integration

package
v0.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 23, 2026 License: GPL-3.0 Imports: 28 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AttachmentService 

type AttachmentService struct {
	// contains filtered or unexported fields
}

AttachmentService handles file upload/download/delete operations. It coordinates between the metadata repository (Postgres) and the file storage provider (local/S3/MinIO — selected per-tenant or globally).

func NewAttachmentService 

func NewAttachmentService(
	repo attachmentdom.Repository,
	storage attachmentdom.FileStorage,
	log *logger.Logger,
) *AttachmentService

NewAttachmentService creates a new service. The storage parameter is the DEFAULT provider used when tenants don't have a custom storage config.

func (*AttachmentService) Delete 

func (s *AttachmentService) Delete(ctx context.Context, tenantID, attachmentID string) error

Delete removes both the file and its metadata record.

func (*AttachmentService) Download 

func (s *AttachmentService) Download(ctx context.Context, tenantID, attachmentID string) (io.ReadCloser, string, string, error)

Download retrieves file content by attachment ID. Returns the reader (caller must close), content type, and filename.

func (*AttachmentService) GetByID 

func (s *AttachmentService) GetByID(ctx context.Context, tenantID, attachmentID string) (*attachmentdom.Attachment, error)

GetByID retrieves attachment metadata (for URL generation, etc).

func (*AttachmentService) LinkToContext 

func (s *AttachmentService) LinkToContext(ctx context.Context, tenantID, uploaderID string, attachmentIDs []string, contextType, contextID string) (int64, error)

LinkToContext links orphan attachments (uploaded with empty context_id) to a finding. Security: only the uploader can link their own attachments.

func (*AttachmentService) ListByContext 

func (s *AttachmentService) ListByContext(ctx context.Context, tenantID shared.ID, contextType, contextID string) ([]*attachmentdom.Attachment, error)

ListByContext returns all attachments linked to a specific context.

func (*AttachmentService) SetTenantStorageResolver 

func (s *AttachmentService) SetTenantStorageResolver(resolver TenantStorageResolver, factory StorageFactory)

SetTenantStorageResolver enables per-tenant storage configuration. When set, each upload/download first checks tenant config before falling back to default.

func (*AttachmentService) Upload 

func (s *AttachmentService) Upload(ctx context.Context, input UploadInput) (*attachmentdom.Attachment, error)

Upload validates, stores the file, and creates a metadata record. Returns the attachment with its download URL.

type BroadcastNotificationInput 

type BroadcastNotificationInput struct {
	TenantID  string
	EventType integrationdom.EventType // Type of event (findings, exposures, scans, alerts)
	Title     string
	Body      string
	Severity  string
	URL       string
	Fields    map[string]string
}

BroadcastNotificationInput represents the input for broadcasting a notification to all connected integrations.

type CreateCredentialInput 

type CreateCredentialInput struct {
	TenantID       shared.ID
	UserID         shared.ID
	Name           string
	CredentialType secretstore.CredentialType
	Description    string
	Data           any // One of the credential data types
	ExpiresAt      *time.Time
}

CreateCredentialInput contains input for creating a secretstore.

type CreateIntegrationInput 

type CreateIntegrationInput struct {
	TenantID    string
	Name        string
	Description string
	Category    string
	Provider    string
	AuthType    string
	BaseURL     string
	Credentials string // Access token, API key, etc.

	// SCM-specific fields
	SCMOrganization string
}

CreateIntegrationInput represents the input for creating an integration.

type CreateNotificationIntegrationInput 

type CreateNotificationIntegrationInput struct {
	TenantID    string
	Name        string
	Description string
	Provider    string
	AuthType    string
	Credentials string // Webhook URL, Bot Token, etc.

	// Notification-specific fields
	ChannelID          string
	ChannelName        string
	EnabledSeverities  []string // Severity levels to notify on (critical, high, medium, low, info, none)
	EnabledEventTypes  []string // Event types to receive notifications for (security_alert, new_finding, etc.)
	MessageTemplate    string
	IncludeDetails     bool
	MinIntervalMinutes int
}

CreateNotificationIntegrationInput represents the input for creating a notification integration.

