audit

package
v0.0.8 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 31, 2025 License: Apache-2.0 Imports: 13 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	CodeAuditEventNotFound     = "AUDIT_EVENT_NOT_FOUND"
	CodeAuditEventCreateFailed = "AUDIT_EVENT_CREATE_FAILED"
	CodeInvalidFilter          = "AUDIT_INVALID_FILTER"
	CodeInvalidTimeRange       = "AUDIT_INVALID_TIME_RANGE"
	CodeInvalidPagination      = "AUDIT_INVALID_PAGINATION"
	CodeQueryFailed            = "AUDIT_QUERY_FAILED"
)

Error codes for audit operations

Variables

This section is empty.

Functions

func AuditEventCreateFailed 

func AuditEventCreateFailed(err error) *errs.AuthsomeError

AuditEventCreateFailed returns an error when creating an audit event fails

func AuditEventNotFound 

func AuditEventNotFound(id string) *errs.AuthsomeError

AuditEventNotFound returns an error when an audit event is not found

func InvalidFilter 

func InvalidFilter(field, reason string) *errs.AuthsomeError

InvalidFilter returns an error when filter parameters are invalid

func InvalidPagination 

func InvalidPagination(reason string) *errs.AuthsomeError

InvalidPagination returns an error when pagination parameters are invalid

func InvalidTimeRange 

func InvalidTimeRange(reason string) *errs.AuthsomeError

InvalidTimeRange returns an error when the time range is invalid

func QueryFailed 

func QueryFailed(operation string, err error) *errs.AuthsomeError

QueryFailed returns an error when a query operation fails

Types

type AnalyticsService added in v0.0.7 

type AnalyticsService struct {
	// contains filtered or unexported fields
}

AnalyticsService provides advanced security analytics

func NewAnalyticsService added in v0.0.7 

func NewAnalyticsService(repo Repository) *AnalyticsService

NewAnalyticsService creates a new analytics service

type Anomaly added in v0.0.7 

type Anomaly struct {
	Type        string                 `json:"type"`     // geo_velocity, unusual_action, frequency_spike, etc.
	Severity    string                 `json:"severity"` // low, medium, high, critical
	Score       float64                `json:"score"`    // 0-100
	Event       *Event                 `json:"event"`
	Baseline    *Baseline              `json:"baseline,omitempty"`
	Description string                 `json:"description"`
	Evidence    map[string]interface{} `json:"evidence"`
	DetectedAt  time.Time              `json:"detectedAt"`
}

Anomaly represents a detected anomaly

type AnomalyDetector added in v0.0.7 

type AnomalyDetector struct {
	// contains filtered or unexported fields
}

AnomalyDetector detects anomalies in audit events

func NewAnomalyDetector added in v0.0.7 

func NewAnomalyDetector() *AnomalyDetector

NewAnomalyDetector creates a new anomaly detector

func (*AnomalyDetector) DetectAnomalies added in v0.0.7 

func (ad *AnomalyDetector) DetectAnomalies(ctx context.Context, event *Event, baseline *Baseline) ([]*Anomaly, error)

DetectAnomalies detects anomalies in an event against baseline

func (*AnomalyDetector) SetBaselineCalculator added in v0.0.7 

func (ad *AnomalyDetector) SetBaselineCalculator(calc *BaselineCalculator)

SetBaselineCalculator sets the baseline calculator

type AuditProvider added in v0.0.7 

type AuditProvider interface {
	// OnEvent is called when an audit event is created
	OnEvent(ctx context.Context, event *Event) error

	// Healthy checks if the provider is operational
	Healthy(ctx context.Context) error
}

AuditProvider allows external systems to receive audit events Useful for forwarding to SIEM, analytics engines, etc.

type Baseline added in v0.0.7 

type Baseline struct {
	UserID           xid.ID                 `json:"userId"`
	Period           time.Duration          `json:"period"`
	EventsPerHour    float64                `json:"eventsPerHour"`
	TopActions       map[string]int         `json:"topActions"`
	TopResources     map[string]int         `json:"topResources"`
	TopLocations     []string               `json:"topLocations"`
	TypicalHours     []int                  `json:"typicalHours"` // Hours of day (0-23)
	TypicalDays      []time.Weekday         `json:"typicalDays"`  // Days of week
	UniqueIPCount    int                    `json:"uniqueIpCount"`
	AvgSessionLength time.Duration          `json:"avgSessionLength"`
	CalculatedAt     time.Time              `json:"calculatedAt"`
	Metadata         map[string]interface{} `json:"metadata"`
}

