compliance

package
v0.1.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 7, 2026 License: GPL-3.0 Imports: 5 Imported by: 0

Documentation

Overview

Package compliance defines the Compliance Framework Mapping domain types.

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrFrameworkNotFound       = fmt.Errorf("%w: framework not found", shared.ErrNotFound)
	ErrControlNotFound         = fmt.Errorf("%w: control not found", shared.ErrNotFound)
	ErrAssessmentNotFound      = fmt.Errorf("%w: assessment not found", shared.ErrNotFound)
	ErrMappingNotFound         = fmt.Errorf("%w: mapping not found", shared.ErrNotFound)
	ErrSystemFrameworkReadOnly = fmt.Errorf("%w: system frameworks cannot be modified", shared.ErrForbidden)
	ErrMappingAlreadyExists    = fmt.Errorf("%w: finding is already mapped to this control", shared.ErrConflict)
)

Functions

This section is empty.

Types

type Assessment 

type Assessment struct {
	// contains filtered or unexported fields
}

Assessment represents a tenant's assessment of a compliance control.

func ReconstituteAssessment 

func ReconstituteAssessment(
	id, tenantID, frameworkID, controlID shared.ID,
	status ControlStatus, priority Priority, owner, notes string,
	evidenceType EvidenceType, evidenceIDs []string, evidenceCount, findingCount int,
	assessedBy *shared.ID, assessedAt, dueDate *time.Time,
	createdAt, updatedAt time.Time,
) *Assessment

ReconstituteAssessment creates an Assessment from persisted data.

func (*Assessment) AssessedAt 

func (a *Assessment) AssessedAt() *time.Time

func (*Assessment) AssessedBy 

func (a *Assessment) AssessedBy() *shared.ID

func (*Assessment) ControlID 

func (a *Assessment) ControlID() shared.ID

func (*Assessment) CreatedAt 

func (a *Assessment) CreatedAt() time.Time

func (*Assessment) DueDate 

func (a *Assessment) DueDate() *time.Time

func (*Assessment) EvidenceCount 

func (a *Assessment) EvidenceCount() int

func (*Assessment) EvidenceIDs 

func (a *Assessment) EvidenceIDs() []string

func (*Assessment) EvidenceType 

func (a *Assessment) EvidenceType() EvidenceType

func (*Assessment) FindingCount 

func (a *Assessment) FindingCount() int

func (*Assessment) FrameworkID 

func (a *Assessment) FrameworkID() shared.ID

func (*Assessment) ID 

func (a *Assessment) ID() shared.ID

Getters

func (*Assessment) Notes 

func (a *Assessment) Notes() string

func (*Assessment) Owner 

func (a *Assessment) Owner() string

func (*Assessment) Priority 

func (a *Assessment) Priority() Priority

func (*Assessment) SetDueDate 

func (a *Assessment) SetDueDate(dueDate *time.Time)

SetDueDate sets assessment due date.

func (*Assessment) SetOwner 

func (a *Assessment) SetOwner(owner string)

SetOwner sets assessment owner.

func (*Assessment) SetPriority 

func (a *Assessment) SetPriority(priority Priority)

SetPriority sets assessment priority.

func (*Assessment) Status 

func (a *Assessment) Status() ControlStatus

func (*Assessment) TenantID 

func (a *Assessment) TenantID() shared.ID

func (*Assessment) UpdateStatus 

func (a *Assessment) UpdateStatus(status ControlStatus, notes string, assessedBy shared.ID)

UpdateStatus updates the assessment status.

func (*Assessment) UpdatedAt 

func (a *Assessment) UpdatedAt() time.Time

type AssessmentFilter 

type AssessmentFilter struct {
	TenantID    *shared.ID
	FrameworkID *shared.ID
	Status      *ControlStatus
	Priority    *Priority
}

AssessmentFilter defines criteria for filtering assessments.

type AssessmentRepository 

type AssessmentRepository interface {
	GetByTenantAndControl(ctx context.Context, tenantID, controlID shared.ID) (*Assessment, error)
	Upsert(ctx context.Context, assessment *Assessment) error
	ListByFramework(ctx context.Context, tenantID, frameworkID shared.ID, page pagination.Pagination) (pagination.Result[*Assessment], error)
	GetStatsByFramework(ctx context.Context, tenantID, frameworkID shared.ID) (*FrameworkStats, error)
	GetOverdueCount(ctx context.Context, tenantID shared.ID) (int64, error)
}

