Add size limits
3. Consider input validation for security

 @Column(name = "reset_by")
+@NotNull
+@Size(min = 1, max = 255)
+@Pattern(regexp = "^[a-zA-Z0-9@._-]+$") // adjust pattern based on your username requirements
 private String resetBy;

---

20-26: Consider adding validation in setter.

The setter method could benefit from parameter validation to ensure data integrity.

 public void setResetBy(String resetBy) {
+    Objects.requireNonNull(resetBy, "resetBy must not be null");
+    if (resetBy.trim().isEmpty()) {
+        throw new IllegalArgumentException("resetBy must not be empty");
+    }
     this.resetBy = resetBy;
 }

backend/src/main/java/org/cryptomator/hub/entities/events/UserAccountSetupCompleteEvent.java (3)

15-15: Add Javadoc for the TYPE constant.

Consider adding Javadoc to document the purpose and usage of this constant, especially since it's public and used in the @DiscriminatorValue annotation.

+    /**
+     * Discriminator value for user account setup completion events.
+     * Used to identify this event type in the audit log.
+     */
     public static final String TYPE = "USER_ACCOUNT_SETUP_COMPLETE";

---

17-18: Add nullability constraint to the completedBy field.

Consider adding a nullability constraint to explicitly define whether this field can be null. This helps maintain data integrity and makes the contract clearer.

-    @Column(name = "completed_by")
+    @Column(name = "completed_by", nullable = false)
     private String completedBy;

---

29-34: Add self-comparison check to equals method.

The equals method should first check if the object being compared is the same instance (self-comparison) for better performance.

     @Override
     public boolean equals(Object o) {
+        if (this == o) return true;
         if (o == null || getClass() != o.getClass()) return false;
         if (!super.equals(o)) return false;
         UserAccountSetupCompleteEvent that = (UserAccountSetupCompleteEvent) o;
         return Objects.equals(completedBy, that.completedBy);
     }

frontend/src/components/AuditLogDetailsUserAccountReset.vue (1)

12-13: Consider handling loading and error states.

The component should handle loading and error states when fetching authority details to improve user experience.

-          <span v-if="resolvedResetBy != null">{{ resolvedResetBy.name }}</span>
-          <code class="text-xs" :class="{'text-gray-600': resolvedResetBy != null}">{{ event.resetBy }}</code>
+          <template v-if="loading">
+            <span class="text-gray-500">Loading...</span>
+          </template>
+          <template v-else-if="error">
+            <span class="text-red-500">Failed to load authority details</span>
+            <code class="text-xs">{{ event.resetBy }}</code>
+          </template>
+          <template v-else>
+            <span v-if="resolvedResetBy != null">{{ resolvedResetBy.name }}</span>
+            <code class="text-xs" :class="{'text-gray-600': resolvedResetBy != null}">{{ event.resetBy }}</code>
+          </template>

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 12ac28e and daad28c.

📒 Files selected for processing (12)

• backend/src/main/java/org/cryptomator/hub/api/AuditLogResource.java (4 hunks)
• backend/src/main/java/org/cryptomator/hub/api/UsersResource.java (2 hunks)
• backend/src/main/java/org/cryptomator/hub/entities/events/EventLogger.java (1 hunks)
• backend/src/main/java/org/cryptomator/hub/entities/events/UserAccountResetEvent.java (1 hunks)
• backend/src/main/java/org/cryptomator/hub/entities/events/UserAccountSetupCompleteEvent.java (1 hunks)
• backend/src/main/resources/org/cryptomator/hub/flyway/V18__Create_Audit_Event_User_Account_Setup_Or_Reset.sql (1 hunks)
• frontend/src/common/auditlog.ts (2 hunks)
• frontend/src/components/AuditLog.vue (2 hunks)
• frontend/src/components/AuditLogDetailsUserAccountReset.vue (1 hunks)
• frontend/src/components/AuditLogDetailsUserAccountSetupComplete.vue (1 hunks)
• frontend/src/i18n/de-DE.json (2 hunks)
• frontend/src/i18n/en-US.json (2 hunks)

🔇 Additional comments (19)

backend/src/main/java/org/cryptomator/hub/entities/events/UserAccountResetEvent.java (1)

1-13: LGTM! Well-structured entity class definition.

The JPA annotations and inheritance setup are correctly implemented, following best practices for entity mapping and audit event hierarchy.

backend/src/main/java/org/cryptomator/hub/entities/events/UserAccountSetupCompleteEvent.java (1)

10-13: LGTM! Well-structured entity class.

