aaai-core 0.3.0

Core engine for aaai — audit for asset integrity
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143

//! Built-in rule templates for common audit patterns.
//!
//! A [`RuleTemplate`] carries a display name, description, and a factory that
//! produces a pre-filled [`AuditStrategy`] ready to insert into an inspector
//! or a snap-generated entry.

use crate::config::definition::{AuditStrategy, LineAction, LineRule, RegexTarget};
use crate::diff::entry::DiffType;

/// A named, reusable audit-strategy pattern.
#[derive(Debug, Clone)]
pub struct RuleTemplate {
    pub id:          &'static str,
    pub name:        &'static str,
    pub name_ja:     &'static str,
    pub description: &'static str,
    pub diff_type:   DiffType,
    /// Produce a strategy instance for this template.
    pub strategy:    fn() -> AuditStrategy,
}

/// The built-in template library.
pub static TEMPLATES: &[RuleTemplate] = &[
    RuleTemplate {
        id:          "version_bump",
        name:        "Version number update",
        name_ja:     "バージョン番号の更新",
        description: "A semver-like version string changed in a modified file (Regex).",
        diff_type:   DiffType::Modified,
        strategy:    || AuditStrategy::Regex {
            pattern: r"^\d+\.\d+\.\d+".to_string(),
            target:  RegexTarget::AddedLines,
        },
    },
    RuleTemplate {
        id:          "port_change",
        name:        "Port number change",
        name_ja:     "ポート番号の変更",
        description: "A `port = N` line changed to `port = M` (LineMatch template — fill in actual values).",
        diff_type:   DiffType::Modified,
        strategy:    || AuditStrategy::LineMatch {
            rules: vec![
                LineRule { action: LineAction::Removed, line: "port = ".to_string() },
                LineRule { action: LineAction::Added,   line: "port = ".to_string() },
            ],
        },
    },
    RuleTemplate {
        id:          "file_added_any",
        name:        "File added (content not inspected)",
        name_ja:     "ファイルの追加(内容確認なし)",
        description: "A new file was intentionally added; no content check required.",
        diff_type:   DiffType::Added,
        strategy:    || AuditStrategy::None,
    },
    RuleTemplate {
        id:          "file_removed_any",
        name:        "File removed (content not inspected)",
        name_ja:     "ファイルの削除(内容確認なし)",
        description: "A file was intentionally deleted; no content check required.",
        diff_type:   DiffType::Removed,
        strategy:    || AuditStrategy::None,
    },
    RuleTemplate {
        id:          "config_line_change",
        name:        "Config key=value change",
        name_ja:     "設定値の変更",
        description: "A `key = value` pair changed (LineMatch template — fill in key and values).",
        diff_type:   DiffType::Modified,
        strategy:    || AuditStrategy::LineMatch {
            rules: vec![
                LineRule { action: LineAction::Removed, line: "key = old_value".to_string() },
                LineRule { action: LineAction::Added,   line: "key = new_value".to_string() },
            ],
        },
    },
    RuleTemplate {
        id:          "date_string_change",
        name:        "Date string update",
        name_ja:     "日付文字列の更新",
        description: "A date like 2025-01-15 changed; validates ISO-8601 format (Regex).",
        diff_type:   DiffType::Modified,
        strategy:    || AuditStrategy::Regex {
            pattern: r"^\d{4}-\d{2}-\d{2}".to_string(),
            target:  RegexTarget::AddedLines,
        },
    },
    RuleTemplate {
        id:          "exact_binary",
        name:        "Binary / generated file (checksum)",
        name_ja:     "バイナリ・生成ファイル(チェックサム)",
        description: "Verify a binary or generated file by its SHA-256 digest (fill in hash).",
        diff_type:   DiffType::Modified,
        strategy:    || AuditStrategy::Checksum {
            expected_sha256: String::new(),
        },
    },
    RuleTemplate {
        id:          "feature_flag_toggle",
        name:        "Feature flag toggle",
        name_ja:     "フィーチャーフラグの切り替え",
        description: "A boolean flag changed from false to true or vice versa (Regex).",
        diff_type:   DiffType::Modified,
        strategy:    || AuditStrategy::Regex {
            pattern: r"^(true|false)$".to_string(),
            target:  RegexTarget::AddedLines,
        },
    },
];

/// Find a template by id.
pub fn find(id: &str) -> Option<&'static RuleTemplate> {
    TEMPLATES.iter().find(|t| t.id == id)
}

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn all_templates_produce_valid_strategies() {
        for tmpl in TEMPLATES {
            let strat = (tmpl.strategy)();
            // None and LineMatch with placeholder are valid (or expected to need filling)
            // Just ensure no panics
            let _ = strat.label();
        }
    }

    #[test]
    fn find_by_id_works() {
        assert!(find("version_bump").is_some());
        assert!(find("nonexistent").is_none());
    }

    #[test]
    fn no_duplicate_ids() {
        let mut ids: Vec<&str> = TEMPLATES.iter().map(|t| t.id).collect();
        let original_len = ids.len();
        ids.dedup();
        assert_eq!(ids.len(), original_len, "duplicate template IDs found");
    }
}