chainlesschain 0.37.9 → 0.37.11

package/src/lib/audit-logger.js

@@ -0,0 +1,364 @@
+/**
+ * Audit Logger — records security events and operations for compliance.
+ * Provides event logging, querying, statistics, and export.
+ */
+
+import crypto from "crypto";
+
+/**
+ * Event types for audit logging.
+ */
+export const EVENT_TYPES = {
+  AUTH: "auth",
+  PERMISSION: "permission",
+  DATA: "data",
+  SYSTEM: "system",
+  FILE: "file",
+  DID: "did",
+  CRYPTO: "crypto",
+  API: "api",
+};
+
+/**
+ * Risk levels.
+ */
+export const RISK_LEVELS = {
+  LOW: "low",
+  MEDIUM: "medium",
+  HIGH: "high",
+  CRITICAL: "critical",
+};
+
+/**
+ * High-risk operations that trigger elevated risk assessment.
+ */
+const HIGH_RISK_OPERATIONS = new Set([
+  "delete_identity",
+  "grant_admin",
+  "revoke_all",
+  "delete_role",
+  "db_encrypt",
+  "db_decrypt",
+  "config_change",
+  "export_secrets",
+  "bulk_delete",
+  "password_reset",
+  "schema_change",
+]);
+
+/**
+ * Ensure audit tables exist.
+ */
+export function ensureAuditTables(db) {
+  db.exec(`
+    CREATE TABLE IF NOT EXISTS audit_log (
+      id TEXT PRIMARY KEY,
+      event_type TEXT NOT NULL,
+      operation TEXT NOT NULL,
+      actor TEXT,
+      target TEXT,
+      details TEXT,
+      risk_level TEXT DEFAULT 'low',
+      ip_address TEXT,
+      user_agent TEXT,
+      success INTEGER DEFAULT 1,
+      error_message TEXT,
+      created_at TEXT DEFAULT (datetime('now'))
+    )
+  `);
+
+  db.exec(`
+    CREATE INDEX IF NOT EXISTS idx_audit_event_type ON audit_log(event_type)
+  `);
+  db.exec(`
+    CREATE INDEX IF NOT EXISTS idx_audit_created_at ON audit_log(created_at)
+  `);
+  db.exec(`
+    CREATE INDEX IF NOT EXISTS idx_audit_risk_level ON audit_log(risk_level)
+  `);
+  db.exec(`
+    CREATE INDEX IF NOT EXISTS idx_audit_actor ON audit_log(actor)
+  `);
+}
+
+/**
+ * Assess risk level for an operation.
+ */
+export function assessRisk(eventType, operation, details) {
+  if (HIGH_RISK_OPERATIONS.has(operation)) {
+    return RISK_LEVELS.HIGH;
+  }
+
+  if (eventType === EVENT_TYPES.AUTH && operation.includes("fail")) {
+    return RISK_LEVELS.MEDIUM;
+  }
+
+  if (eventType === EVENT_TYPES.PERMISSION) {
+    return RISK_LEVELS.MEDIUM;
+  }
+
+  if (details && typeof details === "object") {
+    if (details.bulkCount && details.bulkCount > 100) {
+      return RISK_LEVELS.HIGH;
+    }
+  }
+
+  return RISK_LEVELS.LOW;
+}
+
+/**
+ * Sanitize sensitive data from log details.
+ */
+export function sanitizeDetails(details) {
+  if (!details || typeof details !== "object") return details;
+
+  const sanitized = { ...details };
+  const sensitiveKeys = [
+    "password",
+    "secret",
+    "secretKey",
+    "secret_key",
+    "privateKey",
+    "private_key",
+    "token",
+    "apiKey",
+    "api_key",
+    "mnemonic",
+  ];
+
+  for (const key of sensitiveKeys) {
+    if (sanitized[key]) {
+      sanitized[key] = "[REDACTED]";
+    }
+  }
+
+  return sanitized;
+}
+
+/**
+ * Log an audit event.
