modified: web/blueprints/auth.py

modified: web/blueprints/group_admin.py modified: web/blueprints/site_admin.py modified: web/config.py modified: web/panel_db.py modified: web/templates/admin/audit_log.html
2026-04-15 10:48:37 +02:00
parent 6a6e0fc4b3
commit 179a0e1042
6 changed files with 125 additions and 21 deletions
--- a/web/panel_db.py
+++ b/web/panel_db.py
@@ -237,6 +237,9 @@ def init_databases():
    finally:
        creds.close()

+    # Auto-Bereinigung: Audit-Log-Einträge älter als Retention-Tage löschen
+    purge_old_audit_events(Config.AUDIT_LOG_RETENTION_DAYS)
+

 # ─────────────────────────────────────────────────────────────
 # Nutzer
@@ -812,3 +815,30 @@ def get_audit_log_distinct_actions() -> list[str]:
    rows = _panel_query("SELECT DISTINCT action FROM audit_log ORDER BY action")
    return [r["action"] for r in rows] if rows else []

+
+def purge_old_audit_events(retention_days: int) -> int:
+    """Deletes audit log entries older than *retention_days* days.
+    Returns the number of deleted rows. Skips if retention_days <= 0."""
+    import logging
+    _log = logging.getLogger(__name__)
+    if retention_days <= 0:
+        return 0
+    try:
+        conn = get_panel_db()
+        try:
+            with conn.cursor() as cur:
+                cur.execute(
+                    "DELETE FROM audit_log WHERE created_at < UTC_TIMESTAMP() - INTERVAL %s DAY",
+                    (retention_days,),
+                )
+                deleted = cur.rowcount
+            conn.commit()
+        finally:
+            conn.close()
+        if deleted:
+            _log.info("Purged %d audit log entries older than %d days", deleted, retention_days)
+        return deleted
+    except Exception as exc:
+        _log.warning("Failed to purge audit log: %s", exc)
+        return 0
+