Documentation
¶
Index ¶
Constants ¶
const ( StatusSuccess = "SUCCESS" StatusFailure = "FAILURE" )
Audit log status constants (not configurable via YAML as they are core to the system)
Variables ¶
This section is empty.
Functions ¶
func GetEnumConfig ¶
func GetEnumConfig() *config.AuditEnums
GetEnumConfig returns the current enum configuration
func SetEnumConfig ¶
func SetEnumConfig(enums *config.AuditEnums)
SetEnumConfig sets the enum configuration (called at service startup) Accepts config.AuditEnums to use its efficient O(1) validation methods
Types ¶
type AuditLog ¶
type AuditLog struct {
// Primary Key
ID uuid.UUID `gorm:"primaryKey" json:"id"`
// Temporal
Timestamp time.Time `gorm:"not null;index:idx_audit_logs_timestamp" json:"timestamp"`
// Trace & Correlation
// Global trace ID for distributed requests. Provided by the client. Nullable for standalone events.
TraceID *uuid.UUID `gorm:"index:idx_audit_logs_trace_id" json:"traceId,omitempty"`
// Event Classification
Status string `gorm:"type:varchar(20);not null;index:idx_audit_logs_status" json:"status"`
EventType *string `gorm:"type:varchar(50)" json:"eventType,omitempty"` // e.g., MANAGEMENT_EVENT, USER_MANAGEMENT (user-defined custom names)
EventAction *string `gorm:"type:varchar(50)" json:"eventAction,omitempty"` // e.g., CREATE, READ, UPDATE, DELETE
// Actor Information (unified approach)
ActorType string `gorm:"type:varchar(50);not null" json:"actorType"`
ActorID string `gorm:"type:varchar(255);not null" json:"actorId"` // email, uuid, or service-name
// Target Information (unified approach)
TargetType string `gorm:"type:varchar(50);not null" json:"targetType"`
TargetID *string `gorm:"type:varchar(255)" json:"targetId,omitempty"` // resource_id or service_name
// Metadata (Payload without PII/sensitive data)
// Using JSONBRawMessage to properly handle PostgreSQL JSONB and SQLite TEXT
RequestMetadata JSONBRawMessage `gorm:"type:jsonb" json:"requestMetadata,omitempty"` // Request payload without PII/sensitive data
ResponseMetadata JSONBRawMessage `gorm:"type:jsonb" json:"responseMetadata,omitempty"` // Response or Error details
AdditionalMetadata JSONBRawMessage `gorm:"type:jsonb" json:"additionalMetadata,omitempty"` // Additional context-specific data
// BaseModel provides CreatedAt
BaseModel
}
AuditLog represents a generalized audit log entry matching the SQL schema This model is designed to be reusable across different projects and microservices
func (*AuditLog) BeforeCreate ¶
BeforeCreate hook to set default values
type AuditLogResponse ¶
type AuditLogResponse struct {
ID uuid.UUID `json:"id"`
Timestamp time.Time `json:"timestamp"`
TraceID *uuid.UUID `json:"traceId,omitempty"`
EventType *string `json:"eventType,omitempty"`
EventAction *string `json:"eventAction,omitempty"`
Status string `json:"status"`
ActorType string `json:"actorType"`
ActorID string `json:"actorId"`
TargetType string `json:"targetType"`
TargetID *string `json:"targetId,omitempty"`
RequestMetadata json.RawMessage `json:"requestMetadata,omitempty"`
ResponseMetadata json.RawMessage `json:"responseMetadata,omitempty"`
AdditionalMetadata json.RawMessage `json:"additionalMetadata,omitempty"`
CreatedAt time.Time `json:"createdAt"`
}
AuditLogResponse represents the response payload for an audit log entry
func ToAuditLogResponse ¶
func ToAuditLogResponse(log AuditLog) AuditLogResponse
ToAuditLogResponse converts an AuditLog model to an AuditLogResponse This encapsulates the mapping logic to keep handlers clean and reduce maintenance risk Converts JSONBRawMessage (database type) to json.RawMessage (API type) for proper separation of concerns
type BaseModel ¶
type BaseModel struct {
CreatedAt time.Time `gorm:"column:created_at;default:CURRENT_TIMESTAMP" json:"createdAt"`