+ */
+export function logEvent(db, event) {
+  ensureAuditTables(db);
+
+  const id = crypto.randomUUID();
+  const sanitized = sanitizeDetails(event.details);
+  const risk =
+    event.riskLevel ||
+    assessRisk(event.eventType, event.operation, event.details);
+
+  db.prepare(
+    `INSERT INTO audit_log (id, event_type, operation, actor, target, details, risk_level, ip_address, user_agent, success, error_message)
+     VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`,
+  ).run(
+    id,
+    event.eventType || EVENT_TYPES.SYSTEM,
+    event.operation || "unknown",
+    event.actor || null,
+    event.target || null,
+    sanitized ? JSON.stringify(sanitized) : null,
+    risk,
+    event.ipAddress || null,
+    event.userAgent || null,
+    event.success !== false ? 1 : 0,
+    event.errorMessage || null,
+  );
+
+  return { id, riskLevel: risk, createdAt: new Date().toISOString() };
+}
+
+/**
+ * Query audit logs with filters.
+ */
+export function queryLogs(db, filters = {}) {
+  ensureAuditTables(db);
+
+  let sql = "SELECT * FROM audit_log WHERE 1=1";
+  const params = [];
+
+  if (filters.eventType) {
+    sql += " AND event_type = ?";
+    params.push(filters.eventType);
+  }
+
+  if (filters.operation) {
+    sql += " AND operation LIKE ?";
+    params.push(`%${filters.operation}%`);
+  }
+
+  if (filters.actor) {
+    sql += " AND actor LIKE ?";
+    params.push(`%${filters.actor}%`);
+  }
+
+  if (filters.riskLevel) {
+    sql += " AND risk_level = ?";
+    params.push(filters.riskLevel);
+  }
+
+  if (filters.success !== undefined) {
+    sql += " AND success = ?";
+    params.push(filters.success ? 1 : 0);
+  }
+
+  if (filters.startDate) {
+    sql += " AND created_at >= ?";
+    params.push(filters.startDate);
+  }
+
+  if (filters.endDate) {
+    sql += " AND created_at <= ?";
+    params.push(filters.endDate);
+  }
+
+  if (filters.search) {
+    // Search in operation field (primary search field for CLI)
+    sql += " AND operation LIKE ?";
+    params.push(`%${filters.search}%`);
+  }
+
+  sql += " ORDER BY created_at DESC";
+
+  if (filters.limit) {
+    sql += " LIMIT ?";
+    params.push(filters.limit);
+  }
+
+  if (filters.offset) {
+    sql += " OFFSET ?";
+    params.push(filters.offset);
+  }
+
+  const rows = db.prepare(sql).all(...params);
+  return rows.map((r) => ({
+    ...r,
+    details: r.details ? JSON.parse(r.details) : null,
+    success: r.success === 1,
+  }));
+}
+
+/**
+ * Get audit statistics.
