Audit Logs

Overview

The Audit Log API provides a complete history of all user actions in the system. Every create, update, and delete operation is logged with user details, timestamps, and change details.

List Audit Logs

Request
Response

GET /api/audit
Cookie: sAccessToken=...; sRefreshToken=...

{
  "logs": [
    {
      "id": "uuid",
      "userId": "uuid",
      "userEmail": "john@precisionsiteservices.com",
      "action": "BID_CREATED",
      "entityType": "Bid",
      "entityId": "uuid",
      "bidId": "uuid",
      "details": {
        "bidNumber": "BID-2025-001",
        "jobName": "Shopping Center Foundation",
        "clientId": "uuid"
      },
      "ipAddress": "192.168.1.100",
      "userAgent": "Mozilla/5.0...",
      "timestamp": "2025-01-29T10:00:00.000Z"
    },
    {
      "id": "uuid",
      "userId": "uuid",
      "userEmail": "john@precisionsiteservices.com",
      "action": "BID_UPDATED",
      "entityType": "Bid",
      "entityId": "uuid",
      "bidId": "uuid",
      "details": {
        "changes": {
          "status": {
            "old": "DRAFT",
            "new": "SUBMITTED"
          }
        }
      },
      "ipAddress": "192.168.1.100",
      "timestamp": "2025-01-29T14:30:00.000Z"
    },
    ...
  ],
  "pagination": {
    "total": 1250,
    "limit": 50,
    "offset": 0
  }
}

Roles: ADMIN

Query Parameters

Parameter	Type	Description
`userId`	string	Filter by user ID
`userEmail`	string	Filter by user email
`action`	string	Filter by action type
`entityType`	string	Filter by entity type (Bid, Scope, Client, etc.)
`entityId`	string	Filter by specific entity ID
`bidId`	string	Filter by bid ID
`startDate`	ISO 8601	Filter logs after this date
`endDate`	ISO 8601	Filter logs before this date
`limit`	number	Results per page (default: 50, max: 200)
`offset`	number	Pagination offset (default: 0)

Action Types

Bid Actions

BID_CREATED - New bid created
BID_UPDATED - Bid modified
BID_DELETED - Bid deleted
BID_DUPLICATED - Bid duplicated
BID_SHARED - Share code generated
BID_IMPORTED - Bid imported from share code
BID_EXPORTED - PDF/Excel export
BID_STATUS_CHANGED - Status updated (DRAFT → SUBMITTED, etc.)

Scope Actions

SCOPE_CREATED - New scope created
SCOPE_UPDATED - Scope modified
SCOPE_DELETED - Scope deleted

Item Actions

CONCRETE_ITEM_CREATED - Concrete item added
CONCRETE_ITEM_UPDATED - Concrete item modified
CONCRETE_ITEM_DELETED - Concrete item deleted
LABOR_ITEM_CREATED - Labor item added
LABOR_ITEM_UPDATED - Labor item modified
LABOR_ITEM_DELETED - Labor item deleted
(Similar for Equipment, Materials, Subcontractor, Misc)

USER_CREATED - New user created
USER_UPDATED - User profile updated
USER_ROLE_CHANGED - User role changed
USER_STATUS_CHANGED - User status changed (ACTIVE/INACTIVE)
USER_DELETED - User deleted

Admin Actions

PRICING_UPDATED - Pricing catalog modified
VARIABLE_UPDATED - Global variable modified
TEMPLATE_CREATED - Exclusion template created
TEMPLATE_UPDATED - Exclusion template modified

Example Queries

Get all actions by a user

GET /api/audit?userEmail=john@precisionsiteservices.com&limit=100

Get all changes to a specific bid

GET /api/audit?bidId=uuid&limit=100

Get all bid deletions in the last 30 days

GET /api/audit?action=BID_DELETED&startDate=2025-01-01T00:00:00Z

Get all admin actions

GET /api/audit?action=PRICING_UPDATED,VARIABLE_UPDATED,USER_ROLE_CHANGED

Data Model

interface AuditLog {
  id: string
  userId: string              // User who performed the action
  userEmail: string           // User email
  action: AuditAction         // Action type (see above)
  entityType: string          // Entity affected (Bid, Scope, User, etc.)
  entityId: string            // ID of affected entity
  bidId?: string              // Bid ID (if action relates to a bid)
  details: object             // Action-specific details
  ipAddress: string           // User's IP address
  userAgent?: string          // Browser user agent
  timestamp: DateTime         // When action occurred
}

enum AuditAction {
  BID_CREATED
  BID_UPDATED
  BID_DELETED
  // ... (see Action Types above)
}

Details Object Structure

The details field contains action-specific information:

Create Actions

{
  "bidNumber": "BID-2025-001",
  "jobName": "Shopping Center Foundation",
  "clientId": "uuid"
}

Update Actions

{
  "changes": {
    "status": { "old": "DRAFT", "new": "SUBMITTED" },
    "overheadPercentage": { "old": 10, "new": 12 }
  }
}

Delete Actions

{
  "deletedEntity": {
    "id": "uuid",
    "name": "Foundation Slab",
    "type": "Scope"
  }
}

Import Actions

{
  "shareCode": "BID-X7K9M2P4",
  "sourceBidId": "uuid",
  "sourceUserId": "uuid",
  "newBidName": "Imported Shopping Center"
}

Use Cases

1. Compliance & Auditing

Track who made changes to bids for regulatory compliance and internal audits.

2. Debugging

Investigate issues by reviewing the sequence of actions that led to a problem.

3. User Activity Monitoring

Monitor user behavior and identify suspicious activity.

4. Change History

Provide a detailed history of changes to bids for client transparency.

Admin Panel - Admin user management
Bids - Bid operations that generate audit logs

Overview​

List Audit Logs​

Query Parameters​

Action Types​

Bid Actions​

Scope Actions​

Item Actions​

User Actions​

Admin Actions​

Example Queries​

Get all actions by a user​

Get all changes to a specific bid​

Get all bid deletions in the last 30 days​

Get all admin actions​

Data Model​

Details Object Structure​

Create Actions​

Update Actions​

Delete Actions​

Import Actions​

Use Cases​

1. Compliance & Auditing​

2. Debugging​

3. User Activity Monitoring​

4. Change History​

Related Endpoints​