admin roadmap csv export, adminactionlog, global search

prisma/migrations/20260518180000_add_admin_action_log/migration.sql

@@ -0,0 +1,29 @@
+-- CreateTable: log polymorphic untuk admin actions lintas entity. Append-only,
+-- never update/delete. Dipakai untuk compliance & investigasi (siapa
+-- approve/reject/cancel/suspend, kapan, dengan payload apa).
+--
+-- `adminId` nullable + `adminEmail` snapshot supaya kalau admin dihapus,
+-- log entry tetap auditable (siapa via email, kapan, payload apa). FK
+-- ON DELETE SET NULL menjamin adminId di-clear tanpa cascade ke baris log.
+CREATE TABLE "AdminActionLog" (
+    "id" TEXT NOT NULL,
+    "adminId" TEXT,
+    "adminEmail" TEXT NOT NULL,
+    "action" TEXT NOT NULL,
+    "entityType" TEXT NOT NULL,
+    "entityId" TEXT NOT NULL,
+    "payload" JSONB,
+    "createdAt" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
+
+    CONSTRAINT "AdminActionLog_pkey" PRIMARY KEY ("id")
+);
+
+-- Index: filter "all actions by admin X" + "all actions on entity Y".
+CREATE INDEX "AdminActionLog_adminId_createdAt_idx" ON "AdminActionLog"("adminId", "createdAt" DESC);
+CREATE INDEX "AdminActionLog_entityType_entityId_idx" ON "AdminActionLog"("entityType", "entityId");
+CREATE INDEX "AdminActionLog_createdAt_idx" ON "AdminActionLog"("createdAt" DESC);
+
+-- FK: admin user — SET NULL kalau admin dihapus supaya log tidak hilang.
+ALTER TABLE "AdminActionLog" ADD CONSTRAINT "AdminActionLog_adminId_fkey"
+  FOREIGN KEY ("adminId") REFERENCES "User"("id")
+  ON DELETE SET NULL ON UPDATE CASCADE;

prisma/schema.prisma

@@ -49,6 +49,9 @@ model User {
   /// Trip yang dibatalkan admin ini lewat panel admin (intervensi).
   adminCancelledTrips Trip[] @relation("TripCancelledByAdmin")
 
+  /// Audit log polymorphic — semua aksi admin yang dilakukan oleh user ini.
+  adminActionLogs AdminActionLog[] @relation("AdminActionLogAdmin")
+
   profile UserProfile?
 }
 
@@ -445,6 +448,31 @@ model Refund {
   @@index([status, createdAt])
 }
 
+/// Log polymorphic untuk admin actions lintas entity. Append-only — kalau
+/// admin dihapus, `adminId` di-set NULL tapi `adminEmail` snapshot tetap.
+/// Dipakai untuk compliance & investigasi (siapa approve/reject/cancel/
+/// suspend, kapan, dengan payload apa).
+model AdminActionLog {
+  id         String   @id @default(cuid())
+  adminId    String?
+  admin      User?    @relation("AdminActionLogAdmin", fields: [adminId], references: [id], onDelete: SetNull)
+  /// Snapshot email admin saat action dijalankan — tetap ada meski admin dihapus.
+  adminEmail String
+  /// Nama aksi dalam SCREAMING_SNAKE, mis. `REFUND_APPROVE`, `TRIP_CANCEL`, `USER_SUSPEND`.
+  action     String
+  /// Tipe entity yang di-target: `Refund` / `Payout` / `Trip` / `User` / `Verification` / `Payment`.
+  entityType String
+  entityId   String
+  /// Payload bebas (input parameter, hasil, dst) untuk konteks investigasi.
+  payload    Json?
+
+  createdAt DateTime @default(now())
+
+  @@index([adminId, createdAt(sort: Desc)])
+  @@index([entityType, entityId])
+  @@index([createdAt(sort: Desc)])
+}
+
 /// Log per cron run untuk observability admin. Append-only.
 /// `runCron(jobName, fn)` di `lib/cron-runner.ts` otomatis create row RUNNING
 /// → update SUCCESS/FAILED setelah selesai. Dipakai admin di `/admin/system`.