The class is properly annotated with JPA annotations and follows the established naming conventions for audit event entities.

frontend/src/components/AuditLogDetailsUserAccountSetupComplete.vue (1)

12-13: Consider handling loading and error states.

Similar to AuditLogDetailsUserAccountReset.vue, this component should handle loading and error states when fetching authority details.

backend/src/main/java/org/cryptomator/hub/entities/events/EventLogger.java (1)

56-61: LGTM! The new event logging methods follow consistent patterns.

The implementation maintains consistency with other event logging methods in the class and properly handles event persistence.

Also applies to: 63-68

frontend/src/common/auditlog.ts (2)

39-47: LGTM! The new DTOs follow consistent patterns.

The new DTOs maintain consistency with existing DTOs and properly extend the base DTO type.

---

109-109: LGTM! Union type correctly updated.

The AuditEventDto union type has been properly updated to include the new event types.

backend/src/main/java/org/cryptomator/hub/api/UsersResource.java (2)

86-86: LGTM! Well-placed audit logging for account setup.

The logging statement is correctly placed after all user data is set but before persistence, ensuring accurate tracking of the setup completion event.

---

172-172: LGTM! Well-placed audit logging for account reset.

The logging statement is correctly placed after user data is cleared but before device/token deletion, ensuring accurate tracking of the reset event.

backend/src/main/java/org/cryptomator/hub/api/AuditLogResource.java (4)

22-23: LGTM! Proper import organization.

The new event class imports are correctly added and organized with related imports.

---

89-90: LGTM! Proper JSON type configuration.

The new event types are correctly registered in the JsonSubTypes configuration, following the established pattern.

---

114-115: LGTM! Consistent event handling.

The new cases in the switch statement follow the established pattern and correctly map to their respective DTOs.

---

144-148: LGTM! Well-structured DTOs.

The new DTOs follow the established record pattern with proper JSON property annotations.

frontend/src/components/AuditLog.vue (2)

108-109: LGTM! Proper event type handling in template.

The new event types are correctly handled with v-else-if conditions, following the established pattern.

---

177-178: LGTM! Well-organized component imports.

The new component imports are correctly added and organized with related imports.

backend/src/main/resources/org/cryptomator/hub/flyway/V18__Create_Audit_Event_User_Account_Setup_Or_Reset.sql (2)

1-7: LGTM! Well-structured setup event table.

The table definition follows best practices:

• Primary key constraint properly defined
• Foreign key with cascade delete ensures referential integrity
• Appropriate column types and NOT NULL constraints

---

9-15: LGTM! Well-structured reset event table.

The table definition follows best practices and maintains consistency with the setup event table:

• Consistent naming conventions
• Similar structure and constraints
• Proper foreign key relationship

frontend/src/i18n/en-US.json (2)

84-85: New Audit Log Event Entries Added.
The entries "auditLog.details.user.account.reset": "Reset User Account" and "auditLog.details.user.account.setup.complete": "Complete Account Setup" have been added correctly to support the new user account events as described in the PR objectives. Please ensure that the backend and frontend components reference these keys consistently.

---

94-94: Repositioning of Existing Audit Detail.
The "auditLog.details.wot.signedIdentity": "Signed Identity" entry has been moved to a different location in the JSON file. Verify that any components using this key are updated if necessary and that the change in ordering does not cause lookup issues.

frontend/src/i18n/de-DE.json (1)

84-85: New German Audit Log Event Entries Added.
The new entries "auditLog.details.user.account.reset": "Account zurückgesetzt" and "auditLog.details.user.account.setup.complete": "Account eingerichtet" are correctly added with appropriate German translations. Please double-check that these keys align with the corresponding backend event types.

[SailReal]

LGTM, only one minor change in the German translation

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (1)

backend/src/main/resources/org/cryptomator/hub/flyway/V18__Create_Audit_Event_User_Account_Setup_Or_Reset.sql (1)

1-8: SQL Table Creation: audit_event_user_account_setup_complete – Consistency in Column Definitions

The table definition is correct, with a clear primary key and foreign key constraint ensuring referential integrity with the audit_event table. One minor note: the completed_by column is defined as VARCHAR(255) COLLATE "C", while the user_name column is simply defined as VARCHAR NOT NULL. For consistency and to avoid potential issues with data length or collation differences, consider explicitly defining the length and collation (e.g., VARCHAR(255) COLLATE "C") for user_name as well.

Diff Suggestion:

-	"user_name"    VARCHAR NOT NULL,
+	"user_name"    VARCHAR(255) COLLATE "C" NOT NULL,

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between b5039d0 and 8986d24.