Baseline represents statistical baseline for user behavior

type BaselineCache added in v0.0.7 

type BaselineCache struct {
	// contains filtered or unexported fields
}

BaselineCache caches user baselines in memory

func NewBaselineCache added in v0.0.7 

func NewBaselineCache() *BaselineCache

NewBaselineCache creates a new baseline cache

func (*BaselineCache) Get added in v0.0.7 

func (bc *BaselineCache) Get(userID xid.ID) (*Baseline, bool)

Get retrieves a baseline from cache

func (*BaselineCache) Set added in v0.0.7 

func (bc *BaselineCache) Set(userID xid.ID, baseline *Baseline)

Set stores a baseline in cache

type BaselineCalculator added in v0.0.7 

type BaselineCalculator struct {
	// contains filtered or unexported fields
}

BaselineCalculator calculates behavioral baselines

func NewBaselineCalculator added in v0.0.7 

func NewBaselineCalculator(repo Repository) *BaselineCalculator

NewBaselineCalculator creates a new baseline calculator

func (*BaselineCalculator) Calculate added in v0.0.7 

func (bc *BaselineCalculator) Calculate(ctx context.Context, userID xid.ID, period time.Duration) (*Baseline, error)

Calculate calculates baseline for a user over a period

type ClientStats added in v0.0.7 

type ClientStats struct {
	ID         string        `json:"id"`
	BufferSize int           `json:"bufferSize"`
	Connected  time.Duration `json:"connected"`
}

ClientStats contains per-client statistics

type CreateEventRequest 

type CreateEventRequest struct {
	AppID         xid.ID  `json:"appId,omitempty"`         // Optional - will be read from context if not provided
	EnvironmentID *xid.ID `json:"environmentId,omitempty"` // Optional - will be read from context if not provided
	UserID        *xid.ID `json:"userId,omitempty"`
	Action        string  `json:"action" validate:"required"`
	Resource      string  `json:"resource" validate:"required"`
	IPAddress     string  `json:"ipAddress,omitempty"`
	UserAgent     string  `json:"userAgent,omitempty"`
	Metadata      string  `json:"metadata,omitempty"`
}

CreateEventRequest represents a request to create an audit event

type CreateEventResponse 

type CreateEventResponse struct {
	Event *Event `json:"event"`
}

CreateEventResponse represents the response after creating an audit event

type Event 

type Event struct {
	ID            xid.ID    `json:"id"`
	AppID         xid.ID    `json:"appId"`
	EnvironmentID *xid.ID   `json:"environmentId,omitempty"`
	UserID        *xid.ID   `json:"userId,omitempty"`
	Action        string    `json:"action"`
	Resource      string    `json:"resource"`
	IPAddress     string    `json:"ipAddress,omitempty"`
	UserAgent     string    `json:"userAgent,omitempty"`
	Metadata      string    `json:"metadata,omitempty"` // JSON string or plain text
	CreatedAt     time.Time `json:"createdAt"`
	UpdatedAt     time.Time `json:"updatedAt"`
}

Event represents an audit trail record DTO This is separate from schema.AuditEvent to maintain proper separation of concerns

func FromSchemaEvent 

func FromSchemaEvent(ae *schema.AuditEvent) *Event

FromSchemaEvent converts a schema.AuditEvent model to Event DTO

func FromSchemaEvents 

func FromSchemaEvents(events []*schema.AuditEvent) []*Event

FromSchemaEvents converts a slice of schema.AuditEvent to Event DTOs

func (*Event) ToSchema 

func (e *Event) ToSchema() *schema.AuditEvent

ToSchema converts the Event DTO to a schema.AuditEvent model

type GenericOrganization added in v0.0.7 

type GenericOrganization struct {
	ID          string                 `json:"id"`
	Name        string                 `json:"name"`
	DisplayName string                 `json:"displayName,omitempty"`
	Status      string                 `json:"status"` // "active", "suspended", "deleted"
	ParentID    *string                `json:"parentId,omitempty"`
	Members     int                    `json:"members"`
	Metadata    map[string]interface{} `json:"metadata,omitempty"`
	CreatedAt   time.Time              `json:"createdAt"`
	UpdatedAt   time.Time              `json:"updatedAt"`
}

