From ea88042ef55c638796082eb6d096a5939d3501bb Mon Sep 17 00:00:00 2001
From: hsiegeln <37154749+hsiegeln@users.noreply.github.com>
Date: Thu, 26 Mar 2026 23:55:24 +0100
Subject: [PATCH] fix: exclude search endpoint from audit log

POST /api/v1/search/executions is a read-only query using POST for the
request body. Skip it in AuditInterceptor to avoid flooding the audit
log with search operations.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .../cameleer3/server/app/interceptor/AuditInterceptor.java    | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/cameleer3-server-app/src/main/java/com/cameleer3/server/app/interceptor/AuditInterceptor.java b/cameleer3-server-app/src/main/java/com/cameleer3/server/app/interceptor/AuditInterceptor.java
index ee31bd98..1a513dea 100644
--- a/cameleer3-server-app/src/main/java/com/cameleer3/server/app/interceptor/AuditInterceptor.java
+++ b/cameleer3-server-app/src/main/java/com/cameleer3/server/app/interceptor/AuditInterceptor.java
@@ -22,6 +22,7 @@ import java.util.Set;
 public class AuditInterceptor implements HandlerInterceptor {
 
     private static final Set<String> AUDITABLE_METHODS = Set.of("POST", "PUT", "DELETE");
+    private static final Set<String> EXCLUDED_PATHS = Set.of("/api/v1/search/executions");
 
     private final AuditService auditService;
 
@@ -40,6 +41,9 @@ public class AuditInterceptor implements HandlerInterceptor {
         }
 
         String path = request.getRequestURI();
+        if (EXCLUDED_PATHS.contains(path)) {
+            return;
+        }
         AuditResult result = response.getStatus() < 400 ? AuditResult.SUCCESS : AuditResult.FAILURE;
 
         auditService.log(