type CreateWebhookInput 

type CreateWebhookInput struct {
	TenantID          string   `json:"tenant_id" validate:"required,uuid"`
	Name              string   `json:"name" validate:"required,min=1,max=255"`
	Description       string   `json:"description" validate:"max=1000"`
	URL               string   `json:"url" validate:"required,url,max=1000"`
	Secret            string   `json:"secret" validate:"max=500"`
	EventTypes        []string `json:"event_types" validate:"required,min=1,max=20"`
	SeverityThreshold string   `json:"severity_threshold" validate:"omitempty,oneof=critical high medium low info"`
	MaxRetries        int      `json:"max_retries" validate:"min=0,max=10"`
	RetryInterval     int      `json:"retry_interval_seconds" validate:"min=0,max=3600"`
	CreatedBy         string   `json:"created_by" validate:"omitempty,uuid"`
}

CreateWebhookInput represents input for creating a webhook.

type CredentialImportService 

type CredentialImportService struct {
	// contains filtered or unexported fields
}

CredentialImportService handles credential leak import operations.

func NewCredentialImportService 

func NewCredentialImportService(
	exposureRepo exposure.Repository,
	historyRepo exposure.StateHistoryRepository,
	log *logger.Logger,
) *CredentialImportService

NewCredentialImportService creates a new CredentialImportService.

func (*CredentialImportService) AcceptCredential 

func (s *CredentialImportService) AcceptCredential(ctx context.Context, tenantID, credentialID, userID, notes string) (*CredentialItem, error)

AcceptCredential marks a credential as accepted risk.

func (*CredentialImportService) GetByID 

func (s *CredentialImportService) GetByID(ctx context.Context, tenantID, id string) (*CredentialItem, error)

GetByID retrieves a credential leak by its ID.

func (*CredentialImportService) GetCredentialStats 

func (s *CredentialImportService) GetCredentialStats(ctx context.Context, tenantID string) (map[string]any, error)

GetCredentialStats returns statistics for credential leaks.

func (*CredentialImportService) GetExposuresForIdentity 

func (s *CredentialImportService) GetExposuresForIdentity(
	ctx context.Context,
	tenantID string,
	identity string,
	page, pageSize int,
) (*CredentialListResult, error)

GetExposuresForIdentity gets all credential exposures for a specific identity (lazy loading).

func (*CredentialImportService) GetRelatedCredentials 

func (s *CredentialImportService) GetRelatedCredentials(
	ctx context.Context,
	tenantID string,
	credentialID string,
) ([]CredentialItem, error)

GetRelatedCredentials gets all credentials related to a given identifier.

func (*CredentialImportService) Import 

func (s *CredentialImportService) Import(
	ctx context.Context,
	tenantID string,
	req credential.ImportRequest,
) (*credential.ImportResult, error)

Import imports credentials with deduplication support.

func (*CredentialImportService) ImportCSV 

func (s *CredentialImportService) ImportCSV(
	ctx context.Context,
	tenantID string,
	records [][]string,
	options credential.ImportOptions,
) (*credential.ImportResult, error)

ImportCSV imports credentials from CSV data.

func (*CredentialImportService) List 

func (s *CredentialImportService) List(
	ctx context.Context,
	tenantID string,
	opts CredentialListOptions,
	page, pageSize int,
) (*CredentialListResult, error)

List retrieves credential leaks with filtering and pagination.

func (*CredentialImportService) ListByIdentity 

func (s *CredentialImportService) ListByIdentity(
	ctx context.Context,
	tenantID string,
	opts CredentialListOptions,
	page, pageSize int,
) (*IdentityListResult, error)

ListByIdentity lists credential exposures grouped by identity (username/email).

func (*CredentialImportService) MarkCredentialFalsePositive 

func (s *CredentialImportService) MarkCredentialFalsePositive(ctx context.Context, tenantID, credentialID, userID, notes string) (*CredentialItem, error)

MarkCredentialFalsePositive marks a credential as a false positive.

func (*CredentialImportService) ReactivateCredential 

func (s *CredentialImportService) ReactivateCredential(ctx context.Context, tenantID, credentialID string) (*CredentialItem, error)

ReactivateCredential marks a credential as active again.

func (*CredentialImportService) ResolveCredential 

func (s *CredentialImportService) ResolveCredential(ctx context.Context, tenantID, credentialID, userID, notes string) (*CredentialItem, error)

ResolveCredential marks a credential as resolved.

type CredentialItem 

type CredentialItem struct {
	ID             string         `json:"id"`
	Identifier     string         `json:"identifier"`
	CredentialType string         `json:"credential_type"`
	SecretValue    string         `json:"secret_value,omitempty"`
	Source         string         `json:"source"`
	Severity       string         `json:"severity"`
	State          string         `json:"state"`
	FirstSeenAt    time.Time      `json:"first_seen_at"`
	LastSeenAt     time.Time      `json:"last_seen_at"`
	IsVerified     bool           `json:"is_verified"`
	IsRevoked      bool           `json:"is_revoked"`
	Details        map[string]any `json:"details,omitempty"`
}

