Admin features (audit, log, settings)

app/api/v1/admin/audit.py

@@ -0,0 +1,116 @@
+# app/api/v1/admin/audit.py
+"""
+Admin audit log endpoints.
+
+Provides endpoints for:
+- Viewing audit logs with filtering
+- Tracking admin actions
+- Generating audit reports
+"""
+
+import logging
+from typing import Optional
+from datetime import datetime
+
+from fastapi import APIRouter, Depends, Query
+from sqlalchemy.orm import Session
+
+from app.api.deps import get_current_admin_user
+from app.core.database import get_db
+from app.services.admin_audit_service import admin_audit_service
+from models.schema.admin import (
+    AdminAuditLogResponse,
+    AdminAuditLogFilters,
+    AdminAuditLogListResponse
+)
+from models.database.user import User
+
+router = APIRouter(prefix="/audit")
+logger = logging.getLogger(__name__)
+
+
+@router.get("/logs", response_model=AdminAuditLogListResponse)
+def get_audit_logs(
+        admin_user_id: Optional[int] = Query(None, description="Filter by admin user"),
+        action: Optional[str] = Query(None, description="Filter by action type"),
+        target_type: Optional[str] = Query(None, description="Filter by target type"),
+        date_from: Optional[datetime] = Query(None, description="Filter from date"),
+        date_to: Optional[datetime] = Query(None, description="Filter to date"),
+        skip: int = Query(0, ge=0, description="Number of records to skip"),
+        limit: int = Query(100, ge=1, le=1000, description="Maximum records to return"),
+        db: Session = Depends(get_db),
+        current_admin: User = Depends(get_current_admin_user),
+):
+    """
+    Get filtered admin audit logs.
+
+    Returns paginated list of all admin actions with filtering options.
+    Useful for compliance, security audits, and tracking admin activities.
+    """
+    filters = AdminAuditLogFilters(
+        admin_user_id=admin_user_id,
+        action=action,
+        target_type=target_type,
+        date_from=date_from,
+        date_to=date_to,
+        skip=skip,
+        limit=limit
+    )
+
+    logs = admin_audit_service.get_audit_logs(db, filters)
+    total = admin_audit_service.get_audit_logs_count(db, filters)
+
+    logger.info(f"Admin {current_admin.username} retrieved {len(logs)} audit logs")
+
+    return AdminAuditLogListResponse(
+        logs=logs,
+        total=total,
+        skip=skip,
+        limit=limit
+    )
+
+
+@router.get("/logs/recent", response_model=list[AdminAuditLogResponse])
+def get_recent_audit_logs(
+        limit: int = Query(20, ge=1, le=100),
+        db: Session = Depends(get_db),
+        current_admin: User = Depends(get_current_admin_user),
+):
+    """Get recent audit logs (last 20 by default)."""
+    filters = AdminAuditLogFilters(limit=limit)
+    return admin_audit_service.get_audit_logs(db, filters)
+
+
+@router.get("/logs/my-actions", response_model=list[AdminAuditLogResponse])
+def get_my_actions(
+        limit: int = Query(50, ge=1, le=100),
+        db: Session = Depends(get_db),
+        current_admin: User = Depends(get_current_admin_user),
+):
+    """Get audit logs for current admin's actions."""
+    return admin_audit_service.get_recent_actions_by_admin(
+        db=db,
+        admin_user_id=current_admin.id,
+        limit=limit
+    )
+
+
+@router.get("/logs/target/{target_type}/{target_id}")
+def get_actions_by_target(
+        target_type: str,
+        target_id: str,
+        limit: int = Query(50, ge=1, le=100),
+        db: Session = Depends(get_db),
+        current_admin: User = Depends(get_current_admin_user),
+):
+    """
+    Get all actions performed on a specific target.
+
+    Useful for tracking the history of a specific vendor, user, or entity.
+    """
+    return admin_audit_service.get_actions_by_target(
+        db=db,
+        target_type=target_type,
+        target_id=target_id,
+        limit=limit
+    )

app/api/v1/admin/auth.py

@@ -17,7 +17,7 @@ from app.services.auth_service import auth_service
 from app.exceptions import InvalidCredentialsException
 from models.schema.auth import LoginResponse, UserLogin
 
-router = APIRouter()
+router = APIRouter(prefix="/auth")
 logger = logging.getLogger(__name__)
 
