npm - @striae-org/striae - Versions diffs - 3.2.0 → 3.2.2 - Mend

@striae-org/striae 3.2.0 → 3.2.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (109) hide show

package/README.md +3 -32
package/app/components/actions/case-export/core-export.ts +2 -2
package/app/components/actions/case-export/data-processing.ts +65 -10
package/app/components/actions/case-export/download-handlers.ts +130 -44
package/app/components/actions/case-export/metadata-helpers.ts +32 -14
package/app/components/actions/case-import/annotation-import.ts +2 -2
package/app/components/actions/case-import/confirmation-import.ts +3 -3
package/app/components/actions/case-import/image-operations.ts +1 -1
package/app/components/actions/case-import/orchestrator.ts +4 -4
package/app/components/actions/case-import/storage-operations.ts +7 -7
package/app/components/actions/case-import/validation.ts +3 -3
package/app/components/actions/case-import/zip-processing.ts +3 -3
package/app/components/actions/case-manage.ts +3 -3
package/app/components/actions/confirm-export.ts +3 -3
package/app/components/actions/generate-pdf.ts +3 -3
package/app/components/actions/image-manage.ts +3 -3
package/app/components/actions/notes-manage.ts +3 -3
package/app/components/actions/signout.tsx +1 -1
package/app/components/audit/user-audit-viewer.tsx +2 -3
package/app/components/auth/auth-provider.tsx +2 -2
package/app/components/auth/mfa-enrollment.tsx +3 -3
package/app/components/auth/mfa-verification.tsx +4 -4
package/app/components/canvas/box-annotations/box-annotations.tsx +2 -2
package/app/components/canvas/canvas.tsx +1 -1
package/app/components/canvas/confirmation/confirmation.tsx +1 -1
package/app/components/form/base-form.tsx +1 -1
package/app/components/sidebar/case-export/case-export.tsx +15 -15
package/app/components/sidebar/case-import/case-import.tsx +2 -2
package/app/components/sidebar/case-import/components/CasePreviewSection.tsx +1 -1
package/app/components/sidebar/case-import/components/ConfirmationDialog.tsx +1 -1
package/app/components/sidebar/case-import/hooks/useFilePreview.ts +3 -3
package/app/components/sidebar/case-import/hooks/useImportExecution.ts +2 -2
package/app/components/sidebar/cases/case-sidebar.tsx +27 -19
package/app/components/sidebar/cases/cases-modal.tsx +1 -1
package/app/components/sidebar/files/files-modal.tsx +3 -2
package/app/components/sidebar/notes/notes-sidebar.tsx +3 -3
package/app/components/sidebar/sidebar-container.tsx +5 -4
package/app/components/sidebar/sidebar.tsx +2 -2
package/app/components/sidebar/upload/image-upload-zone.tsx +2 -2
package/app/components/theme-provider/theme-provider.tsx +1 -1
package/app/components/user/delete-account.tsx +1 -1
package/app/components/user/manage-profile.tsx +2 -2
package/app/components/user/mfa-phone-update.tsx +2 -2
package/app/contexts/auth.context.ts +1 -1
package/app/entry.client.tsx +12 -12
package/app/entry.server.tsx +4 -4
package/app/hooks/useInactivityTimeout.ts +1 -1
package/app/root.tsx +3 -3
package/app/routes/auth/emailActionHandler.tsx +3 -3
package/app/routes/auth/emailVerification.tsx +3 -3
package/app/routes/auth/login.tsx +6 -6
package/app/routes/auth/passwordReset.tsx +3 -3
package/app/routes/auth/route.ts +1 -1
package/app/routes/striae/striae.tsx +2 -2
package/app/services/audit/audit-console-logger.ts +46 -0
package/app/services/audit/audit-export-csv.ts +126 -0
package/app/services/audit/audit-export-report.ts +174 -0
package/app/services/audit/audit-export-signing.ts +85 -0
package/app/services/audit/audit-export.service.ts +334 -0