+ */
+export function getStatistics(db, startDate, endDate) {
+  ensureAuditTables(db);
+
+  let dateFilter = "";
+  const params = [];
+
+  if (startDate) {
+    dateFilter += " AND created_at >= ?";
+    params.push(startDate);
+  }
+  if (endDate) {
+    dateFilter += " AND created_at <= ?";
+    params.push(endDate);
+  }
+
+  const total = db
+    .prepare(`SELECT COUNT(*) as c FROM audit_log WHERE 1=1 ${dateFilter}`)
+    .get(...params).c;
+
+  const byEventType = db
+    .prepare(
+      `SELECT event_type, COUNT(*) as count FROM audit_log WHERE 1=1 ${dateFilter} GROUP BY event_type ORDER BY count DESC`,
+    )
+    .all(...params);
+
+  const byRiskLevel = db
+    .prepare(
+      `SELECT risk_level, COUNT(*) as count FROM audit_log WHERE 1=1 ${dateFilter} GROUP BY risk_level ORDER BY count DESC`,
+    )
+    .all(...params);
+
+  const failures = db
+    .prepare(
+      `SELECT COUNT(*) as c FROM audit_log WHERE success = 0 ${dateFilter}`,
+    )
+    .get(...params).c;
+
+  const highRiskHigh = db
+    .prepare(
+      `SELECT COUNT(*) as c FROM audit_log WHERE risk_level = 'high' ${dateFilter}`,
+    )
+    .get(...params).c;
+  const highRiskCritical = db
+    .prepare(
+      `SELECT COUNT(*) as c FROM audit_log WHERE risk_level = 'critical' ${dateFilter}`,
+    )
+    .get(...params).c;
+  const highRisk = highRiskHigh + highRiskCritical;
+
+  return {
+    total,
+    failures,
+    highRisk,
+    byEventType: Object.fromEntries(
+      byEventType.map((r) => [r.event_type, r.count]),
+    ),
+    byRiskLevel: Object.fromEntries(
+      byRiskLevel.map((r) => [r.risk_level, r.count]),
+    ),
+  };
+}
+
+/**
+ * Export audit logs as JSON or CSV.
+ */
+export function exportLogs(db, format = "json", filters = {}) {
+  const logs = queryLogs(db, { ...filters, limit: filters.limit || 10000 });
+
+  if (format === "csv") {
+    const headers = [
+      "id",
+      "event_type",
+      "operation",
+      "actor",
+      "target",
+      "risk_level",
+      "success",
+      "error_message",
+      "created_at",
+    ];
+    const csvRows = [headers.join(",")];
+
+    for (const log of logs) {
+      const row = headers.map((h) => {
+        const val = log[h];
+        if (val === null || val === undefined) return "";
+        const str = String(val);
+        return str.includes(",") || str.includes('"')
+          ? `"${str.replace(/"/g, '""')}"`
+          : str;
+      });
+      csvRows.push(row.join(","));
+    }
+
+    return csvRows.join("\n");
+  }
+
+  return JSON.stringify(logs, null, 2);
+}
+
+/**
+ * Delete old audit logs.
+ */
+export function purgeLogs(db, daysToKeep = 90) {
+  ensureAuditTables(db);
+
+  const cutoff = new Date();
+  cutoff.setDate(cutoff.getDate() - daysToKeep);
+  const cutoffStr = cutoff.toISOString().replace("T", " ").slice(0, 19);
+
+  const result = db
+    .prepare("DELETE FROM audit_log WHERE created_at < ?")
+    .run(cutoffStr);
+  return result.changes;
+}
+
+/**
+ * Get the most recent audit events.
+ */
+export function getRecentEvents(db, limit = 20) {
+  return queryLogs(db, { limit });
+}

package/src/lib/bi-engine.js

@@ -0,0 +1,299 @@
+/**
+ * BI Engine — Business intelligence with NL→SQL queries, dashboards,
+ * reports, anomaly detection, trend prediction, and scheduling.
