Skip to main content

AuditEntry

Struct AuditEntry

pub struct AuditEntry {
    pub id: AuditEntryId,
    pub timestamp: Timestamp,
    pub session_id: SessionId,
    pub principal: Option<PrincipalId>,
    pub action: AuditAction,
    pub authorization: AuthorizationProof,
    pub outcome: AuditOutcome,
    pub previous_hash: ContentHash,
    pub runtime_key: PublicKey,
    pub signature: Signature,
}

Expand description

A single audit log entry.

Fields§

§id: AuditEntryId

Unique entry identifier.

§timestamp: Timestamp

When this entry was created.

§session_id: SessionId

Session this entry belongs to.

§principal: Option<PrincipalId>

The principal (user identity) this action was performed on behalf of. None for system actions that have no user context.

§action: AuditAction

The action being audited.

§authorization: AuthorizationProof

Authorization proof for this action.

§outcome: AuditOutcome

Outcome of the action.

§previous_hash: ContentHash

Hash of the previous entry (chain linking).

§runtime_key: PublicKey

Runtime public key that signed this entry.

§signature: Signature

Signature over entry contents.

Implementations§

impl AuditEntry

pub fn create( session_id: SessionId, action: AuditAction, authorization: AuthorizationProof, outcome: AuditOutcome, previous_hash: ContentHash, runtime_key: &KeyPair, ) -> Self

Create and sign a new audit entry.

pub fn create_with_principal( session_id: SessionId, principal: PrincipalId, action: AuditAction, authorization: AuthorizationProof, outcome: AuditOutcome, previous_hash: ContentHash, runtime_key: &KeyPair, ) -> Self

Create and sign a new audit entry with a principal.

Used when audit entries need to record which principal an action was performed on behalf of. Call sites will be wired when the kernel audit integration is updated.

pub fn signing_data(&self) -> Vec<u8> ⓘ

Get the data used for signing.

pub fn content_hash(&self) -> ContentHash

Compute the content hash of this entry.

pub fn verify_signature(&self) -> AuditResult<()>

Verify the entry’s signature.

§Errors

Returns AuditError::InvalidSignature if the signature does not match the entry contents.

pub fn follows(&self, previous: &AuditEntry) -> bool

Check if this entry follows another (chain linking).

Trait Implementations§

impl Clone for AuditEntry

fn clone(&self) -> AuditEntry

Returns a duplicate of the value. Read more

1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more

impl Debug for AuditEntry

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

impl<'de> Deserialize<'de> for AuditEntry

fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer. Read more

impl Serialize for AuditEntry

fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
where S: Serializer,

Serialize this value into the given Serde serializer. Read more

Auto Trait Implementations§

impl Freeze for AuditEntry

impl RefUnwindSafe for AuditEntry

impl Send for AuditEntry

impl Sync for AuditEntry

impl Unpin for AuditEntry

impl UnsafeUnpin for AuditEntry

impl UnwindSafe for AuditEntry

Blanket Implementations§

impl<T> Any for T
where T: 'static + ?Sized,

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more

impl<T> Borrow<T> for T
where T: ?Sized,

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more

impl<T> BorrowMut<T> for T
where T: ?Sized,

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more

impl<T> CloneToUninit for T
where T: Clone,

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)

Performs copy-assignment from self to dest. Read more

impl<T> From<T> for T

fn from(t: T) -> T

Returns the argument unchanged.

impl<T> Instrument for T

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more

impl<T, U> Into<U> for T
where U: From<T>,

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

impl<T> Same for T

type Output = T

Should always be Self

impl<T> ToOwned for T
where T: Clone,

type Owned = T

The resulting type after obtaining ownership.

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more

impl<T, U> TryFrom<U> for T
where U: Into<T>,

type Error = Infallible

The type returned in the event of a conversion error.

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

fn vzip(self) -> V

impl<T> WithSubscriber for T

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more

impl<T> DeserializeOwned for T
where T: for<'de> Deserialize<'de>,