package/app/services/audit/audit-file-type.ts +13 -0
package/app/services/audit/audit-query-helpers.ts +88 -0
package/app/services/audit/audit-worker-client.ts +95 -0
package/app/services/audit/audit.service.ts +990 -0
package/app/services/audit/builders/audit-entry-builder.ts +32 -0
package/app/services/audit/builders/audit-event-builders-annotation.ts +150 -0
package/app/services/audit/builders/audit-event-builders-case-file.ts +249 -0
package/app/services/audit/builders/audit-event-builders-user-security.ts +449 -0
package/app/services/audit/builders/audit-event-builders-workflow.ts +272 -0
package/app/services/audit/builders/index.ts +40 -0
package/app/services/audit/index.ts +2 -0
package/app/types/case.ts +2 -2
package/app/types/exceljs-bare.d.ts +9 -0
package/app/types/user.ts +1 -1
package/app/utils/audit-export-signature.ts +2 -2
package/app/utils/confirmation-signature.ts +3 -3
package/app/utils/data-operations.ts +5 -5
package/app/utils/mfa-phone.ts +1 -1
package/app/utils/mfa.ts +1 -1
package/app/utils/permissions.ts +2 -2
package/functions/[[path]].ts +2 -2
package/package.json +34 -20
package/public/vendor/exceljs.LICENSE +22 -0
package/public/vendor/exceljs.bare.min.js +45 -0
package/scripts/deploy-all.sh +52 -0
package/scripts/deploy-config.sh +282 -1
package/tsconfig.json +18 -8
package/vite.config.ts +6 -22
package/worker-configuration.d.ts +4435 -562
package/workers/audit-worker/package.json +8 -4
package/workers/audit-worker/wrangler.jsonc.example +1 -1
package/workers/data-worker/package.json +8 -4
package/workers/data-worker/src/data-worker.example.ts +3 -3
package/workers/data-worker/wrangler.jsonc.example +1 -1
package/workers/image-worker/package.json +8 -4
package/workers/image-worker/wrangler.jsonc.example +1 -1
package/workers/keys-worker/package.json +8 -4
package/workers/keys-worker/wrangler.jsonc.example +1 -1
package/workers/pdf-worker/package.json +8 -4
package/workers/pdf-worker/src/{generated-assets.ts → assets/generated-assets.ts} +117 -117
package/workers/pdf-worker/src/{format-striae.ts → formats/format-striae.ts} +535 -535
package/workers/pdf-worker/src/pdf-worker.example.ts +1 -1
package/workers/pdf-worker/wrangler.jsonc.example +1 -1
package/workers/user-worker/package.json +8 -4
package/workers/user-worker/wrangler.jsonc.example +1 -1
package/wrangler.toml.example +1 -1
package/app/services/audit-export.service.ts +0 -755
package/app/services/audit.service.ts +0 -1474
/package/app/services/{firebase-errors.ts → firebase/errors.ts} +0 -0
/package/app/services/{firebase.ts → firebase/index.ts} +0 -0

package/app/services/audit/builders/audit-event-builders-user-security.ts ADDED Viewed

@@ -0,0 +1,449 @@
+import type { User } from 'firebase/auth';
+import { type AuditResult, type CreateAuditEntryParams } from '~/types';
+interface BuildUserLoginAuditParamsInput {
+  user: User;
+  sessionId: string;
+  loginMethod: 'firebase' | 'sso' | 'api-key' | 'manual';
+  userAgent?: string;
+}
+export const buildUserLoginAuditParams = (
+  input: BuildUserLoginAuditParamsInput
+): CreateAuditEntryParams => {
+  return {
+    userId: input.user.uid,
+    userEmail: input.user.email || '',
+    action: 'user-login',
+    result: 'success',
+    fileName: `session-${input.sessionId}.log`,
+    fileType: 'log-file',
+    validationErrors: [],
+    workflowPhase: 'user-management',
+    sessionDetails: {
+      sessionId: input.sessionId,
+      userAgent: input.userAgent,
+      loginMethod: input.loginMethod
+    }
+  };
+};
