common

package
v0.4.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 20, 2025 License: MIT Imports: 1 Imported by: 0

Documentation

Overview

Package common provides common constants and utilities for the security access control system

Package common provides common constants and utilities for the security access control system

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AuditAction

type AuditAction string

AuditAction defines the type of action performed in an audit log

const (
	// User-related actions
	AuditActionUserCreate           AuditAction = "user.create"
	AuditActionUserUpdate           AuditAction = "user.update"
	AuditActionUserDelete           AuditAction = "user.delete"
	AuditActionUserLogin            AuditAction = "user.login"
	AuditActionUserLogout           AuditAction = "user.logout"
	AuditActionUserLoginFailed      AuditAction = "user.login.failed"
	AuditActionUserPasswordChange   AuditAction = "user.password.change"
	AuditActionUserPasswordReset    AuditAction = "user.password.reset"
	AuditActionUserRoleAdd          AuditAction = "user.role.add"
	AuditActionUserRoleRemove       AuditAction = "user.role.remove"
	AuditActionUserPermissionAdd    AuditAction = "user.permission.add"
	AuditActionUserPermissionRemove AuditAction = "user.permission.remove"
	AuditActionUserLockout          AuditAction = "user.lockout"
	AuditActionUserUnlock           AuditAction = "user.unlock"
	AuditActionUserSuspend          AuditAction = "user.suspend"
	AuditActionUserActivate         AuditAction = "user.activate"
	AuditActionUserProfileView      AuditAction = "user.profile.view"
	AuditActionUserProfileUpdate    AuditAction = "user.profile.update"

	// Role-related actions
	AuditActionRoleCreate           AuditAction = "role.create"
	AuditActionRoleUpdate           AuditAction = "role.update"
	AuditActionRoleDelete           AuditAction = "role.delete"
	AuditActionRolePermissionAdd    AuditAction = "role.permission.add"
	AuditActionRolePermissionRemove AuditAction = "role.permission.remove"
	AuditActionRoleAssign           AuditAction = "role.assign"
	AuditActionRoleRevoke           AuditAction = "role.revoke"
	AuditActionRoleChange           AuditAction = "role.change"

	// Permission-related actions
	AuditActionPermissionCreate AuditAction = "permission.create"
	AuditActionPermissionUpdate AuditAction = "permission.update"
	AuditActionPermissionDelete AuditAction = "permission.delete"
	AuditActionPermissionGrant  AuditAction = "permission.grant"
	AuditActionPermissionRevoke AuditAction = "permission.revoke"

	// Session-related actions
	AuditActionSessionCreate     AuditAction = "session.create"
	AuditActionSessionUpdate     AuditAction = "session.update"
	AuditActionSessionDelete     AuditAction = "session.delete"
	AuditActionSessionExpire     AuditAction = "session.expire"
	AuditActionSessionInvalidate AuditAction = "session.invalidate"
	AuditActionSessionRenew      AuditAction = "session.renew"

	// MFA-related actions
	AuditActionMfaEnable              AuditAction = "mfa.enable"
	AuditActionMfaDisable             AuditAction = "mfa.disable"
	AuditActionMfaVerify              AuditAction = "mfa.verify"
	AuditActionMfaVerifyFailed        AuditAction = "mfa.verify.failed"
	AuditActionMfaMethodAdd           AuditAction = "mfa.method.add"
	AuditActionMfaMethodRemove        AuditAction = "mfa.method.remove"
	AuditActionMfaBackupCodesGenerate AuditAction = "mfa.backup_codes.generate"
	AuditActionMfaBackupCodesUse      AuditAction = "mfa.backup_codes.use"

	// Security incident-related actions
	AuditActionSecurityIncidentCreate   AuditAction = "security.incident.create"
	AuditActionSecurityIncidentUpdate   AuditAction = "security.incident.update"
	AuditActionSecurityIncidentClose    AuditAction = "security.incident.close"
	AuditActionSecurityIncidentEscalate AuditAction = "security.incident.escalate"
	AuditActionSecurityIncidentAssign   AuditAction = "security.incident.assign"
	AuditActionSecurityIncidentReopen   AuditAction = "security.incident.reopen"
	AuditActionSecurityIncidentComment  AuditAction = "security.incident.comment"
	AuditActionSecurityIncidentResolve  AuditAction = "security.incident.resolve"