}
BaseModel contains common fields for all models Note: UpdatedAt is intentionally omitted as audit logs are immutable (created only, never updated)
type CreateAuditLogRequest ¶
type CreateAuditLogRequest struct {
// Trace & Correlation
TraceID *string `json:"traceId,omitempty"` // UUID string, nullable for standalone events
// Temporal
Timestamp string `json:"timestamp" validate:"required"` // ISO 8601 format, required
// Event Classification
EventType *string `json:"eventType,omitempty"` // MANAGEMENT_EVENT, USER_MANAGEMENT (user-defined custom names)
EventAction *string `json:"eventAction,omitempty"` // CREATE, READ, UPDATE, DELETE
Status string `json:"status" validate:"required"` // SUCCESS, FAILURE
// Actor Information (unified approach)
ActorType string `json:"actorType" validate:"required"` // SERVICE, ADMIN, MEMBER, SYSTEM
ActorID string `json:"actorId" validate:"required"` // email, uuid, or service-name (required)
// Target Information (unified approach)
TargetType string `json:"targetType" validate:"required"` // SERVICE, RESOURCE
TargetID *string `json:"targetId,omitempty"` // resource_id or service_name
// Metadata (Payload without PII/sensitive data)
// Using JSONBRawMessage instead of json.RawMessage to avoid type conversion
// JSONBRawMessage implements json.Unmarshaler, so it works seamlessly with JSON decoding
RequestMetadata JSONBRawMessage `json:"requestMetadata,omitempty"` // Request payload without PII/sensitive data
ResponseMetadata JSONBRawMessage `json:"responseMetadata,omitempty"` // Response or Error details
AdditionalMetadata JSONBRawMessage `json:"additionalMetadata,omitempty"` // Additional context-specific data
}
CreateAuditLogRequest represents the request payload for creating a generalized audit log This matches the final SQL schema with unified actor/target approach
type ErrorResponse ¶
type ErrorResponse struct {
Error string `json:"error"`
Code string `json:"code,omitempty"`
Details any `json:"details,omitempty"`
}
ErrorResponse represents a structured error response
type GetAuditLogsResponse ¶
type GetAuditLogsResponse struct {
Logs []AuditLogResponse `json:"logs"`
Total int64 `json:"total"`
Limit int `json:"limit"`
Offset int `json:"offset"`
}
GetAuditLogsResponse represents the response for querying audit logs
type JSONBRawMessage ¶ added in v1.0.0
type JSONBRawMessage json.RawMessage
JSONBRawMessage is a custom type that properly handles JSONB scanning from PostgreSQL It implements sql.Scanner and driver.Valuer interfaces to handle both PostgreSQL JSONB (which can return as string or []byte) and SQLite TEXT (which returns as []byte) This type wraps json.RawMessage to provide database scanning capabilities while maintaining the same JSON marshaling behavior as json.RawMessage.
func (JSONBRawMessage) GormDataType ¶ added in v1.0.0
func (JSONBRawMessage) GormDataType() string
GormDataType returns the GORM data type for JSONBRawMessage This helps GORM understand the database column type
func (JSONBRawMessage) MarshalJSON ¶ added in v1.0.0
func (j JSONBRawMessage) MarshalJSON() ([]byte, error)
MarshalJSON implements json.Marshaler for JSONBRawMessage Delegates to the underlying json.RawMessage behavior
func (*JSONBRawMessage) Scan ¶ added in v1.0.0
func (j *JSONBRawMessage) Scan(value interface{}) error
Scan implements the sql.Scanner interface for JSONBRawMessage Handles both PostgreSQL JSONB (string or []byte) and SQLite TEXT ([]byte)
func (*JSONBRawMessage) UnmarshalJSON ¶ added in v1.0.0
func (j *JSONBRawMessage) UnmarshalJSON(data []byte) error
UnmarshalJSON implements json.Unmarshaler for JSONBRawMessage Delegates to the underlying json.RawMessage behavior
Source Files