Log SQL executions made via UI

routes/sql_explorer.py

@@ -2,11 +2,11 @@ import os
 import requests # Import requests library
 import json     # Import json library
 from flask import Blueprint, render_template, request, current_app, jsonify
-from flask_login import login_required
+from flask_login import login_required, current_user
 from jinja2_fragments import render_block
 from flask_htmx import HTMX
 from extensions import db
-from utils import prepare_svg_plot_data # Will be created for SVG data prep
+from utils import prepare_svg_plot_data, get_client_ip # Will be created for SVG data prep
 
 sql_explorer_bp = Blueprint('sql_explorer', __name__, url_prefix='/sql')
 htmx = HTMX()
@@ -14,6 +14,19 @@ htmx = HTMX()
 
 
 
+def record_sql_audit(query, success, error_message=None):
+    """Records a SQL execution in the audit table."""
+    try:
+        person_id = getattr(current_user, 'id', None)
+        ip_address = get_client_ip()
+        sql = """
+            INSERT INTO sql_audit (person_id, query, ip_address, success, error_message)
+            VALUES (%s, %s, %s, %s, %s)
+        """
+        db.execute(sql, [person_id, query, ip_address, success, error_message], commit=True)
+    except Exception as e:
+        current_app.logger.error(f"Failed to record SQL audit: {e}")
+
 def _execute_sql(query):
     """Executes arbitrary SQL query, returning results, columns, and error."""
     results, columns, error = None, [], None
@@ -21,9 +34,11 @@ def _execute_sql(query):
         results = db.execute(query)
         if results:
             columns = list(results[0].keys()) if isinstance(results, list) and results else []
+        record_sql_audit(query, True)
     except Exception as e:
         error = str(e)
         db.getDB().rollback()
+        record_sql_audit(query, False, error)
     return (results, columns, error)
 
 def _save_query(title, query):