TenantAtlas/app/Services/Audit/WorkspaceAuditLogger.php

<?php

declare(strict_types=1);

namespace App\Services\Audit;

use App\Models\AuditLog;
use App\Models\User;
use App\Models\Workspace;
use App\Support\Audit\AuditContextSanitizer;
use Carbon\CarbonImmutable;

class WorkspaceAuditLogger
{
    public function log(
        Workspace $workspace,
        string $action,
        array $context = [],
        ?User $actor = null,
        string $status = 'success',
        ?string $resourceType = null,
        ?string $resourceId = null,
        ?int $actorId = null,
        ?string $actorEmail = null,
        ?string $actorName = null,
    ): AuditLog {
        $metadata = $context['metadata'] ?? [];
        unset($context['metadata']);

        $metadata = is_array($metadata) ? $metadata : [];

        $sanitizedMetadata = AuditContextSanitizer::sanitize($metadata + $context);

        return AuditLog::create([
            'tenant_id' => null,
            'workspace_id' => (int) $workspace->getKey(),
            'actor_id' => $actor?->getKey() ?? $actorId,
            'actor_email' => $actor?->email ?? $actorEmail,
            'actor_name' => $actor?->name ?? $actorName,
            'action' => $action,
            'resource_type' => $resourceType,
            'resource_id' => $resourceId,
            'status' => $status,
            'metadata' => $sanitizedMetadata,
            'recorded_at' => CarbonImmutable::now(),
        ]);
    }
}