feat(core) : add audit attributes, audit_log table and dedicated dbal connection

2026-06-19 20:56:32 +02:00
parent fda03bd1f5
commit 934cf0835f
4 changed files with 111 additions and 9 deletions
@@ -0,0 +1,17 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Shared\Domain\Attribute;
+
+use Attribute;
+
+/**
+ * Marker placed on an entity property to exclude it from audit tracking.
+ *
+ * Typical use: sensitive fields (password, apiToken). The AuditLogWriter also
+ * carries an exact-match blacklist on the most dangerous names as
+ * defense-in-depth, but the base rule is to annotate explicitly here.
+ */
+#[Attribute(Attribute::TARGET_PROPERTY)]
+final class AuditIgnore {}
@@ -0,0 +1,17 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Shared\Domain\Attribute;
+
+use Attribute;
+
+/**
+ * Marker placed on a Doctrine entity to enable audit tracking.
+ *
+ * Located in Shared (not Core) so every module can use it without a
+ * circular dependency on Core. Any migrated business entity that should be
+ * traced carries this attribute, with #[AuditIgnore] on sensitive fields.
+ */
+#[Attribute(Attribute::TARGET_CLASS)]
+final class Auditable {}