GenericOrganization represents an organization/tenant from any system

type GenericUser added in v0.0.7 

type GenericUser struct {
	ID               string                 `json:"id"`
	Email            string                 `json:"email"`
	Username         string                 `json:"username,omitempty"`
	DisplayName      string                 `json:"displayName,omitempty"`
	MFAEnabled       bool                   `json:"mfaEnabled"`
	MFAMethods       []string               `json:"mfaMethods"` // ["totp", "sms", "webauthn"]
	PasswordChanged  time.Time              `json:"passwordChanged"`
	LastLogin        time.Time              `json:"lastLogin"`
	LoginCount       int                    `json:"loginCount"`
	FailedLoginCount int                    `json:"failedLoginCount"`
	Status           string                 `json:"status"` // "active", "suspended", "deleted", "locked"
	Roles            []string               `json:"roles"`
	Groups           []string               `json:"groups,omitempty"`
	Metadata         map[string]interface{} `json:"metadata,omitempty"` // Extensible
	CreatedAt        time.Time              `json:"createdAt"`
	UpdatedAt        time.Time              `json:"updatedAt"`
}

GenericUser represents a user from any system

type GeoVelocityDetector added in v0.0.7 

type GeoVelocityDetector struct {
}

GeoVelocityDetector detects impossible travel based on IP geolocation

func (*GeoVelocityDetector) DetectImpossibleTravel added in v0.0.7 

func (gvd *GeoVelocityDetector) DetectImpossibleTravel(event1, event2 *Event) (*Anomaly, error)

DetectImpossibleTravel checks if travel between two locations is physically impossible

type GetEventRequest 

type GetEventRequest struct {
	ID xid.ID `json:"id" validate:"required"`
}

GetEventRequest represents a request to get an audit event by ID

type GetEventResponse 

type GetEventResponse struct {
	Event *Event `json:"event"`
}

GetEventResponse represents the response for getting an audit event

type ListEventsFilter 

type ListEventsFilter struct {
	pagination.PaginationParams

	// ========== Full-Text Search ==========
	// Full-text search query across action, resource, metadata
	SearchQuery *string `json:"searchQuery,omitempty" query:"q"`
	// Fields to search (empty = all fields)
	SearchFields []string `json:"searchFields,omitempty" query:"search_fields"`

	// ========== Exact Match Filters ==========
	// Filter by environment
	EnvironmentID *xid.ID `json:"environmentId,omitempty" query:"environment_id"`

	// Filter by user (single)
	UserID *xid.ID `json:"userId,omitempty" query:"user_id"`

	// Filter by action (single, exact match)
	Action *string `json:"action,omitempty" query:"action"`

	// Filter by resource (single, exact match)
	Resource *string `json:"resource,omitempty" query:"resource"`

	// Filter by IP address (single, exact match)
	IPAddress *string `json:"ipAddress,omitempty" query:"ip_address"`

	// ========== Multiple Value Filters (IN clauses) ==========
	// Filter by multiple users
	UserIDs []xid.ID `json:"userIds,omitempty" query:"user_ids"`

	// Filter by multiple actions
	Actions []string `json:"actions,omitempty" query:"actions"`

	// Filter by multiple resources
	Resources []string `json:"resources,omitempty" query:"resources"`

	// Filter by multiple IP addresses
	IPAddresses []string `json:"ipAddresses,omitempty" query:"ip_addresses"`

	// ========== Pattern Matching Filters (ILIKE) ==========
	// Action pattern match (use % for wildcards)
	ActionPattern *string `json:"actionPattern,omitempty" query:"action_pattern"`

	// Resource pattern match (use % for wildcards)
	ResourcePattern *string `json:"resourcePattern,omitempty" query:"resource_pattern"`

	// ========== IP Range Filtering ==========
	// IP range in CIDR notation (e.g., "192.168.1.0/24")
	IPRange *string `json:"ipRange,omitempty" query:"ip_range"`

	// ========== Metadata Filtering ==========
	// Metadata key-value filters (for structured metadata)
	MetadataFilters []MetadataFilter `json:"metadataFilters,omitempty" query:"metadata_filters"`

	// ========== Time Range Filters ==========
	Since *time.Time `json:"since,omitempty" query:"since"`
	Until *time.Time `json:"until,omitempty" query:"until"`

	// ========== Sort Order ==========
	SortBy    *string `json:"sortBy,omitempty" query:"sort_by"`       // created_at, action, resource, rank (for search)
	SortOrder *string `json:"sortOrder,omitempty" query:"sort_order"` // asc, desc
}

