Change Tracking and Risk
Timesheet edits, redline audit, and risk assessment connections.
Change Tracking and Risk
The platform treats submitted timesheets as controlled records. Edits after submission are narrow, role-dependent, and logged.
Edit policy
TimesheetEditPolicy decides whether a user can edit a set of field paths. It resolves the actor as one of:
employeesupervisorclient_adminpayrollother
The policy is intentionally conservative:
- Employee owner can edit only draft or rejected timesheets.
- Supervisor can edit job codes, cost codes, status, signature, and location fields only before sign-off.
- Supervisor status changes are restricted to accepted or rejected and only from submitted or accepted timesheets.
- Client Admin can edit job/cost codes before approval.
- Payroll is denied direct timesheet edits through this policy.
- Platform admin bypasses the policy.
Change logs
TimesheetChangeLogger receives before/after snapshots and creates one TimesheetChangeLog per changed field path. Each row stores:
- change set UUID
- field name
- field path
- field label
- old value
- new value
- changed-by user
- changed-by role
This supports redline UI and change-history views.
Risk scoring
Risk services live under app/src/Service/Timesheet:
TimesheetRiskAssessmentManagerTimesheetRiskScorerTimesheetRiskScoreResult
The scorer can inspect calculated allowance lines and flag unsupported manual selections or unusually high calculated allowance totals. Risk output is attached to the timesheet through TimesheetRiskAssessment.