Banco Alimentos uses Hibernate Envers to maintain a tamper-evident revision history for the entities most sensitive to change: donors (Documentation Index
Fetch the complete documentation index at: https://mintlify.com/alvarezlautaro/BancoAlimentos/llms.txt
Use this file to discover all available pages before exploring further.
Donante) and beneficiary institutions (Institucion). Every time an audited field is modified, Envers records a new revision entry automatically — no application code is required to trigger it. This page explains which entities are audited, what is captured, and how to retrieve historical snapshots through the API.
Audited entities
Two entities carry the@Audited annotation at the class level.
Donante
All scalar fields (
razonSocial, cuit, telefono, email, direccion) are audited. The donaciones list association is excluded via @NotAudited.Institucion
All scalar fields (
nombre, tipo, direccion, telefono, email, estado, externalId) are audited. The remitos list association is excluded via @NotAudited.Why associations are excluded
BothDonante and Institucion carry @NotAudited on their respective @OneToMany collection fields (donaciones and remitos). This is intentional: tracking every addition or removal of a child record in those collections would flood the revision table with low-value entries. Audit history is focused on changes to the entity’s own identifying and contact data.
How Envers works under the hood
When Hibernate Envers is active, it creates shadow_AUD tables for every @Audited entity alongside the primary tables. For Banco Alimentos these are:
| Primary table | Audit table |
|---|---|
donantes | donantes_AUD |
institucion | institucion_AUD |
REVINFO table stores revision metadata (revision number and timestamp). Each row in an _AUD table corresponds to one revision of one entity, with a REVTYPE column indicating whether the row represents an insert (0), update (1), or delete (2).
Envers creates the
_AUD tables and REVINFO table automatically on application startup when spring.jpa.hibernate.ddl-auto is set to update or create. No manual migration scripts are required for the audit infrastructure itself.Retrieving audit history via the API
Donor history
Donante snapshots ordered by revision. Each entry in the response represents the full state of the donor record at a particular revision — useful for tracking when a CUIT, contact number, or address was last changed.
Path parameter:
| Parameter | Type | Description |
|---|---|---|
id | Long | Numeric internal ID of the Donante |
Donante is modified.
Institution history
Institucion snapshots. The endpoint uses the UUID externalId — not the internal numeric id — as the path parameter, consistent with how all other institution endpoints are addressed.
Path parameter:
| Parameter | Type | Description |
|---|---|---|
externalId | UUID | Public UUID identifier of the Institucion |
estado from AL_DIA to DEUDOR, which Envers captured automatically when the record was updated.
What triggers a new revision
A new revision entry is written whenever a JPA transaction that modifies an audited entity is committed. Common triggers include:- Updating a donor’s contact details (
PUT /api/donantes/{id}) - Changing an institution’s
estadoPagoortipoInstitucion(PUT /api/instituciones/{externalId}) - Creating a new
DonanteorInstitucion(POST)
REVTYPE = 2, so the history reflects the entity’s last known state before removal.
GET /api/donantes/{id}/historial is protected by @PreAuthorize("hasAuthority('AUDITORIA_DONACION_VER')") — requests without that authority receive a 403 Forbidden response. GET /api/instituciones/{externalId}/historial carries no method-level @PreAuthorize annotation and relies solely on any global security configuration in place.