CredentialItem represents a credential leak item.

type CredentialListOptions 

type CredentialListOptions struct {
	Severities []string
	States     []string
	Sources    []string
	Search     string
	SortField  string
	SortOrder  string
}

CredentialListOptions contains options for listing credentials.

type CredentialListResult 

type CredentialListResult struct {
	Items      []CredentialItem `json:"items"`
	Total      int64            `json:"total"`
	Page       int              `json:"page"`
	PageSize   int              `json:"page_size"`
	TotalPages int              `json:"total_pages"`
}

CredentialListResult represents the result of listing credentials.

type EmailCredentials 

type EmailCredentials struct {
	SMTPHost    string   `json:"smtp_host"`
	SMTPPort    int      `json:"smtp_port"`
	Username    string   `json:"username"`
	Password    string   `json:"password"`
	FromEmail   string   `json:"from_email"`
	FromName    string   `json:"from_name"`
	ToEmails    []string `json:"to_emails"`
	UseTLS      bool     `json:"use_tls"`
	UseSTARTTLS bool     `json:"use_starttls"`
	SkipVerify  bool     `json:"skip_verify"`
	ReplyTo     string   `json:"reply_to,omitempty"`
}

EmailCredentials represents the JSON structure for email SMTP credentials (full input from frontend).

type EmailMetadata 

type EmailMetadata struct {
	SMTPHost    string   `json:"smtp_host"`
	SMTPPort    int      `json:"smtp_port"`
	FromEmail   string   `json:"from_email"`
	FromName    string   `json:"from_name"`
	ToEmails    []string `json:"to_emails"`
	UseTLS      bool     `json:"use_tls"`
	UseSTARTTLS bool     `json:"use_starttls"`
	SkipVerify  bool     `json:"skip_verify"`
	ReplyTo     string   `json:"reply_to,omitempty"`
}

EmailMetadata represents non-sensitive email config stored in integration.metadata. This allows the frontend to display current config when editing without exposing secrets.

type EmailSensitiveCredentials 

type EmailSensitiveCredentials struct {
	Username string `json:"username"`
	Password string `json:"password"`
}

EmailSensitiveCredentials represents sensitive email credentials stored encrypted.

type FindSCMIntegrationInput 

type FindSCMIntegrationInput struct {
	TenantID string
	Provider string
	SCMOrg   string
}

FindSCMIntegrationInput represents the input for finding a matching SCM integration.

type GetNotificationEventsInput 

type GetNotificationEventsInput struct {
	IntegrationID string
	TenantID      string
	Limit         int
	Offset        int
}

GetNotificationEventsInput represents the input for getting notification events.

type GetNotificationEventsResult 

type GetNotificationEventsResult struct {
	Data   []NotificationEventEntry `json:"data"`
	Total  int64                    `json:"total"`
	Limit  int                      `json:"limit"`
	Offset int                      `json:"offset"`
}

GetNotificationEventsResult represents the result of getting notification events.

type GetSCMRepositoryInput 

type GetSCMRepositoryInput struct {
	IntegrationID string
	TenantID      string
	FullName      string // owner/repo format
}

GetSCMRepositoryInput represents the input for getting a single repository from SCM.

type IdentityExposure 

type IdentityExposure struct {
	Identity        string         `json:"identity"`      // username or email
	IdentityType    string         `json:"identity_type"` // "username" or "email"
	ExposureCount   int            `json:"exposure_count"`
	Sources         []string       `json:"sources"`
	CredentialTypes []string       `json:"credential_types"`
	HighestSeverity string         `json:"highest_severity"`
	States          map[string]int `json:"states"` // count by state
	FirstSeenAt     time.Time      `json:"first_seen_at"`
	LastSeenAt      time.Time      `json:"last_seen_at"`
}

IdentityExposure represents aggregated exposures for a single identity.

type IdentityListResult 

type IdentityListResult struct {
	Items      []IdentityExposure `json:"items"`
	Total      int64              `json:"total"`
	Page       int                `json:"page"`
	PageSize   int                `json:"page_size"`
	TotalPages int                `json:"total_pages"`
}

IdentityListResult represents the result of listing identities.

