@generazioneai/prisma-audit
v0.2.0
Published
Prisma client extension: automatic attributed audit logging.
Keywords
Readme
@generazioneai/prisma-audit
Prisma client extension that auto-writes an attributed AuditLog row on every
mutation (and configured sensitive reads). Actor identity comes from
@generazioneai/authz's authzAls. Best-effort delivery (non-transactional).
Usage
Each consuming service adds an AuditLog model to its Prisma schema, then composes
the extension outermost over its authz extension:
import { createAuditExtension } from '@generazioneai/prisma-audit';
const authzExtended = applyAuthzExtension(base, { resources, dmmf });
const audited = authzExtended.$extends(createAuditExtension({
auditModel: 'AuditLog',
captureBefore: true,
sensitiveReadModels: ['YourSensitiveModel'], // read-access logging allowlist
getClient: () => authzExtended, // base/un-audited client — audit bypasses authz, no recursion
}));Actor identity is read from @generazioneai/authz's authzAls at write time; delivery
is best-effort (audit failures never affect the business operation).