ListEventsFilter defines filters for listing audit events with pagination

type ListEventsResponse 

type ListEventsResponse = pagination.PageResponse[*Event]

ListEventsResponse represents a paginated list of audit events

type MetadataFilter added in v0.0.8 

type MetadataFilter struct {
	Key      string      `json:"key"`      // Metadata key to filter on
	Value    interface{} `json:"value"`    // Value to match
	Operator string      `json:"operator"` // equals, contains, exists, not_exists
}

MetadataFilter defines a filter for metadata field

type MetricsQuery added in v0.0.7 

type MetricsQuery struct {
	Metrics     []string   `json:"metrics"` // ["total_users", "mfa_adoption", "inactive_users"]
	GroupBy     []string   `json:"groupBy,omitempty"`
	StartDate   *time.Time `json:"startDate,omitempty"`
	EndDate     *time.Time `json:"endDate,omitempty"`
	Granularity string     `json:"granularity,omitempty"` // "day", "week", "month"
}

MetricsQuery defines aggregated metrics to retrieve

type OrgFilter added in v0.0.7 

type OrgFilter struct {
	IDs      []string `json:"ids,omitempty"`
	Status   *string  `json:"status,omitempty"`
	ParentID *string  `json:"parentId,omitempty"`
	Limit    int      `json:"limit"`
	Offset   int      `json:"offset"`
}

OrgFilter defines criteria for filtering organizations

type OrganizationProvider added in v0.0.7 

type OrganizationProvider interface {
	// GetOrganization retrieves organization details
	GetOrganization(ctx context.Context, orgID string) (*GenericOrganization, error)

	// ListOrganizations retrieves organizations matching filter
	ListOrganizations(ctx context.Context, filter *OrgFilter) ([]*GenericOrganization, error)
}

OrganizationProvider provides access to organization/tenant data

type PollingStreamService added in v0.0.7 

type PollingStreamService struct {
	// contains filtered or unexported fields
}

PollingStreamService provides streaming for SQLite using polling

func NewPollingStreamService added in v0.0.7 

func NewPollingStreamService(repo Repository) *PollingStreamService

NewPollingStreamService creates a polling-based stream service (for SQLite)

func (*PollingStreamService) Shutdown added in v0.0.7 

func (s *PollingStreamService) Shutdown()

func (*PollingStreamService) Subscribe added in v0.0.7 

func (s *PollingStreamService) Subscribe(ctx context.Context, filter *StreamFilter) (<-chan *Event, string, error)

Subscribe creates a subscription (same interface as StreamService)

func (*PollingStreamService) Unsubscribe added in v0.0.7 

func (s *PollingStreamService) Unsubscribe(clientID string)

type ProviderRegistry added in v0.0.7 

type ProviderRegistry struct {
	// contains filtered or unexported fields
}

ProviderRegistry manages all provider instances

func NewProviderRegistry added in v0.0.7 

func NewProviderRegistry() *ProviderRegistry

NewProviderRegistry creates a new provider registry

func (*ProviderRegistry) AddAuditProvider added in v0.0.7 

func (r *ProviderRegistry) AddAuditProvider(provider AuditProvider)

AddAuditProvider registers an audit event consumer

func (*ProviderRegistry) GetAuditProviders added in v0.0.7 

func (r *ProviderRegistry) GetAuditProviders() []AuditProvider

GetAuditProviders returns all registered audit providers

func (*ProviderRegistry) GetOrgProvider added in v0.0.7 

func (r *ProviderRegistry) GetOrgProvider() OrganizationProvider

GetOrgProvider returns the registered organization provider

func (*ProviderRegistry) GetUserProvider added in v0.0.7 

func (r *ProviderRegistry) GetUserProvider() UserProvider

GetUserProvider returns the registered user provider

func (*ProviderRegistry) NotifyAuditEvent added in v0.0.7 

func (r *ProviderRegistry) NotifyAuditEvent(ctx context.Context, event *Event)

NotifyAuditEvent sends event to all audit providers (non-blocking)

func (*ProviderRegistry) SetOrgProvider added in v0.0.7 

func (r *ProviderRegistry) SetOrgProvider(provider OrganizationProvider)

SetOrgProvider registers an organization provider

func (*ProviderRegistry) SetUserProvider added in v0.0.7 

func (r *ProviderRegistry) SetUserProvider(provider UserProvider)