type IntegrationListReposInput 

type IntegrationListReposInput struct {
	IntegrationID string
	TenantID      string
	Search        string
	Page          int
	PerPage       int
}

IntegrationListReposInput represents the input for listing repositories from an SCM integration.

type IntegrationListReposResult 

type IntegrationListReposResult struct {
	Repositories []scm.Repository
	Total        int
	HasMore      bool
	NextPage     int
}

IntegrationListReposResult represents the result of listing repositories.

type IntegrationService 

type IntegrationService struct {
	// contains filtered or unexported fields
}

IntegrationService provides integration operations.

func NewIntegrationService 

func NewIntegrationService(
	repo integrationdom.Repository,
	scmExtRepo integrationdom.SCMExtensionRepository,
	encryptor crypto.Encryptor,
	log *logger.Logger,
) *IntegrationService

NewIntegrationService creates a new IntegrationService. The encryptor is used to encrypt/decrypt integration credentials. If encryptor is nil, a no-op encryptor is used (credentials stored in plaintext).

func (*IntegrationService) BroadcastNotification 

func (s *IntegrationService) BroadcastNotification(ctx context.Context, input BroadcastNotificationInput) ([]SendNotificationResult, error)

BroadcastNotification sends a notification to all connected notification integrations.

func (*IntegrationService) CreateIntegration 

func (s *IntegrationService) CreateIntegration(ctx context.Context, input CreateIntegrationInput) (*integrationdom.IntegrationWithSCM, error)

CreateIntegration creates a new integration.

func (*IntegrationService) CreateNotificationIntegration 

func (s *IntegrationService) CreateNotificationIntegration(ctx context.Context, input CreateNotificationIntegrationInput) (*integrationdom.IntegrationWithNotification, error)

CreateNotificationIntegration creates a new notification integration.

func (*IntegrationService) DeleteIntegration 

func (s *IntegrationService) DeleteIntegration(ctx context.Context, id string, tenantID string) error

DeleteIntegration deletes an integration.

func (*IntegrationService) DisableIntegration 

func (s *IntegrationService) DisableIntegration(ctx context.Context, id string, tenantID string) (*integrationdom.Integration, error)

DisableIntegration disables an integration.

func (*IntegrationService) EnableIntegration 

func (s *IntegrationService) EnableIntegration(ctx context.Context, id string, tenantID string) (*integrationdom.IntegrationWithSCM, error)

EnableIntegration enables an integration.

func (*IntegrationService) FindSCMIntegration 

func (s *IntegrationService) FindSCMIntegration(ctx context.Context, input FindSCMIntegrationInput) (*integrationdom.IntegrationWithSCM, error)

FindSCMIntegration finds a matching SCM integration by provider and organization. Returns the first connected integration that matches.

func (*IntegrationService) GetIntegration 

func (s *IntegrationService) GetIntegration(ctx context.Context, id string) (*integrationdom.Integration, error)

GetIntegration retrieves an integration by ID.

func (*IntegrationService) GetIntegrationWithSCM 

func (s *IntegrationService) GetIntegrationWithSCM(ctx context.Context, id string) (*integrationdom.IntegrationWithSCM, error)

GetIntegrationWithSCM retrieves an SCM integration with its extension.

func (*IntegrationService) GetNotificationEvents 

func (s *IntegrationService) GetNotificationEvents(ctx context.Context, input GetNotificationEventsInput) (*GetNotificationEventsResult, error)

GetNotificationEvents retrieves notification events for a specific integration. This returns events from the new notification_events audit trail.

func (*IntegrationService) GetNotificationIntegration 

func (s *IntegrationService) GetNotificationIntegration(ctx context.Context, id string, tenantID string) (*integrationdom.IntegrationWithNotification, error)

GetNotificationIntegration retrieves a notification integration with its extension.

func (*IntegrationService) GetSCMRepository 

func (s *IntegrationService) GetSCMRepository(ctx context.Context, input GetSCMRepositoryInput) (*scm.Repository, error)

GetSCMRepository gets a single repository from an SCM integration (includes languages).

func (*IntegrationService) ListIntegrations 

func (s *IntegrationService) ListIntegrations(ctx context.Context, input ListIntegrationsInput) (integrationdom.ListResult, error)

ListIntegrations lists integrations with filtering and pagination.

func (*IntegrationService) ListNotificationIntegrations 

func (s *IntegrationService) ListNotificationIntegrations(ctx context.Context, tenantID string) ([]*integrationdom.IntegrationWithNotification, error)

