[BE-67] Create AuditLog entity and AuditService for tracking sensitive operations

[mftee]

Overview

SMALDA handles legal land documents where accountability is critical. There is no audit trail for sensitive operations: who uploaded a document, who deleted it, when a user's role was changed. An audit log provides forensic traceability and is a baseline requirement for any platform dealing with land records.

Background

Files to create:

• backend/src/audit/entities/audit-log.entity.ts
• backend/src/audit/audit.service.ts
• backend/src/audit/audit.module.ts

AuditLog entity fields:

• id (UUID)
• actorId (UUID — the user who performed the action, nullable for system actions)
• actorRole (string — snapshot of role at time of action)
• action: enum DOCUMENT_UPLOAD | DOCUMENT_DELETE | DOCUMENT_VERIFY | DOCUMENT_ARCHIVE | USER_ROLE_CHANGE | USER_DELETE | DISPUTE_CREATED | DISPUTE_RESOLVED
• targetType (string — e.g., 'Document', 'User')
• targetId (UUID)
• metadata (JSON — optional extra context, e.g., old vs new role)
• ipAddress (string)
• createdAt (timestamp)

AuditService methods:

• log(dto: CreateAuditLogDto) — insert a record
• findAll(filters, pagination) — for the admin endpoint

Acceptance Criteria

• Entity defined with all fields and action enum
• Migration generated for the audit_logs table
• AuditService.log() called in: DocumentsService.create(), DocumentsService.delete(), StellarService.anchorHash(), UsersService role change
• AuditModule created and imported in AppModule
• AuditService exported for injection by other modules

[damzempire]

@damzempire has applied to work on this issue as part of the Stellar Wave Program's 6th wave.

I would like to work on this issue as a full stack developer and expect in solving complex web 3 issues

ℹ️ Repo Maintainers: To accept this application, review their application or assign @damzempire to this issue.

[BigBen-7]

@BigBen-7 has applied to work on this issue as part of the Stellar Wave Program's 6th wave.

i would love to work on this issue?

ℹ️ Repo Maintainers: To accept this application, review their application or assign @BigBen-7 to this issue.

[grantfox-oss]

🦊 GrantFox — @BigBen-7 has been assigned to this issue!

Next steps:

1. Open a Pull Request referencing this issue (e.g., Closes #791)
2. Your PR will be reviewed by the CodeGirlsInc maintainers

Good luck! Track your progress on GrantFox.

[drips-wave]

Congratulations, @BigBen-7! 🎉 Your application was accepted by the repo's maintainers, and the issue is due on June 30, 2026.

🧑‍💻 @BigBen-7: Please resolve the issue such that the repo's maintainers have enough time to review your contribution before the due date. You'll earn Points for completing the issue on-time, which will make you eligible for a share of the Stellar Wave Program's reward pool.

Warning

When opening a PR, please link it to this issue to ensure it gets tracked accurately. Points are awarded when this issue is marked as completed by the maintainer.

🤠 Repo maintainers: Please keep an eye on the contributor's progress and review their work before the due date. You can manage this issue, including adjusting its complexity and points, here.

🌊 Happy Wave 🌊

[grantfox-oss]

🎉 This issue has been marked as completed on GrantFox!

@BigBen-7's PR #864 was approved and merged by @mftee.

🏆 @BigBen-7: You earned 35 FoxPoints for this contribution! Your current tier: Explorer (541 total points). Track your full progress on GrantFox.

👏 Great work, @BigBen-7! Keep contributing to CodeGirlsInc.

[drips-wave]

This issue has been completed by @BigBen-7 as part of the Stellar Wave Program's 6th Wave 🥳

😎 @BigBen-7: You earned 200 Points for completing this issue! After the current Wave ends, you'll be eligible for a percentage of the Wave's reward pool based on the percentage of total points you've earned. Learn more here. You can also Leave a review to share your experience working on this issue.

🧑‍💻 Repo maintainers: How'd the contributor do? Leave a review to share your experience working with them.