UMBRA/backend/app/services/audit.py

import json
from sqlalchemy.ext.asyncio import AsyncSession
from app.models.audit_log import AuditLog


async def log_audit_event(
    db: AsyncSession,
    action: str,
    actor_id: int | None = None,
    target_id: int | None = None,
    detail: dict | None = None,
    ip: str | None = None,
) -> None:
    """Record an action in the audit log. Does NOT commit — caller handles transaction."""
    entry = AuditLog(
        actor_user_id=actor_id,
        target_user_id=target_id,
        action=action,
        detail=json.dumps(detail) if detail else None,
        ip_address=ip[:45] if ip else None,
    )
    db.add(entry)