ListNotificationIntegrations lists all notification integrations with their extensions.

func (*IntegrationService) ListSCMIntegrations 

func (s *IntegrationService) ListSCMIntegrations(ctx context.Context, tenantID string) ([]*integrationdom.IntegrationWithSCM, error)

ListSCMIntegrations lists all SCM integrations with their extensions.

func (*IntegrationService) ListSCMRepositories 

func (s *IntegrationService) ListSCMRepositories(ctx context.Context, input IntegrationListReposInput) (*IntegrationListReposResult, error)

ListSCMRepositories lists repositories from an SCM integration.

func (*IntegrationService) NotifyNewFinding 

func (s *IntegrationService) NotifyNewFinding(tenantID, title, body, severity, url string)

NotifyNewFinding sends a notification for a new finding to all connected notification integrations. This implements the FindingNotifier interface and is designed to be called asynchronously. Any errors are logged but not returned since this is a fire-and-forget operation.

func (*IntegrationService) SendNotification 

func (s *IntegrationService) SendNotification(ctx context.Context, input SendNotificationInput) (*SendNotificationResult, error)

SendNotification sends a notification through a specific integration.

func (*IntegrationService) SetNotificationExtensionRepository 

func (s *IntegrationService) SetNotificationExtensionRepository(repo integrationdom.NotificationExtensionRepository)

SetNotificationExtensionRepository sets the notification extension repository.

func (*IntegrationService) SetOutboxEventRepository 

func (s *IntegrationService) SetOutboxEventRepository(repo outbox.EventRepository)

SetOutboxEventRepository sets the notification event repository.

func (*IntegrationService) SyncIntegration 

func (s *IntegrationService) SyncIntegration(ctx context.Context, id string, tenantID string) (*integrationdom.IntegrationWithSCM, error)

SyncIntegration triggers a sync for an integration (updates stats, repo count, etc.)

func (*IntegrationService) TestIntegration 

func (s *IntegrationService) TestIntegration(ctx context.Context, id string, tenantID string) (*integrationdom.IntegrationWithSCM, error)

TestIntegration tests the connection for an integration.

func (*IntegrationService) TestIntegrationCredentials 

func (s *IntegrationService) TestIntegrationCredentials(ctx context.Context, input TestIntegrationCredentialsInput) (*TestIntegrationCredentialsResult, error)

TestIntegrationCredentials tests credentials without persisting an integration.

func (*IntegrationService) TestNotificationIntegration 

func (s *IntegrationService) TestNotificationIntegration(ctx context.Context, id string, tenantID string) (*integrationdom.IntegrationWithNotification, error)

TestNotificationIntegration tests the connection for a notification integration.

func (*IntegrationService) UpdateIntegration 

func (s *IntegrationService) UpdateIntegration(ctx context.Context, id string, tenantID string, input UpdateIntegrationInput) (*integrationdom.IntegrationWithSCM, error)

UpdateIntegration updates an existing integration.

func (*IntegrationService) UpdateNotificationIntegration 

func (s *IntegrationService) UpdateNotificationIntegration(ctx context.Context, id string, tenantID string, input UpdateNotificationIntegrationInput) (*integrationdom.IntegrationWithNotification, error)

UpdateNotificationIntegration updates an existing notification integration.

type ListCredentialsInput 

type ListCredentialsInput struct {
	TenantID       shared.ID
	CredentialType *string
	Page           int
	PageSize       int
	SortBy         string
	SortOrder      string
}

ListCredentialsInput contains input for listing credentials.

type ListCredentialsOutput 

type ListCredentialsOutput struct {
	Items      []*secretstore.Credential
	TotalCount int
}

ListCredentialsOutput contains the result of listing credentials.

type ListDeliveriesInput 

type ListDeliveriesInput struct {
	WebhookID string `json:"webhook_id" validate:"required,uuid"`
	TenantID  string `json:"tenant_id" validate:"required,uuid"`
	Status    string `json:"status"`
	Page      int    `json:"page"`
	PerPage   int    `json:"per_page"`
}

ListDeliveriesInput represents input for listing deliveries.

type ListIntegrationsInput 

type ListIntegrationsInput struct {
	TenantID  string
	Category  string
	Provider  string
	Status    string
	Search    string
	Page      int
	PerPage   int
	SortBy    string
	SortOrder string
}

ListIntegrationsInput represents the input for listing integrations.

