Skip to main content

Auditor Export Request UI

OP-066m wires the Compliance Evidence console to the existing OP-037R auditor export runtime.

Implemented:

  • Auditor export request form for CSV/PDF export packages.
  • Same-origin request handler for POST /api/v1/compliance/exports.
  • Export history/status display with scope, format, redaction policy, requested time, completed time, CSV hash, PDF hash, and visible PDF watermark text.
  • Same-origin artifact download routes for CSV and PDF export artifacts.
  • Role-aware rendering: auditors, tenant admins, and system admins can request exports; operators can inspect export status but do not see request controls.
  • Frontend tests for request submission, download links, and operator control hiding.

Security and compliance boundaries:

  • Export generation, redaction, SHA-256 hashes, watermarking, and read audit remain enforced by the backend OP-037R export service.
  • The UI does not expose raw evidence/log export controls.
  • Artifact downloads use backend authorization through the same auditor export API path.

Out of scope:

  • S3/KMS object storage integration.
  • Background export workers or signed URL generation.
  • Backend export runtime rewrites.
  • Deployment, Helm, Terraform, AWS, or CI changes.

Validation:

  • npm --prefix frontend run typecheck
  • npm --prefix frontend test -- --run
  • make docs-build