+ */
+
+import crypto from "crypto";
+
+/* ── In-memory stores ──────────────────────────────────────── */
+const _dashboards = new Map();
+const _reports = new Map();
+const _scheduledReports = new Map();
+
+const _templates = [
+  {
+    id: "tpl-kpi",
+    name: "KPI Dashboard",
+    description: "Key performance indicators overview",
+    widgets: ["metric-card", "sparkline", "gauge"],
+  },
+  {
+    id: "tpl-sales",
+    name: "Sales Report",
+    description: "Sales pipeline and revenue analysis",
+    widgets: ["bar-chart", "funnel", "table"],
+  },
+  {
+    id: "tpl-ops",
+    name: "Operations Dashboard",
+    description: "System health and operational metrics",
+    widgets: ["heatmap", "timeline", "alert-list"],
+  },
+  {
+    id: "tpl-hr",
+    name: "HR Analytics",
+    description: "Workforce analytics and headcount",
+    widgets: ["pie-chart", "trend-line", "scorecard"],
+  },
+  {
+    id: "tpl-finance",
+    name: "Financial Overview",
+    description: "Revenue, expenses, and cash flow",
+    widgets: ["waterfall", "stacked-bar", "summary-table"],
+  },
+];
+
+/* ── Schema ────────────────────────────────────────────────── */
+
+export function ensureBITables(db) {
+  db.exec(`
+    CREATE TABLE IF NOT EXISTS bi_dashboards (
+      id TEXT PRIMARY KEY,
+      name TEXT NOT NULL,
+      widgets TEXT,
+      layout TEXT,
+      created_at TEXT DEFAULT (datetime('now')),
+      updated_at TEXT DEFAULT (datetime('now'))
+    )
+  `);
+  db.exec(`
+    CREATE TABLE IF NOT EXISTS bi_reports (
+      id TEXT PRIMARY KEY,
+      name TEXT NOT NULL,
+      query TEXT,
+      result TEXT,
+      format TEXT DEFAULT 'pdf',
+      created_at TEXT DEFAULT (datetime('now'))
+    )
+  `);
+  db.exec(`
+    CREATE TABLE IF NOT EXISTS bi_scheduled (
+      id TEXT PRIMARY KEY,
+      report_id TEXT NOT NULL,
+      cron TEXT NOT NULL,
+      recipients TEXT,
+      last_run TEXT,
+      status TEXT DEFAULT 'active'
+    )
+  `);
+}
+
+/* ── NL → SQL Query ────────────────────────────────────────── */
+
+export function nlQuery(query) {
+  if (!query || typeof query !== "string") {
+    throw new Error("Query must be a non-empty string");
+  }
+
+  // Mock NL→SQL translation: generate a SELECT LIKE query
+  const sanitized = query.replace(/['"]/g, "").trim();
+  const words = sanitized.split(/\s+/).slice(0, 3).join("_").toLowerCase();
+  const generatedSQL = `SELECT * FROM data WHERE content LIKE '%${words}%'`;
+
+  const id = crypto.randomUUID();
+  const results = [];
+  const visualization = {
+    type: "table",
+    title: query,
+    columns: ["id", "content", "value"],
+  };
+
+  return {
+    id,
+    query,
+    generatedSQL,
+    results,
+    rowCount: results.length,
+    visualization,
+  };
+}
+
+/* ── Reports ───────────────────────────────────────────────── */
+
+export function generateReport(db, name, options) {
+  const id = crypto.randomUUID();
+  const now = new Date().toISOString();
+  const format = (options && options.format) || "pdf";
+
+  const sectionNames = (options && options.sections) || [
+    "summary",
+    "details",
+    "conclusion",
+  ];
+  const sections = sectionNames.map((s) => ({
+    name: s,
+    content: `Auto-generated ${s} section`,
+    generatedAt: now,
+  }));
+
+  const report = {
+    id,
+    name,
+    format,
+    sections,
+    generatedAt: now,
+  };
+
+  _reports.set(id, report);
+
+  db.prepare(
+    `INSERT INTO bi_reports (id, name, query, result, format, created_at)
+     VALUES (?, ?, ?, ?, ?, ?)`,
+  ).run(id, name, "", JSON.stringify(report), format, now);
+
+  return report;
+}
+
+/* ── Dashboards ────────────────────────────────────────────── */
+
+export function createDashboard(db, name, widgets, layout) {
+  const id = crypto.randomUUID();
+  const now = new Date().toISOString();
