restrict activity logging to admin and staff only

backend/src/main/java/com/petshop/backend/config/ActivityLoggingFilter.java

@@ -1,5 +1,6 @@
 package com.petshop.backend.config;
 
+import com.petshop.backend.entity.User;
 import com.petshop.backend.security.AppPrincipal;
 import com.petshop.backend.service.ActivityLogService;
 import jakarta.servlet.FilterChain;
@@ -57,15 +58,18 @@ import java.io.IOException;
         }
 
         Long userId = null;
+        User.Role role = null;
         Object principal = authentication.getPrincipal();
         if (principal instanceof AppPrincipal appPrincipal) {
             userId = appPrincipal.getUserId();
+            role = appPrincipal.getRole();
         } else if (authentication instanceof UsernamePasswordAuthenticationToken token
                 && token.getPrincipal() instanceof AppPrincipal appPrincipal) {
             userId = appPrincipal.getUserId();
+            role = appPrincipal.getRole();
         }
 
-        if (userId == null) {
+        if (userId == null || role == null || role == User.Role.CUSTOMER) {
             return;
         }
 

backend/src/main/java/com/petshop/backend/controller/AuthController.java

@@ -101,7 +101,6 @@ public class AuthController {
         User savedUser = userRepository.save(user);
 
         String token = jwtUtil.generateToken(savedUser);
-        activityLogService.record(savedUser.getId(), "POST /api/v1/auth/register -> 201");
 
         return ResponseEntity.status(HttpStatus.CREATED).body(new RegisterResponse(
                 savedUser.getId(),
@@ -124,7 +123,9 @@ public class AuthController {
                     .orElseThrow(() -> new UsernameNotFoundException("User not found"));
 
             String token = jwtUtil.generateToken(user);
-            activityLogService.record(user.getId(), "POST /api/v1/auth/login -> 200");
+            if (user.getRole() != User.Role.CUSTOMER) {
+                activityLogService.record(user.getId(), "POST /api/v1/auth/login -> 200");
+            }
 
             return ResponseEntity.ok(new LoginResponse(
                     token,