+interface BuildUserLogoutAuditParamsInput {
+  user: User;
+  sessionId: string;
+  sessionDuration: number;
+  logoutReason: 'user-initiated' | 'timeout' | 'security' | 'error';
+}
+export const buildUserLogoutAuditParams = (
+  input: BuildUserLogoutAuditParamsInput
+): CreateAuditEntryParams => {
+  return {
+    userId: input.user.uid,
+    userEmail: input.user.email || '',
+    action: 'user-logout',
+    result: 'success',
+    fileName: `session-${input.sessionId}.log`,
+    fileType: 'log-file',
+    validationErrors: [],
+    workflowPhase: 'user-management',
+    sessionDetails: {
+      sessionId: input.sessionId,
+      sessionDuration: input.sessionDuration,
+      logoutReason: input.logoutReason
+    }
+  };
+};
+interface BuildUserProfileUpdateAuditParamsInput {
+  user: User;
+  profileField: 'displayName' | 'email' | 'organization' | 'role' | 'preferences' | 'avatar';
+  oldValue: string;
+  newValue: string;
+  result: AuditResult;
+  sessionId?: string;
+  errors?: string[];
+}
+export const buildUserProfileUpdateAuditParams = (
+  input: BuildUserProfileUpdateAuditParamsInput
+): CreateAuditEntryParams => {
+  return {
+    userId: input.user.uid,
+    userEmail: input.user.email || '',
+    action: 'user-profile-update',
+    result: input.result,
+    fileName: `profile-update-${input.profileField}.log`,
+    fileType: 'log-file',
+    validationErrors: input.errors || [],
+    workflowPhase: 'user-management',
+    sessionDetails: input.sessionId
+      ? {
+          sessionId: input.sessionId
+        }
+      : undefined,
+    userProfileDetails: {
+      profileField: input.profileField,
+      oldValue: input.oldValue,
+      newValue: input.newValue
+    }
+  };
+};
+interface BuildPasswordResetAuditParamsInput {
+  userEmail: string;
+  resetMethod: 'email' | 'sms' | 'security-questions' | 'admin-reset';
+  result: AuditResult;
+  resetToken?: string;
+  verificationMethod?: 'email-link' | 'sms-code' | 'totp' | 'backup-codes';
+  verificationAttempts?: number;
+  passwordComplexityMet?: boolean;
+  previousPasswordReused?: boolean;
+  sessionId?: string;
+  errors?: string[];
+}
+export const buildPasswordResetAuditParams = (
+  input: BuildPasswordResetAuditParamsInput
+): CreateAuditEntryParams => {
+  return {
+    userId: '',
+    userEmail: input.userEmail,
+    action: 'user-password-reset',
+    result: input.result,
+    fileName: `password-reset-${input.resetMethod}.log`,
+    fileType: 'log-file',
+    validationErrors: input.errors || [],
+    workflowPhase: 'user-management',
+    sessionDetails: input.sessionId
+      ? {
+          sessionId: input.sessionId
+        }
+      : undefined,
+    userProfileDetails: {
+      resetMethod: input.resetMethod,
+      resetToken: input.resetToken ? `***${input.resetToken.slice(-4)}` : undefined,
+      verificationMethod: input.verificationMethod,
+      verificationAttempts: input.verificationAttempts,
+      passwordComplexityMet: input.passwordComplexityMet,
+      previousPasswordReused: input.previousPasswordReused
+    }
+  };
+};
+interface BuildAccountDeletionAuditParamsInput {
+  userId: string;
+  userEmail: string;
+  result: AuditResult;
+  deletionReason?: 'user-requested' | 'admin-initiated' | 'policy-violation' | 'inactive-account';
+  confirmationMethod?: 'uid-email' | 'password' | 'admin-override';
+  casesCount?: number;
+  filesCount?: number;
+  dataRetentionPeriod?: number;
+  emailNotificationSent?: boolean;
+  sessionId?: string;
+  errors?: string[];
+}
