@zintrust/core 0.1.49 → 0.1.50
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -9
- package/src/config/index.d.ts +1 -1
- package/src/config/index.d.ts.map +1 -1
- package/src/config/index.js +30 -10
- package/src/index.d.ts +0 -2
- package/src/index.d.ts.map +1 -1
- package/src/index.js +3 -5
- package/src/proxy/d1/ZintrustD1Proxy.d.ts +2 -2
- package/src/proxy/d1/ZintrustD1Proxy.d.ts.map +1 -1
- package/src/proxy/d1/ZintrustD1Proxy.js +39 -2
- package/src/proxy/kv/ZintrustKvProxy.d.ts +2 -2
- package/src/proxy/kv/ZintrustKvProxy.d.ts.map +1 -1
- package/src/proxy/kv/ZintrustKvProxy.js +38 -2
- package/src/security/JwtManager.js +1 -1
- package/src/zintrust.comon.d.ts +9 -0
- package/src/zintrust.comon.d.ts.map +1 -0
- package/src/zintrust.comon.js +15 -0
- package/src/zintrust.plugins.d.ts +9 -3
- package/src/zintrust.plugins.d.ts.map +1 -1
- package/src/zintrust.plugins.js +10 -3
- package/src/zintrust.plugins.wg.d.ts +1 -0
- package/src/zintrust.plugins.wg.d.ts.map +1 -1
- package/src/zintrust.plugins.wg.js +1 -0
- package/app/Controllers/AuthController.d.ts +0 -10
- package/app/Controllers/AuthController.d.ts.map +0 -1
- package/app/Controllers/AuthController.js +0 -223
- package/app/Controllers/UserController.d.ts +0 -9
- package/app/Controllers/UserController.d.ts.map +0 -1
- package/app/Controllers/UserController.js +0 -8
- package/app/Controllers/UserQueryBuilderController.d.ts +0 -16
- package/app/Controllers/UserQueryBuilderController.d.ts.map +0 -1
- package/app/Controllers/UserQueryBuilderController.js +0 -404
- package/app/Middleware/ProfilerMiddleware.d.ts +0 -12
- package/app/Middleware/ProfilerMiddleware.d.ts.map +0 -1
- package/app/Middleware/ProfilerMiddleware.js +0 -47
- package/app/Middleware/index.d.ts +0 -59
- package/app/Middleware/index.d.ts.map +0 -1
- package/app/Middleware/index.js +0 -215
- package/app/Models/Post.d.ts +0 -14
- package/app/Models/Post.d.ts.map +0 -1
- package/app/Models/Post.js +0 -27
- package/app/Models/User.d.ts +0 -14
- package/app/Models/User.d.ts.map +0 -1
- package/app/Models/User.js +0 -44
- package/app/Schedules/JobTracking.d.ts +0 -3
- package/app/Schedules/JobTracking.d.ts.map +0 -1
- package/app/Schedules/JobTracking.js +0 -13
- package/app/Schedules/index.d.ts +0 -2
- package/app/Schedules/index.d.ts.map +0 -1
- package/app/Schedules/index.js +0 -1
- package/app/Toolkit/Broadcast/sendBroadcast.d.ts +0 -6
- package/app/Toolkit/Broadcast/sendBroadcast.d.ts.map +0 -1
- package/app/Toolkit/Broadcast/sendBroadcast.js +0 -5
- package/app/Toolkit/Mail/sendWelcomeEmail.d.ts +0 -6
- package/app/Toolkit/Mail/sendWelcomeEmail.d.ts.map +0 -1
- package/app/Toolkit/Mail/sendWelcomeEmail.js +0 -20
- package/app/Toolkit/Notification/sendSlackNotification.d.ts +0 -8
- package/app/Toolkit/Notification/sendSlackNotification.d.ts.map +0 -1
- package/app/Toolkit/Notification/sendSlackNotification.js +0 -5
- package/app/Toolkit/Notification/sendSms.d.ts +0 -6
- package/app/Toolkit/Notification/sendSms.d.ts.map +0 -1
- package/app/Toolkit/Notification/sendSms.js +0 -5
- package/app/Types/controller.d.ts +0 -44
- package/app/Types/controller.d.ts.map +0 -1
- package/app/Types/controller.js +0 -1
- package/config/broadcast.d.ts +0 -38
- package/config/broadcast.d.ts.map +0 -1
- package/config/broadcast.js +0 -37
- package/config/cache.d.ts +0 -40
- package/config/cache.d.ts.map +0 -1
- package/config/cache.js +0 -39
- package/config/database.d.ts +0 -58
- package/config/database.d.ts.map +0 -1
- package/config/database.js +0 -65
- package/config/mail.d.ts +0 -51
- package/config/mail.d.ts.map +0 -1
- package/config/mail.js +0 -69
- package/config/middleware.d.ts +0 -11
- package/config/middleware.d.ts.map +0 -1
- package/config/middleware.js +0 -30
- package/config/notification.d.ts +0 -33
- package/config/notification.d.ts.map +0 -1
- package/config/notification.js +0 -33
- package/config/queue.d.ts +0 -55
- package/config/queue.d.ts.map +0 -1
- package/config/queue.js +0 -87
- package/config/storage.d.ts +0 -59
- package/config/storage.d.ts.map +0 -1
- package/config/storage.js +0 -59
- package/config/workers.d.ts +0 -54
- package/config/workers.d.ts.map +0 -1
- package/config/workers.js +0 -83
- package/packages/cloudflare-d1-proxy/src/index.d.ts +0 -48
- package/packages/cloudflare-d1-proxy/src/index.d.ts.map +0 -1
- package/packages/cloudflare-d1-proxy/src/index.js +0 -387
- package/packages/cloudflare-kv-proxy/src/index.d.ts +0 -44
- package/packages/cloudflare-kv-proxy/src/index.d.ts.map +0 -1
- package/packages/cloudflare-kv-proxy/src/index.js +0 -325
- package/packages/queue-monitor/src/QueueMonitoringService.d.ts +0 -35
- package/packages/queue-monitor/src/QueueMonitoringService.d.ts.map +0 -1
- package/packages/queue-monitor/src/QueueMonitoringService.js +0 -194
- package/packages/queue-monitor/src/connection.d.ts +0 -3
- package/packages/queue-monitor/src/connection.d.ts.map +0 -1
- package/packages/queue-monitor/src/connection.js +0 -1
- package/packages/queue-monitor/src/dashboard-ui.d.ts +0 -7
- package/packages/queue-monitor/src/dashboard-ui.d.ts.map +0 -1
- package/packages/queue-monitor/src/dashboard-ui.js +0 -997
- package/packages/queue-monitor/src/driver.d.ts +0 -15
- package/packages/queue-monitor/src/driver.d.ts.map +0 -1
- package/packages/queue-monitor/src/driver.js +0 -115
- package/packages/queue-monitor/src/index.d.ts +0 -71
- package/packages/queue-monitor/src/index.d.ts.map +0 -1
- package/packages/queue-monitor/src/index.js +0 -296
- package/packages/queue-monitor/src/metrics.d.ts +0 -27
- package/packages/queue-monitor/src/metrics.d.ts.map +0 -1
- package/packages/queue-monitor/src/metrics.js +0 -92
- package/packages/queue-monitor/src/worker.d.ts +0 -8
- package/packages/queue-monitor/src/worker.d.ts.map +0 -1
- package/packages/queue-monitor/src/worker.js +0 -35
- package/packages/queue-redis/src/BullMQRedisQueue.d.ts +0 -26
- package/packages/queue-redis/src/BullMQRedisQueue.d.ts.map +0 -1
- package/packages/queue-redis/src/BullMQRedisQueue.js +0 -463
- package/packages/queue-redis/src/HttpQueueDriver.d.ts +0 -18
- package/packages/queue-redis/src/HttpQueueDriver.d.ts.map +0 -1
- package/packages/queue-redis/src/HttpQueueDriver.js +0 -249
- package/packages/queue-redis/src/QueueHttpGateway.d.ts +0 -16
- package/packages/queue-redis/src/QueueHttpGateway.d.ts.map +0 -1
- package/packages/queue-redis/src/QueueHttpGateway.js +0 -217
- package/packages/queue-redis/src/RedisPublishClient.d.ts +0 -14
- package/packages/queue-redis/src/RedisPublishClient.d.ts.map +0 -1
- package/packages/queue-redis/src/RedisPublishClient.js +0 -251