SetUserProvider registers a user provider

type Repository 

type Repository interface {
	Create(ctx context.Context, e *schema.AuditEvent) error
	Get(ctx context.Context, id xid.ID) (*schema.AuditEvent, error)
	List(ctx context.Context, filter *ListEventsFilter) (*pagination.PageResponse[*schema.AuditEvent], error)
}

Repository defines persistence for audit events

type RiskEngine added in v0.0.7 

type RiskEngine struct {
	// contains filtered or unexported fields
}

RiskEngine calculates risk scores for events

func NewRiskEngine added in v0.0.7 

func NewRiskEngine() *RiskEngine

NewRiskEngine creates a new risk engine

func (*RiskEngine) Calculate added in v0.0.7 

func (re *RiskEngine) Calculate(ctx context.Context, event *Event, anomalies []*Anomaly, baseline *Baseline) (*RiskScore, error)

Calculate calculates risk score for an event

type RiskScore added in v0.0.7 

type RiskScore struct {
	Score        float64            `json:"score"` // 0-100
	Level        string             `json:"level"` // low, medium, high, critical
	Factors      map[string]float64 `json:"factors"`
	Anomalies    []*Anomaly         `json:"anomalies,omitempty"`
	Event        *Event             `json:"event"`
	CalculatedAt time.Time          `json:"calculatedAt"`
}

RiskScore represents a calculated risk score

type Scope added in v0.0.7 

type Scope struct {
	Type     ScopeType `json:"type"`
	ID       string    `json:"id"`
	ParentID *string   `json:"parentId,omitempty"` // For inheritance
}

Scope represents a hierarchical compliance scope

type ScopeType added in v0.0.7 

type ScopeType string

ScopeType defines the level of compliance scope 

const (
	ScopeTypeSystem ScopeType = "system" // Global defaults
	ScopeTypeApp    ScopeType = "app"    // Customer/tenant level
	ScopeTypeOrg    ScopeType = "org"    // User-created workspace
	ScopeTypeTeam   ScopeType = "team"   // Department/team
	ScopeTypeRole   ScopeType = "role"   // Role-based (admin, user)
	ScopeTypeUser   ScopeType = "user"   // Individual user overrides
)

type SearchQuery added in v0.0.7 

type SearchQuery struct {
	// Search query string (supports natural language and operators)
	Query string `json:"query"`

	// Fields to search in (empty = search all fields)
	Fields []string `json:"fields,omitempty"`

	// Enable fuzzy matching (stemming, similar words)
	FuzzyMatch bool `json:"fuzzyMatch"`

	// Pagination
	Limit  int `json:"limit"`
	Offset int `json:"offset"`

	// Standard filters (AND combined with search query)
	AppID         *xid.ID    `json:"appId,omitempty"`
	EnvironmentID *xid.ID    `json:"environmentId,omitempty"` // Environment filtering
	UserID        *xid.ID    `json:"userId,omitempty"`
	Action        string     `json:"action,omitempty"`
	Since         *time.Time `json:"since,omitempty"`
	Until         *time.Time `json:"until,omitempty"`
}

