feat: system tools and admin enhancements

app/Http/Controllers/AuditLogController.php

@@ -0,0 +1,55 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Models\AuditLog;
+use Illuminate\Http\JsonResponse;
+use Illuminate\Http\Request;
+
+class AuditLogController extends Controller
+{
+    public function index(Request $request): JsonResponse
+    {
+        $user = $request->user();
+        if (!$user) {
+            return response()->json(['message' => 'Unauthorized.'], 401);
+        }
+
+        $isAdmin = $user->roles()->where('name', 'ROLE_ADMIN')->exists();
+        if (!$isAdmin) {
+            return response()->json(['message' => 'Not authorized.'], 403);
+        }
+
+        $limit = (int) $request->query('limit', 200);
+        $limit = max(1, min(500, $limit));
+
+        $logs = AuditLog::query()
+            ->with(['user.roles'])
+            ->latest('created_at')
+            ->limit($limit)
+            ->get()
+            ->map(fn (AuditLog $log) => $this->serializeLog($log));
+
+        return response()->json($logs);
+    }
+
+    private function serializeLog(AuditLog $log): array
+    {
+        return [
+            'id' => $log->id,
+            'action' => $log->action,
+            'subject_type' => $log->subject_type,
+            'subject_id' => $log->subject_id,
+            'metadata' => $log->metadata,
+            'ip_address' => $log->ip_address,
+            'user_agent' => $log->user_agent,
+            'created_at' => $log->created_at?->toIso8601String(),
+            'user' => $log->user ? [
+                'id' => $log->user->id,
+                'name' => $log->user->name,
+                'email' => $log->user->email,
+                'roles' => $log->user->roles?->pluck('name')->values(),
+            ] : null,
+        ];
+    }
+}