feat: v1.7 overhaul - identity hash, triple wallet, financial ledger, and security audit system

backend/app/models/audit.py

@@ -1,16 +1,56 @@
-from sqlalchemy import Column, Integer, String, DateTime, JSON, ForeignKey, text
+from sqlalchemy import Column, Integer, String, DateTime, JSON, ForeignKey, text, Numeric, Boolean, BigInteger
 from sqlalchemy.sql import func
 from app.db.base_class import Base
 
-class AuditLog(Base):
-    __tablename__ = "audit_logs"
-    __table_args__ = {"schema": "data"}
+class SecurityAuditLog(Base):
+    """ Kiemelt biztonsági események és a 4-szem elv. """
+    __tablename__ = "security_audit_logs"
+    __table_args__ = {"schema": "data", "extend_existing": True}
 
-    id = Column(Integer, primary_key=True, index=True)
+    id = Column(Integer, primary_key=True)
+    action = Column(String(50)) # 'ROLE_CHANGE', 'MANUAL_CREDIT_ADJUST', 'SUB_EXTEND'
+    
+    actor_id = Column(Integer, ForeignKey("data.users.id")) # Aki kezdeményezte
+    target_id = Column(Integer, ForeignKey("data.users.id")) # Akivel történt
+    
+    # 4-szem elv: csak akkor válik élessé, ha ez nem NULL
+    confirmed_by_id = Column(Integer, ForeignKey("data.users.id"), nullable=True)
+    is_critical = Column(Boolean, default=False) # Szuperadmin hívásoknál True
+    
+    payload_before = Column(JSON)
+    payload_after = Column(JSON)
+    created_at = Column(DateTime(timezone=True), server_default=func.now())
+
+class OperationalLog(Base):
+    """ Napi üzemi események (Operational). """
+    __tablename__ = "operational_logs"
+    __table_args__ = {"schema": "data", "extend_existing": True}
+    
+    id = Column(Integer, primary_key=True, index=True) # <--- EZ HIÁNYZOTT!
     user_id = Column(Integer, ForeignKey("data.users.id", ondelete="SET NULL"), nullable=True)
-    action = Column(String(100), nullable=False)  # pl. "LOGIN", "REGISTER", "DELETE_ASSET"
-    resource_type = Column(String(50))           # pl. "User", "Asset", "Organization"
+    action = Column(String(100), nullable=False) # pl. "ADD_VEHICLE", "UPDATE_COST"
+    resource_type = Column(String(50))           # pl. "Asset", "Expense"
     resource_id = Column(String(100))
     details = Column(JSON, server_default=text("'{}'::jsonb"))
     ip_address = Column(String(45))
+    created_at = Column(DateTime(timezone=True), server_default=func.now())
+
+class FinancialLedger(Base):
+    """ Minden pénz- és kreditmozgás központi naplója. """
+    __tablename__ = "financial_ledger"
+    __table_args__ = {"schema": "data", "extend_existing": True}
+
+    id = Column(Integer, primary_key=True)
+    user_id = Column(Integer, ForeignKey("data.users.id"))
+    person_id = Column(BigInteger, ForeignKey("data.persons.id"))
+    
+    amount = Column(Numeric(18, 4), nullable=False)
+    currency = Column(String(10)) # 'HUF', 'CREDIT', 'COIN'
+    
+    transaction_type = Column(String(50)) # 'PURCHASE', 'HUNTING_COMMISSION', 'FARMING_COMMISSION'
+    
+    # Üzletkötői követhetőség
+    related_agent_id = Column(Integer, ForeignKey("data.users.id"), nullable=True)
+    
+    details = Column(JSON, server_default=text("'{}'::jsonb"))
     created_at = Column(DateTime(timezone=True), server_default=func.now())