type ListWebhooksInput 

type ListWebhooksInput struct {
	TenantID  string `json:"tenant_id" validate:"required,uuid"`
	Status    string `json:"status"`
	EventType string `json:"event_type"`
	Search    string `json:"search"`
	Page      int    `json:"page"`
	PerPage   int    `json:"per_page"`
	SortBy    string `json:"sort_by"`
	SortOrder string `json:"sort_order"`
}

ListWebhooksInput represents input for listing webhooks.

type NotificationEventEntry 

type NotificationEventEntry struct {
	ID                    string                        `json:"id"`
	EventType             string                        `json:"event_type"`
	AggregateType         string                        `json:"aggregate_type,omitempty"`
	AggregateID           string                        `json:"aggregate_id,omitempty"`
	Title                 string                        `json:"title"`
	Body                  string                        `json:"body,omitempty"`
	Severity              string                        `json:"severity"`
	URL                   string                        `json:"url,omitempty"`
	Status                string                        `json:"status"`
	IntegrationsTotal     int                           `json:"integrations_total"`
	IntegrationsMatched   int                           `json:"integrations_matched"`
	IntegrationsSucceeded int                           `json:"integrations_succeeded"`
	IntegrationsFailed    int                           `json:"integrations_failed"`
	SendResults           []NotificationEventSendResult `json:"send_results"`
	LastError             string                        `json:"last_error,omitempty"`
	RetryCount            int                           `json:"retry_count"`
	CreatedAt             time.Time                     `json:"created_at"`
	ProcessedAt           time.Time                     `json:"processed_at"`
}

NotificationEventEntry represents a notification event entry in API responses.

type NotificationEventSendResult 

type NotificationEventSendResult struct {
	IntegrationID   string    `json:"integration_id"`
	IntegrationName string    `json:"name"`
	Provider        string    `json:"provider"`
	Status          string    `json:"status"`
	MessageID       string    `json:"message_id,omitempty"`
	Error           string    `json:"error,omitempty"`
	SentAt          time.Time `json:"sent_at"`
}

NotificationEventSendResult represents a single send result to an integration.

type NotificationService 

type NotificationService struct {
	// contains filtered or unexported fields
}

NotificationService handles user notification operations (inbox).

func NewNotificationService 

func NewNotificationService(
	repo notificationdom.Repository,
	wsHub WebSocketBroadcaster,
	log *logger.Logger,
) *NotificationService

NewNotificationService creates a new NotificationService.

func (*NotificationService) CleanupOld 

func (s *NotificationService) CleanupOld(ctx context.Context, retentionDays int) (int64, error)

CleanupOld removes notifications older than the specified retention period.

func (*NotificationService) GetPreferences 

func (s *NotificationService) GetPreferences(ctx context.Context, tenantID, userID shared.ID) (*notificationdom.Preferences, error)

GetPreferences returns notification preferences for a user.

func (*NotificationService) GetUnreadCount 

func (s *NotificationService) GetUnreadCount(ctx context.Context, tenantID, userID shared.ID) (int, error)

GetUnreadCount returns the number of unread notifications for a user. Group membership is resolved via subquery in the repository, eliminating an extra DB roundtrip.

func (*NotificationService) ListNotifications 

func (s *NotificationService) ListNotifications(
	ctx context.Context,
	tenantID, userID shared.ID,
	filter notificationdom.ListFilter,
	page pagination.Pagination,
) (pagination.Result[*notificationdom.Notification], error)

ListNotifications returns paginated notifications visible to the user. Group membership is resolved via subquery in the repository, eliminating an extra DB roundtrip.

func (*NotificationService) MarkAllAsRead 

func (s *NotificationService) MarkAllAsRead(ctx context.Context, tenantID, userID shared.ID) error

MarkAllAsRead marks all notifications as read for a user within a tenant.

func (*NotificationService) MarkAsRead 

func (s *NotificationService) MarkAsRead(ctx context.Context, tenantID shared.ID, notificationID notificationdom.ID, userID shared.ID) error

MarkAsRead marks a single notification as read for a user.

func (*NotificationService) Notify 

func (s *NotificationService) Notify(ctx context.Context, params notificationdom.NotificationParams) error

Notify creates a notification and pushes it via WebSocket to appropriate channels.

func (*NotificationService) UpdatePreferences 

func (s *NotificationService) UpdatePreferences(
	ctx context.Context,
	tenantID, userID shared.ID,
	input UpdatePreferencesInput,
) (*notificationdom.Preferences, error)

UpdatePreferences creates or updates notification preferences for a user.