 

app/api/v1/admin/notifications.py

@@ -0,0 +1,151 @@
+# app/api/v1/admin/notifications.py
+"""
+Admin notifications and platform alerts endpoints.
+
+Provides endpoints for:
+- Viewing admin notifications
+- Managing platform alerts
+- System health monitoring
+"""
+
+import logging
+from typing import Optional
+
+from fastapi import APIRouter, Depends, Query
+from sqlalchemy.orm import Session
+
+from app.api.deps import get_current_admin_user
+from app.core.database import get_db
+from models.schema.admin import (
+    AdminNotificationCreate,
+    AdminNotificationResponse,
+    AdminNotificationListResponse,
+    PlatformAlertCreate,
+    PlatformAlertResponse,
+    PlatformAlertListResponse,
+    PlatformAlertResolve
+)
+from models.database.user import User
+
+router = APIRouter(prefix="/notifications")
+logger = logging.getLogger(__name__)
+
+
+# ============================================================================
+# ADMIN NOTIFICATIONS
+# ============================================================================
+
+@router.get("", response_model=AdminNotificationListResponse)
+def get_notifications(
+    priority: Optional[str] = Query(None, description="Filter by priority"),
+    is_read: Optional[bool] = Query(None, description="Filter by read status"),
+    skip: int = Query(0, ge=0),
+    limit: int = Query(50, ge=1, le=100),
+    db: Session = Depends(get_db),
+    current_admin: User = Depends(get_current_admin_user),
+):
+    """Get admin notifications with filtering."""
+    # TODO: Implement notification service
+    return AdminNotificationListResponse(
+        notifications=[],
+        total=0,
+        unread_count=0,
+        skip=skip,
+        limit=limit
+    )
+
+
+@router.get("/unread-count")
+def get_unread_count(
+    db: Session = Depends(get_db),
+    current_admin: User = Depends(get_current_admin_user),
+):
+    """Get count of unread notifications."""
+    # TODO: Implement
+    return {"unread_count": 0}
+
+
+@router.put("/{notification_id}/read")
+def mark_as_read(
+    notification_id: int,
+    db: Session = Depends(get_db),
+    current_admin: User = Depends(get_current_admin_user),
+):
+    """Mark notification as read."""
+    # TODO: Implement
+    return {"message": "Notification marked as read"}
+
+
+@router.put("/mark-all-read")
+def mark_all_as_read(
+    db: Session = Depends(get_db),
+    current_admin: User = Depends(get_current_admin_user),
+):
+    """Mark all notifications as read."""
+    # TODO: Implement
+    return {"message": "All notifications marked as read"}
+
+
+# ============================================================================
+# PLATFORM ALERTS
+# ============================================================================
+
+@router.get("/alerts", response_model=PlatformAlertListResponse)
+def get_platform_alerts(
+    severity: Optional[str] = Query(None, description="Filter by severity"),
+    is_resolved: Optional[bool] = Query(None, description="Filter by resolution status"),
+    skip: int = Query(0, ge=0),
+    limit: int = Query(50, ge=1, le=100),
+    db: Session = Depends(get_db),
+    current_admin: User = Depends(get_current_admin_user),
+):
+    """Get platform alerts with filtering."""
+    # TODO: Implement alert service
+    return PlatformAlertListResponse(
+        alerts=[],
+        total=0,
+        active_count=0,
+        critical_count=0,
+        skip=skip,
+        limit=limit
+    )
+
+
+@router.post("/alerts", response_model=PlatformAlertResponse)
+def create_platform_alert(
+    alert_data: PlatformAlertCreate,
+    db: Session = Depends(get_db),
+    current_admin: User = Depends(get_current_admin_user),
+):
+    """Create new platform alert (manual)."""
+    # TODO: Implement
+    logger.info(f"Admin {current_admin.username} created alert: {alert_data.title}")
+    return {}
+
+
+@router.put("/alerts/{alert_id}/resolve")
+def resolve_platform_alert(
+    alert_id: int,
+    resolve_data: PlatformAlertResolve,
+    db: Session = Depends(get_db),
+    current_admin: User = Depends(get_current_admin_user),
+):
+    """Resolve platform alert."""
+    # TODO: Implement
+    logger.info(f"Admin {current_admin.username} resolved alert {alert_id}")
+    return {"message": "Alert resolved successfully"}
+
+
+@router.get("/alerts/stats")
+def get_alert_statistics(
+    db: Session = Depends(get_db),
+    current_admin: User = Depends(get_current_admin_user),
+):
+    """Get alert statistics for dashboard."""
+    # TODO: Implement
+    return {
+        "total_alerts": 0,
+        "active_alerts": 0,
+        "critical_alerts": 0,
+        "resolved_today": 0
+    }