📒 Files selected for processing (7)

• backend/src/main/java/org/cryptomator/hub/api/AuditLogResource.java (4 hunks)
• backend/src/main/java/org/cryptomator/hub/api/UsersResource.java (2 hunks)
• backend/src/main/java/org/cryptomator/hub/entities/events/EventLogger.java (1 hunks)
• backend/src/main/java/org/cryptomator/hub/entities/events/UserAccountSetupCompleteEvent.java (1 hunks)
• backend/src/main/resources/org/cryptomator/hub/flyway/V18__Create_Audit_Event_User_Account_Setup_Or_Reset.sql (1 hunks)
• frontend/src/common/auditlog.ts (2 hunks)
• frontend/src/components/AuditLogDetailsUserAccountSetupComplete.vue (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (2)

• frontend/src/components/AuditLogDetailsUserAccountSetupComplete.vue
• backend/src/main/java/org/cryptomator/hub/api/UsersResource.java

⏰ Context from checks skipped due to timeout of 90000ms (1)

• GitHub Check: Build and Test

🔇 Additional comments (4)

backend/src/main/java/org/cryptomator/hub/entities/events/UserAccountSetupCompleteEvent.java (1)

27-29: Add input validation to setCompletedBy method.

Since this is an audit event, it's crucial to ensure data integrity. Consider adding validation to prevent null or empty values.

     public void setCompletedBy(String completedBy) {
+        if (completedBy == null || completedBy.trim().isEmpty()) {
+            throw new IllegalArgumentException("completedBy must not be null or empty");
+        }
         this.completedBy = completedBy;
     }

backend/src/main/java/org/cryptomator/hub/entities/events/EventLogger.java (1)

56-69: LGTM! The new logging methods are well-implemented.

The implementation follows the established pattern and correctly handles event creation, timestamp setting, and persistence.

frontend/src/common/auditlog.ts (1)

39-48: LGTM! The new DTOs are well-structured.

The implementation follows the established pattern and correctly defines the required fields for the new event types.

Also applies to: 110-110

backend/src/main/resources/org/cryptomator/hub/flyway/V18__Create_Audit_Event_User_Account_Setup_Or_Reset.sql (1)

10-16: SQL Table Creation: audit_event_user_account_reset – Correct and Consistent

This table is defined correctly with an appropriate primary key and a foreign key constraint referencing the audit_event table. The use of VARCHAR(255) COLLATE "C" for the reset_by column is consistent with other similar columns in the system. No changes are required here.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

backend/src/main/java/org/cryptomator/hub/api/AuditLogResource.java (1)

144-148: Consider adding field validation.

While the DTOs are well-structured, consider adding validation to ensure required fields (resetBy, completedBy, userName) are not null or empty.

 record UserAccountResetEventDto(long id, Instant timestamp, String type,
-    @JsonProperty("resetBy") String resetBy
+    @JsonProperty("resetBy") @jakarta.validation.constraints.NotBlank String resetBy
     ) implements AuditEventDto {
 }

 record UserAccountSetupCompleteEventDto(long id, Instant timestamp, String type,
-    @JsonProperty("completedBy") String completedBy,
-    @JsonProperty("userName") String userName
+    @JsonProperty("completedBy") @jakarta.validation.constraints.NotBlank String completedBy,
+    @JsonProperty("userName") @jakarta.validation.constraints.NotBlank String userName
     ) implements AuditEventDto {
 }

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 8986d24 and 46da0e1.

📒 Files selected for processing (1)

• backend/src/main/java/org/cryptomator/hub/api/AuditLogResource.java (4 hunks)

⏰ Context from checks skipped due to timeout of 90000ms (1)

• GitHub Check: Build and Test

🔇 Additional comments (4)

backend/src/main/java/org/cryptomator/hub/api/AuditLogResource.java (4)

22-23: LGTM!

The new imports for user account events are correctly placed and follow the existing package structure.

---

87-90: LGTM!

The JsonSubTypes configuration correctly maps the event types to their corresponding DTOs, following the fix from the previous review.

---

113-115: LGTM!

The new cases in the fromEntity method correctly map the event fields to their corresponding DTOs, maintaining consistency with the existing pattern.

---

136-142: LGTM!

The reformatting of existing DTOs improves readability while maintaining functionality.

[SailReal]

@iammajid please do not merge until @overheadhunter has approved that the following changes in particular 132a98b, b5039d0 and fd9357d are legitimate.

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (7)

frontend/src/components/AuditLogUserSetupCodeChanged.vue (1)

34-36: Add error handling for authority resolution.