AssessmentRepository defines the interface for assessment persistence.

type Control 

type Control struct {
	// contains filtered or unexported fields
}

Control represents an individual requirement within a compliance framework.

func ReconstituteControl 

func ReconstituteControl(
	id, frameworkID shared.ID, controlID, title, description, category string,
	parentControlID *shared.ID, sortOrder int, metadata map[string]any, createdAt time.Time,
) *Control

ReconstituteControl creates a Control from persisted data.

func (*Control) Category 

func (c *Control) Category() string

func (*Control) ControlID 

func (c *Control) ControlID() string

func (*Control) CreatedAt 

func (c *Control) CreatedAt() time.Time

func (*Control) Description 

func (c *Control) Description() string

func (*Control) FrameworkID 

func (c *Control) FrameworkID() shared.ID

func (*Control) ID 

func (c *Control) ID() shared.ID

Getters

func (*Control) Metadata 

func (c *Control) Metadata() map[string]any

func (*Control) ParentControlID 

func (c *Control) ParentControlID() *shared.ID

func (*Control) SortOrder 

func (c *Control) SortOrder() int

func (*Control) Title 

func (c *Control) Title() string

type ControlFilter 

type ControlFilter struct {
	FrameworkID *shared.ID
	Category    *string
	ParentOnly  bool // Only top-level controls (parent_control_id IS NULL)
}

ControlFilter defines criteria for filtering controls.

type ControlRepository 

type ControlRepository interface {
	Create(ctx context.Context, control *Control) error
	GetByID(ctx context.Context, id shared.ID) (*Control, error)
	ListByFramework(ctx context.Context, frameworkID shared.ID, page pagination.Pagination) (pagination.Result[*Control], error)
	CountByFramework(ctx context.Context, frameworkID shared.ID) (int64, error)
}

ControlRepository defines the interface for control persistence.

type ControlStatus 

type ControlStatus string

ControlStatus represents the assessment status of a control. 

const (
	ControlStatusNotAssessed    ControlStatus = "not_assessed"
	ControlStatusImplemented    ControlStatus = "implemented"
	ControlStatusPartial        ControlStatus = "partial"
	ControlStatusNotImplemented ControlStatus = "not_implemented"
	ControlStatusNotApplicable  ControlStatus = "not_applicable"
)

func ParseControlStatus 

func ParseControlStatus(s string) (ControlStatus, error)

ParseControlStatus parses a string to ControlStatus.

type EvidenceType 

type EvidenceType string

EvidenceType represents the type of evidence for an assessment. 

const (
	EvidenceFinding       EvidenceType = "finding"
	EvidenceDocument      EvidenceType = "document"
	EvidenceConfiguration EvidenceType = "configuration"
	EvidenceAttestation   EvidenceType = "attestation"
)

type FindingControlMapping 

type FindingControlMapping struct {
	// contains filtered or unexported fields
}

FindingControlMapping represents a link between a finding and a compliance control.

func NewFindingControlMapping 

func NewFindingControlMapping(tenantID, findingID, controlID shared.ID, impact ImpactType) *FindingControlMapping

NewFindingControlMapping creates a new mapping.

func ReconstituteFindingControlMapping 

func ReconstituteFindingControlMapping(
	id, tenantID, findingID, controlID shared.ID,
	impact ImpactType, notes string, createdAt time.Time, createdBy *shared.ID,
) *FindingControlMapping

ReconstituteFindingControlMapping creates a mapping from persisted data.

func (*FindingControlMapping) ControlID 

func (m *FindingControlMapping) ControlID() shared.ID

func (*FindingControlMapping) CreatedAt 

func (m *FindingControlMapping) CreatedAt() time.Time

func (*FindingControlMapping) CreatedBy 

func (m *FindingControlMapping) CreatedBy() *shared.ID

func (*FindingControlMapping) FindingID 

func (m *FindingControlMapping) FindingID() shared.ID

func (*FindingControlMapping) ID 

func (m *FindingControlMapping) ID() shared.ID

Getters

func (*FindingControlMapping) Impact 

func (m *FindingControlMapping) Impact() ImpactType

func (*FindingControlMapping) Notes 

func (m *FindingControlMapping) Notes() string

func (*FindingControlMapping) TenantID 

func (m *FindingControlMapping) TenantID() shared.ID

type Framework 

type Framework struct {
	// contains filtered or unexported fields
}

Framework represents a compliance framework (e.g., SOC2, ISO27001).