+export const buildAccountDeletionAuditParams = (
+  input: BuildAccountDeletionAuditParamsInput
+): CreateAuditEntryParams => {
+  return {
+    userId: input.userId,
+    userEmail: input.userEmail || '',
+    action: 'user-account-delete',
+    result: input.result,
+    fileName: `account-deletion-${input.userId}.log`,
+    fileType: 'log-file',
+    validationErrors: input.errors || [],
+    workflowPhase: 'user-management',
+    sessionDetails: input.sessionId
+      ? {
+          sessionId: input.sessionId
+        }
+      : undefined,
+    userProfileDetails: {
+      deletionReason: input.deletionReason || 'user-requested',
+      confirmationMethod: input.confirmationMethod || 'uid-email',
+      casesCount: input.casesCount,
+      filesCount: input.filesCount,
+      dataRetentionPeriod: input.dataRetentionPeriod,
+      emailNotificationSent: input.emailNotificationSent
+    }
+  };
+};
+interface BuildUserRegistrationAuditParamsInput {
+  user: User;
+  firstName: string;
+  lastName: string;
+  company: string;
+  registrationMethod: 'email-password' | 'sso' | 'admin-created' | 'api';
+  userAgent?: string;
+  sessionId?: string;
+}
+export const buildUserRegistrationAuditParams = (
+  input: BuildUserRegistrationAuditParamsInput
+): CreateAuditEntryParams => {
+  return {
+    userId: input.user.uid,
+    userEmail: input.user.email || '',
+    action: 'user-registration',
+    result: 'success',
+    fileName: `registration-${input.user.uid}.log`,
+    fileType: 'log-file',
+    validationErrors: [],
+    workflowPhase: 'user-management',
+    sessionDetails: input.sessionId
+      ? {
+          sessionId: input.sessionId,
+          userAgent: input.userAgent
+        }
+      : { userAgent: input.userAgent },
+    userProfileDetails: {
+      registrationMethod: input.registrationMethod,
+      firstName: input.firstName,
+      lastName: input.lastName,
+      company: input.company,
+      emailVerificationRequired: true,
+      mfaEnrollmentRequired: true
+    }
+  };
+};
+interface BuildMfaEnrollmentAuditParamsInput {
+  user: User;
+  phoneNumber: string;
+  mfaMethod: 'sms' | 'totp' | 'hardware-key';
+  result: AuditResult;
+  enrollmentAttempts?: number;
+  sessionId?: string;
+  userAgent?: string;
+  errors?: string[];
+}
+const getMaskedPhoneNumber = (phoneNumber: string): string => {
+  return phoneNumber.length > 4 ? `***-***-${phoneNumber.slice(-4)}` : '***-***-****';
+};
+export const buildMfaEnrollmentAuditParams = (
+  input: BuildMfaEnrollmentAuditParamsInput
+): CreateAuditEntryParams => {
+  return {
+    userId: input.user.uid,
+    userEmail: input.user.email || '',
+    action: 'mfa-enrollment',
+    result: input.result,
+    fileName: `mfa-enrollment-${input.user.uid}.log`,
+    fileType: 'log-file',
+    validationErrors: input.errors || [],
+    workflowPhase: 'user-management',
+    sessionDetails: input.sessionId
+      ? {
+          sessionId: input.sessionId,
+          userAgent: input.userAgent
+        }
+      : { userAgent: input.userAgent },
+    securityDetails: {
+      mfaMethod: input.mfaMethod,
+      phoneNumber: getMaskedPhoneNumber(input.phoneNumber),
+      enrollmentAttempts: input.enrollmentAttempts,
+      enrollmentDate: new Date().toISOString(),
+      mandatoryEnrollment: true,
+      backupCodesGenerated: false
+    }
+  };
+};
+interface BuildMfaAuthenticationAuditParamsInput {
+  user: User;
+  mfaMethod: 'sms' | 'totp' | 'hardware-key';
+  result: AuditResult;
+  verificationAttempts?: number;
+  sessionId?: string;
