feat(audit-log-to-alsng): Support for sending generic audit log events (#176)

Co-authored-by: D050513 <sebastian.van.syckel@sap.com>
Co-authored-by: sjvans <30337871+sjvans@users.noreply.github.com>

Author: mtsvetanov071

CHANGELOG.md

@@ -4,11 +4,15 @@ All notable changes to this project will be documented in this file.
 This project adheres to [Semantic Versioning](http://semver.org/).
 The format is based on [Keep a Changelog](http://keepachangelog.com/).
 
-## Version 1.0.2 - tbd
+## Version 1.1.0 - 2025-09-08
+
+### Added
+
+- `audit-log-to-alsng`: Support for sending generic audit log events
 
 ### Fixed
 
-- Correctly retrieve `appId` from the `VCAP_APPLICATION` environment variable
+- `audit-log-to-alsng`: Correctly retrieve `appId` from the `VCAP_APPLICATION` environment variable
 
 ## Version 1.0.1 - 2025-08-05
 

package.json

@@ -1,6 +1,6 @@
 {
   "name": "@cap-js/audit-logging",
-  "version": "1.0.2",
+  "version": "1.1.0",
   "description": "CDS plugin providing integration to the SAP Audit Log service as well as out-of-the-box personal data-related audit logging based on annotations.",
   "repository": "cap-js/audit-logging",
   "author": "SAP SE (https://www.sap.com)",

srv/log2alsng.js

@@ -1,5 +1,4 @@
 const cds = require('@sap/cds')
-
 const LOG = cds.log('audit-log')
 
 const https = require('https')
@@ -24,12 +23,14 @@ module.exports = class AuditLog2ALSNG extends AuditLogService {
   }
 
   eventMapper(event, data) {
-    return {
+    const known = {
       PersonalDataModified: () => this.logEvent('dppDataModification', data),
       SensitiveDataRead: () => this.logEvent('dppDataAccess', data),
       ConfigurationModified: () => this.logEvent('configurationChange', data),
       SecurityEvent: () => this.logEvent('legacySecurityWrapper', data)
-    }[event]()
+    }
+    const dfault = () => this.logEvent(event, data)
+    return (known[event] ?? dfault)()
   }
 
   flattenAndSortIdObject(id) {
@@ -49,7 +50,8 @@ module.exports = class AuditLog2ALSNG extends AuditLogService {
     const oldValue = attributes[0]['old'] ?? ''
     const newValue = attributes[0]['new'] ?? ''
     const dataSubjectId = this.flattenAndSortIdObject(subject['id'])
-    return {
+
+    const known = {
       dppDataModification: {
         objectType: object['type'],
         objectId: objectId,
@@ -84,7 +86,26 @@ module.exports = class AuditLog2ALSNG extends AuditLogService {
               : data.data
         })
       }
-    }[event]
+    }
+    if (event in known) return known[event]
+
+    // For unknown events, remove common audit log entry fields from the event payload
+    if (typeof data === 'object' && data !== null) {
+      const rest = this.removeCommonAuditLogFields(data)
+      return rest
+    }
+
+    return data
+  }
+
+  removeCommonAuditLogFields(obj) {
+    if (typeof obj !== 'object' || obj === null) return obj
+    const { ...rest } = obj
+    delete rest.uuid
+    delete rest.user
+    delete rest.time
+    delete rest.tenant
+    return rest
   }
 
   eventPayload(event, data) {
@@ -126,14 +147,18 @@ module.exports = class AuditLog2ALSNG extends AuditLogService {
       return JSON.stringify([this.eventPayload(event, data)])
     }
 
-    const eventData = data['attributes']?.map(attr => {
-      return this.eventPayload(event, {
-        ...data,
-        attributes: [attr]
+    if (event in { dppDataModification: 1, dppDataAccess: 1, configurationChange: 1 }) {
+      const eventData = data['attributes']?.map(attr => {
+        return this.eventPayload(event, {
+          ...data,
+          attributes: [attr]
+        })
       })
-    })
+      return JSON.stringify(eventData || [])
+    }
 
-    return JSON.stringify(eventData || [])
+    // Always wrap event in an envelope for custom events
+    return JSON.stringify([this.eventPayload(event, data)])
   }
 
   logEvent(event, data) {

test/integration/ng.test.js

@@ -53,4 +53,22 @@ describe('Log to Audit Log Service NG ', () => {
       POST('/integration/passthrough', { event: 'PersonalDataModified', data: '{}' }, { auth: ALICE })
     ).rejects.toThrow('Request failed with: 403 - Forbidden')
   })
+
+  test('writes log for custom event tenantOnboarding', async () => {
+    const customEvent = 'tenantOnboarding'
+    const data = JSON.stringify({
+      tenantId: 'test-tenant'
+    })
+    const res = await POST('/integration/passthrough', { event: customEvent, data }, { auth: ALICE })
+    expect(res).toMatchObject({ status: 204 })
+  })
+
+  test('writes log for custom event userLogoff', async () => {
+    const customEvent = 'userLogoff'
+    const data = JSON.stringify({
+      logoffType: 'UNSPECIFIED'
+    })
+    const res = await POST('/integration/passthrough', { event: customEvent, data }, { auth: ALICE })
+    expect(res).toMatchObject({ status: 204 })
+  })
 })

test/personal-data/crud.test.js

@@ -1058,7 +1058,6 @@ describe('personal data audit logging in CRUD', () => {
           { name: 'description', old: '***' },
           { name: 'todo', old: oldAttachments[1].todo }
         ]
-            
       })
       expect(_logs).toContainMatchObject({
         user: 'alice',