From bea9da96d44965fcee5e2eba448960443152d4ea Mon Sep 17 00:00:00 2001
From: Fringg <egor.andrianovv@gmail.com>
Date: Wed, 25 Feb 2026 05:24:16 +0300
Subject: [PATCH] feat: capture query params in audit log details for all
 requests

---
 app/cabinet/dependencies.py | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/app/cabinet/dependencies.py b/app/cabinet/dependencies.py
index f329cde6..f0deca54 100644
--- a/app/cabinet/dependencies.py
+++ b/app/cabinet/dependencies.py
@@ -326,17 +326,21 @@ def require_permission(*permissions: str):
                     detail=f'Permission denied: {reason}',
                 )
 
-        # Capture request body for mutating methods
-        details: dict | None = None
+        # Capture request details
+        details: dict = {}
         if request.method in ('POST', 'PUT', 'PATCH', 'DELETE'):
             try:
                 body = await request.body()
                 if body:
                     import json
 
-                    details = {'request_body': json.loads(body)}
+                    details['request_body'] = json.loads(body)
             except Exception:
                 pass
+        # Capture query params for all methods
+        query_params = dict(request.query_params)
+        if query_params:
+            details['query_params'] = query_params
 
         # Log successful access with all requested permissions
         await PermissionService.log_action(
@@ -349,7 +353,7 @@ def require_permission(*permissions: str):
             user_agent=user_agent,
             request_method=request.method,
             request_path=str(request.url.path),
-            details=details,
+            details=details or None,
         )
         await db.commit()
         return user