Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/noelzappy/vaulx/llms.txt

Use this file to discover all available pages before exploring further.

Vaulx records every significant user action in an append-only audit_log table. Each entry captures the acting user, the action name, the affected resource type and ID, an optional JSONB metadata blob, and a creation timestamp. The admin audit page exposes this log with two query modes: paginated browsing (50 entries per page) and action-filtered search (up to 100 entries). Soft-deleted files are managed through the separate /admin/trash endpoints, which also write to the audit log on restore. All endpoints in this group require the admin role. Non-admin requests receive a 403 HTML error page.

Paginated audit log

GET /admin/audit Renders the HTML admin audit page. Without an action filter, results are paginated at 50 entries per page and include a total count for pagination controls. With an action filter, returns up to 100 matching entries without pagination. Authentication: admin only.
page
integer
Page number for paginated browsing. Defaults to 1. Ignored when action is supplied.
action
string
Filter results to a single action name (e.g. file.upload, share.revoke). When present, returns up to 100 entries and disables pagination. See the full action reference table below for valid values.
Example requests
GET /admin/audit
GET /admin/audit?page=3
GET /admin/audit?action=file.delete
GET /admin/audit?action=auth.login
Response fields per audit log entry
id
uuid
Unique audit log entry identifier.
action
string
The action name, e.g. file.upload or share.revoke.
resource_type
string
Type of resource affected: file, folder, or share. Null for actions with no associated resource (e.g. auth.login).
resource_id
uuid
UUID of the affected resource. Null when resource_type is null.
created_at
string
Timestamp of when the action was recorded.
actor_name
string
Display name of the user who performed the action.
actor_email
string
Email address of the user who performed the action.

Soft-deleted files (trash)

GET /admin/trash Renders the HTML admin trash page listing all files with status = 'deleted'. Files reach the trash via soft deletion — the row is retained in the files table but excluded from all normal file listings until restored or hard-deleted. Authentication: admin only. Response fields per trash item
id
uuid
File UUID, used as fileID in the restore endpoint.
name
string
Original filename at the time of deletion.
size_human
string
Human-readable file size (e.g. 4.2 MB).
uploader_name
string
Display name of the user who originally uploaded the file.
date
string
Human-readable upload date (e.g. Jan 2, 2006).

Restore file from trash

POST /admin/trash/{fileID}/restore Restores a soft-deleted file by setting its status back to active. The file immediately reappears in folder listings and becomes accessible for download. Authentication: admin only.
fileID
uuid
required
The UUID of the deleted file to restore.
Response
  • 200 OK with HX-Trigger header: {"showToast":{"message":"File restored","type":"success"}}.
  • 404 Not Found if no file with that UUID exists in the database.
  • 400 Bad Request if fileID is not a valid UUID.
  • Writes a file.restore entry to the audit log.

Audit log entry model

FieldTypeNotes
idUUIDPrimary key
user_idUUID | nullFK → users.id; null if the actor’s account was deleted
actiontextAction name (see table below)
resource_typetext | nullfile, folder, or share
resource_idUUID | nullUUID of the affected resource
metaJSONB | nullOptional structured metadata for the action
created_attimestamptzWhen the action was recorded

Action reference

ActionResource TypeDescription
auth.loginUser successfully authenticated
file.uploadfileFile upload confirmed and status set to active
file.deletefileFile soft-deleted (moved to trash)
file.hard_deletefileFile permanently deleted by an admin
file.renamefileFile renamed
file.movefileFile moved to a different folder
file.restorefileFile restored from trash by an admin
folder.createfolderNew folder created
folder.deletefolderFolder deleted
folder.renamefolderFolder renamed
folder.zip_downloadfolderFolder downloaded as a ZIP archive
share.revokeshareShare link revoked
profile.name_updatedUser updated their display name
profile.password_updatedUser changed their password
Use the action query parameter on GET /admin/audit to quickly drill into any single action type, for example ?action=file.hard_delete or ?action=auth.login.

Build docs developers (and LLMs) love