type SecretStoreService 

type SecretStoreService struct {
	// contains filtered or unexported fields
}

SecretStoreService handles credential storage business logic.

func NewSecretStoreService 

func NewSecretStoreService(
	repo secretstore.Repository,
	encryptionKey []byte,
	auditService *auditapp.AuditService,
	log *logger.Logger,
) (*SecretStoreService, error)

NewSecretStoreService creates a new SecretStoreService.

func (*SecretStoreService) CreateCredential 

func (s *SecretStoreService) CreateCredential(ctx context.Context, input CreateCredentialInput) (*secretstore.Credential, error)

CreateCredential creates a new credential in the secret store.

func (*SecretStoreService) DecryptCredentialData 

func (s *SecretStoreService) DecryptCredentialData(ctx context.Context, tenantID shared.ID, credentialID string) (any, error)

DecryptCredentialData decrypts and returns the credential data. This also updates the last_used_at timestamp.

func (*SecretStoreService) DeleteCredential 

func (s *SecretStoreService) DeleteCredential(ctx context.Context, tenantID shared.ID, credentialID string) error

DeleteCredential deletes a credential from the secret store.

func (*SecretStoreService) GetCredential 

func (s *SecretStoreService) GetCredential(ctx context.Context, tenantID shared.ID, credentialID string) (*secretstore.Credential, error)

GetCredential retrieves a credential by ID.

func (*SecretStoreService) ListCredentials 

func (s *SecretStoreService) ListCredentials(ctx context.Context, input ListCredentialsInput) (*ListCredentialsOutput, error)

ListCredentials lists credentials with filtering and pagination.

func (*SecretStoreService) RotateCredential 

func (s *SecretStoreService) RotateCredential(ctx context.Context, tenantID shared.ID, credentialID string, newData any) (*secretstore.Credential, error)

RotateCredential rotates a credential with new data.

func (*SecretStoreService) UpdateCredential 

func (s *SecretStoreService) UpdateCredential(ctx context.Context, input UpdateCredentialInput) (*secretstore.Credential, error)

UpdateCredential updates a credential in the secret store.

type SendNotificationInput 

type SendNotificationInput struct {
	IntegrationID string
	TenantID      string
	Title         string
	Body          string
	Severity      string // critical, high, medium, low
	URL           string
	Fields        map[string]string
}

SendNotificationInput represents the input for sending a notification.

type SendNotificationResult 

type SendNotificationResult struct {
	Success   bool
	MessageID string
	Error     string
}

SendNotificationResult represents the result of sending a notification.

type StorageFactory 

type StorageFactory func(cfg attachmentdom.StorageConfig) (attachmentdom.FileStorage, error)

StorageFactory creates a FileStorage from a StorageConfig.

type TelegramCredentials 

type TelegramCredentials struct {
	BotToken string `json:"bot_token"`
	ChatID   string `json:"chat_id"`
}

TelegramCredentials represents the JSON structure for Telegram credentials (full input from frontend).

type TenantStorageResolver 

type TenantStorageResolver interface {
	GetTenantStorageConfig(ctx context.Context, tenantID string) (*attachmentdom.StorageConfig, error)
}

TenantStorageResolver resolves per-tenant storage configuration.

type TestIntegrationCredentialsInput 

type TestIntegrationCredentialsInput struct {
	Category        string
	Provider        string
	BaseURL         string
	AuthType        string
	Credentials     string
	SCMOrganization string
}

TestCredentialsInput represents the input for testing credentials without creating.

type TestIntegrationCredentialsResult 

type TestIntegrationCredentialsResult struct {
	Success      bool
	Message      string
	RepoCount    int
	Organization string
	Username     string
}

TestIntegrationCredentialsResult represents the result of testing credentials.

type UpdateCredentialInput 

type UpdateCredentialInput struct {
	TenantID     shared.ID
	CredentialID string
	Name         string
	Description  string
	Data         any // One of the credential data types (nil to keep existing)
	ExpiresAt    *time.Time
}

UpdateCredentialInput contains input for updating a secretstore.

type UpdateIntegrationInput 

type UpdateIntegrationInput struct {
	Name        *string
	Description *string
	Credentials *string
	BaseURL     *string

	// SCM-specific fields
	SCMOrganization *string
}

UpdateIntegrationInput represents the input for updating an integration.

type UpdateNotificationIntegrationInput 

type UpdateNotificationIntegrationInput struct {
	Name        *string
	Description *string
	Credentials *string // Webhook URL, Bot Token, etc.

