Logbook
Browse sites + events. Send activity/incident reports for a time window.
Site
Emails
master_databaseActivity emails
—
Incident emails
—
Site timezone
—
Site / account access (future)
This page is Cognito-protected. Down the road: filter sites by the user’s allowed site list (from master_database or a user↔site mapping table).
Admin: Send reports
logbook_events + weekly summariesSends reports for the selected site in the site’s local time window. The backend converts to UTC. Manual sends always stamp as sent.
Result
—
Reports / Events
| Start of Event Time | Log Created On | Event Type | Activity Type | Status | Weekly Report Sent | Manual Sent | Report Text |
|---|---|---|---|---|---|---|---|
| Select a site, then click “Refresh Events”. | |||||||
—
Backend routes this page expects
This HTML is wired to your existing Cognito login + Authorization: Bearer <id_token> patch.
Any API route that lives under a base in BANDIT_AUTH.apiBases will automatically receive the header.
Recommended (piggyback) API routes
Add these routes to the same API Gateway that already uses your Cognito authorizer (the one serving /GetProvisioningData / /events).
- GET /logbook/sites → list of sites from master_database.
- GET /logbook/site?site_id=… → one site record (emails, config, etc.).
- GET /logbook/events?site_id=…&start=…&end=…&type=activity|incident|&include_sent=unsent|sent|all → events from logbook_events.
- POST /logbook/send body:
{ "site_id": "Bayfair Center", "window_utc": { "start": "2025-12-19T22:09:00Z", "end": "2025-12-29T22:09:00Z" }, "report_type": "activity|incident|both", "include_sent": "unsent|sent|all", "mode": "manual", "dry_run": false }
Customer access (next step)
Return allowed_site_ids for the signed-in user and filter /logbook/sites on the backend.
(Client-side filtering is not security.)