feat : ajout d'un système de log pour les SUPER_ADMIN

2026-03-30 09:52:06 +02:00
parent e74a264b37
commit d949e3a730
26 changed files with 1107 additions and 17 deletions
--- a/CLAUDE.md
+++ b/CLAUDE.md
@@ -72,6 +72,12 @@
 - File uploads: `deserialize: false` on Post, access file via RequestStack
 - Upload dir: `%kernel.project_dir%/var/uploads`

+## Audit Logging
+- All processors that modify entities impacting calculations (heures, absences, contrats, RTT) MUST inject `AuditLogger` and log create/update/delete actions
+- `AuditLogger::log()` persists without flushing — the processor's `flush()` handles both the data change and the audit entry atomically
+- Audit logs are accessible only via `ROLE_SUPER_ADMIN` (hidden role, added manually in DB)
+- Documentation: `doc/audit-logging.md`
+
 ## Backend Conventions
 - Prefer explicit DTOs over associative arrays
 - Business rules in backend (providers/processors/services), frontend is display/interaction only