	// Notification-specific fields
	ChannelID          *string
	ChannelName        *string
	EnabledSeverities  []string // Severity levels to notify on (nil = no change)
	EnabledEventTypes  []string // Event types to receive notifications for (nil = no change)
	MessageTemplate    *string
	IncludeDetails     *bool
	MinIntervalMinutes *int
}

UpdateNotificationIntegrationInput represents the input for updating a notification integration.

type UpdatePreferencesInput 

type UpdatePreferencesInput struct {
	InAppEnabled *bool    `json:"in_app_enabled"`
	EmailDigest  *string  `json:"email_digest"` // "none", "daily", "weekly"
	MutedTypes   []string `json:"muted_types"`
	MinSeverity  *string  `json:"min_severity"`
}

UpdatePreferencesInput represents input for updating notification preferences.

type UpdateWebhookInput 

type UpdateWebhookInput struct {
	Name              *string  `json:"name" validate:"omitempty,min=1,max=255"`
	Description       *string  `json:"description" validate:"omitempty,max=1000"`
	URL               *string  `json:"url" validate:"omitempty,url,max=1000"`
	Secret            *string  `json:"secret" validate:"omitempty,max=500"`
	EventTypes        []string `json:"event_types" validate:"omitempty,min=1,max=20"`
	SeverityThreshold *string  `json:"severity_threshold" validate:"omitempty,oneof=critical high medium low info"`
	MaxRetries        *int     `json:"max_retries" validate:"omitempty,min=0,max=10"`
	RetryInterval     *int     `json:"retry_interval_seconds" validate:"omitempty,min=0,max=3600"`
}

UpdateWebhookInput represents input for updating a webhook.

type UploadInput 

type UploadInput struct {
	TenantID    string
	Filename    string
	ContentType string
	Size        int64
	Reader      io.Reader
	UploadedBy  string
	ContextType string // "finding", "retest", "campaign", or ""
	ContextID   string // UUID of the context entity, or ""
}

UploadInput contains the parameters for uploading a file.

type WebSocketBroadcaster 

type WebSocketBroadcaster interface {
	BroadcastEvent(channel string, data any, tenantID string)
}

WebSocketBroadcaster broadcasts messages to WebSocket channels.

type WebhookService 

type WebhookService struct {
	// contains filtered or unexported fields
}

WebhookService provides business logic for webhook management.

func NewWebhookService 

func NewWebhookService(repo webhookdom.Repository, encryptor crypto.Encryptor, log *logger.Logger) *WebhookService

NewWebhookService creates a new WebhookService.

func (*WebhookService) CreateWebhook 

func (s *WebhookService) CreateWebhook(ctx context.Context, input CreateWebhookInput) (*webhookdom.Webhook, error)

CreateWebhook creates a new webhook.

func (*WebhookService) DeleteWebhook 

func (s *WebhookService) DeleteWebhook(ctx context.Context, id, tenantIDStr string) error

DeleteWebhook deletes a webhook. Tenant isolation enforced at DB level.

func (*WebhookService) DisableWebhook 

func (s *WebhookService) DisableWebhook(ctx context.Context, id, tenantIDStr string) (*webhookdom.Webhook, error)

DisableWebhook disables a webhook.

func (*WebhookService) EnableWebhook 

func (s *WebhookService) EnableWebhook(ctx context.Context, id, tenantIDStr string) (*webhookdom.Webhook, error)

EnableWebhook enables a webhook.

func (*WebhookService) GetWebhook 

func (s *WebhookService) GetWebhook(ctx context.Context, id, tenantIDStr string) (*webhookdom.Webhook, error)

GetWebhook retrieves a webhook by ID within a tenant.

func (*WebhookService) ListDeliveries 

func (s *WebhookService) ListDeliveries(ctx context.Context, input ListDeliveriesInput) (webhookdom.DeliveryListResult, error)

ListDeliveries retrieves delivery history for a webhook.

func (*WebhookService) ListWebhooks 

func (s *WebhookService) ListWebhooks(ctx context.Context, input ListWebhooksInput) (webhookdom.ListResult, error)

ListWebhooks retrieves a paginated list of webhooks.

func (*WebhookService) UpdateWebhook 

func (s *WebhookService) UpdateWebhook(ctx context.Context, id, tenantIDStr string, input UpdateWebhookInput) (*webhookdom.Webhook, error)

UpdateWebhook updates a webhook.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.