- package/packages/queue-redis/src/index.d.ts +0 -12
- package/packages/queue-redis/src/index.d.ts.map +0 -1
- package/packages/queue-redis/src/index.js +0 -10
- package/packages/queue-redis/src/register.d.ts +0 -6
- package/packages/queue-redis/src/register.d.ts.map +0 -1
- package/packages/queue-redis/src/register.js +0 -21
- package/packages/workers/migrations/20260119100000_create_zintrust_workers_table.d.ts +0 -11
- package/packages/workers/migrations/20260119100000_create_zintrust_workers_table.d.ts.map +0 -1
- package/packages/workers/migrations/20260119100000_create_zintrust_workers_table.js +0 -32
- package/packages/workers/migrations/20260123180000_create_queue_jobs_table.d.ts +0 -11
- package/packages/workers/migrations/20260123180000_create_queue_jobs_table.d.ts.map +0 -1
- package/packages/workers/migrations/20260123180000_create_queue_jobs_table.js +0 -46
- package/packages/workers/migrations/20260213142000_create_zintrust_job_tracking_tables.d.ts +0 -7
- package/packages/workers/migrations/20260213142000_create_zintrust_job_tracking_tables.d.ts.map +0 -1
- package/packages/workers/migrations/20260213142000_create_zintrust_job_tracking_tables.js +0 -44
- package/packages/workers/migrations/20260213183000_expand_zintrust_job_tracking_reliability_tables.d.ts +0 -7
- package/packages/workers/migrations/20260213183000_expand_zintrust_job_tracking_reliability_tables.d.ts.map +0 -1
- package/packages/workers/migrations/20260213183000_expand_zintrust_job_tracking_reliability_tables.js +0 -104
- package/packages/workers/src/AnomalyDetection.d.ts +0 -107
- package/packages/workers/src/AnomalyDetection.d.ts.map +0 -1
- package/packages/workers/src/AnomalyDetection.js +0 -329
- package/packages/workers/src/AutoScaler.d.ts +0 -128
- package/packages/workers/src/AutoScaler.d.ts.map +0 -1
- package/packages/workers/src/AutoScaler.js +0 -425
- package/packages/workers/src/BroadcastWorker.d.ts +0 -24
- package/packages/workers/src/BroadcastWorker.d.ts.map +0 -1
- package/packages/workers/src/BroadcastWorker.js +0 -24
- package/packages/workers/src/CanaryController.d.ts +0 -104
- package/packages/workers/src/CanaryController.d.ts.map +0 -1
- package/packages/workers/src/CanaryController.js +0 -424
- package/packages/workers/src/ChaosEngineering.d.ts +0 -80
- package/packages/workers/src/ChaosEngineering.d.ts.map +0 -1
- package/packages/workers/src/ChaosEngineering.js +0 -229
- package/packages/workers/src/CircuitBreaker.d.ts +0 -107
- package/packages/workers/src/CircuitBreaker.d.ts.map +0 -1
- package/packages/workers/src/CircuitBreaker.js +0 -374
- package/packages/workers/src/ClusterLock.d.ts +0 -91
- package/packages/workers/src/ClusterLock.d.ts.map +0 -1
- package/packages/workers/src/ClusterLock.js +0 -397
- package/packages/workers/src/ComplianceManager.d.ts +0 -178
- package/packages/workers/src/ComplianceManager.d.ts.map +0 -1
- package/packages/workers/src/ComplianceManager.js +0 -556
- package/packages/workers/src/DatacenterOrchestrator.d.ts +0 -134
- package/packages/workers/src/DatacenterOrchestrator.d.ts.map +0 -1
- package/packages/workers/src/DatacenterOrchestrator.js +0 -404
- package/packages/workers/src/DeadLetterQueue.d.ts +0 -123
- package/packages/workers/src/DeadLetterQueue.d.ts.map +0 -1
- package/packages/workers/src/DeadLetterQueue.js +0 -544
- package/packages/workers/src/HealthMonitor.d.ts +0 -43
- package/packages/workers/src/HealthMonitor.d.ts.map +0 -1
- package/packages/workers/src/HealthMonitor.js +0 -312
- package/packages/workers/src/MultiQueueWorker.d.ts +0 -90
- package/packages/workers/src/MultiQueueWorker.d.ts.map +0 -1
- package/packages/workers/src/MultiQueueWorker.js +0 -282
- package/packages/workers/src/NotificationWorker.d.ts +0 -24
- package/packages/workers/src/NotificationWorker.d.ts.map +0 -1
- package/packages/workers/src/NotificationWorker.js +0 -23
- package/packages/workers/src/Observability.d.ts +0 -154
- package/packages/workers/src/Observability.d.ts.map +0 -1
- package/packages/workers/src/Observability.js +0 -538
- package/packages/workers/src/PluginManager.d.ts +0 -124
- package/packages/workers/src/PluginManager.d.ts.map +0 -1
- package/packages/workers/src/PluginManager.js +0 -392
- package/packages/workers/src/PriorityQueue.d.ts +0 -118
- package/packages/workers/src/PriorityQueue.d.ts.map +0 -1
- package/packages/workers/src/PriorityQueue.js +0 -276
- package/packages/workers/src/ResourceMonitor.d.ts +0 -165
- package/packages/workers/src/ResourceMonitor.d.ts.map +0 -1
- package/packages/workers/src/ResourceMonitor.js +0 -632
- package/packages/workers/src/SLAMonitor.d.ts +0 -111
- package/packages/workers/src/SLAMonitor.d.ts.map +0 -1
- package/packages/workers/src/SLAMonitor.js +0 -274
- package/packages/workers/src/WorkerFactory.d.ts +0 -218
- package/packages/workers/src/WorkerFactory.d.ts.map +0 -1
- package/packages/workers/src/WorkerFactory.js +0 -2253
- package/packages/workers/src/WorkerInit.d.ts +0 -86
- package/packages/workers/src/WorkerInit.d.ts.map +0 -1
- package/packages/workers/src/WorkerInit.js +0 -307
- package/packages/workers/src/WorkerMetrics.d.ts +0 -116
- package/packages/workers/src/WorkerMetrics.d.ts.map +0 -1
- package/packages/workers/src/WorkerMetrics.js +0 -570
- package/packages/workers/src/WorkerRegistry.d.ts +0 -152
- package/packages/workers/src/WorkerRegistry.d.ts.map +0 -1
- package/packages/workers/src/WorkerRegistry.js +0 -396
- package/packages/workers/src/WorkerShutdown.d.ts +0 -70
- package/packages/workers/src/WorkerShutdown.d.ts.map +0 -1
- package/packages/workers/src/WorkerShutdown.js +0 -185
- package/packages/workers/src/WorkerVersioning.d.ts +0 -108
- package/packages/workers/src/WorkerVersioning.d.ts.map +0 -1
- package/packages/workers/src/WorkerVersioning.js +0 -300
- package/packages/workers/src/config/workerConfig.d.ts +0 -5
- package/packages/workers/src/config/workerConfig.d.ts.map +0 -1
- package/packages/workers/src/config/workerConfig.js +0 -25
- package/packages/workers/src/createQueueWorker.d.ts +0 -26
- package/packages/workers/src/createQueueWorker.d.ts.map +0 -1
- package/packages/workers/src/createQueueWorker.js +0 -367
- package/packages/workers/src/dashboard/index.d.ts +0 -2
- package/packages/workers/src/dashboard/index.d.ts.map +0 -1
- package/packages/workers/src/dashboard/index.js +0 -1
- package/packages/workers/src/dashboard/types.d.ts +0 -123
- package/packages/workers/src/dashboard/types.d.ts.map +0 -1
- package/packages/workers/src/dashboard/types.js +0 -1
- package/packages/workers/src/dashboard/workers-api.d.ts +0 -5
