Add system settings, audit logging, user management, and dark mode fixes

System Settings: - Add SystemSettings.vue with Zabbix integration, SMTP/email config, SAML SSO settings - Add Setting model with key-value storage and typed values - Add settings API with caching Audit Logging: - Add AuditLog model tracking user, IP, action, entity changes - Add comprehensive audit logging to all CRUD operations: - Machines, Computers, Equipment, Network devices, VLANs, Subnets - Printers, USB devices (including checkout/checkin) - Applications, Settings, Users/Roles - Track old/new values for all field changes - Mask sensitive values (passwords, tokens) in logs User Management: - Add UsersList.vue with full user CRUD - Add Role management with granular permissions - Add 41 predefined permissions across 10 categories - Add users API with roles and permissions endpoints Reports: - Add TonerReport.vue for printer supply monitoring Dark Mode Fixes: - Fix map position section in PCForm, PrinterForm - Fix alert-warning in KnowledgeBaseDetail - All components now use CSS variables for theming CLI Commands: - Add flask seed permissions - Add flask seed settings Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-04 22:16:56 -05:00
parent 9efdb5f52d
commit e18c7c2d87
40 changed files with 4221 additions and 39 deletions
--- a/plugins/equipment/api/routes.py
+++ b/plugins/equipment/api/routes.py
@@ -4,7 +4,7 @@ from flask import Blueprint, request
 from flask_jwt_extended import jwt_required

 from shopdb.extensions import db
-from shopdb.core.models import Asset, AssetType, Vendor, Model
+from shopdb.core.models import Asset, AssetType, Vendor, Model, AuditLog
 from shopdb.utils.responses import (
    success_response,
    error_response,
@@ -311,6 +311,12 @@ def create_equipment():
    )

    db.session.add(equip)
+    db.session.flush()
+
+    # Audit log
+    AuditLog.log('created', 'Equipment', entityid=equip.equipmentid,
+                 entityname=data['assetnumber'])
+
    db.session.commit()

    result = asset.to_dict()
@@ -347,11 +353,18 @@ def update_equipment(equipment_id: int):
                http_code=409
            )

+    # Track changes for audit log
+    changes = {}
+
    # Update asset fields
    asset_fields = ['assetnumber', 'name', 'serialnumber', 'statusid',
                    'locationid', 'businessunitid', 'mapleft', 'maptop', 'notes', 'isactive']
    for key in asset_fields:
        if key in data:
+            old_val = getattr(asset, key)
+            new_val = data[key]
+            if old_val != new_val:
+                changes[key] = {'old': old_val, 'new': new_val}
            setattr(asset, key, data[key])

    # Update equipment fields
@@ -361,8 +374,17 @@ def update_equipment(equipment_id: int):
                        'controllervendorid', 'controllermodelid']
    for key in equipment_fields:
        if key in data:
+            old_val = getattr(equip, key)
+            new_val = data[key]
+            if old_val != new_val:
+                changes[key] = {'old': old_val, 'new': new_val}
            setattr(equip, key, data[key])

+    # Audit log if there were changes
+    if changes:
+        AuditLog.log('updated', 'Equipment', entityid=equip.equipmentid,
+                     entityname=asset.assetnumber, changes=changes)
+
    db.session.commit()

    result = asset.to_dict()
@@ -386,6 +408,11 @@ def delete_equipment(equipment_id: int):

    # Soft delete the asset (equipment extension will stay linked)
    equip.asset.isactive = False
+
+    # Audit log
+    AuditLog.log('deleted', 'Equipment', entityid=equip.equipmentid,
+                 entityname=equip.asset.assetnumber)
+
    db.session.commit()

    return success_response(message='Equipment deleted')