+
+  const dashboard = {
+    id,
+    name,
+    widgets: widgets || [],
+    layout: layout || { type: "grid", columns: 2 },
+    createdAt: now,
+  };
+
+  _dashboards.set(id, dashboard);
+
+  db.prepare(
+    `INSERT INTO bi_dashboards (id, name, widgets, layout, created_at, updated_at)
+     VALUES (?, ?, ?, ?, ?, ?)`,
+  ).run(
+    id,
+    name,
+    JSON.stringify(dashboard.widgets),
+    JSON.stringify(dashboard.layout),
+    now,
+    now,
+  );
+
+  return dashboard;
+}
+
+/* ── Anomaly Detection ─────────────────────────────────────── */
+
+export function detectAnomaly(data, options) {
+  if (!Array.isArray(data) || data.length === 0) {
+    throw new Error("Data must be a non-empty array of numbers");
+  }
+
+  const threshold = (options && options.threshold) || 2;
+  const n = data.length;
+  const mean = data.reduce((s, v) => s + v, 0) / n;
+  const variance = data.reduce((s, v) => s + (v - mean) ** 2, 0) / n;
+  const std = Math.sqrt(variance);
+
+  const anomalies = [];
+  if (std > 0) {
+    for (let i = 0; i < data.length; i++) {
+      const zScore = Math.abs((data[i] - mean) / std);
+      if (zScore > threshold) {
+        anomalies.push({ index: i, value: data[i], zScore });
+      }
+    }
+  }
+
+  return { anomalies, mean, std, threshold };
+}
+
+/* ── Trend Prediction ──────────────────────────────────────── */
+
+export function predictTrend(data, periods) {
+  if (!Array.isArray(data) || data.length < 2) {
+    throw new Error("Data must be an array with at least 2 points");
+  }
+
+  const n = data.length;
+  const periodsToPredict = periods || 3;
+
+  // Simple linear regression: y = slope * x + intercept
+  let sumX = 0;
+  let sumY = 0;
+  let sumXY = 0;
+  let sumX2 = 0;
+
+  for (let i = 0; i < n; i++) {
+    sumX += i;
+    sumY += data[i];
+    sumXY += i * data[i];
+    sumX2 += i * i;
+  }
+
+  const slope = (n * sumXY - sumX * sumY) / (n * sumX2 - sumX * sumX);
+  const intercept = (sumY - slope * sumX) / n;
+
+  const predictions = [];
+  for (let i = 0; i < periodsToPredict; i++) {
+    const x = n + i;
+    predictions.push(Math.round((slope * x + intercept) * 100) / 100);
+  }
+
+  let trend;
+  if (Math.abs(slope) < 0.001) {
+    trend = "flat";
+  } else if (slope > 0) {
+    trend = "up";
+  } else {
+    trend = "down";
+  }
+
+  return { predictions, trend, slope: Math.round(slope * 1000) / 1000 };
+}
+
+/* ── Templates ─────────────────────────────────────────────── */
+
+export function listTemplates() {
+  return [..._templates];
+}
+
+/* ── Scheduling ────────────────────────────────────────────── */
+
+export function scheduleReport(db, reportId, cron, recipients) {
+  const id = crypto.randomUUID();
+  const schedule = {
+    id,
+    reportId,
+    cron,
+    recipients: recipients || [],
+    lastRun: null,
+    status: "active",
+  };
+
+  _scheduledReports.set(id, schedule);
+
+  db.prepare(
+    `INSERT INTO bi_scheduled (id, report_id, cron, recipients, last_run, status)
+     VALUES (?, ?, ?, ?, ?, ?)`,
+  ).run(id, reportId, cron, JSON.stringify(schedule.recipients), "", "active");
+
+  return schedule;
+}
+
+/* ── Export ─────────────────────────────────────────────────── */
+
+export function exportReport(reportId, format) {
+  const report = _reports.get(reportId);
+  if (!report) throw new Error(`Report not found: ${reportId}`);
+
+  const exportFormat = format || report.format || "pdf";
+  return {
+    reportId,
+    format: exportFormat,
+    filename: `${report.name.replace(/\s+/g, "_")}.${exportFormat}`,
+    size: 0,
+    exportedAt: new Date().toISOString(),
+  };
+}
+
+/* ── Reset (for testing) ───────────────────────────────────── */
+
+export function _resetState() {
+  _dashboards.clear();
+  _reports.clear();
+  _scheduledReports.clear();
+}