+  userAgent?: string;
+  errors?: string[];
+}
+export const buildMfaAuthenticationAuditParams = (
+  input: BuildMfaAuthenticationAuditParamsInput
+): CreateAuditEntryParams => {
+  return {
+    userId: input.user.uid,
+    userEmail: input.user.email || '',
+    action: 'mfa-authentication',
+    result: input.result,
+    fileName: `mfa-auth-${input.sessionId || Date.now()}.log`,
+    fileType: 'log-file',
+    validationErrors: input.errors || [],
+    workflowPhase: 'user-management',
+    sessionDetails: input.sessionId
+      ? {
+          sessionId: input.sessionId,
+          userAgent: input.userAgent
+        }
+      : { userAgent: input.userAgent },
+    securityDetails: {
+      mfaMethod: input.mfaMethod,
+      verificationAttempts: input.verificationAttempts,
+      authenticationDate: new Date().toISOString(),
+      loginFlowStep: 'second-factor'
+    }
+  };
+};
+interface BuildEmailVerificationAuditParamsInput {
+  user: User;
+  result: AuditResult;
+  verificationMethod: 'email-link' | 'admin-verification';
+  verificationAttempts?: number;
+  sessionId?: string;
+  userAgent?: string;
+  errors?: string[];
+}
+export const buildEmailVerificationAuditParams = (
+  input: BuildEmailVerificationAuditParamsInput
+): CreateAuditEntryParams => {
+  return {
+    userId: input.user.uid,
+    userEmail: input.user.email || '',
+    action: 'email-verification',
+    result: input.result,
+    fileName: `email-verification-${input.user.uid}.log`,
+    fileType: 'log-file',
+    validationErrors: input.errors || [],
+    workflowPhase: 'user-management',
+    sessionDetails: input.sessionId
+      ? {
+          sessionId: input.sessionId,
+          userAgent: input.userAgent
+        }
+      : { userAgent: input.userAgent },
+    userProfileDetails: {
+      verificationMethod: input.verificationMethod,
+      verificationAttempts: input.verificationAttempts,
+      verificationDate: new Date().toISOString(),
+      emailVerified: input.result === 'success'
+    }
+  };
+};
+interface BuildEmailVerificationByEmailAuditParamsInput {
+  userEmail: string;
+  result: AuditResult;
+  verificationMethod: 'email-link' | 'admin-verification';
+  verificationAttempts?: number;
+  sessionId?: string;
+  userAgent?: string;
+  errors?: string[];
+  userId?: string;
+}
+export const buildEmailVerificationByEmailAuditParams = (
+  input: BuildEmailVerificationByEmailAuditParamsInput
+): CreateAuditEntryParams => {
+  const userId = input.userId || '';
+  return {
+    userId,
+    userEmail: input.userEmail,
+    action: 'email-verification',
+    result: input.result,
+    fileName: `email-verification-${userId || Date.now()}.log`,
+    fileType: 'log-file',
+    validationErrors: input.errors || [],
+    workflowPhase: 'user-management',
+    sessionDetails: input.sessionId
+      ? {
+          sessionId: input.sessionId,
+          userAgent: input.userAgent
+        }
+      : { userAgent: input.userAgent },
+    userProfileDetails: {
+      verificationMethod: input.verificationMethod,
+      verificationAttempts: input.verificationAttempts,
+      verificationDate: new Date().toISOString(),
+      emailVerified: input.result === 'success'
+    }
+  };
+};
+interface BuildMarkEmailVerificationSuccessfulAuditParamsInput {
+  user: User;
+  reason?: string;
+  sessionId?: string;
+  userAgent?: string;
+}
+export const buildMarkEmailVerificationSuccessfulAuditParams = (
+  input: BuildMarkEmailVerificationSuccessfulAuditParamsInput
+): CreateAuditEntryParams => {
