fix(l1): write audit_logs rows at resolve/escalate with acting_as

Per spec §5.6.1, audit rows are written at session terminal events (resolve, escalate, escalate_without_walk). log_audit gains an optional acting_as parameter that propagates the session's acting_as tag ('l1_coverage' for engineer coverers, null for native L1 users). Final code review flagged this as Important — column existed but was never populated. Four new integration tests cover all three paths. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-28 16:19:26 -04:00
parent 10b5d4e9b0
commit 7882b4723b
3 changed files with 198 additions and 3 deletions
--- a/backend/app/services/l1_session_service.py
+++ b/backend/app/services/l1_session_service.py
@@ -9,6 +9,7 @@ from uuid import UUID

 from sqlalchemy.ext.asyncio import AsyncSession

+from app.core.audit import log_audit
 from app.models.flow_proposal import FlowProposal
 from app.models.l1_walk_session import L1WalkSession
 from app.models.user import User
@@ -194,6 +195,21 @@ async def resolve(
        )
    # PSA close deferred to Phase 2 — no-op for now

+    await log_audit(
+        db,
+        user_id=session.created_by_user_id,
+        action="l1.session.resolve",
+        resource_type="l1_walk_session",
+        resource_id=session.id,
+        details={
+            "session_kind": session.session_kind,
+            "helpful": helpful,
+            "ticket_id": session.ticket_id,
+            "ticket_kind": session.ticket_kind,
+        },
+        account_id=session.account_id,
+        acting_as=session.acting_as,
+    )
    await db.flush()
    return session

@@ -231,6 +247,21 @@ async def escalate(
        )
    # PSA reassign deferred to Phase 2

+    await log_audit(
+        db,
+        user_id=session.created_by_user_id,
+        action="l1.session.escalate",
+        resource_type="l1_walk_session",
+        resource_id=session.id,
+        details={
+            "session_kind": session.session_kind,
+            "escalation_reason_category": reason_category,
+            "ticket_id": session.ticket_id,
+            "ticket_kind": session.ticket_kind,
+        },
+        account_id=session.account_id,
+        acting_as=session.acting_as,
+    )
    await db.flush()
    return session

@@ -272,5 +303,19 @@ async def escalate_without_walk(
            ticket_id=UUID(ticket_id),
            status="escalated",
        )
-    await db.flush()
+    await db.flush()  # flush first so session.id is populated
+    await log_audit(
+        db,
+        user_id=session.created_by_user_id,
+        action="l1.session.escalate_no_walk",
+        resource_type="l1_walk_session",
+        resource_id=session.id,
+        details={
+            "escalation_reason_category": reason_category,
+            "ticket_id": ticket_id,
+            "ticket_kind": ticket_kind,
+        },
+        account_id=session.account_id,
+        acting_as=session.acting_as,
+    )
    return session