fix: audit api corrections

Signed-off-by: Pranav C <pranavxc@gmail.com>

packages/nocodb-nest/src/middlewares/extract-project-id/extract-project-id.middleware.ts

@@ -221,7 +221,7 @@ export class AclMiddleware implements NestInterceptor {
     const res = context.switchToHttp().getResponse();
     req.customProperty = 'This is a custom property';
 
-    const roles: Record<string, boolean> = extractRolesObj(req.user.roles);
+    const roles: Record<string, boolean> = extractRolesObj(req.user?.roles);
 
     if (req?.user?.is_api_token && blockApiTokenAccess) {
       NcError.forbidden('Not allowed with API token');

packages/nocodb-nest/src/modules/audits/audits.controller.ts

@@ -7,13 +7,19 @@ import {
   Post,
   Query,
   Request,
+  UseGuards,
 } from '@nestjs/common';
 import { PagedResponseImpl } from '../../helpers/PagedResponse';
-import { Acl } from '../../middlewares/extract-project-id/extract-project-id.middleware';
+import {
+  Acl,
+  ExtractProjectIdMiddleware,
+} from '../../middlewares/extract-project-id/extract-project-id.middleware';
 import { Audit } from '../../models';
 import { AuditsService } from './audits.service';
+import { AuthGuard } from '@nestjs/passport';
 
 @Controller()
+@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt'))
 export class AuditsController {
   constructor(private readonly auditsService: AuditsService) {}