+  return {
+    userId: input.user.uid,
+    userEmail: input.user.email || '',
+    action: 'email-verification',
+    result: 'success',
+    fileName: `email-verification-${input.user.uid}.log`,
+    fileType: 'log-file',
+    validationErrors: [],
+    workflowPhase: 'user-management',
+    sessionDetails: input.sessionId
+      ? {
+          sessionId: input.sessionId,
+          userAgent: input.userAgent
+        }
+      : { userAgent: input.userAgent },
+    userProfileDetails: {
+      verificationMethod: 'email-link',
+      verificationAttempts: 1,
+      verificationDate: new Date().toISOString(),
+      emailVerified: true,
+      retroactiveVerification: true,
+      retroactiveReason: input.reason || 'MFA enrollment completed'
+    }
+  };
+};
+interface BuildSecurityViolationAuditParamsInput {
+  user: User | null;
+  incidentType:
+    | 'unauthorized-access'
+    | 'data-breach'
+    | 'malware'
+    | 'injection'
+    | 'brute-force'
+    | 'privilege-escalation';
+  severity: 'low' | 'medium' | 'high' | 'critical';
+  description: string;
+  targetResource?: string;
+  blockedBySystem?: boolean;
+}
+export const buildSecurityViolationAuditParams = (
+  input: BuildSecurityViolationAuditParamsInput
+): CreateAuditEntryParams => {
+  const blockedBySystem = input.blockedBySystem !== undefined ? input.blockedBySystem : true;
+  return {
+    userId: input.user?.uid || 'unknown',
+    userEmail: input.user?.email || 'unknown@system.com',
+    action: 'security-violation',
+    result: blockedBySystem ? 'blocked' : 'failure',
+    fileName: `security-incident-${Date.now()}.log`,
+    fileType: 'log-file',
+    validationErrors: [input.description],
+    securityDetails: {
+      incidentType: input.incidentType,
+      severity: input.severity,
+      targetResource: input.targetResource,
+      blockedBySystem,
+      investigationId: `INV-${Date.now()}`,
+      reportedToAuthorities: input.severity === 'critical',
+      mitigationSteps: [
+        blockedBySystem ? 'Automatically blocked by system' : 'Manual intervention required'
+      ]
+    }
+  };
+};

package/app/services/audit/builders/audit-event-builders-workflow.ts ADDED Viewed

@@ -0,0 +1,272 @@
+import type { User } from 'firebase/auth';
+import {
+  type AuditFileType,
+  type AuditResult,
+  type CreateAuditEntryParams,
+  type PerformanceMetrics,
+  type SecurityCheckResults
+} from '~/types';
+interface SignatureDetailsInput {
+  present?: boolean;
+  valid?: boolean;
+  keyId?: string;
+}
+interface BuildCaseExportAuditParamsInput {
+  user: User;
+  caseNumber: string;
+  fileName: string;
+  result: AuditResult;
+  errors?: string[];
+  performanceMetrics?: PerformanceMetrics;
+  exportFormat?: 'json' | 'csv' | 'xlsx' | 'zip';
+  signatureDetails?: SignatureDetailsInput;
+}
+const resolveCaseExportFileType = (
+  fileName: string,
+  exportFormat?: 'json' | 'csv' | 'xlsx' | 'zip'
+): AuditFileType => {
+  if (exportFormat) {
+    switch (exportFormat) {
+      case 'json':
+        return 'json-data';
+      case 'csv':
+      case 'xlsx':
+        return 'csv-export';
+      case 'zip':
+      default:
+        return 'case-package';
+    }
+  }
+  if (fileName.includes('.json')) return 'json-data';
+  if (fileName.includes('.csv') || fileName.includes('.xlsx')) return 'csv-export';
+  return 'case-package';
+};
+export const buildCaseExportAuditParams = (
+  input: BuildCaseExportAuditParamsInput
+): CreateAuditEntryParams => {
+  const securityChecks: SecurityCheckResults = {