	// Vulnerability-related actions
	AuditActionSecurityVulnerabilityCreate   AuditAction = "security.vulnerability.create"
	AuditActionSecurityVulnerabilityUpdate   AuditAction = "security.vulnerability.update"
	AuditActionSecurityVulnerabilityMitigate AuditAction = "security.vulnerability.mitigate"
	AuditActionSecurityVulnerabilityResolve  AuditAction = "security.vulnerability.resolve"
	AuditActionSecurityVulnerabilityEscalate AuditAction = "security.vulnerability.escalate"
	AuditActionSecurityVulnerabilityAssign   AuditAction = "security.vulnerability.assign"
	AuditActionSecurityVulnerabilityVerify   AuditAction = "security.vulnerability.verify"
	AuditActionSecurityVulnerabilityReopen   AuditAction = "security.vulnerability.reopen"

	// System-related actions
	AuditActionSystemStartup      AuditAction = "system.startup"
	AuditActionSystemShutdown     AuditAction = "system.shutdown"
	AuditActionSystemConfigChange AuditAction = "system.config.change"
	AuditActionSystemBackup       AuditAction = "system.backup"
	AuditActionSystemRestore      AuditAction = "system.restore"
	AuditActionSystemUpgrade      AuditAction = "system.upgrade"
	AuditActionSystemMaintenance  AuditAction = "system.maintenance"
	AuditActionSystemAlert        AuditAction = "system.alert"

	// Resource access actions
	AuditActionResourceCreate       AuditAction = "resource.create"
	AuditActionResourceRead         AuditAction = "resource.read"
	AuditActionResourceUpdate       AuditAction = "resource.update"
	AuditActionResourceDelete       AuditAction = "resource.delete"
	AuditActionResourceExecute      AuditAction = "resource.execute"
	AuditActionResourceAccess       AuditAction = "resource.access"
	AuditActionResourceAccessDenied AuditAction = "resource.access.denied"

	// API-related actions
	AuditActionApiRequest           AuditAction = "api.request"
	AuditActionApiResponse          AuditAction = "api.response"
	AuditActionApiRateLimitExceeded AuditAction = "api.rate_limit.exceeded"
	AuditActionApiKeyCreate         AuditAction = "api.key.create"
	AuditActionApiKeyUpdate         AuditAction = "api.key.update"
	AuditActionApiKeyDelete         AuditAction = "api.key.delete"
	AuditActionApiKeyRotate         AuditAction = "api.key.rotate"

	// Audit-related actions
	AuditActionAuditLogView      AuditAction = "audit.log.view"
	AuditActionAuditLogExport    AuditAction = "audit.log.export"
	AuditActionAuditLogPurge     AuditAction = "audit.log.purge"
	AuditActionAuditLogSearch    AuditAction = "audit.log.search"
	AuditActionAuditConfigChange AuditAction = "audit.config.change"
	AuditActionAlert             AuditAction = "audit.alert"
	AuditActionAlertRuleCreate   AuditAction = "audit.alert.rule.create"
	AuditActionAlertRuleUpdate   AuditAction = "audit.alert.rule.update"
	AuditActionAlertRuleDelete   AuditAction = "audit.alert.rule.delete"
	AuditActionAlertRuleEnable   AuditAction = "audit.alert.rule.enable"
	AuditActionAlertRuleDisable  AuditAction = "audit.alert.rule.disable"

	// Data-related actions
	AuditActionDataExport    AuditAction = "data.export"
	AuditActionDataImport    AuditAction = "data.import"
	AuditActionDataDelete    AuditAction = "data.delete"
	AuditActionDataAnonymize AuditAction = "data.anonymize"
	AuditActionDataEncrypt   AuditAction = "data.encrypt"
	AuditActionDataDecrypt   AuditAction = "data.decrypt"

