Fix/#73 auditlog

[whc9999]

✨ 어떤 이유로 PR를 하셨나요?

• feature 병합
• 버그 수정(아래에 issue #를 남겨주세요)
• 코드 개선
• 코드 수정
• 배포
• 기타(아래에 자세한 내용 기입해주세요)

📋 세부 내용 - 왜 해당 PR이 필요한지 작업 내용을 자세하게 설명해주세요

📸 작업 화면 스크린샷

⚠️ PR하기 전에 확인해주세요

• 로컬테스트를 진행하셨나요?
• 머지할 브랜치를 확인하셨나요?
• 관련 label을 선택하셨나요?

🚨 관련 이슈 번호 [#73]

Summary by CodeRabbit

• New Features

  • Implemented comprehensive audit logging system to track and record user actions across analysis, questions, job postings, and mock applications, capturing user IP address and browser information for compliance and accountability.

• Bug Fixes

  • Enhanced payment response handling to gracefully process responses with unknown or unexpected properties.

[coderabbitai]

Caution

Review failed

Pull request was closed or merged during review

📝 Walkthrough

Walkthrough

The pull request introduces a complete audit logging framework using Spring AOP annotations. It adds a new @AuditLogEvent annotation, audit entity and repository layer, request-aware recording service, and AOP aspect that intercepts annotated methods to capture and persist audit events. The framework is integrated across Analysis, Question, MockApply, and JobPosting domain services. Minor supporting changes include AnalysisService response path refactoring and TossPaymentConfirmResponse JSON flexibility.

Changes

Audit Logging Framework Integration

Layer / File(s)	Summary
Audit logging annotation src/main/java/com/jobdri/jobdri_api/domain/audit/annotation/AuditLogEvent.java	@AuditLogEvent annotation defines the contract for auditable methods with required action and targetType, plus optional SpEL-based targetId expression.
Audit entity and persistence contract src/main/java/com/jobdri/jobdri_api/domain/audit/entity/AuditLog.java, src/main/java/com/jobdri/jobdri_api/domain/audit/repository/AuditLogRepository.java	AuditLog JPA entity persists audit events with user, action, target metadata, before/after TEXT values, IP, user-agent, and creation timestamp. AuditLogRepository provides CRUD operations. Factory method auto-populates createdAt.
Audit recording service with request extraction src/main/java/com/jobdri/jobdri_api/domain/audit/service/AuditLogService.java	Service records audit events by extracting current user and request context (IP via X-Forwarded-For/X-Real-IP fallback, User-Agent header), serializing before/after values to JSON with fallback, and persisting via repository.
AOP aspect for audit method interception src/main/java/com/jobdri/jobdri_api/domain/audit/aop/AuditLogAspect.java	@Around advice intercepts @AuditLogEvent methods, extracts parameters (excluding User), evaluates SpEL target ID expressions, executes the method, records the audit event, and rethrows exceptions with warning logging.
Analysis and Question service audit logging src/main/java/com/jobdri/jobdri_api/domain/analysis/service/AnalysisService.java, src/main/java/com/jobdri/jobdri_api/domain/analysis/service/QuestionService.java	AnalysisService.analyze() logs analysis runs and refactors response path to return toResponse() directly. QuestionService logs custom candidate creation, selection saving, and answer submission, all targeting MOCK_APPLY via first argument.
MockApply and JobPosting service audit logging src/main/java/com/jobdri/jobdri_api/domain/mockapply/service/MockApplyService.java, src/main/java/com/jobdri/jobdri_api/domain/jobposting/service/JobPostingService.java	MockApplyService logs three creation methods with target ID from result expression. JobPostingService logs creation and update operations with method argument target IDs.
Supporting changes and fixes src/main/java/com/jobdri/jobdri_api/domain/payment/dto/toss/TossPaymentConfirmResponse.java	TossPaymentConfirmResponse adds @JsonIgnoreProperties(ignoreUnknown = true) for flexible Toss payment response deserialization.

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly Related PRs

• JobDri-Developer/BackEnd#61: Introduces the original analysis flow in AnalysisService; this PR adds audit logging and modifies the response path for the same service.

Poem

🐰 A trail of breadcrumbs through the code we go,
Each action logged with AOP's gentle flow,
From MockApply to Question, bold and true,
Audit events capture all that users do! ✨

🚥 Pre-merge checks | ✅ 3 | ❌ 2

❌ Failed checks (2 warnings)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The PR description follows the required template structure with checkboxes completed and related issue #73 referenced, but the 'Detailed Content' section is empty, providing no explanation of the audit logging implementation.	Fill in the '📋 세부 내용' section with a detailed explanation of the audit logging feature, its purpose, and the key implementation changes across services.
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'Fix/#73 auditlog' clearly relates to the primary objective of implementing audit logging functionality, which is the main change across multiple files in this changeset.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/#73-auditlog

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}