- package/packages/workers/src/dashboard/workers-api.d.ts.map +0 -1
- package/packages/workers/src/dashboard/workers-api.js +0 -738
- package/packages/workers/src/helper/index.d.ts +0 -6
- package/packages/workers/src/helper/index.d.ts.map +0 -1
- package/packages/workers/src/helper/index.js +0 -10
- package/packages/workers/src/http/WorkerApiController.d.ts +0 -39
- package/packages/workers/src/http/WorkerApiController.d.ts.map +0 -1
- package/packages/workers/src/http/WorkerApiController.js +0 -313
- package/packages/workers/src/http/WorkerController.d.ts +0 -375
- package/packages/workers/src/http/WorkerController.d.ts.map +0 -1
- package/packages/workers/src/http/WorkerController.js +0 -1454
- package/packages/workers/src/http/WorkerMonitoringService.d.ts +0 -12
- package/packages/workers/src/http/WorkerMonitoringService.d.ts.map +0 -1
- package/packages/workers/src/http/WorkerMonitoringService.js +0 -89
- package/packages/workers/src/http/middleware/CustomValidation.d.ts +0 -93
- package/packages/workers/src/http/middleware/CustomValidation.d.ts.map +0 -1
- package/packages/workers/src/http/middleware/CustomValidation.js +0 -270
- package/packages/workers/src/http/middleware/DatacenterValidator.d.ts +0 -4
- package/packages/workers/src/http/middleware/DatacenterValidator.d.ts.map +0 -1
- package/packages/workers/src/http/middleware/DatacenterValidator.js +0 -94
- package/packages/workers/src/http/middleware/EditWorkerValidation.d.ts +0 -8
- package/packages/workers/src/http/middleware/EditWorkerValidation.d.ts.map +0 -1
- package/packages/workers/src/http/middleware/EditWorkerValidation.js +0 -56
- package/packages/workers/src/http/middleware/FeaturesValidator.d.ts +0 -4
- package/packages/workers/src/http/middleware/FeaturesValidator.d.ts.map +0 -1
- package/packages/workers/src/http/middleware/FeaturesValidator.js +0 -61
- package/packages/workers/src/http/middleware/InfrastructureValidator.d.ts +0 -32
- package/packages/workers/src/http/middleware/InfrastructureValidator.d.ts.map +0 -1
- package/packages/workers/src/http/middleware/InfrastructureValidator.js +0 -226
- package/packages/workers/src/http/middleware/OptionsValidator.d.ts +0 -4
- package/packages/workers/src/http/middleware/OptionsValidator.d.ts.map +0 -1
- package/packages/workers/src/http/middleware/OptionsValidator.js +0 -112
- package/packages/workers/src/http/middleware/PayloadSanitizer.d.ts +0 -8
- package/packages/workers/src/http/middleware/PayloadSanitizer.d.ts.map +0 -1
- package/packages/workers/src/http/middleware/PayloadSanitizer.js +0 -42
- package/packages/workers/src/http/middleware/ProcessorPathSanitizer.d.ts +0 -4
- package/packages/workers/src/http/middleware/ProcessorPathSanitizer.d.ts.map +0 -1
- package/packages/workers/src/http/middleware/ProcessorPathSanitizer.js +0 -140
- package/packages/workers/src/http/middleware/QueueNameSanitizer.d.ts +0 -4
- package/packages/workers/src/http/middleware/QueueNameSanitizer.d.ts.map +0 -1
- package/packages/workers/src/http/middleware/QueueNameSanitizer.js +0 -45
- package/packages/workers/src/http/middleware/ValidateDriver.d.ts +0 -8
- package/packages/workers/src/http/middleware/ValidateDriver.d.ts.map +0 -1
- package/packages/workers/src/http/middleware/ValidateDriver.js +0 -20
- package/packages/workers/src/http/middleware/VersionSanitizer.d.ts +0 -4
- package/packages/workers/src/http/middleware/VersionSanitizer.d.ts.map +0 -1
- package/packages/workers/src/http/middleware/VersionSanitizer.js +0 -25
- package/packages/workers/src/http/middleware/WorkerNameSanitizer.d.ts +0 -4
- package/packages/workers/src/http/middleware/WorkerNameSanitizer.d.ts.map +0 -1
- package/packages/workers/src/http/middleware/WorkerNameSanitizer.js +0 -46
- package/packages/workers/src/http/middleware/WorkerValidationChain.d.ts +0 -28
- package/packages/workers/src/http/middleware/WorkerValidationChain.d.ts.map +0 -1
- package/packages/workers/src/http/middleware/WorkerValidationChain.js +0 -186
- package/packages/workers/src/index.d.ts +0 -47
- package/packages/workers/src/index.d.ts.map +0 -1
- package/packages/workers/src/index.js +0 -48
- package/packages/workers/src/routes/workers.d.ts +0 -13
- package/packages/workers/src/routes/workers.d.ts.map +0 -1
- package/packages/workers/src/routes/workers.js +0 -126
- package/packages/workers/src/storage/WorkerStore.d.ts +0 -52
- package/packages/workers/src/storage/WorkerStore.d.ts.map +0 -1
- package/packages/workers/src/storage/WorkerStore.js +0 -259
- package/packages/workers/src/telemetry/api/TelemetryAPI.d.ts +0 -47
- package/packages/workers/src/telemetry/api/TelemetryAPI.d.ts.map +0 -1
- package/packages/workers/src/telemetry/api/TelemetryAPI.js +0 -219
- package/packages/workers/src/telemetry/api/TelemetryMonitoringService.d.ts +0 -18
- package/packages/workers/src/telemetry/api/TelemetryMonitoringService.d.ts.map +0 -1
- package/packages/workers/src/telemetry/api/TelemetryMonitoringService.js +0 -140
- package/packages/workers/src/telemetry/components/AlertPanel.d.ts +0 -2
- package/packages/workers/src/telemetry/components/AlertPanel.d.ts.map +0 -1
- package/packages/workers/src/telemetry/components/AlertPanel.js +0 -13
- package/packages/workers/src/telemetry/components/CostTracking.d.ts +0 -2
- package/packages/workers/src/telemetry/components/CostTracking.d.ts.map +0 -1
- package/packages/workers/src/telemetry/components/CostTracking.js +0 -14
- package/packages/workers/src/telemetry/components/ResourceUsageChart.d.ts +0 -2
- package/packages/workers/src/telemetry/components/ResourceUsageChart.d.ts.map +0 -1
- package/packages/workers/src/telemetry/components/ResourceUsageChart.js +0 -11
- package/packages/workers/src/telemetry/components/WorkerHealthChart.d.ts +0 -2
- package/packages/workers/src/telemetry/components/WorkerHealthChart.d.ts.map +0 -1
- package/packages/workers/src/telemetry/components/WorkerHealthChart.js +0 -11
- package/packages/workers/src/telemetry/index.d.ts +0 -16
- package/packages/workers/src/telemetry/index.d.ts.map +0 -1
- package/packages/workers/src/telemetry/index.js +0 -60
- package/packages/workers/src/telemetry/routes/dashboard.d.ts +0 -7
- package/packages/workers/src/telemetry/routes/dashboard.d.ts.map +0 -1
- package/packages/workers/src/telemetry/routes/dashboard.js +0 -608
- package/packages/workers/src/type.d.ts +0 -77
- package/packages/workers/src/type.d.ts.map +0 -1
- package/packages/workers/src/type.js +0 -1
- package/packages/workers/src/ui/router/EmbeddedAssets.d.ts +0 -5
- package/packages/workers/src/ui/router/EmbeddedAssets.d.ts.map +0 -1
- package/packages/workers/src/ui/router/EmbeddedAssets.js +0 -13
