androidlover5842/TrisolarisPMS
1
0
Fork 0
Code Issues 22 Pull Requests Actions Packages Projects 1 Releases Wiki Activity

Compliance: Audit trail for sensitive guest actions #8

New Issue
Open
opened 2026-02-09 17:13:19 +05:30 by androidlover5842 · 0 comments
androidlover5842 commented 2026-02-09 17:13:19 +05:30
Owner
Copy Link

Goal

  • Provide an audit log for sensitive actions (documents + guest profile updates) for accountability.

Scope

  • Log (server-side preferred): who, when, what changed for:
    • guest profile updates
    • document upload/delete
    • signature upload
    • booking guest link/unlink (if supported)

UI

  • Read-only timeline section in booking details or guest screen.

Engineering requirements

  • Do not duplicate permission logic; add explicit policy methods in core/auth/AuthzPolicy.
  • Follow Room DB sync rule: audit entries should come from server/Room, not local-only.

Acceptance

  • Audit entries are visible and consistent across devices.
Goal - Provide an audit log for sensitive actions (documents + guest profile updates) for accountability. Scope - Log (server-side preferred): who, when, what changed for: - guest profile updates - document upload/delete - signature upload - booking guest link/unlink (if supported) UI - Read-only timeline section in booking details or guest screen. Engineering requirements - Do not duplicate permission logic; add explicit policy methods in `core/auth/AuthzPolicy`. - Follow Room DB sync rule: audit entries should come from server/Room, not local-only. Acceptance - Audit entries are visible and consistent across devices.
androidlover5842 added the featurecompliancesecurity labels 2026-02-09 17:13:19 +05:30
androidlover5842 added this to the TrisolarisPMS Roadmap project 2026-02-09 17:14:53 +05:30
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
ai-ocr
AI / OCR / parsing automation
 api
API / contract / retrofit
 availability
Availability / inventory / allocation
 bug
Bug / regression
 compliance
Compliance / audit / legal requirements
 feature
User-facing functionality
 finance
Cashbook / expenses / settlements
 guest
Guest profile & identity flows
 guest-docs
Guest documents (upload/view/delete)
 hr-payroll
Staff, attendance, payroll
 integration
3rd party integrations / automation
 privacy
Privacy, consent, sensitive data handling
 room-db-sync
Must follow Room DB sync rule
 room-stay
Room stay management
 security
Security / permissions / sensitive data
 telephony
Call-related UX/integrations
 ux
User experience / UI polish
 voice-ai
Speech-to-text / voice extraction
No Label compliance feature security
Milestone
No items
No Milestone
Projects
Clear projects
No project TrisolarisPMS Roadmap
Assignees
Clear assignees
androidlover5842
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: androidlover5842/TrisolarisPMS#8
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?