+    selfConfirmationPrevented: false,
+    fileIntegrityValid: input.result === 'success',
+    manifestSignaturePresent: input.signatureDetails?.present,
+    manifestSignatureValid: input.signatureDetails?.valid,
+    manifestSignatureKeyId: input.signatureDetails?.keyId
+  };
+  return {
+    userId: input.user.uid,
+    userEmail: input.user.email || '',
+    action: 'export',
+    result: input.result,
+    fileName: input.fileName,
+    fileType: resolveCaseExportFileType(input.fileName, input.exportFormat),
+    validationErrors: input.errors || [],
+    caseNumber: input.caseNumber,
+    workflowPhase: 'case-export',
+    securityChecks,
+    performanceMetrics: input.performanceMetrics,
+    originalExaminerUid: input.user.uid
+  };
+};
+interface BuildCaseImportAuditParamsInput {
+  user: User;
+  caseNumber: string;
+  fileName: string;
+  result: AuditResult;
+  hashValid: boolean;
+  errors?: string[];
+  originalExaminerUid?: string;
+  performanceMetrics?: PerformanceMetrics;
+  exporterUidValidated?: boolean;
+  signatureDetails?: SignatureDetailsInput;
+}
+export const buildCaseImportAuditParams = (
+  input: BuildCaseImportAuditParamsInput
+): CreateAuditEntryParams => {
+  const securityChecks: SecurityCheckResults = {
+    selfConfirmationPrevented: input.originalExaminerUid
+      ? input.originalExaminerUid !== input.user.uid
+      : false,
+    fileIntegrityValid: input.hashValid,
+    exporterUidValidated:
+      input.exporterUidValidated !== undefined
+        ? input.exporterUidValidated
+        : !!input.originalExaminerUid,
+    manifestSignaturePresent: input.signatureDetails?.present,
+    manifestSignatureValid: input.signatureDetails?.valid,
+    manifestSignatureKeyId: input.signatureDetails?.keyId
+  };
+  return {
+    userId: input.user.uid,
+    userEmail: input.user.email || '',
+    action: 'import',
+    result: input.result,
+    fileName: input.fileName,
+    fileType: 'case-package',
+    hashValid: input.hashValid,
+    validationErrors: input.errors || [],
+    caseNumber: input.caseNumber,
+    workflowPhase: 'case-import',
+    securityChecks,
+    performanceMetrics: input.performanceMetrics,
+    originalExaminerUid: input.originalExaminerUid,
+    reviewingExaminerUid: input.user.uid
+  };
+};
+interface BuildConfirmationCreationAuditParamsInput {
+  user: User;
+  caseNumber: string;
+  confirmationId: string;
+  result: AuditResult;
+  errors?: string[];
+  originalExaminerUid?: string;
+  performanceMetrics?: PerformanceMetrics;
+  imageFileId?: string;
+  originalImageFileName?: string;
+}
+export const buildConfirmationCreationAuditParams = (
+  input: BuildConfirmationCreationAuditParamsInput
+): CreateAuditEntryParams => {
+  const securityChecks: SecurityCheckResults = {
+    selfConfirmationPrevented: false,
+    fileIntegrityValid: true
+  };
+  return {
+    userId: input.user.uid,
+    userEmail: input.user.email || '',
+    action: 'confirm',
+    result: input.result,
+    fileName: `confirmation-${input.confirmationId}`,
+    fileType: 'confirmation-data',
+    validationErrors: input.errors || [],
+    caseNumber: input.caseNumber,
+    confirmationId: input.confirmationId,
+    workflowPhase: 'confirmation',
+    securityChecks,
+    performanceMetrics: input.performanceMetrics,
+    originalExaminerUid: input.originalExaminerUid,
+    reviewingExaminerUid: input.user.uid,
+    fileDetails: input.imageFileId && input.originalImageFileName
+      ? {
+          fileId: input.imageFileId,