	// Template-related actions
	AuditActionTemplateCreate  AuditAction = "template.create"
	AuditActionTemplateUpdate  AuditAction = "template.update"
	AuditActionTemplateDelete  AuditAction = "template.delete"
	AuditActionTemplateExecute AuditAction = "template.execute"
	AuditActionTemplateApprove AuditAction = "template.approve"
	AuditActionTemplateReject  AuditAction = "template.reject"

	// Login-related actions
	AuditActionLoginFailed     AuditAction = "login.failed"
	AuditActionLoginSuccess    AuditAction = "login.success"
	AuditActionLogout          AuditAction = "logout"
	AuditActionPasswordChange  AuditAction = "password.change"
	AuditActionPasswordReset   AuditAction = "password.reset"
	AuditActionPasswordExpired AuditAction = "password.expired"
	AuditActionAccountLocked   AuditAction = "account.locked"
	AuditActionAccountUnlocked AuditAction = "account.unlocked"
)

Audit action constants

type AuditLog

type AuditLog struct {
	ID         string                 `json:"id"`
	Timestamp  time.Time              `json:"timestamp"`
	UserID     string                 `json:"user_id"`
	Username   string                 `json:"username"`
	Action     AuditAction            `json:"action"`
	Resource   string                 `json:"resource"`
	ResourceID string                 `json:"resource_id"`
	Result     string                 `json:"result"`
	Severity   AuditSeverity          `json:"severity"`
	Details    map[string]interface{} `json:"details"`
	IP         string                 `json:"ip"`
	UserAgent  string                 `json:"user_agent"`
	SessionID  string                 `json:"session_id"`
	Error      string                 `json:"error,omitempty"`
}

AuditLog represents an audit log entry

type AuditSeverity

type AuditSeverity string

AuditSeverity defines the severity level of an audit log

const (
	AuditSeverityDebug     AuditSeverity = "debug"
	AuditSeverityInfo      AuditSeverity = "info"
	AuditSeverityNotice    AuditSeverity = "notice"
	AuditSeverityWarning   AuditSeverity = "warning"
	AuditSeverityError     AuditSeverity = "error"
	AuditSeverityCritical  AuditSeverity = "critical"
	AuditSeverityAlert     AuditSeverity = "alert"
	AuditSeverityEmergency AuditSeverity = "emergency"
	AuditSeverityLow       AuditSeverity = "low"
	AuditSeverityMedium    AuditSeverity = "medium"
	AuditSeverityHigh      AuditSeverity = "high"
)

Audit severity constants

func AuditSeverityFromVulnerabilitySeverity

func AuditSeverityFromVulnerabilitySeverity(severity VulnerabilitySeverity) AuditSeverity

AuditSeverityFromVulnerabilitySeverity converts a vulnerability severity to an audit severity

func SeverityFromString

func SeverityFromString(s string) AuditSeverity

SeverityFromString converts a string to an AuditSeverity

type AuthMethod

type AuthMethod string

AuthMethod represents an authentication method

const (
	AuthMethodPassword    AuthMethod = "password"
	AuthMethodOAuth       AuthMethod = "oauth"
	AuthMethodAPIKey      AuthMethod = "api_key"
	AuthMethodTOTP        AuthMethod = "totp"
	AuthMethodBackupCode  AuthMethod = "backup_code"
	AuthMethodWebAuthn    AuthMethod = "webauthn"
	AuthMethodSMS         AuthMethod = "sms"
	AuthMethodCertificate AuthMethod = "certificate"
	AuthMethodSSO         AuthMethod = "sso"
)

