From 7e534cc65f20a222bd2d2e9b0099cb1254529b74 Mon Sep 17 00:00:00 2001
From: Max D <max@Maxs-MacBook-Air.local>
Date: Wed, 3 Dec 2025 08:48:40 -0500
Subject: [PATCH] employee profile audits

---
 routes/crudRoutes.js     | 32 ++++++++++++++++++++++++++++++++
 routes/employeeRoutes.js | 19 +++++++++++++++++++
 2 files changed, 51 insertions(+)

diff --git a/routes/crudRoutes.js b/routes/crudRoutes.js
index 5de3b642..e9a511c4 100644
--- a/routes/crudRoutes.js
+++ b/routes/crudRoutes.js
@@ -1082,6 +1082,17 @@ class Crud {
         // send successful 200 status
         res.status(200).send(dataUpdated);
 
+        try {
+          this.recordChange({
+            employee: req.employee, 
+            table: table, 
+            oldImage: req.employee, 
+            newImage: dataUpdated
+          });
+        } catch (auditErr) {
+          logger.log(3, '_updateAttributesWrapper', `Audit logging failed ${auditErr.message}`);
+        }
+
         // return updated data
         return dataUpdated;
       } else {
@@ -1152,6 +1163,27 @@ class Crud {
         // send successful 200 status
         res.status(200).send(dataUpdated);
 
+        try {
+          if(tables[0]?.attributes?.length > 0) {
+            this.recordChange({
+              employee: req.employee, 
+              table: tables[0].table,
+              oldImage: req.employee, 
+              newImage: dataUpdated
+            });
+          }
+          if(tables[1]?.attributes?.length > 0) {
+            this.recordChange({
+              employee: req.employee, 
+              table: tables[1].table,
+              oldImage: req.employee, 
+              newImage: dataUpdated
+            });
+          }
+        } catch (auditErr) {
+          logger.log(3, '_updateAttributesWrapper', `Audit logging failed ${auditErr.message}`);
+        }
+
         // return updated data
         return dataUpdated;
       } else {
diff --git a/routes/employeeRoutes.js b/routes/employeeRoutes.js
index 15a662e2..c3ddda13 100644
--- a/routes/employeeRoutes.js
+++ b/routes/employeeRoutes.js
@@ -656,6 +656,8 @@ class EmployeeRoutes extends Crud {
           sameIds = true;
         }
 
+        let oldEmployeeBasic = new Employee(await this.databaseModify.getEntry(req.body.id));
+        let oldEmployeeSensitive = new EmployeeSensitive(await this.employeeSensitiveDynamo.getEntry(req.body.id));
         let basicData = new Employee(employeeValidated);
         let sensitiveData = new EmployeeSensitive(employeeValidated);
         if (sameIds) {
@@ -679,6 +681,23 @@ class EmployeeRoutes extends Crud {
         // send successful 200 status
         res.status(200).send(employeeValidated);
 
+        //only audit if the data changed
+        if(!_.isEqual(oldEmployeeBasic, basicData)) {
+          await this.recordChange({
+            employee: req.employee, 
+            table: EMPLOYEES_TABLE, 
+            oldImage: oldEmployeeBasic, 
+            newImage: basicData
+          });
+        }
+        if(!_.isEqual(oldEmployeeSensitive, sensitiveData)) {
+          await this.recordChange({
+            employee: req.employee, 
+            table: EMPLOYEES_SENSITIVE_TABLE, 
+            oldImage: oldEmployeeSensitive, 
+            newImage: sensitiveData
+          });
+        }
         // return updated data
         return employeeValidated;
       } else {