fix(audit): align metadata with established recordAudit patterns

waleedlatif1 · claude · waleedlatif1 · commit 18352d906627 · 2026-04-11T12:15:30.000-07:00
- Add actorName/actorEmail to all new credential and schedule audit calls
  to match the established pattern (e.g., api-keys, byok-keys, knowledge)
- Add resourceId and resourceName to forget-password audit call
- Enhance forget-password description with user email

Co-Authored-By: Claude Opus 4.6 &lt;noreply@anthropic.com&gt;
diff --git a/apps/sim/app/api/auth/forget-password/route.ts b/apps/sim/app/api/auth/forget-password/route.ts
@@ -68,7 +68,9 @@ export async function POST(request: NextRequest) {
         actorEmail: existingUser.email,
         action: AuditAction.PASSWORD_RESET_REQUESTED,
         resourceType: AuditResourceType.PASSWORD,
-        description: 'Password reset requested',
+        resourceId: existingUser.id,
+        resourceName: existingUser.email ?? undefined,
+        description: `Password reset requested for ${existingUser.email}`,
         request,
       })
     }
diff --git a/apps/sim/app/api/credentials/[id]/route.ts b/apps/sim/app/api/credentials/[id]/route.ts
@@ -170,6 +170,8 @@ export async function PUT(request: NextRequest, { params }: { params: Promise<{
     recordAudit({
       workspaceId: access.credential.workspaceId,
       actorId: session.user.id,
+      actorName: session.user.name,
+      actorEmail: session.user.email,
       action: AuditAction.CREDENTIAL_UPDATED,
       resourceType: AuditResourceType.CREDENTIAL,
       resourceId: id,
@@ -268,6 +270,8 @@ export async function DELETE(
       recordAudit({
         workspaceId: access.credential.workspaceId,
         actorId: session.user.id,
+        actorName: session.user.name,
+        actorEmail: session.user.email,
         action: AuditAction.CREDENTIAL_DELETED,
         resourceType: AuditResourceType.CREDENTIAL,
         resourceId: id,
@@ -333,6 +337,8 @@ export async function DELETE(
       recordAudit({
         workspaceId: access.credential.workspaceId,
         actorId: session.user.id,
+        actorName: session.user.name,
+        actorEmail: session.user.email,
         action: AuditAction.CREDENTIAL_DELETED,
         resourceType: AuditResourceType.CREDENTIAL,
         resourceId: id,
@@ -361,6 +367,8 @@ export async function DELETE(
     recordAudit({
       workspaceId: access.credential.workspaceId,
       actorId: session.user.id,
+      actorName: session.user.name,
+      actorEmail: session.user.email,
       action: AuditAction.CREDENTIAL_DELETED,
       resourceType: AuditResourceType.CREDENTIAL,
       resourceId: id,
diff --git a/apps/sim/app/api/credentials/route.ts b/apps/sim/app/api/credentials/route.ts
@@ -616,6 +616,8 @@ export async function POST(request: NextRequest) {
     recordAudit({
       workspaceId,
       actorId: session.user.id,
+      actorName: session.user.name,
+      actorEmail: session.user.email,
       action: AuditAction.CREDENTIAL_CREATED,
       resourceType: AuditResourceType.CREDENTIAL,
       resourceId: credentialId,
diff --git a/apps/sim/app/api/schedules/[id]/route.ts b/apps/sim/app/api/schedules/[id]/route.ts
@@ -146,6 +146,8 @@ export async function PUT(request: NextRequest, { params }: { params: Promise<{
       recordAudit({
         workspaceId,
         actorId: session.user.id,
+        actorName: session.user.name,
+        actorEmail: session.user.email,
         action: AuditAction.SCHEDULE_UPDATED,
         resourceType: AuditResourceType.SCHEDULE,
         resourceId: scheduleId,
@@ -209,6 +211,8 @@ export async function PUT(request: NextRequest, { params }: { params: Promise<{
       recordAudit({
         workspaceId,
         actorId: session.user.id,
+        actorName: session.user.name,
+        actorEmail: session.user.email,
         action: AuditAction.SCHEDULE_UPDATED,
         resourceType: AuditResourceType.SCHEDULE,
         resourceId: scheduleId,
@@ -253,6 +257,8 @@ export async function PUT(request: NextRequest, { params }: { params: Promise<{
     recordAudit({
       workspaceId,
       actorId: session.user.id,
+      actorName: session.user.name,
+      actorEmail: session.user.email,
       action: AuditAction.SCHEDULE_UPDATED,
       resourceType: AuditResourceType.SCHEDULE,
       resourceId: scheduleId,
@@ -300,6 +306,8 @@ export async function DELETE(
     recordAudit({
       workspaceId,
       actorId: session.user.id,
+      actorName: session.user.name,
+      actorEmail: session.user.email,
       action: AuditAction.SCHEDULE_DELETED,
       resourceType: AuditResourceType.SCHEDULE,
       resourceId: scheduleId,
diff --git a/apps/sim/app/api/schedules/route.ts b/apps/sim/app/api/schedules/route.ts
@@ -283,6 +283,8 @@ export async function POST(req: NextRequest) {
     recordAudit({
       workspaceId,
       actorId: session.user.id,
+      actorName: session.user.name,
+      actorEmail: session.user.email,
       action: AuditAction.SCHEDULE_CREATED,
       resourceType: AuditResourceType.SCHEDULE,
       resourceId: id,