Constants for authentication methods

type SecurityIncident

type SecurityIncident struct {
	ID              string                 `json:"id"`
	Title           string                 `json:"title"`
	Type            string                 `json:"type"`
	Severity        string                 `json:"severity"`
	Status          SecurityIncidentStatus `json:"status"`
	Description     string                 `json:"description"`
	DetectedAt      time.Time              `json:"detected_at"`
	CreatedAt       time.Time              `json:"created_at"`
	UpdatedAt       time.Time              `json:"updated_at"`
	ResolvedAt      *time.Time             `json:"resolved_at,omitempty"`
	CreatedBy       string                 `json:"created_by"`
	ReportedBy      string                 `json:"reported_by"`
	AssignedTo      string                 `json:"assigned_to,omitempty"`
	Details         map[string]interface{} `json:"details,omitempty"`
	Actions         []string               `json:"actions,omitempty"`
	Resolution      string                 `json:"resolution,omitempty"`
	AffectedSystems []string               `json:"affected_systems,omitempty"`
	RelatedLogs     []string               `json:"related_logs,omitempty"`
	Metadata        map[string]interface{} `json:"metadata,omitempty"`
}

SecurityIncident represents a security incident

type SecurityIncidentStatus

type SecurityIncidentStatus string

SecurityIncidentStatus defines the status of a security incident

const (
	SecurityIncidentStatusOpen    SecurityIncidentStatus = "open"
	SecurityIncidentStatusClosed  SecurityIncidentStatus = "closed"
	SecurityIncidentStatusPending SecurityIncidentStatus = "pending"
)

Security incident status constants

type User

type User struct {
	ID                  string                 `json:"id"`
	Username            string                 `json:"username"`
	Email               string                 `json:"email"`
	PasswordHash        string                 `json:"password_hash,omitempty"`
	Roles               []string               `json:"roles"`
	Permissions         []string               `json:"permissions,omitempty"`
	MFAEnabled          bool                   `json:"mfa_enabled"`
	MFAMethod           string                 `json:"mfa_method,omitempty"`
	MFAMethods          []string               `json:"mfa_methods,omitempty"`
	MFASecret           string                 `json:"mfa_secret,omitempty"`
	LastLogin           time.Time              `json:"last_login"`
	LastPasswordChange  time.Time              `json:"last_password_change"`
	FailedLoginAttempts int                    `json:"failed_login_attempts"`
	Locked              bool                   `json:"locked"`
	Active              bool                   `json:"active"`
	CreatedAt           time.Time              `json:"created_at"`
	UpdatedAt           time.Time              `json:"updated_at"`
	Metadata            map[string]interface{} `json:"metadata,omitempty"`
}

User represents a user in the system (same as models.User but in common package)

type Vulnerability

type Vulnerability struct {
	ID              string                 `json:"id"`
	Title           string                 `json:"title"`
	Description     string                 `json:"description"`
	Severity        VulnerabilitySeverity  `json:"severity"`
	Status          VulnerabilityStatus    `json:"status"`
	DiscoveredAt    time.Time              `json:"discovered_at"`
	DiscoveredBy    string                 `json:"discovered_by"`
	MitigatedAt     *time.Time             `json:"mitigated_at,omitempty"`
	Mitigation      string                 `json:"mitigation,omitempty"`
	ResolvedAt      *time.Time             `json:"resolved_at,omitempty"`
	AffectedSystems []string               `json:"affected_systems,omitempty"`
	Metadata        map[string]interface{} `json:"metadata,omitempty"`
}

Vulnerability represents a security vulnerability

type VulnerabilitySeverity

type VulnerabilitySeverity int

VulnerabilitySeverity defines the severity level of a vulnerability

const (
	VulnerabilitySeverityLow VulnerabilitySeverity = iota
	VulnerabilitySeverityMedium
	VulnerabilitySeverityHigh
	VulnerabilitySeverityCritical
)

Vulnerability severity constants

type VulnerabilityStatus

type VulnerabilityStatus string

VulnerabilityStatus defines the status of a vulnerability

const (
	VulnerabilityStatusOpen      VulnerabilityStatus = "open"
	VulnerabilityStatusMitigated VulnerabilityStatus = "mitigated"
	VulnerabilityStatusResolved  VulnerabilityStatus = "resolved"
	VulnerabilityStatusPending   VulnerabilityStatus = "pending"
)

Vulnerability status constants

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL