[routes-b] GET /api/routes-b/invoices/[id]/activity — audit events for an invoice

[davedumto]

Overview

Implement a `GET` handler that returns all audit events related to a specific invoice.

⚠️ Scope: Write your code only inside `app/api/routes-b/invoices/[id]/activity/route.ts`. Do not touch any file outside this folder.

---

Create the route file

File: `app/api/routes-b/invoices/[id]/activity/route.ts`

The `AuditEvent` model already exists in `prisma/schema.prisma`.

Handler logic

1. Verify auth
2. Find invoice by `params.id` — verify `invoice.userId === user.id`
3. Fetch `AuditEvent` records where `resourceType === 'invoice'` AND `resourceId === params.id`
4. Order by `createdAt asc` (chronological)

Expected response

```json
{
"activity": [
{
"id": "uuid",
"action": "invoice_created",
"ipAddress": "192.168.1.1",
"createdAt": "2025-01-01T00:00:00.000Z"
},
{
"id": "uuid",
"action": "invoice_viewed",
"ipAddress": "41.58.0.1",
"createdAt": "2025-01-02T09:00:00.000Z"
}
]
}
```

---

Acceptance criteria

• Returns `200` with chronologically ordered activity array
• Returns empty array (not `404`) when no audit events exist for the invoice
• Returns `403` if invoice belongs to a different user
• Returns `404` if invoice does not exist
• Returns `401` for unauthenticated requests

[Agbeleshe]

@Agbeleshe has applied to work on this issue as part of the Stellar Wave Program's 3rd wave.

Please can i be assigened i am a sinor developer with over 5 years of experince building full stack applictions . my ETA is 2- 12hrs

ℹ️ Repo Maintainers: To accept this application, review their application or assign @Agbeleshe to this issue.

[Mawuli-tech]

@Mawuli-tech has applied to work on this issue as part of the Stellar Wave Program's 3rd wave.

Can I work on this issue?

ℹ️ Repo Maintainers: To accept this application, review their application or assign @Mawuli-tech to this issue.

[drips-wave]

Congratulations, @Mawuli-tech! 🎉 Your application was accepted by the repo's maintainers, and the issue is due on March 30, 2026.

🧑‍💻 @Mawuli-tech: Please resolve the issue such that the repo's maintainers have enough time to review your contribution before the due date. You'll earn Points for completing the issue on-time, which will make you eligible for a share of the Stellar Wave Program's reward pool.

Warning

When opening a PR, please link it to this issue to ensure it gets tracked accurately. Points are awarded when this issue is marked as completed by the maintainer.

🤠 Repo maintainers: Please keep an eye on the contributor's progress and review their work before the due date. You can manage this issue, including adjusting its complexity and points, here.

🌊 Happy Wave 🌊