func NewFramework 

func NewFramework(tenantID shared.ID, name, slug, version, description string, category FrameworkCategory) (*Framework, error)

NewFramework creates a new custom framework.

func ReconstituteFramework 

func ReconstituteFramework(
	id shared.ID, tenantID *shared.ID,
	name, slug, version, description string, category FrameworkCategory,
	totalControls int, isSystem, isActive bool, metadata map[string]any,
	createdAt, updatedAt time.Time,
) *Framework

ReconstituteFramework creates a Framework from persisted data.

func (*Framework) Category 

func (f *Framework) Category() FrameworkCategory

func (*Framework) CreatedAt 

func (f *Framework) CreatedAt() time.Time

func (*Framework) Description 

func (f *Framework) Description() string

func (*Framework) ID 

func (f *Framework) ID() shared.ID

Getters

func (*Framework) IsActive 

func (f *Framework) IsActive() bool

func (*Framework) IsSystem 

func (f *Framework) IsSystem() bool

func (*Framework) Metadata 

func (f *Framework) Metadata() map[string]any

func (*Framework) Name 

func (f *Framework) Name() string

func (*Framework) Slug 

func (f *Framework) Slug() string

func (*Framework) TenantID 

func (f *Framework) TenantID() *shared.ID

func (*Framework) TotalControls 

func (f *Framework) TotalControls() int

func (*Framework) UpdatedAt 

func (f *Framework) UpdatedAt() time.Time

func (*Framework) Version 

func (f *Framework) Version() string

type FrameworkCategory 

type FrameworkCategory string

FrameworkCategory represents the category of a compliance framework. 

const (
	FrameworkCategoryRegulatory   FrameworkCategory = "regulatory"
	FrameworkCategoryIndustry     FrameworkCategory = "industry"
	FrameworkCategoryInternal     FrameworkCategory = "internal"
	FrameworkCategoryBestPractice FrameworkCategory = "best_practice"
)

type FrameworkFilter 

type FrameworkFilter struct {
	TenantID *shared.ID
	Category *FrameworkCategory
	IsSystem *bool
	IsActive *bool
	Search   *string
}

FrameworkFilter defines criteria for filtering frameworks.

type FrameworkRepository 

type FrameworkRepository interface {
	Create(ctx context.Context, framework *Framework) error
	GetByID(ctx context.Context, tenantID, id shared.ID) (*Framework, error)
	GetBySlug(ctx context.Context, slug string) (*Framework, error)
	Update(ctx context.Context, tenantID shared.ID, framework *Framework) error
	Delete(ctx context.Context, tenantID, id shared.ID) error
	List(ctx context.Context, filter FrameworkFilter, page pagination.Pagination) (pagination.Result[*Framework], error)
}

FrameworkRepository defines the interface for framework persistence.

type FrameworkStats 

type FrameworkStats struct {
	TotalControls  int64
	Implemented    int64
	Partial        int64
	NotImplemented int64
	NotApplicable  int64
	NotAssessed    int64
}

FrameworkStats holds aggregated compliance statistics for a framework.

func (*FrameworkStats) ComplianceScore 

func (s *FrameworkStats) ComplianceScore() float64

ComplianceScore calculates the compliance percentage.

type ImpactType 

type ImpactType string

ImpactType represents the impact type of a finding-to-control mapping. 

const (
	ImpactDirect        ImpactType = "direct"
	ImpactIndirect      ImpactType = "indirect"
	ImpactInformational ImpactType = "informational"
)

type MappingRepository 

type MappingRepository interface {
	Create(ctx context.Context, mapping *FindingControlMapping) error
	Delete(ctx context.Context, tenantID, id shared.ID) error
	ListByFinding(ctx context.Context, tenantID, findingID shared.ID) ([]*FindingControlMapping, error)
	ListByControl(ctx context.Context, tenantID, controlID shared.ID) ([]*FindingControlMapping, error)
}

MappingRepository defines the interface for finding-to-control mapping persistence.

type Priority 

type Priority string

Priority represents the priority of a control assessment. 

const (
	PriorityCritical Priority = "critical"
	PriorityHigh     Priority = "high"
	PriorityMedium   Priority = "medium"
	PriorityLow      Priority = "low"
)

func ParsePriority 

func ParsePriority(s string) (Priority, error)

ParsePriority parses a string to Priority.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.