SearchQuery represents a full-text search query with filters

type SearchQueryBuilder added in v0.0.7 

type SearchQueryBuilder struct {
	// contains filtered or unexported fields
}

SearchQueryBuilder provides fluent API for building search queries

func NewSearchQuery added in v0.0.7 

func NewSearchQuery(searchText string) *SearchQueryBuilder

NewSearchQuery creates a new search query builder

func (*SearchQueryBuilder) Build added in v0.0.7 

func (b *SearchQueryBuilder) Build() *SearchQuery

Build returns the constructed query

func (*SearchQueryBuilder) ForApp added in v0.0.7 

func (b *SearchQueryBuilder) ForApp(appID xid.ID) *SearchQueryBuilder

ForApp filters by app ID

func (*SearchQueryBuilder) ForUser added in v0.0.7 

func (b *SearchQueryBuilder) ForUser(userID xid.ID) *SearchQueryBuilder

ForUser filters by user ID

func (*SearchQueryBuilder) Fuzzy added in v0.0.7 

func (b *SearchQueryBuilder) Fuzzy() *SearchQueryBuilder

Fuzzy enables fuzzy matching

func (*SearchQueryBuilder) InFields added in v0.0.7 

func (b *SearchQueryBuilder) InFields(fields ...string) *SearchQueryBuilder

InFields restricts search to specific fields

func (*SearchQueryBuilder) Limit added in v0.0.7 

func (b *SearchQueryBuilder) Limit(limit int) *SearchQueryBuilder

Limit sets result limit

func (*SearchQueryBuilder) Offset added in v0.0.7 

func (b *SearchQueryBuilder) Offset(offset int) *SearchQueryBuilder

Offset sets result offset

func (*SearchQueryBuilder) Since added in v0.0.7 

func (b *SearchQueryBuilder) Since(t time.Time) *SearchQueryBuilder

Since filters events after timestamp

func (*SearchQueryBuilder) Until added in v0.0.7 

func (b *SearchQueryBuilder) Until(t time.Time) *SearchQueryBuilder

Until filters events before timestamp

func (*SearchQueryBuilder) WithAction added in v0.0.7 

func (b *SearchQueryBuilder) WithAction(action string) *SearchQueryBuilder

WithAction filters by action

type SearchRepository added in v0.0.7 

type SearchRepository interface {
	// Search performs full-text search on audit events
	Search(ctx context.Context, query *SearchQuery) (*SearchResponse, error)

	// SearchPostgreSQL performs PostgreSQL tsvector search
	SearchPostgreSQL(ctx context.Context, query *SearchQuery) (*SearchResponse, error)

	// SearchSQLite performs SQLite FTS5 search
	SearchSQLite(ctx context.Context, query *SearchQuery) (*SearchResponse, error)
}

SearchRepository defines database-specific search implementation

type SearchResponse added in v0.0.7 

type SearchResponse struct {
	Results    []*SearchResult      `json:"results"`
	Pagination *pagination.PageMeta `json:"pagination"`
	Query      string               `json:"query"`  // The processed query
	TookMs     int64                `json:"tookMs"` // Query execution time in milliseconds
}

SearchResponse represents paginated search results

type SearchResult added in v0.0.7 

type SearchResult struct {
	Event *Event  `json:"event"`
	Rank  float64 `json:"rank"` // Relevance score (0-1)
}

SearchResult represents a single search result

type Service 

type Service struct {
	// contains filtered or unexported fields
}

Service handles audit logging

func NewService 

func NewService(repo Repository, opts ...ServiceOption) *Service

NewService creates a new audit service with optional providers

func (*Service) Create 

func (s *Service) Create(ctx context.Context, req *CreateEventRequest) (*Event, error)

Create creates a new audit event from a request

func (*Service) Get 

func (s *Service) Get(ctx context.Context, req *GetEventRequest) (*Event, error)

Get retrieves an audit event by ID

func (*Service) GetProviders added in v0.0.7 

func (s *Service) GetProviders() *ProviderRegistry

GetProviders returns the provider registry (for external use)

func (*Service) List 

func (s *Service) List(ctx context.Context, filter *ListEventsFilter) (*ListEventsResponse, error)

List returns paginated audit events with optional filters

func (*Service) Log 

func (s *Service) Log(ctx context.Context, userID *xid.ID, action, resource, ip, ua, metadata string) error

Log creates an audit event with timestamps

func (*Service) Search added in v0.0.7 

func (s *Service) Search(ctx context.Context, query *SearchQuery) (*SearchResponse, error)

Search performs full-text search on audit events

type ServiceConfig added in v0.0.7 

type ServiceConfig struct {
	Providers *ProviderRegistry
}

ServiceConfig holds configuration for the audit service

type ServiceOption added in v0.0.7 

type ServiceOption func(*ServiceConfig)

ServiceOption is a functional option for configuring the audit service

func WithAuditProvider added in v0.0.7 

func WithAuditProvider(provider AuditProvider) ServiceOption

WithAuditProvider adds an audit event consumer

func WithOrgProvider added in v0.0.7 

func WithOrgProvider(provider OrganizationProvider) ServiceOption

WithOrgProvider configures an organization provider

func WithProviders added in v0.0.7 

func WithProviders(providers *ProviderRegistry) ServiceOption

WithProviders configures the service to use custom providers

func WithUserProvider added in v0.0.7 

func WithUserProvider(provider UserProvider) ServiceOption

WithUserProvider configures a user provider

type StreamFilter added in v0.0.7 

type StreamFilter struct {
	AppID      *xid.ID  `json:"appId,omitempty"`
	UserID     *xid.ID  `json:"userId,omitempty"`
	Actions    []string `json:"actions,omitempty"`    // Filter by specific actions
	BufferSize int      `json:"bufferSize,omitempty"` // Channel buffer size
}