app/api/v1/admin/settings.py

@@ -0,0 +1,217 @@
+# app/api/v1/admin/settings.py
+"""
+Platform settings management endpoints.
+
+Provides endpoints for:
+- Viewing all platform settings
+- Creating/updating settings
+- Managing configuration by category
+"""
+
+import logging
+from typing import Optional
+
+from fastapi import APIRouter, Depends, Query
+from sqlalchemy.orm import Session
+
+from app.api.deps import get_current_admin_user
+from app.core.database import get_db
+from app.services.admin_settings_service import admin_settings_service
+from app.services.admin_audit_service import admin_audit_service
+from models.schema.admin import (
+    AdminSettingCreate,
+    AdminSettingResponse,
+    AdminSettingUpdate,
+    AdminSettingListResponse
+)
+from models.database.user import User
+
+router = APIRouter(prefix="/settings")
+logger = logging.getLogger(__name__)
+
+
+@router.get("", response_model=AdminSettingListResponse)
+def get_all_settings(
+        category: Optional[str] = Query(None, description="Filter by category"),
+        is_public: Optional[bool] = Query(None, description="Filter by public flag"),
+        db: Session = Depends(get_db),
+        current_admin: User = Depends(get_current_admin_user),
+):
+    """
+    Get all platform settings.
+
+    Can be filtered by category (system, security, marketplace, notifications)
+    and by public flag (settings that can be exposed to frontend).
+    """
+    settings = admin_settings_service.get_all_settings(db, category, is_public)
+
+    return AdminSettingListResponse(
+        settings=settings,
+        total=len(settings),
+        category=category
+    )
+
+
+@router.get("/categories")
+def get_setting_categories(
+        db: Session = Depends(get_db),
+        current_admin: User = Depends(get_current_admin_user),
+):
+    """Get list of all setting categories."""
+    # This could be enhanced to return counts per category
+    return {
+        "categories": [
+            "system",
+            "security",
+            "marketplace",
+            "notifications",
+            "integrations",
+            "payments"
+        ]
+    }
+
+
+@router.get("/{key}", response_model=AdminSettingResponse)
+def get_setting(
+        key: str,
+        db: Session = Depends(get_db),
+        current_admin: User = Depends(get_current_admin_user),
+):
+    """Get specific setting by key."""
+    setting = admin_settings_service.get_setting_by_key(db, key)
+
+    if not setting:
+        from fastapi import HTTPException
+        raise HTTPException(status_code=404, detail=f"Setting '{key}' not found")
+
+    return AdminSettingResponse.model_validate(setting)
+
+
+@router.post("", response_model=AdminSettingResponse)
+def create_setting(
+        setting_data: AdminSettingCreate,
+        db: Session = Depends(get_db),
+        current_admin: User = Depends(get_current_admin_user),
+):
+    """
+    Create new platform setting.
+
+    Setting keys should be lowercase with underscores (e.g., max_vendors_allowed).
+    """
+    result = admin_settings_service.create_setting(
+        db=db,
+        setting_data=setting_data,
+        admin_user_id=current_admin.id
+    )
+
+    # Log action
+    admin_audit_service.log_action(
+        db=db,
+        admin_user_id=current_admin.id,
+        action="create_setting",
+        target_type="setting",
+        target_id=setting_data.key,
+        details={"category": setting_data.category, "value_type": setting_data.value_type}
+    )
+
+    return result
+
+
+@router.put("/{key}", response_model=AdminSettingResponse)
+def update_setting(
+        key: str,
+        update_data: AdminSettingUpdate,
+        db: Session = Depends(get_db),
+        current_admin: User = Depends(get_current_admin_user),
+):
+    """Update existing setting value."""
+    old_value = admin_settings_service.get_setting_value(db, key)
+
+    result = admin_settings_service.update_setting(
+        db=db,
+        key=key,
+        update_data=update_data,
+        admin_user_id=current_admin.id
+    )
+
+    # Log action
+    admin_audit_service.log_action(
+        db=db,
+        admin_user_id=current_admin.id,
+        action="update_setting",
+        target_type="setting",
+        target_id=key,
+        details={"old_value": str(old_value), "new_value": update_data.value}
+    )
+
+    return result
+
+
+@router.post("/upsert", response_model=AdminSettingResponse)
+def upsert_setting(
+        setting_data: AdminSettingCreate,
+        db: Session = Depends(get_db),
+        current_admin: User = Depends(get_current_admin_user),
+):
+    """
+    Create or update setting (upsert).
+
+    If setting exists, updates its value. If not, creates new setting.
+    """
+    result = admin_settings_service.upsert_setting(
+        db=db,
+        setting_data=setting_data,
+        admin_user_id=current_admin.id
+    )
+
+    # Log action
+    admin_audit_service.log_action(
+        db=db,
+        admin_user_id=current_admin.id,
+        action="upsert_setting",
+        target_type="setting",
+        target_id=setting_data.key,
+        details={"category": setting_data.category}
+    )
+
+    return result
+
+
+@router.delete("/{key}")
+def delete_setting(
+        key: str,
+        confirm: bool = Query(False, description="Must be true to confirm deletion"),
+        db: Session = Depends(get_db),
+        current_admin: User = Depends(get_current_admin_user),
+):
+    """
+    Delete platform setting.
+
+    Requires confirmation parameter.
+    WARNING: Deleting settings may affect platform functionality.
+    """
+    from fastapi import HTTPException
+
+    if not confirm:
+        raise HTTPException(
+            status_code=400,
+            detail="Deletion requires confirmation parameter: confirm=true"
+        )
+
+    message = admin_settings_service.delete_setting(
+        db=db,
+        key=key,
+        admin_user_id=current_admin.id
+    )
+
+    # Log action
+    admin_audit_service.log_action(
+        db=db,
+        admin_user_id=current_admin.id,
+        action="delete_setting",
+        target_type="setting",
+        target_id=key,
+        details={}
+    )
+
+    return {"message": message}