feat(MED-85): create audit logs for medusa admin actions

packages/supabase/src/database.types.ts

@@ -174,6 +174,28 @@ export type Database = {
         }
         Relationships: []
       }
+      medusa_action: {
+        Row: {
+          id: number
+          medusa_user_id: string
+          user_email: string
+          action: string
+          page: string
+          created_at: string
+        }
+        Insert: {
+          medusa_user_id: string
+          user_email: string
+          action: string
+          page: string
+        }
+        Update: {
+          medusa_user_id?: string
+          user_email?: string
+          action?: string
+          page?: string
+        }
+      }
     }
     Views: {
       [_ in never]: never

supabase/migrations/20250825081751_medusa_audit_logs.sql

@@ -0,0 +1,19 @@
+create table "audit"."medusa_action" (
+    "id" bigint generated by default as identity not null,
+    "medusa_user_id" text not null,
+    "user_email" text not null,
+    "action" text not null,
+    "page" text,
+    "created_at" timestamp with time zone not null default now()
+);
+
+grant usage on schema audit to authenticated;
+grant select, insert, update, delete on table audit.medusa_action to authenticated;
+
+alter table "audit"."medusa_action" enable row level security;
+
+create policy "service_role_select" on "audit"."medusa_action" for select to service_role using (true);
+create policy "service_role_insert" on "audit"."medusa_action" for insert to service_role with check (true);
+create policy "service_role_update" on "audit"."medusa_action" for update to service_role using (true);
+create policy "service_role_delete" on "audit"."medusa_action" for delete to service_role using (true);
+grant select, insert, update, delete on table audit.medusa_action to service_role;