- package/packages/workers/src/ui/router/ui.d.ts +0 -4
- package/packages/workers/src/ui/router/ui.d.ts.map +0 -1
- package/packages/workers/src/ui/router/ui.js +0 -208
- package/packages/workers/src/ui/types/worker-ui.d.ts +0 -230
- package/packages/workers/src/ui/types/worker-ui.d.ts.map +0 -1
- package/packages/workers/src/ui/types/worker-ui.js +0 -5
- package/routes/api.d.ts +0 -7
- package/routes/api.d.ts.map +0 -1
- package/routes/api.js +0 -136
- package/routes/broadcast.d.ts +0 -9
- package/routes/broadcast.d.ts.map +0 -1
- package/routes/broadcast.js +0 -27
- package/routes/storage.d.ts +0 -4
- package/routes/storage.d.ts.map +0 -1
- package/routes/storage.js +0 -35
|
@@ -1,556 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* Compliance Manager
|
|
3
|
-
* GDPR, HIPAA, and SOC2 compliance enforcement
|
|
4
|
-
* Sealed namespace for immutability
|
|
5
|
-
*/
|
|
6
|
-
import { ErrorFactory, Logger, NodeSingletons, createRedisConnection, } from '../../../src/index.js';
|
|
7
|
-
// Access NodeSingletons lazily to avoid initialization errors in test environments
|
|
8
|
-
const getCrypto = () => {
|
|
9
|
-
if (!NodeSingletons) {
|
|
10
|
-
throw ErrorFactory.createWorkerError('NodeSingletons not available');
|
|
11
|
-
}
|
|
12
|
-
return {
|
|
13
|
-
createCipheriv: NodeSingletons.createCipheriv,
|
|
14
|
-
createDecipheriv: NodeSingletons.createDecipheriv,
|
|
15
|
-
pbkdf2Sync: NodeSingletons.pbkdf2Sync,
|
|
16
|
-
randomBytes: NodeSingletons.randomBytes,
|
|
17
|
-
};
|
|
18
|
-
};
|
|
19
|
-
// Redis key prefixes
|
|
20
|
-
const AUDIT_LOG_PREFIX = 'compliance:audit:';
|
|
21
|
-
const DATA_SUBJECT_PREFIX = 'compliance:subject:';
|
|
22
|
-
const ACCESS_REQUEST_PREFIX = 'compliance:request:';
|
|
23
|
-
const VIOLATION_PREFIX = 'compliance:violation:';
|
|
24
|
-
const CONSENT_PREFIX = 'compliance:consent:';
|
|
25
|
-
// Internal state
|
|
26
|
-
let redisClient = null;
|
|
27
|
-
let complianceConfig = null;
|
|
28
|
-
// Default configuration
|
|
29
|
-
const DEFAULT_CONFIG = {
|
|
30
|
-
gdpr: {
|
|
31
|
-
enabled: true,
|
|
32
|
-
dataRetentionDays: 365,
|
|
33
|
-
requireConsent: true,
|
|
34
|
-
enableRightToForgotten: true,
|
|
35
|
-
enableDataPortability: true,
|
|
36
|
-
enableAccessRequest: true,
|
|
37
|
-
},
|
|
38
|
-
hipaa: {
|
|
39
|
-
enabled: false,
|
|
40
|
-
requireEncryptionAtRest: true,
|
|
41
|
-
requireEncryptionInTransit: true,
|
|
42
|
-
auditRetentionYears: 6,
|
|
43
|
-
requireAccessControls: true,
|
|
44
|
-
enableBreachNotification: true,
|
|
45
|
-
},
|
|
46
|
-
soc2: {
|
|
47
|
-
enabled: true,
|
|
48
|
-
requireChangeLogging: true,
|
|
49
|
-
requireAccessReviews: true,
|
|
50
|
-
accessReviewIntervalDays: 90,
|
|
51
|
-
requireIncidentResponse: true,
|
|
52
|
-
requireDisasterRecovery: true,
|
|
53
|
-
},
|
|
54
|
-
};
|
|
55
|
-
/**
|
|
56
|
-
* Helper: Generate unique ID
|
|
57
|
-
*/
|
|
58
|
-
const generateId = () => {
|
|
59
|
-
const { randomBytes } = getCrypto();
|
|
60
|
-
return randomBytes(16).toString('hex');
|
|
61
|
-
};
|
|
62
|
-
/**
|
|
63
|
-
* Helper: Encrypt data (AES-256-GCM)
|
|
64
|
-
*/
|
|
65
|
-
const encryptData = (data, keyId) => {
|
|
66
|
-
const { createCipheriv, pbkdf2Sync, randomBytes } = getCrypto();
|
|
67
|
-
// In production, retrieve key from secure key management service (AWS KMS, HashiCorp Vault, etc.)
|
|
68
|
-
const key = pbkdf2Sync(keyId, 'salt', 100_000, 32, 'sha256');
|
|
69
|
-
const iv = randomBytes(16);
|
|
70
|
-
const cipher = createCipheriv('aes-256-gcm', key, iv);
|
|
71
|
-
let encrypted = cipher.update(data, 'utf8', 'hex');
|
|
72
|
-
encrypted += cipher.final('hex');
|
|
73
|
-
const authTag = cipher.getAuthTag();
|
|
74
|
-
return {
|
|
75
|
-
encrypted,
|
|
76
|
-
iv: iv.toString('hex'),
|
|
77
|
-
authTag: authTag.toString('hex'),
|
|
78
|
-
};
|
|
79
|
-
};
|
|
80
|
-
/**
|
|
81
|
-
* Helper: Decrypt data (AES-256-GCM)
|
|
82
|
-
*/
|
|
83
|
-
const decryptData = (encrypted, iv, authTag, keyId) => {
|
|
84
|
-
const { createDecipheriv, pbkdf2Sync } = getCrypto();
|
|
85
|
-
const key = pbkdf2Sync(keyId, 'salt', 100_000, 32, 'sha256');
|
|
86
|
-
const decipher = createDecipheriv('aes-256-gcm', key, Buffer.from(iv, 'hex'));
|
|
87
|
-
decipher.setAuthTag(Buffer.from(authTag, 'hex'));
|
|
88
|
-
let decrypted = decipher.update(encrypted, 'hex', 'utf8');
|
|
89
|
-
decrypted += decipher.final('utf8');
|
|
90
|
-
return decrypted;
|
|
91
|
-
};
|
|
92
|
-
/**
|
|
93
|
-
* Helper: Check if consent is required and valid
|
|
94
|
-
*/
|
|
95
|
-
const checkConsent = async (dataSubjectId) => {
|
|
96
|
-
const gdprConfig = complianceConfig?.gdpr;
|
|
97
|
-
if (gdprConfig?.enabled !== true || gdprConfig?.requireConsent !== true) {
|
|
98
|
-
return { valid: true };
|
|
99
|
-
}
|
|
100
|
-
if (!redisClient) {
|
|
101
|
-
return { valid: false, reason: 'Compliance system not initialized' };
|
|
102
|
-
}
|
|
103
|
-
const key = `${DATA_SUBJECT_PREFIX}${dataSubjectId}`;
|
|
104
|
-
const subjectJson = await redisClient.get(key);
|
|
105
|
-
if (subjectJson === null) {
|
|
106
|
-
return { valid: false, reason: 'Data subject not found' };
|
|
107
|
-
}
|
|
108
|
-
const subject = JSON.parse(subjectJson);
|
|
109
|
-
if (!subject.consentGiven) {
|
|
110
|
-
return { valid: false, reason: 'Consent not given' };
|
|
111
|
-
}
|
|
112
|
-
if (subject.consentWithdrawnDate) {
|
|
113
|
-
return { valid: false, reason: 'Consent withdrawn' };
|
|
114
|
-
}
|
|
115
|
-
return { valid: true };
|
|
116
|
-
};
|
|
117
|
-
/**
|
|
118
|
-
* Helper: Store audit log
|
|
119
|
-
*/
|
|
120
|
-
const storeAuditLog = async (log) => {
|
|
121
|
-
if (!redisClient)
|
|
122
|
-
return;
|
|
123
|
-
try {
|
|
124
|
-
const key = `${AUDIT_LOG_PREFIX}${log.standard}`;
|
|
125
|
-
const score = log.timestamp.getTime();
|
|
126
|
-
const data = JSON.stringify(log);
|
|
127
|
-
await redisClient.zadd(key, score, data);
|
|
128
|
-
// Set retention based on standard
|
|
129
|
-
let retentionDays = 365; // Default 1 year
|
|
130
|
-
if (log.standard === 'hipaa' && complianceConfig?.hipaa.enabled === true) {
|
|
131
|
-
retentionDays = complianceConfig.hipaa.auditRetentionYears * 365;
|
|
132
|
-
}
|
|
133
|
-
await redisClient.expire(key, retentionDays * 24 * 60 * 60);
|
|
134
|
-
Logger.debug('Compliance audit log stored', {
|
|
135
|
-
standard: log.standard,
|
|
136
|
-
action: log.action,
|
|
137
|
-
userId: log.userId,
|
|
138
|
-
});
|
|
139
|
-
}
|
|
140
|
-
catch (error) {
|
|
141
|
-
Logger.error('Failed to store compliance audit log', error);
|
|
142
|
-
}
|
|
143
|
-
};
|
|
144