The async call to getAuthority should include error handling to gracefully handle failures.

 onMounted(async () => {
-  resolvedChangedBy.value = await auditlog.entityCache.getAuthority(props.event.changedBy);
+  try {
+    resolvedChangedBy.value = await auditlog.entityCache.getAuthority(props.event.changedBy);
+  } catch (error) {
+    console.error('Failed to resolve authority:', error);
+    // Optionally show a user-friendly error message
+  }
 });

frontend/src/components/AuditLogUserKeysChange.vue (2)

42-44: Add error handling for authority resolution.

The async call to getAuthority should include error handling to gracefully handle failures.

 onMounted(async () => {
-  resolvedChangedBy.value = await auditlog.entityCache.getAuthority(props.event.changedBy);
+  try {
+    resolvedChangedBy.value = await auditlog.entityCache.getAuthority(props.event.changedBy);
+  } catch (error) {
+    console.error('Failed to resolve authority:', error);
+    // Optionally show a user-friendly error message
+  }
 });

---

1-45: Consider extracting common authority resolution logic.

This component shares significant code duplication with AuditLogUserSetupCodeChanged.vue. Consider extracting the authority resolution logic into a composable function.

Create a new file useAuthorityResolution.ts:

import { ref, onMounted } from 'vue';
import auditlog from '../common/auditlog';
import { AuthorityDto } from '../common/backend';

export function useAuthorityResolution(authorityId: string) {
  const resolvedAuthority = ref<AuthorityDto>();

  onMounted(async () => {
    try {
      resolvedAuthority.value = await auditlog.entityCache.getAuthority(authorityId);
    } catch (error) {
      console.error('Failed to resolve authority:', error);
    }
  });

  return { resolvedAuthority };
}

Then use it in both components:

-const resolvedChangedBy = ref<AuthorityDto>();
-
-onMounted(async () => {
-  resolvedChangedBy.value = await auditlog.entityCache.getAuthority(props.event.changedBy);
-});
+const { resolvedAuthority: resolvedChangedBy } = useAuthorityResolution(props.event.changedBy);

backend/src/main/java/org/cryptomator/hub/entities/events/EventLogger.java (1)

71-71: Fix method name capitalization.

The method name logUsersetupCodeChanged has inconsistent capitalization. The word "setup" should be capitalized to match the naming convention used in the codebase.

-	public void logUsersetupCodeChanged(String changedBy) {
+	public void logUserSetupCodeChanged(String changedBy) {

frontend/src/common/auditlog.ts (1)

46-46: Remove unnecessary trailing comma.

The property changedBy has an unnecessary trailing comma.

-  changedBy: string,
+  changedBy: string

frontend/src/components/AuditLog.vue (1)

108-110: Maintain consistent component naming.

The new component names have inconsistencies in their naming patterns:

• AuditLogDetailsUserAccountReset follows the pattern
• AuditLogUserKeysChange is missing the "Details" prefix
• AuditLogUserSetupCodeChanged is missing the "Details" prefix and uses past tense

Rename the components to follow the established pattern:

-import AuditLogUserKeysChange from './AuditLogUserKeysChange.vue';
-import AuditLogUserSetupCodeChanged from './AuditLogUserSetupCodeChanged.vue';
+import AuditLogDetailsUserKeysChange from './AuditLogDetailsUserKeysChange.vue';
+import AuditLogDetailsUserSetupCodeChange from './AuditLogDetailsUserSetupCodeChange.vue';

And update the template accordingly:

-<AuditLogUserKeysChange v-else-if="auditEvent.type == 'USER_KEYS_CHANGE'" :event="auditEvent" />
-<AuditLogUserSetupCodeChanged v-else-if="auditEvent.type == 'USER_SETUP_CODE_CHANGE'" :event="auditEvent" />
+<AuditLogDetailsUserKeysChange v-else-if="auditEvent.type == 'USER_KEYS_CHANGE'" :event="auditEvent" />
+<AuditLogDetailsUserSetupCodeChange v-else-if="auditEvent.type == 'USER_SETUP_CODE_CHANGE'" :event="auditEvent" />

Also applies to: 178-179, 187-188

frontend/src/i18n/de-DE.json (1)

84-86: New Localization Entries for Audit Log Events.
The additions for "auditLog.details.user.account.reset", "auditLog.details.user.keys.change", and "auditLog.details.user.setupCode.change" correctly extend the localization for the new audit events. However, note a small typo in the setup code change entry: “Account Key geänert” should likely be “Account Key geändert”.

