[BE-68] Implement GET /api/audit — admin-only paginated audit log endpoint

[mftee]

Overview

Once audit logs are recorded (BE-67), administrators need an endpoint to read them for compliance, investigation, and reporting purposes. Without this endpoint, audit data accumulates in the database with no way to access it through the API.

Background

Files to create:

• backend/src/audit/audit.controller.ts

Endpoint:
GET /api/audit — admin-only, protected with JwtAuthGuard + RolesGuard

Query params:

• actorId — filter by actor
• action — filter by action type
• targetType — filter by target entity type
• startDate / endDate — ISO date range filter
• page, limit — pagination

Response: { data: AuditLog[], total, page, limit }

The endpoint should also support CSV export via ?format=csv for compliance downloads (optional stretch goal).

Acceptance Criteria

• Endpoint returns 403 for non-admin users
• All query filters work correctly in combination
• Date range filter is inclusive on both ends
• Results ordered newest-first
• Response includes the actor's email/name via a JOIN with the users table

[BigBen-7]

@BigBen-7 has applied to work on this issue as part of the Stellar Wave Program's 6th wave.

i would love to work on this issue?

ℹ️ Repo Maintainers: To accept this application, review their application or assign @BigBen-7 to this issue.

[grantfox-oss]

🦊 GrantFox — @BigBen-7 has been assigned to this issue!

Next steps:

1. Open a Pull Request referencing this issue (e.g., Closes #792)
2. Your PR will be reviewed by the CodeGirlsInc maintainers

Good luck! Track your progress on GrantFox.

[drips-wave]

Congratulations, @BigBen-7! 🎉 Your application was accepted by the repo's maintainers, and the issue is due on June 30, 2026.

🧑‍💻 @BigBen-7: Please resolve the issue such that the repo's maintainers have enough time to review your contribution before the due date. You'll earn Points for completing the issue on-time, which will make you eligible for a share of the Stellar Wave Program's reward pool.

Warning

When opening a PR, please link it to this issue to ensure it gets tracked accurately. Points are awarded when this issue is marked as completed by the maintainer.

🤠 Repo maintainers: Please keep an eye on the contributor's progress and review their work before the due date. You can manage this issue, including adjusting its complexity and points, here.

🌊 Happy Wave 🌊

[drips-wave]

This issue has been completed by @BigBen-7 as part of the Stellar Wave Program's 6th Wave 🥳

😎 @BigBen-7: You earned 200 Points for completing this issue! After the current Wave ends, you'll be eligible for a percentage of the Wave's reward pool based on the percentage of total points you've earned. Learn more here. You can also Leave a review to share your experience working on this issue.

🧑‍💻 Repo maintainers: How'd the contributor do? Leave a review to share your experience working with them.