Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature: Allow Super Admin to Get Log Of Activities #155

Open
AshadeSamson opened this issue Jul 23, 2024 · 5 comments
Open

Feature: Allow Super Admin to Get Log Of Activities #155

AshadeSamson opened this issue Jul 23, 2024 · 5 comments
Labels
Approved

Comments

@AshadeSamson
Copy link
Contributor

AshadeSamson commented Jul 23, 2024
edited
Loading

Description

Implement an API endpoint that allows authenticated super admins to retrieve logs of activities. This endpoint ensures that only users with super admin privileges can access activity logs, maintaining system security.

Endpoint Feature

  • This endpoint enables authenticated super admins to retrieve logs of activities.
  • Access is restricted to users with super admin privileges to ensure system security.

Acceptance Criteria

  • The endpoint should be accessible at GET /api/v1/admin/logs.
  • The endpoint should accept HTTP GET requests.
  • The endpoint should return a paginated list of activity logs upon success.
  • The endpoint should return a 200 OK status code with the list of logs.

Request Example:

  • METHOD: GET /api/v1/admin/logs
  • Authorization: Bearer
  • Content-Type: application/json

Query Parameters

  • page (optional, integer): The page number for pagination.
  • limit (optional, integer): The number of logs per page.
  • sort (optional, string): The sort order, e.g., "asc" or "desc".
  • offset (optional, integer): The offset for pagination.

Response Example:

On successful retrieval of logs, the API should return a 200 OK status code. The response body should contain a paginated list of logs:

{
  "status": "success",
  "status_code": 200,
  "data": {
    "logs": [
      {
        "id": 1,
        "user_id": 1,
        "action": "update",
        "details": "Updated user details",
        "timestamp": "2024-07-23T12:00:00Z"
      },
      {
        "id": 2,
        "user_id": 2,
        "action": "create",
        "details": "Created new user",
        "timestamp": "2024-07-23T12:30:00Z"
      }
    ],
    "pagination": {
      "current_page": 1,
      "total_pages": 5,
      "total_logs": 50
    }
  }
}

Data Validation

Input Validation:
Validate that the query parameters (page, limit, sort) are valid. Example: If any query parameter is invalid, return a 422 status code with an error message:

{
  "status": "unsuccessful",
  "status_code": 422,
  "message": "Invalid query parameters provided."
}

Output Validation:

  • Ensure the response format is correct and includes appropriate status codes and messages.
  • Ensure the logs are accurately reflected in the response.

Authentication and Authorization

Authentication:
Verify that the user is authenticated before allowing access to the endpoint. Example: Use middleware to check for a valid authentication token.

Authorization:
Ensure that only super admin users can access this endpoint. Example: Check user roles or permissions to confirm super admin authorization.

Error Handling

Error Responses:
Define error responses for common failure scenarios. Example: If the user is not authorized, return a 403 Forbidden status code with an error message:

{
  "status": "unsuccessful",
  "status_code": 403,
  "message": "Access denied. Super admin privileges required."
}

Handle scenarios where the logs are not found, returning a 404 Not Found status code:

{
  "status": "unsuccessful",
  "status_code": 404,
  "message": "Logs not found."
}

Edge Cases

Consider edge cases such as database connection issues or corrupted log data. Example: Handle scenarios where the provided query parameters are invalid or incomplete.

Documentation

API Documentation:
Document the endpoint in the API documentation with request and response examples using the standard OpenAPI 3.1.0 standard. Include details on the authentication mechanism.

Testing Requirements

Unit Tests:
Write unit tests to validate the retrieval logic and authorization checks.
Write tests for all error cases.
Integration Tests:
Ensure end-to-end functionality is tested with integration tests, including various pagination, authentication, and authorization flows.

Dependencies and Impact

Dependencies:
Ensure the user authentication middleware and super-admin middleware are operational.

Impact Analysis:
Assess the potential impact on other features or components, ensuring that existing functionality is not disrupted.
Consider the impact on API consumers who may need to update their integration to handle the paginated responses.
@PreciousIfeaka
Copy link
Contributor

Please, present your issue description in markdown format. It's just in plain text here.

@AdeGneus
Copy link
Contributor

You didn't include offset in the query params. Update the response body to use snake_case and not kebab-case. The Kebab case is only for endpoints.

Format the markdown, you are likely missing a ``` to terminate the body

@AshadeSamson
Copy link
Contributor Author

Corrections implemented. Please Review

@AdeGneus @PreciousIfeaka

@PreciousIfeaka
Copy link
Contributor

You added validation error Response to your success response.

@AshadeSamson
Copy link
Contributor Author

Corrected @PreciousIfeaka

This was referenced Jul 24, 2024
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Approved
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@AshadeSamson @AdeGneus @PreciousIfeaka @incredible-phoenix246