|
-
const hasNonEmptyString = (value) => {
|
|
145
|
-
return typeof value === 'string' && value.length > 0;
|
|
146
|
-
};
|
|
147
|
-
const runGdprChecks = async (dataSubjectId) => {
|
|
148
|
-
if (complianceConfig?.gdpr.enabled !== true) {
|
|
149
|
-
return [];
|
|
150
|
-
}
|
|
151
|
-
if (!hasNonEmptyString(dataSubjectId)) {
|
|
152
|
-
return [];
|
|
153
|
-
}
|
|
154
|
-
const consentCheck = await checkConsent(dataSubjectId);
|
|
155
|
-
if (consentCheck.valid) {
|
|
156
|
-
return [];
|
|
157
|
-
}
|
|
158
|
-
return [`GDPR: ${consentCheck.reason}`];
|
|
159
|
-
};
|
|
160
|
-
const runHipaaChecks = (action, userId, resourceId) => {
|
|
161
|
-
if (complianceConfig?.hipaa.enabled !== true) {
|
|
162
|
-
return [];
|
|
163
|
-
}
|
|
164
|
-
if (complianceConfig.hipaa.requireAccessControls !== true) {
|
|
165
|
-
return [];
|
|
166
|
-
}
|
|
167
|
-
Logger.debug('HIPAA access control check', { action, userId, resourceId });
|
|
168
|
-
return [];
|
|
169
|
-
};
|
|
170
|
-
const runSoc2Checks = (action) => {
|
|
171
|
-
if (complianceConfig?.soc2.enabled !== true) {
|
|
172
|
-
return [];
|
|
173
|
-
}
|
|
174
|
-
if (complianceConfig.soc2.requireChangeLogging !== true) {
|
|
175
|
-
return [];
|
|
176
|
-
}
|
|
177
|
-
if (action.includes('modify') || action.includes('delete') || action.includes('update')) {
|
|
178
|
-
return [];
|
|
179
|
-
}
|
|
180
|
-
return [];
|
|
181
|
-
};
|
|
182
|
-
/**
|
|
183
|
-
* Compliance Manager - Sealed namespace
|
|
184
|
-
*/
|
|
185
|
-
export const ComplianceManager = Object.freeze({
|
|
186
|
-
/**
|
|
187
|
-
* Initialize compliance manager
|
|
188
|
-
*/
|
|
189
|
-
initialize(redisConfig, config) {
|
|
190
|
-
if (redisClient) {
|
|
191
|
-
Logger.warn('ComplianceManager already initialized');
|
|
192
|
-
return;
|
|
193
|
-
}
|
|
194
|
-
redisClient = createRedisConnection(redisConfig);
|
|
195
|
-
complianceConfig = {
|
|
196
|
-
gdpr: { ...DEFAULT_CONFIG.gdpr, ...config?.gdpr },
|
|
197
|
-
hipaa: { ...DEFAULT_CONFIG.hipaa, ...config?.hipaa },
|
|
198
|
-
soc2: { ...DEFAULT_CONFIG.soc2, ...config?.soc2 },
|
|
199
|
-
};
|
|
200
|
-
Logger.info('ComplianceManager initialized', {
|
|
201
|
-
gdpr: complianceConfig.gdpr.enabled,
|
|
202
|
-
hipaa: complianceConfig.hipaa.enabled,
|
|
203
|
-
soc2: complianceConfig.soc2.enabled,
|
|
204
|
-
});
|
|
205
|
-
},
|
|
206
|
-
/**
|
|
207
|
-
* Register data subject
|
|
208
|
-
*/
|
|
209
|
-
async registerDataSubject(subject) {
|
|
210
|
-
if (!redisClient) {
|
|
211
|
-
throw ErrorFactory.createConfigError('ComplianceManager not initialized');
|
|
212
|
-
}
|
|
213
|
-
const key = `${DATA_SUBJECT_PREFIX}${subject.id}`;
|
|
214
|
-
await redisClient.set(key, JSON.stringify(subject));
|
|
215
|
-
// Set expiry based on retention period
|
|
216
|
-
if (subject.retentionPeriod !== undefined) {
|
|
217
|
-
await redisClient.expire(key, subject.retentionPeriod * 24 * 60 * 60);
|
|
218
|
-
}
|
|
219
|
-
await storeAuditLog({
|
|
220
|
-
id: generateId(),
|
|
221
|
-
timestamp: new Date(),
|
|
222
|
-
standard: 'gdpr',
|
|
223
|
-
action: 'data-subject-registered',
|
|
224
|
-
userId: 'system',
|
|
225
|
-
dataSubjectId: subject.id,
|
|
226
|
-
resourceId: subject.id,
|
|
227
|
-
resourceType: 'data-subject',
|
|
228
|
-
result: 'success',
|
|
229
|
-
severity: 'info',
|
|
230
|
-
});
|
|
231
|
-
Logger.info('Data subject registered', { id: subject.id });
|
|
232
|
-
},
|
|
233
|
-
/**
|
|
234
|
-
* Record consent
|
|
235
|
-
*/
|
|
236
|
-
async recordConsent(dataSubjectId, consentGiven, userId) {
|
|
237
|
-
const client = redisClient;
|
|
238
|
-
const gdprConfig = complianceConfig?.gdpr;
|
|
239
|
-
if (!client || gdprConfig?.enabled !== true) {
|
|
240
|
-
throw ErrorFactory.createConfigError('GDPR compliance not enabled');
|
|
241
|
-
}
|
|
242
|
-
const subjectKey = `${DATA_SUBJECT_PREFIX}${dataSubjectId}`;
|
|
243
|
-
const subjectJson = await client.get(subjectKey);
|
|
244
|
-
if (subjectJson === null) {
|
|
245
|
-
throw ErrorFactory.createNotFoundError(`Data subject not found: ${dataSubjectId}`);
|
|
246
|
-
}
|
|
247
|
-
const subject = JSON.parse(subjectJson);
|
|
248
|
-
subject.consentGiven = consentGiven;
|
|
249
|
-
if (consentGiven) {
|
|
250
|
-
subject.consentDate = new Date();
|
|
251
|
-
subject.consentWithdrawnDate = undefined;
|
|
252
|
-
}
|
|
253
|
-
else {
|
|
254
|
-
subject.consentWithdrawnDate = new Date();
|
|
255
|
-
}
|
|
256
|
-
await client.set(subjectKey, JSON.stringify(subject));
|
|
257
|
-
// Store consent in separate key for auditing
|
|
258
|
-
const consentKey = `${CONSENT_PREFIX}${dataSubjectId}`;
|
|
259
|
-
const consentRecord = {
|
|
260
|
-
dataSubjectId,
|
|
261
|
-
consentGiven,
|
|
262
|
-
timestamp: new Date(),
|
|
263
|
-
recordedBy: userId,
|
|
264
|
-
};
|
|
265
|
-
await client.zadd(consentKey, Date.now(), JSON.stringify(consentRecord));
|
|
266
|
-
await storeAuditLog({
|
|
267
|
-
id: generateId(),
|
|
268
|
-
timestamp: new Date(),
|
|
269
|
-
standard: 'gdpr',
|
|
270
|
-
action: consentGiven ? 'consent-given' : 'consent-withdrawn',
|
|
271
|
-
userId,
|
|
272
|
-
dataSubjectId,
|
|
273
|
-
resourceId: dataSubjectId,
|
|
274
|
-
resourceType: 'consent',
|
|
275
|
-
result: 'success',
|
|
276
|
-
severity: 'info',
|
|
277
|
-
});
|
|
278
|
-
Logger.info('Consent recorded', { dataSubjectId, consentGiven });
|
|
279
|
-
},
|
|
280
|
-
/**
|
|
281
|
-
* Check if action is compliant
|
|
282
|
-
*/
|
|
283
|
-
async checkCompliance(action, userId, dataSubjectId, resourceId) {
|
|
284
|
-
const violations = [];
|
|
285
|
-
const gdprViolations = await runGdprChecks(dataSubjectId);
|
|
286
|
-
violations.push(...gdprViolations);
|
|
287
|
-
const hipaaViolations = runHipaaChecks(action, userId, resourceId);
|
|
288
|
-
violations.push(...hipaaViolations);
|
|
289
|
-
const soc2Violations = runSoc2Checks(action);
|
|
290
|
-
violations.push(...soc2Violations);
|
|
291
|
-
const compliant = violations.length === 0;
|
|
292
|
-
if (!compliant) {
|
|
293
|
-
await storeAuditLog({
|
|
294
|
-
id: generateId(),
|
|
295
|
-
timestamp: new Date(),
|
|
296
|
-
standard: 'gdpr', // Primary standard for consent
|
|
297
|
-
action,
|
|
298
|
-
userId,
|
|
299
|
-
dataSubjectId,
|
|
300
|
-
resourceId: resourceId ?? 'unknown',
|
|
301
|
-
resourceType: 'compliance-check',
|
|
302
|
-
result: 'blocked',
|
|
303
|
-
reason: violations.join('; '),
|
|
304
|
-
severity: 'warning',
|
|
305
|
-
});
|
|
306
|
-
}
|
|
307
|
-
return { compliant, violations };
|
|
308
|
-
},
|
|
309
|
-
/**
|
|
310
|
-
* Create access request (GDPR Right to Access, Deletion, etc.)
