From 28e38e4dee5b9520a6397bee2c8128f4d98b21d7 Mon Sep 17 00:00:00 2001
From: hsiegeln <37154749+hsiegeln@users.noreply.github.com>
Date: Tue, 14 Apr 2026 18:17:42 +0200
Subject: [PATCH] fix: add audit logging to GET /admin/sensitive-keys

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .../server/app/controller/SensitiveKeysAdminController.java   | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/SensitiveKeysAdminController.java b/cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/SensitiveKeysAdminController.java
index a9533651..06728e3f 100644
--- a/cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/SensitiveKeysAdminController.java
+++ b/cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/SensitiveKeysAdminController.java
@@ -72,7 +72,9 @@ public class SensitiveKeysAdminController {
 
     @GetMapping
     @Operation(summary = "Get global sensitive keys configuration")
-    public ResponseEntity<SensitiveKeysConfig> getSensitiveKeys() {
+    public ResponseEntity<SensitiveKeysConfig> getSensitiveKeys(HttpServletRequest httpRequest) {
+        auditService.log("view_sensitive_keys", AuditCategory.CONFIG, "sensitive_keys",
+                null, AuditResult.SUCCESS, httpRequest);
         return sensitiveKeysRepository.find()
                 .map(ResponseEntity::ok)
                 .orElse(ResponseEntity.noContent().build());