fix: align workflow audit metadata helpers

Use the shared audit actor helper consistently so workflow deletion matches deploy behavior and remove the redundant deploy wrapper raised in review.

Author: PlaneInABottle

apps/sim/app/api/workflows/[id]/deploy/route.ts

@@ -62,10 +62,6 @@ async function validateLifecycleAdminAccess(
   }
 }
 
-function getLifecycleAuditActor(auth: AuthResult | null | undefined) {
-  return getAuditActorMetadata(auth)
-}
-
 export async function GET(request: NextRequest, { params }: { params: Promise<{ id: string }> }) {
   const requestId = generateRequestId()
   const { id } = await params
@@ -307,7 +303,7 @@ export async function POST(request: NextRequest, { params }: { params: Promise<{
     // Sync MCP tools with the latest parameter schema
     await syncMcpToolsForWorkflow({ workflowId: id, requestId, context: 'deploy' })
 
-    const { actorName, actorEmail } = getLifecycleAuditActor(auth)
+    const { actorName, actorEmail } = getAuditActorMetadata(auth)
 
     recordAudit({
       workspaceId: workflowData?.workspaceId || null,
@@ -432,7 +428,7 @@ export async function DELETE(
       // Silently fail
     }
 
-    const { actorName, actorEmail } = getLifecycleAuditActor(auth)
+    const { actorName, actorEmail } = getAuditActorMetadata(auth)
 
     recordAudit({
       workspaceId: workflowData?.workspaceId || null,

apps/sim/app/api/workflows/[id]/route.test.ts

@@ -385,7 +385,13 @@ describe('Workflow By ID API Route', () => {
 
       mockValidateWorkflowAccess.mockResolvedValue({
         workflow: mockWorkflow,
-        auth: { success: true, userId: 'api-user-1', authType: 'api_key' },
+        auth: {
+          success: true,
+          userId: 'api-user-1',
+          authType: 'api_key',
+          userName: 'API Key Actor',
+          userEmail: null,
+        },
       })
       mockGetWorkflowById.mockResolvedValue(mockWorkflow)
       mockAuthorizeWorkflowByWorkspacePermission.mockResolvedValue({
@@ -414,6 +420,13 @@ describe('Workflow By ID API Route', () => {
 
       expect(response.status).toBe(200)
       expect(mockAuthorizeWorkflowByWorkspacePermission).not.toHaveBeenCalled()
+      expect(auditMock.recordAudit).toHaveBeenCalledWith(
+        expect.objectContaining({
+          actorId: 'api-user-1',
+          actorName: undefined,
+          actorEmail: undefined,
+        })
+      )
     })
 
     it('should prevent deletion of the last workflow in workspace', async () => {

apps/sim/app/api/workflows/[id]/route.ts

@@ -4,6 +4,7 @@ import { createLogger } from '@sim/logger'
 import { and, eq, isNull, ne } from 'drizzle-orm'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
+import { getAuditActorMetadata } from '@/lib/audit/actor-metadata'
 import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { AuthType, checkHybridAuth, checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
 import { generateRequestId } from '@/lib/core/utils/request'
@@ -253,11 +254,13 @@ export async function DELETE(
     const elapsed = Date.now() - startTime
     logger.info(`[${requestId}] Successfully archived workflow ${workflowId} in ${elapsed}ms`)
 
+    const { actorName, actorEmail } = getAuditActorMetadata(auth)
+
     recordAudit({
       workspaceId: workflowData.workspaceId || null,
       actorId: userId,
-      actorName: auth.userName,
-      actorEmail: auth.userEmail,
+      actorName,
+      actorEmail,
       action: AuditAction.WORKFLOW_DELETED,
       resourceType: AuditResourceType.WORKFLOW,
       resourceId: workflowId,