|
|
311
|
-
*/
|
|
312
|
-
async createAccessRequest(request) {
|
|
313
|
-
if (!redisClient) {
|
|
314
|
-
throw ErrorFactory.createConfigError('ComplianceManager not initialized');
|
|
315
|
-
}
|
|
316
|
-
const requestId = generateId();
|
|
317
|
-
const fullRequest = {
|
|
318
|
-
id: requestId,
|
|
319
|
-
requestDate: new Date(),
|
|
320
|
-
status: 'pending',
|
|
321
|
-
...request,
|
|
322
|
-
};
|
|
323
|
-
const key = `${ACCESS_REQUEST_PREFIX}${requestId}`;
|
|
324
|
-
await redisClient.set(key, JSON.stringify(fullRequest));
|
|
325
|
-
await storeAuditLog({
|
|
326
|
-
id: generateId(),
|
|
327
|
-
timestamp: new Date(),
|
|
328
|
-
standard: 'gdpr',
|
|
329
|
-
action: `access-request-${request.requestType}`,
|
|
330
|
-
userId: request.requestedBy,
|
|
331
|
-
dataSubjectId: request.dataSubjectId,
|
|
332
|
-
resourceId: requestId,
|
|
333
|
-
resourceType: 'access-request',
|
|
334
|
-
result: 'success',
|
|
335
|
-
severity: 'info',
|
|
336
|
-
});
|
|
337
|
-
Logger.info('Access request created', {
|
|
338
|
-
id: requestId,
|
|
339
|
-
type: request.requestType,
|
|
340
|
-
dataSubjectId: request.dataSubjectId,
|
|
341
|
-
});
|
|
342
|
-
return requestId;
|
|
343
|
-
},
|
|
344
|
-
/**
|
|
345
|
-
* Process access request
|
|
346
|
-
*/
|
|
347
|
-
async processAccessRequest(requestId, status, processedBy) {
|
|
348
|
-
if (!redisClient) {
|
|
349
|
-
throw ErrorFactory.createConfigError('ComplianceManager not initialized');
|
|
350
|
-
}
|
|
351
|
-
const key = `${ACCESS_REQUEST_PREFIX}${requestId}`;
|
|
352
|
-
const requestJson = await redisClient.get(key);
|
|
353
|
-
if (requestJson === null) {
|
|
354
|
-
throw ErrorFactory.createNotFoundError(`Access request not found: ${requestId}`);
|
|
355
|
-
}
|
|
356
|
-
const request = JSON.parse(requestJson);
|
|
357
|
-
request.status = status;
|
|
358
|
-
if (status === 'approved') {
|
|
359
|
-
request.approvedBy = processedBy;
|
|
360
|
-
}
|
|
361
|
-
else if (status === 'completed') {
|
|
362
|
-
request.completedBy = processedBy;
|
|
363
|
-
request.completedDate = new Date();
|
|
364
|
-
}
|
|
365
|
-
await redisClient.set(key, JSON.stringify(request));
|
|
366
|
-
await storeAuditLog({
|
|
367
|
-
id: generateId(),
|
|
368
|
-
timestamp: new Date(),
|
|
369
|
-
standard: 'gdpr',
|
|
370
|
-
action: `access-request-${status}`,
|
|
371
|
-
userId: processedBy,
|
|
372
|
-
dataSubjectId: request.dataSubjectId,
|
|
373
|
-
resourceId: requestId,
|
|
374
|
-
resourceType: 'access-request',
|
|
375
|
-
result: 'success',
|
|
376
|
-
severity: status === 'rejected' ? 'warning' : 'info',
|
|
377
|
-
});
|
|
378
|
-
Logger.info('Access request processed', { id: requestId, status });
|
|
379
|
-
},
|
|
380
|
-
/**
|
|
381
|
-
* Encrypt sensitive data (HIPAA compliance)
|
|
382
|
-
*/
|
|
383
|
-
encryptSensitiveData(data, userId, keyId = 'default-key') {
|
|
384
|
-
if (complianceConfig?.hipaa.enabled === true &&
|
|
385
|
-
complianceConfig.hipaa.requireEncryptionAtRest !== true) {
|
|
386
|
-
Logger.warn('HIPAA encryption not enforced by configuration');
|
|
387
|
-
}
|
|
388
|
-
const { encrypted, iv, authTag } = encryptData(data, keyId);
|
|
389
|
-
const metadata = {
|
|
390
|
-
algorithm: 'aes-256-gcm',
|
|
391
|
-
keyId,
|
|
392
|
-
encryptedAt: new Date(),
|
|
393
|
-
encryptedBy: userId,
|
|
394
|
-
};
|
|
395
|
-
// Store IV and authTag with encrypted data
|
|
396
|
-
const encryptedPackage = JSON.stringify({ encrypted, iv, authTag, metadata });
|
|
397
|
-
return {
|
|
398
|
-
encrypted: encryptedPackage,
|
|
399
|
-
metadata,
|
|
400
|
-
};
|
|
401
|
-
},
|
|
402
|
-
/**
|
|
403
|
-
* Decrypt sensitive data
|
|
404
|
-
*/
|
|
405
|
-
decryptSensitiveData(encryptedPackage, userId) {
|
|
406
|
-
const parsed = JSON.parse(encryptedPackage);
|
|
407
|
-
if (typeof parsed.encrypted !== 'string' ||
|
|
408
|
-
typeof parsed.iv !== 'string' ||
|
|
409
|
-
typeof parsed.authTag !== 'string' ||
|
|
410
|
-
typeof parsed.metadata?.keyId !== 'string') {
|
|
411
|
-
throw ErrorFactory.createValidationError('Invalid encrypted payload');
|
|
412
|
-
}
|
|
413
|
-
const { encrypted, iv, authTag, metadata } = parsed;
|
|
414
|
-
storeAuditLog({
|
|
415
|
-
id: generateId(),
|
|
416
|
-
timestamp: new Date(),
|
|
417
|
-
standard: 'hipaa',
|
|
418
|
-
action: 'data-decrypted',
|
|
419
|
-
userId,
|
|
420
|
-
resourceId: metadata.keyId,
|
|
421
|
-
resourceType: 'encrypted-data',
|
|
422
|
-
result: 'success',
|
|
423
|
-
severity: 'info',
|
|
424
|
-
});
|
|
425
|
-
return decryptData(encrypted, iv, authTag, metadata.keyId);
|
|
426
|
-
},
|
|
427
|
-
/**
|
|
428
|
-
* Record compliance violation
|
|
429
|
-
*/
|
|
430
|
-
async recordViolation(violation) {
|
|
431
|
-
if (!redisClient) {
|
|
432
|
-
throw ErrorFactory.createConfigError('ComplianceManager not initialized');
|
|
433
|
-
}
|
|
434
|
-
const violationId = generateId();
|
|
435
|
-
const fullViolation = {
|
|
436
|
-
id: violationId,
|
|
437
|
-
timestamp: new Date(),
|
|
438
|
-
...violation,
|
|
439
|
-
};
|
|
440
|
-
const key = `${VIOLATION_PREFIX}${violationId}`;
|
|
441
|
-
await redisClient.set(key, JSON.stringify(fullViolation));
|
|
442
|
-
await storeAuditLog({
|
|
443
|
-
id: generateId(),
|
|
444
|
-
timestamp: new Date(),
|
|
445
|
-
standard: violation.standard,
|
|
446
|
-
action: 'violation-recorded',
|
|
447
|
-
userId: 'system',
|
|
448
|
-
resourceId: violationId,
|
|
449
|
-
resourceType: 'compliance-violation',