StreamFilter defines filters for streaming audit events

type StreamService added in v0.0.7 

type StreamService struct {
	// contains filtered or unexported fields
}

StreamService manages real-time audit event streaming Note: Requires PostgreSQL LISTEN/NOTIFY support via pgdriver.Listener

func NewStreamService added in v0.0.7 

func NewStreamService(listener interface{}) *StreamService

NewStreamService creates a new stream service listener should be *pgdriver.Listener from github.com/uptrace/bun/driver/pgdriver

func (*StreamService) Shutdown added in v0.0.7 

func (s *StreamService) Shutdown()

Shutdown gracefully shuts down the stream service

func (*StreamService) Stats added in v0.0.7 

func (s *StreamService) Stats() StreamStats

Stats returns streaming statistics

func (*StreamService) Subscribe added in v0.0.7 

func (s *StreamService) Subscribe(ctx context.Context, filter *StreamFilter) (<-chan *Event, string, error)

Subscribe subscribes to audit event stream with optional filters

func (*StreamService) Unsubscribe added in v0.0.7 

func (s *StreamService) Unsubscribe(clientID string)

Unsubscribe removes a client subscription

func (*StreamService) UpdateHeartbeat added in v0.0.7 

func (s *StreamService) UpdateHeartbeat(clientID string)

UpdateHeartbeat updates client's last seen time (called by WebSocket ping)

type StreamStats added in v0.0.7 

type StreamStats struct {
	ActiveClients int           `json:"activeClients"`
	Clients       []ClientStats `json:"clients"`
}

StreamStats contains streaming service statistics

type UserFilter added in v0.0.7 

type UserFilter struct {
	IDs               []string   `json:"ids,omitempty"`
	Emails            []string   `json:"emails,omitempty"`
	Status            *string    `json:"status,omitempty"`
	MFAEnabled        *bool      `json:"mfaEnabled,omitempty"`
	Roles             []string   `json:"roles,omitempty"`
	CreatedAfter      *time.Time `json:"createdAfter,omitempty"`
	CreatedBefore     *time.Time `json:"createdBefore,omitempty"`
	LastLoginAfter    *time.Time `json:"lastLoginAfter,omitempty"`
	LastLoginBefore   *time.Time `json:"lastLoginBefore,omitempty"`
	PasswordExpired   *bool      `json:"passwordExpired,omitempty"`
	PasswordExpiryAge *int       `json:"passwordExpiryAge,omitempty"` // Days
	Limit             int        `json:"limit"`
	Offset            int        `json:"offset"`
}

UserFilter defines criteria for filtering users

type UserMetrics added in v0.0.7 

type UserMetrics struct {
	TotalUsers        int                    `json:"totalUsers"`
	ActiveUsers       int                    `json:"activeUsers"`
	InactiveUsers     int                    `json:"inactiveUsers"`
	MFAAdoptionRate   float64                `json:"mfaAdoptionRate"` // 0-100
	UsersWithMFA      int                    `json:"usersWithMFA"`
	UsersWithoutMFA   int                    `json:"usersWithoutMFA"`
	ExpiredPasswords  int                    `json:"expiredPasswords"`
	LockedAccounts    int                    `json:"lockedAccounts"`
	SuspendedAccounts int                    `json:"suspendedAccounts"`
	ByRole            map[string]int         `json:"byRole,omitempty"`
	ByStatus          map[string]int         `json:"byStatus,omitempty"`
	CustomMetrics     map[string]interface{} `json:"customMetrics,omitempty"`
}

UserMetrics contains aggregated user metrics

type UserProvider added in v0.0.7 

type UserProvider interface {
	// GetUser retrieves a single user by ID
	GetUser(ctx context.Context, scope *Scope, userID string) (*GenericUser, error)

	// ListUsers retrieves users matching filter criteria
	ListUsers(ctx context.Context, scope *Scope, filter *UserFilter) ([]*GenericUser, error)

	// QueryUserMetrics retrieves aggregated metrics about users
	QueryUserMetrics(ctx context.Context, scope *Scope, query *MetricsQuery) (*UserMetrics, error)
}

UserProvider provides access to user data from any source (authsome, LDAP, custom DB) This breaks the tight coupling to authsome's internal user service

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.