Proposed diff:

-  "auditLog.details.user.setupCode.change": "Account Key geänert",
+  "auditLog.details.user.setupCode.change": "Account Key geändert",

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between fd9357d and 581186f.

📒 Files selected for processing (12)

• backend/src/main/java/org/cryptomator/hub/api/AuditLogResource.java (4 hunks)
• backend/src/main/java/org/cryptomator/hub/api/UsersResource.java (3 hunks)
• backend/src/main/java/org/cryptomator/hub/entities/events/EventLogger.java (1 hunks)
• backend/src/main/java/org/cryptomator/hub/entities/events/UserKeysChangeEvent.java (1 hunks)
• backend/src/main/java/org/cryptomator/hub/entities/events/UserSetupCodeChangeEvent.java (1 hunks)
• backend/src/main/resources/org/cryptomator/hub/flyway/V18__Create_Further_User_Audit_Events.sql (1 hunks)
• frontend/src/common/auditlog.ts (2 hunks)
• frontend/src/components/AuditLog.vue (3 hunks)
• frontend/src/components/AuditLogUserKeysChange.vue (1 hunks)
• frontend/src/components/AuditLogUserSetupCodeChanged.vue (1 hunks)
• frontend/src/i18n/de-DE.json (2 hunks)
• frontend/src/i18n/en-US.json (2 hunks)

🚧 Files skipped from review as they are similar to previous changes (2)

• backend/src/main/java/org/cryptomator/hub/api/UsersResource.java
• frontend/src/i18n/en-US.json

⏰ Context from checks skipped due to timeout of 90000ms (1)

• GitHub Check: Build and Test

🔇 Additional comments (8)

backend/src/main/java/org/cryptomator/hub/entities/events/UserSetupCodeChangeEvent.java (1)

1-40: Well-structured JPA entity implementation!

The implementation follows JPA best practices with proper annotations, encapsulation, and correct equals/hashCode implementation.

frontend/src/components/AuditLogUserSetupCodeChanged.vue (1)

1-18: Clean and semantic template structure!

The template uses proper semantic HTML elements and follows accessibility best practices.

backend/src/main/java/org/cryptomator/hub/entities/events/UserKeysChangeEvent.java (1)

1-52: Well-implemented JPA entity with proper encapsulation!

The implementation follows JPA best practices and includes proper field encapsulation, correct equals/hashCode implementation, and appropriate annotations.

frontend/src/components/AuditLogUserKeysChange.vue (1)

1-26: Clean and semantic template structure!

The template uses proper semantic HTML elements and follows accessibility best practices.

backend/src/main/java/org/cryptomator/hub/api/AuditLogResource.java (1)

22-24: LGTM!

The new event types are properly integrated with consistent patterns and alphabetical ordering.

Also applies to: 88-92

backend/src/main/resources/org/cryptomator/hub/flyway/V18__Create_Further_User_Audit_Events.sql (2)

10-16: audit_event_user_account_reset Table Looks Good.
The table and its constraints are correctly named and reference the appropriate columns.

---

1-8: 🛠️ Refactor suggestion

Review Constraint Naming in audit_event_user_keys_change Table.
The primary and foreign key constraints are misnamed—they currently reference "USER_ACCOUNT_SETUP_COMPLETE" rather than "USER_KEYS_CHANGE". This inconsistency might lead to confusion later on.

Proposed diff:

-CONSTRAINT "AUDIT_EVENT_USER_ACCOUNT_SETUP_COMPLETE_PK" PRIMARY KEY ("id"),
-CONSTRAINT "AUDIT_EVENT_USER_ACCOUNT_SETUP_COMPLETE_FK_AUDIT_EVENT" FOREIGN KEY ("id") REFERENCES "audit_event" ("id") ON DELETE CASCADE
+CONSTRAINT "AUDIT_EVENT_USER_KEYS_CHANGE_PK" PRIMARY KEY ("id"),
+CONSTRAINT "AUDIT_EVENT_USER_KEYS_CHANGE_FK_AUDIT_EVENT" FOREIGN KEY ("id") REFERENCES "audit_event" ("id") ON DELETE CASCADE

frontend/src/i18n/de-DE.json (1)

95-95: Remove Obsolete Localization Key.
The legacy key "auditLog.details.wot.signedIdentity" appears to be outdated given the new audit log event structure. It is recommended to remove this key to avoid confusion and maintain consistency with the new entries.

Proposed diff:

-  "auditLog.details.wot.signedIdentity": "Identität beglaubigt",

[overheadhunter]

lgtm, but renaming that function wouldn't hurt