|
|
450
|
-
result: 'success',
|
|
451
|
-
severity: 'critical',
|
|
452
|
-
reason: violation.description,
|
|
453
|
-
});
|
|
454
|
-
Logger.error('Compliance violation recorded', {
|
|
455
|
-
id: violationId,
|
|
456
|
-
standard: violation.standard,
|
|
457
|
-
type: violation.violationType,
|
|
458
|
-
severity: violation.severity,
|
|
459
|
-
});
|
|
460
|
-
return violationId;
|
|
461
|
-
},
|
|
462
|
-
/**
|
|
463
|
-
* Get audit logs
|
|
464
|
-
*/
|
|
465
|
-
async getAuditLogs(standard, startDate, endDate, limit = 1000) {
|
|
466
|
-
if (!redisClient) {
|
|
467
|
-
throw ErrorFactory.createConfigError('ComplianceManager not initialized');
|
|
468
|
-
}
|
|
469
|
-
try {
|
|
470
|
-
const key = `${AUDIT_LOG_PREFIX}${standard}`;
|
|
471
|
-
const minScore = startDate ? startDate.getTime() : '-inf';
|
|
472
|
-
const maxScore = endDate ? endDate.getTime() : '+inf';
|
|
473
|
-
const logs = await redisClient.zrangebyscore(key, minScore, maxScore, 'LIMIT', 0, limit);
|
|
474
|
-
return logs.map((log) => JSON.parse(log));
|
|
475
|
-
}
|
|
476
|
-
catch (error) {
|
|
477
|
-
Logger.error('Failed to retrieve audit logs', error);
|
|
478
|
-
return [];
|
|
479
|
-
}
|
|
480
|
-
},
|
|
481
|
-
/**
|
|
482
|
-
* Get compliance summary
|
|
483
|
-
*/
|
|
484
|
-
async getComplianceSummary() {
|
|
485
|
-
if (!redisClient || !complianceConfig) {
|
|
486
|
-
throw ErrorFactory.createConfigError('ComplianceManager not initialized');
|
|
487
|
-
}
|
|
488
|
-
const client = redisClient;
|
|
489
|
-
const config = complianceConfig;
|
|
490
|
-
// Count data subjects
|
|
491
|
-
const subjectKeys = await client.keys(`${DATA_SUBJECT_PREFIX}*`);
|
|
492
|
-
// Count pending access requests
|
|
493
|
-
const requestKeys = await client.keys(`${ACCESS_REQUEST_PREFIX}*`);
|
|
494
|
-
let pendingRequests = 0;
|
|
495
|
-
const requestEntries = await Promise.all(requestKeys.map(async (key) => client.get(key)));
|
|
496
|
-
requestEntries.forEach((requestJson) => {
|
|
497
|
-
if (requestJson !== null) {
|
|
498
|
-
const request = JSON.parse(requestJson);
|
|
499
|
-
if (request.status === 'pending') {
|
|
500
|
-
pendingRequests++;
|
|
501
|
-
}
|
|
502
|
-
}
|
|
503
|
-
});
|
|
504
|
-
// Count violations
|
|
505
|
-
const violationKeys = await client.keys(`${VIOLATION_PREFIX}*`);
|
|
506
|
-
return {
|
|
507
|
-
gdpr: {
|
|
508
|
-
enabled: config.gdpr.enabled,
|
|
509
|
-
dataSubjects: subjectKeys.length,
|
|
510
|
-
pendingRequests,
|
|
511
|
-
},
|
|
512
|
-
hipaa: {
|
|
513
|
-
enabled: config.hipaa.enabled,
|
|
514
|
-
encryptedResources: 0, // Would need to track this separately
|
|
515
|
-
auditLogRetention: `${config.hipaa.auditRetentionYears} years`,
|
|
516
|
-
},
|
|
517
|
-
soc2: {
|
|
518
|
-
enabled: config.soc2.enabled,
|
|
519
|
-
violations: violationKeys.length,
|
|
520
|
-
},
|
|
521
|
-
};
|
|
522
|
-
},
|
|
523
|
-
/**
|
|
524
|
-
* Get configuration
|
|
525
|
-
*/
|
|
526
|
-
getConfig() {
|
|
527
|
-
return complianceConfig ? { ...complianceConfig } : null;
|
|
528
|
-
},
|
|
529
|
-
/**
|
|
530
|
-
* Update configuration
|
|
531
|
-
*/
|
|
532
|
-
updateConfig(config) {
|
|
533
|
-
if (!complianceConfig) {
|
|
534
|
-
throw ErrorFactory.createConfigError('ComplianceManager not initialized');
|
|
535
|
-
}
|
|
536
|
-
complianceConfig = {
|
|
537
|
-
gdpr: { ...complianceConfig.gdpr, ...config.gdpr },
|
|
538
|
-
hipaa: { ...complianceConfig.hipaa, ...config.hipaa },
|
|
539
|
-
soc2: { ...complianceConfig.soc2, ...config.soc2 },
|
|
540
|
-
};
|
|
541
|
-
Logger.info('Compliance configuration updated', { config });
|
|
542
|
-
},
|
|
543
|
-
/**
|
|
544
|
-
* Shutdown
|
|
545
|
-
*/
|
|
546
|
-
async shutdown() {
|
|
547
|
-
Logger.info('ComplianceManager shutting down...');
|
|
548
|
-
if (redisClient) {
|
|
549
|
-
await redisClient.quit();
|
|
550
|
-
redisClient = null;
|
|
551
|
-
}
|
|
552
|
-
complianceConfig = null;
|
|
553
|
-
Logger.info('ComplianceManager shutdown complete');
|
|
554
|
-
},
|
|
555
|
-
});
|
|
556
|
-
// Graceful shutdown handled by WorkerShutdown
|
|
@@ -1,134 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* Datacenter Orchestration
|
|
3
|
-
* Multi-datacenter worker coordination with region affinity and failover
|
|
4
|
-
* Sealed namespace for immutability
|
|
5
|
-
*/
|
|
6
|
-
export type DatacenterRegion = {
|
|
7
|
-
id: string;
|
|
8
|
-
name: string;
|
|
9
|
-
location: {
|
|
10
|
-
continent: string;
|
|
11
|
-
country: string;
|
|
12
|
-
city: string;
|
|
13
|
-
coordinates?: {
|
|
14
|
-
lat: number;
|
|
15
|
-
lng: number;
|
|
16
|
-
};
|
|
17
|
-
};
|
|
18
|
-
priority: number;
|
|
19
|
-
capacity: number;
|
|
20
|
-
currentLoad: number;
|
|
21
|
-
healthStatus: 'healthy' | 'degraded' | 'offline';
|
|
22
|
-
latency: number;
|
|
23
|
-
costMultiplier: number;
|
|
24
|
-
};
|
|
25
|
-
export type ReplicationStrategy = 'none' | 'active-passive' | 'active-active' | 'multi-master';
|
|
26
|
-
export type FailoverPolicy = {
|
|
27
|
-
enabled: boolean;
|
|
28
|
-
autoFailover: boolean;
|
|
29
|
-
failoverThreshold: number;
|
|
30
|
-
healthCheckInterval: number;
|
|
31
|
-
minHealthyRegions: number;
|
|
32
|
-
preferredRegions: string[];
|
|
33
|
-
};
|
|
34
|
-
export type WorkerPlacement = {
|
|
35
|
-
workerName: string;
|
|
36
|
-
primaryRegion: string;
|
|
37
|
-
secondaryRegions: string[];
|
|
38
|
-
replicationStrategy: ReplicationStrategy;
|
|
39
|
-
affinityRules: {
|
|
40
|
