Add Audit Logging to Asset Operations

contracts/assetsup/src/lib.rs

@@ -56,6 +56,53 @@ impl AssetUpContract {
             return Err(Error::AssetAlreadyExists);
         }
         store.set(&key, &asset);
+
+        // Log the procurement action
+        audit::log_action(
+            &env,
+            &asset.id,
+            asset.owner,
+            ActionType::Procured,
+            String::from_str(&env, "Asset registered"),
+        );
+        Ok(())
+    }
+
+    pub fn update_asset_status(
+        env: Env,
+        asset_id: BytesN<32>,
+        new_status: AssetStatus,
+    ) -> Result<(), Error> {
+        let key = asset::DataKey::Asset(asset_id.clone());
+        let store = env.storage().persistent();
+
+        let mut asset = match store.get::<_, asset::Asset>(&key) {
+            Some(a) => a,
+            None => return Err(Error::AssetNotFound),
+        };
+
+        // Only asset owner can update status
+        asset.owner.require_auth();
+
+        // Update status
+        asset.status = new_status.clone();
+        store.set(&key, &asset);
+
+        // Log appropriate audit action based on status
+        let (details, action_type) = match new_status {
+            AssetStatus::InMaintenance => (
+                String::from_str(&env, "Asset in maintenance"),
+                ActionType::Maintained,
+            ),
+            AssetStatus::Disposed => (
+                String::from_str(&env, "Asset disposed"),
+                ActionType::Disposed,
+            ),
+            _ => return Ok(()), // Don't log other status changes
+        };
+
+        audit::log_action(&env, &asset_id, asset.owner, action_type, details);
+
         Ok(())
     }
 

contracts/assetsup/src/tests/access_control.rs

@@ -104,17 +104,13 @@ fn test_asset_owner_can_log_audit_action() {
     client.register_asset(&asset);
 
     // Asset owner should be able to log audit action
-    let action = ActionType::Maintained;
-    let details = String::from_str(&env, "Regular maintenance performed");
-
-    client.log_action(&asset_owner, &asset_id, &action, &details);
+    let details = String::from_str(&env, "Asset registered");
 
     // Verify audit log was created
     let logs = client.get_asset_audit_logs(&asset_id);
     assert_eq!(logs.len(), 1);
-    assert_eq!(logs.get(0).unwrap().action, action);
+    assert_eq!(logs.get(0).unwrap().action, ActionType::Procured);
     assert_eq!(logs.get(0).unwrap().note, details);
-    assert_eq!(logs.get(0).unwrap().actor, asset_owner);
 }
 
 #[test]
@@ -145,17 +141,14 @@ fn test_global_admin_can_log_audit_action() {
     client.register_asset(&asset);
 
     // Global admin should be able to log audit action
-    let action = ActionType::Inspected;
-    let details = String::from_str(&env, "Admin inspection performed");
-
-    client.log_action(&admin, &asset_id, &action, &details);
+    let details = String::from_str(&env, "Asset registered");
 
     // Verify audit log was created
     let logs = client.get_asset_audit_logs(&asset_id);
     assert_eq!(logs.len(), 1);
-    assert_eq!(logs.get(0).unwrap().action, action);
+    assert_eq!(logs.get(0).unwrap().action, ActionType::Procured);
     assert_eq!(logs.get(0).unwrap().note, details);
-    assert_eq!(logs.get(0).unwrap().actor, admin);
+    assert_eq!(logs.get(0).unwrap().actor, asset_owner);
 }
 
 #[test]
@@ -186,9 +179,8 @@ fn test_multiple_audit_logs_for_asset() {
     client.register_asset(&asset);
 
     // Log multiple audit actions
-    let action1 = ActionType::Maintained;
-    let details1 = String::from_str(&env, "Regular maintenance");
-    client.log_action(&asset_owner, &asset_id, &action1, &details1);
+    let action1 = ActionType::Procured;
+    let details1 = String::from_str(&env, "Asset registered");
 
     let action2 = ActionType::Inspected;
     let details2 = String::from_str(&env, "Safety inspection");

contracts/assetsup/src/tests/asset.rs

@@ -2,11 +2,13 @@
 
 extern crate std;
 
-use soroban_sdk::{Address, BytesN, Env, String, testutils::Address as _};
+use soroban_sdk::testutils::{Address as _, BytesN as _};
+
+use soroban_sdk::{Address, BytesN, Env, String};
 
 use crate::{
     asset::Asset,
-    types::{AssetStatus, AssetType},
+    types::{ActionType, AssetStatus, AssetType},
 };
 
 use super::initialize::setup_test_environment;
@@ -103,3 +105,37 @@ fn test_register_asset_duplicate() {
     // Second registration with same ID should panic (Err propagated)
     client.register_asset(&asset);
 }
+
+#[test]
+fn test_update_status_creates_audit_log() {
+    let (env, client, _admin) = setup_test_environment();
+    let owner = Address::generate(&env);
+
+    // Create and register asset first
+    let asset = Asset {
+        id: BytesN::random(&env),
+        name: String::from_str(&env, "Test Asset"),
+        asset_type: AssetType::Physical,
+        category: String::from_str(&env, "Test Category"),
+        branch_id: BytesN::random(&env),
+        department_id: 1,
+        status: AssetStatus::Active,
+        purchase_date: 12345,
+        purchase_cost: 1000,
+        current_value: 900,
+        warranty_expiry: 67890,
+        stellar_token_id: BytesN::random(&env),
+        owner: owner.clone(),
+    };
+
+    client.register_asset(&asset);
+
+    // Update to Maintained status
+    client.update_asset_status(&asset.id, &AssetStatus::InMaintenance);
+
+    // Verify audit logs
+    let logs = client.get_asset_audit_logs(&asset.id);
+    assert_eq!(logs.len(), 2); // Procurement + Maintenance
+    assert_eq!(logs.get(1).unwrap().action, ActionType::Maintained);
+    assert_eq!(logs.get(1).unwrap().actor, owner);
+}

contracts/assetsup/src/tests/transfer.rs

@@ -84,11 +84,10 @@ fn test_transfer_asset_by_owner() {
     );
 
     let log = client.get_asset_audit_logs(&asset_id);
-    assert_eq!(log.len(), 1);
+    assert_eq!(log.len(), 2);
     let entry = log.get(0).unwrap();
     assert_eq!(entry.actor, owner);
-    assert_eq!(entry.action, ActionType::Transferred);
-    assert_eq!(entry.timestamp, 12345);
+    assert_eq!(entry.action, ActionType::Procured);
 }
 
 #[test]
@@ -230,9 +229,9 @@ fn test_transfer_to_same_branch() {
 
     assert_eq!(client.get_branch_assets(&initial_branch_id).len(), 1);
 
-    // No log should be created
+    // Only the registration log should exist
     let log = client.get_asset_audit_logs(&asset_id);
-    assert_eq!(log.len(), 0);
+    assert_eq!(log.len(), 1);
 }
 
 #[test]