+          originalFileName: input.originalImageFileName,
+          fileSize: 0
+        }
+      : undefined
+  };
+};
+interface BuildConfirmationExportAuditParamsInput {
+  user: User;
+  caseNumber: string;
+  fileName: string;
+  result: AuditResult;
+  errors?: string[];
+  originalExaminerUid?: string;
+  performanceMetrics?: PerformanceMetrics;
+  signatureDetails?: SignatureDetailsInput;
+}
+export const buildConfirmationExportAuditParams = (
+  input: BuildConfirmationExportAuditParamsInput
+): CreateAuditEntryParams => {
+  const securityChecks: SecurityCheckResults = {
+    selfConfirmationPrevented: false,
+    fileIntegrityValid: input.result === 'success',
+    manifestSignaturePresent: input.signatureDetails?.present,
+    manifestSignatureValid: input.signatureDetails?.valid,
+    manifestSignatureKeyId: input.signatureDetails?.keyId
+  };
+  return {
+    userId: input.user.uid,
+    userEmail: input.user.email || '',
+    action: 'export',
+    result: input.result,
+    fileName: input.fileName,
+    fileType: 'confirmation-data',
+    validationErrors: input.errors || [],
+    caseNumber: input.caseNumber,
+    workflowPhase: 'confirmation',
+    securityChecks,
+    performanceMetrics: input.performanceMetrics,
+    originalExaminerUid: input.originalExaminerUid,
+    reviewingExaminerUid: input.user.uid
+  };
+};
+interface BuildConfirmationImportAuditParamsInput {
+  user: User;
+  caseNumber: string;
+  fileName: string;
+  result: AuditResult;
+  hashValid: boolean;
+  confirmationsImported: number;
+  errors?: string[];
+  reviewingExaminerUid?: string;
+  performanceMetrics?: PerformanceMetrics;
+  exporterUidValidated?: boolean;
+  totalConfirmationsInFile?: number;
+  signatureDetails?: SignatureDetailsInput;
+}
+export const buildConfirmationImportAuditParams = (
+  input: BuildConfirmationImportAuditParamsInput
+): CreateAuditEntryParams => {
+  const securityChecks: SecurityCheckResults = {
+    selfConfirmationPrevented: input.reviewingExaminerUid
+      ? input.reviewingExaminerUid === input.user.uid
+      : false,
+    fileIntegrityValid: input.hashValid,
+    exporterUidValidated:
+      input.exporterUidValidated !== undefined
+        ? input.exporterUidValidated
+        : !!input.reviewingExaminerUid,
+    manifestSignaturePresent: input.signatureDetails?.present,
+    manifestSignatureValid: input.signatureDetails?.valid,
+    manifestSignatureKeyId: input.signatureDetails?.keyId
+  };
+  return {
+    userId: input.user.uid,
+    userEmail: input.user.email || '',
+    action: 'import',
+    result: input.result,
+    fileName: input.fileName,
+    fileType: 'confirmation-data',
+    hashValid: input.hashValid,
+    validationErrors: input.errors || [],
+    caseNumber: input.caseNumber,
+    workflowPhase: 'confirmation',
+    securityChecks,
+    performanceMetrics: input.performanceMetrics
+      ? {
+          ...input.performanceMetrics,
+          validationStepsCompleted: input.confirmationsImported,
+          validationStepsFailed: (input.errors || []).length
+        }
+      : {
+          processingTimeMs: 0,
+          fileSizeBytes: 0,
+          validationStepsCompleted: input.confirmationsImported,
+          validationStepsFailed: (input.errors || []).length
+        },
+    originalExaminerUid: input.user.uid,
+    reviewingExaminerUid: input.reviewingExaminerUid,
+    caseDetails: input.totalConfirmationsInFile !== undefined
+      ? {
+          totalAnnotations: input.totalConfirmationsInFile
+        }
+      : undefined
+  };
+};