-
preferLocal: boolean;
|
|
41
|
-
maxLatency?: number;
|
|
42
|
-
avoidRegions?: string[];
|
|
43
|
-
};
|
|
44
|
-
};
|
|
45
|
-
export type DatacenterTopology = {
|
|
46
|
-
regions: DatacenterRegion[];
|
|
47
|
-
connections: Array<{
|
|
48
|
-
from: string;
|
|
49
|
-
to: string;
|
|
50
|
-
latency: number;
|
|
51
|
-
bandwidth: number;
|
|
52
|
-
}>;
|
|
53
|
-
};
|
|
54
|
-
/**
|
|
55
|
-
* Datacenter Orchestrator - Sealed namespace
|
|
56
|
-
*/
|
|
57
|
-
export declare const DatacenterOrchestrator: Readonly<{
|
|
58
|
-
/**
|
|
59
|
-
* Register datacenter region
|
|
60
|
-
*/
|
|
61
|
-
registerRegion(region: DatacenterRegion): void;
|
|
62
|
-
/**
|
|
63
|
-
* Unregister datacenter region
|
|
64
|
-
*/
|
|
65
|
-
unregisterRegion(regionId: string): void;
|
|
66
|
-
/**
|
|
67
|
-
* Get region information
|
|
68
|
-
*/
|
|
69
|
-
getRegion(regionId: string): DatacenterRegion | null;
|
|
70
|
-
/**
|
|
71
|
-
* List all regions
|
|
72
|
-
*/
|
|
73
|
-
listRegions(healthStatus?: DatacenterRegion["healthStatus"]): ReadonlyArray<DatacenterRegion>;
|
|
74
|
-
/**
|
|
75
|
-
* Update region health status
|
|
76
|
-
*/
|
|
77
|
-
updateRegionHealth(regionId: string, healthStatus: DatacenterRegion["healthStatus"]): void;
|
|
78
|
-
/**
|
|
79
|
-
* Update region load
|
|
80
|
-
*/
|
|
81
|
-
updateRegionLoad(regionId: string, currentLoad: number): void;
|
|
82
|
-
/**
|
|
83
|
-
* Place worker in datacenter
|
|
84
|
-
*/
|
|
85
|
-
placeWorker(placement: WorkerPlacement): void;
|
|
86
|
-
/**
|
|
87
|
-
* Get worker placement
|
|
88
|
-
*/
|
|
89
|
-
getPlacement(workerName: string): WorkerPlacement | null;
|
|
90
|
-
/**
|
|
91
|
-
* Update worker placement
|
|
92
|
-
*/
|
|
93
|
-
updatePlacement(workerName: string, updates: Partial<WorkerPlacement>): void;
|
|
94
|
-
/**
|
|
95
|
-
* Remove worker placement
|
|
96
|
-
*/
|
|
97
|
-
removeWorker(workerName: string): void;
|
|
98
|
-
/**
|
|
99
|
-
* Find optimal region for job execution
|
|
100
|
-
*/
|
|
101
|
-
findOptimalRegion(workerName: string, clientRegion?: string): string | null;
|
|
102
|
-
/**
|
|
103
|
-
* Set failover policy for region
|
|
104
|
-
*/
|
|
105
|
-
setFailoverPolicy(regionId: string, policy: FailoverPolicy): void;
|
|
106
|
-
/**
|
|
107
|
-
* Get failover policy
|
|
108
|
-
*/
|
|
109
|
-
getFailoverPolicy(regionId: string): FailoverPolicy | null;
|
|
110
|
-
/**
|
|
111
|
-
* Start health checks for region
|
|
112
|
-
*/
|
|
113
|
-
startHealthChecks(regionId: string, intervalSeconds: number): void;
|
|
114
|
-
/**
|
|
115
|
-
* Stop health checks for region
|
|
116
|
-
*/
|
|
117
|
-
stopHealthChecks(regionId: string): void;
|
|
118
|
-
/**
|
|
119
|
-
* Get datacenter topology
|
|
120
|
-
*/
|
|
121
|
-
getTopology(): DatacenterTopology;
|
|
122
|
-
/**
|
|
123
|
-
* Get load balancing recommendation
|
|
124
|
-
*/
|
|
125
|
-
getLoadBalancingRecommendation(): Array<{
|
|
126
|
-
regionId: string;
|
|
127
|
-
recommendedLoad: number;
|
|
128
|
-
}>;
|
|
129
|
-
/**
|
|
130
|
-
* Shutdown datacenter orchestrator
|
|
131
|
-
*/
|
|
132
|
-
shutdown(): void;
|
|
133
|
-
}>;
|
|
134
|
-
//# sourceMappingURL=DatacenterOrchestrator.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"DatacenterOrchestrator.d.ts","sourceRoot":"","sources":["../../../../packages/workers/src/DatacenterOrchestrator.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAKH,MAAM,MAAM,gBAAgB,GAAG;IAC7B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE;QACR,SAAS,EAAE,MAAM,CAAC;QAClB,OAAO,EAAE,MAAM,CAAC;QAChB,IAAI,EAAE,MAAM,CAAC;QACb,WAAW,CAAC,EAAE;YAAE,GAAG,EAAE,MAAM,CAAC;YAAC,GAAG,EAAE,MAAM,CAAA;SAAE,CAAC;KAC5C,CAAC;IACF,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,SAAS,GAAG,UAAU,GAAG,SAAS,CAAC;IACjD,OAAO,EAAE,MAAM,CAAC;IAChB,cAAc,EAAE,MAAM,CAAC;CACxB,CAAC;AAEF,MAAM,MAAM,mBAAmB,GAAG,MAAM,GAAG,gBAAgB,GAAG,eAAe,GAAG,cAAc,CAAC;AAE/F,MAAM,MAAM,cAAc,GAAG;IAC3B,OAAO,EAAE,OAAO,CAAC;IACjB,YAAY,EAAE,OAAO,CAAC;IACtB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,mBAAmB,EAAE,MAAM,CAAC;IAC5B,iBAAiB,EAAE,MAAM,CAAC;IAC1B,gBAAgB,EAAE,MAAM,EAAE,CAAC;CAC5B,CAAC;AAEF,MAAM,MAAM,eAAe,GAAG;IAC5B,UAAU,EAAE,MAAM,CAAC;IACnB,aAAa,EAAE,MAAM,CAAC;IACtB,gBAAgB,EAAE,MAAM,EAAE,CAAC;IAC3B,mBAAmB,EAAE,mBAAmB,CAAC;IACzC,aAAa,EAAE;QACb,WAAW,EAAE,OAAO,CAAC;QACrB,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;KACzB,CAAC;CACH,CAAC;AAEF,MAAM,MAAM,kBAAkB,GAAG;IAC/B,OAAO,EAAE,gBAAgB,EAAE,CAAC;IAC5B,WAAW,EAAE,KAAK,CAAC;QACjB,IAAI,EAAE,MAAM,CAAC;QACb,EAAE,EAAE,MAAM,CAAC;QACX,OAAO,EAAE,MAAM,CAAC;QAChB,SAAS,EAAE,MAAM,CAAC;KACnB,CAAC,CAAC;CACJ,CAAC;AA4JF;;GAEG;AACH,eAAO,MAAM,sBAAsB;IACjC;;OAEG;2BACoB,gBAAgB,GAAG,IAAI;IAa9C;;OAEG;+BACwB,MAAM,GAAG,IAAI;IA8BxC;;OAEG;wBACiB,MAAM,GAAG,gBAAgB,GAAG,IAAI;IAKpD;;OAEG;+BACwB,gBAAgB,CAAC,cAAc,CAAC,GAAG,aAAa,CAAC,gBAAgB,CAAC;IAU7F;;OAEG;iCAC0B,MAAM,gBAAgB,gBAAgB,CAAC,cAAc,CAAC,GAAG,IAAI;IAwB1F;;OAEG;+BACwB,MAAM,eAAe,MAAM,GAAG,IAAI;IAsB7D;;OAEG;2BACoB,eAAe,GAAG,IAAI;IAuB7C;;OAEG;6BACsB,MAAM,GAAG,eAAe,GAAG,IAAI;IAKxD;;OAEG;gCACyB,MAAM,WAAW,OAAO,CAAC,eAAe,CAAC,GAAG,IAAI;IAY5E;;OAEG;6BACsB,MAAM,GAAG,IAAI;IAUtC;;OAEG;kCAC2B,MAAM,iBAAiB,MAAM,GAAG,MAAM,GAAG,IAAI;IAU3E;;OAEG;gCACyB,MAAM,UAAU,cAAc,GAAG,IAAI;IAmBjE;;OAEG;gCACyB,MAAM,GAAG,cAAc,GAAG,IAAI;IAK1D;;OAEG;gCACyB,MAAM,mBAAmB,MAAM,GAAG,IAAI;IAmBlE;;OAEG;+BACwB,MAAM,GAAG,IAAI;IAWxC;;OAEG;mBACY,kBAAkB;IAqCjC;;OAEG;sCAC+B,KAAK,CAAC;QAAE,QAAQ,EAAE,MAAM,CAAC;QAAC,eAAe,EAAE,MAAM,CAAA;KAAE,CAAC;IAiBtF;;OAEG;gBACS,IAAI;EAehB,CAAC"}
|