fix: endpoint template

server/backend/api/app/main.py

@@ -26,7 +26,8 @@
     router_user_role_assignment,
     router_user_terms_conditions,
     router_guards,
-    router_user
+    router_user,
+    router_permission_audit
 )
 
 logConfigFile = os.path.join(
@@ -136,6 +137,12 @@ def main():
     dependencies=[Depends(router_guards.verify_api_key_for_update_user_info)],
     tags=["FAM User"],
 )
+app.include_router(
+    router_permission_audit.router,
+    prefix=apiPrefix + "/permission-audit-history",
+    dependencies=[Depends(router_guards.authorize)],
+    tags=["Permission Audit"],
+)
 
 
 

server/backend/api/app/routers/router_guards.py

@@ -136,10 +136,13 @@ def authorize_by_app_id(
     db: Session = Depends(database.get_db),
     access_roles=Depends(get_access_roles),
     requester: RequesterSchema = Depends(get_current_requester),
-):
+) -> int:
     """
     This authorize_by_app_id method is used for the authorization check of a specific application,
     we require user to be the app admin or delegated admin of the application
+
+    Returns:
+        int: The application ID if the user is authorized.
     """
     requester_is_app_admin = crud_utils.is_app_admin(
         db=db, application_id=application_id, access_roles=access_roles
@@ -160,6 +163,7 @@ def authorize_by_app_id(
                 error_code=ERROR_PERMISSION_REQUIRED,
                 error_msg="Requester has no admin or delegated admin access to the application.",
             )
+    return application_id
 
 
 async def get_request_role_from_id(

server/backend/api/app/routers/router_permission_audit.py

@@ -0,0 +1,57 @@
+import logging
+from typing import List
+
+from api.app import database
+from api.app.crud import crud_application
+from api.app.routers.router_guards import (
+    authorize_by_app_id,
+    authorize_by_application_role,
+    get_current_requester,
+)
+from api.app.schemas import RequesterSchema, FamApplicationUserRoleAssignmentGetSchema
+from fastapi import APIRouter, Depends, HTTPException
+from sqlalchemy.orm import Session
+
+LOGGER = logging.getLogger(__name__)
+router = APIRouter()
+
+
+@router.get(
+    "/", response_model=List[FamApplicationUserRoleAssignmentGetSchema], status_code=200
+)
+async def get_permission_audit_history_by_user_and_application(
+    user_id: int,
+    application_id: int = Depends(authorize_by_app_id),
+):
+    """
+    Retrieve the permission audit history for a given user and application.
+
+    Args:
+        userId (int): The ID of the user for whom the audit history is being requested.
+        applicationId (int): The ID of the application associated with the audit history.
+
+    Returns:
+        List[dict]: A list of audit history records for the given user and application.
+    """
+    audit_history = [
+        {
+            "audit_id": 1,
+            "user_id": user_id,
+            "application_id": application_id,
+            "change": "Role added",
+        },
+        {
+            "audit_id": 2,
+            "user_id": user_id,
+            "application_id": application_id,
+            "change": "Role removed",
+        },
+    ]
+
+    if not audit_history:
+        raise HTTPException(
+            status_code=404,
+            detail="No audit history found for the given user and application",
+        )
+
+    return audit_history