oxigdal-security 0.1.4

Enterprise security features for OxiGDAL: encryption, access control, compliance
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146

//! Enterprise security features for OxiGDAL.
//!
//! This crate provides comprehensive security features including:
//! - End-to-end encryption (at rest and in transit)
//! - Access control (RBAC and ABAC)
//! - Data lineage tracking
//! - Audit logging
//! - Multi-tenancy support
//! - Data anonymization
//! - Compliance reporting (GDPR, HIPAA, FedRAMP)
//! - Security scanning

#![deny(clippy::unwrap_used)]
#![deny(clippy::panic)]
#![warn(missing_docs)]

pub mod access_control;
pub mod anonymization;
pub mod audit;
pub mod compliance;
pub mod encryption;
pub mod error;
pub mod lineage;
pub mod multitenancy;
pub mod scanning;

pub use error::{Result, SecurityError};

/// Security configuration.
#[derive(Debug, Clone)]
pub struct SecurityConfig {
    /// Enable encryption.
    pub encryption_enabled: bool,
    /// Enable access control.
    pub access_control_enabled: bool,
    /// Enable audit logging.
    pub audit_logging_enabled: bool,
    /// Enable lineage tracking.
    pub lineage_tracking_enabled: bool,
    /// Enable multi-tenancy.
    pub multitenancy_enabled: bool,
}

impl Default for SecurityConfig {
    fn default() -> Self {
        Self {
            encryption_enabled: true,
            access_control_enabled: true,
            audit_logging_enabled: true,
            lineage_tracking_enabled: true,
            multitenancy_enabled: false,
        }
    }
}

impl SecurityConfig {
    /// Create a new security configuration.
    pub fn new() -> Self {
        Self::default()
    }

    /// Enable encryption.
    pub fn with_encryption(mut self, enabled: bool) -> Self {
        self.encryption_enabled = enabled;
        self
    }

    /// Enable access control.
    pub fn with_access_control(mut self, enabled: bool) -> Self {
        self.access_control_enabled = enabled;
        self
    }

    /// Enable audit logging.
    pub fn with_audit_logging(mut self, enabled: bool) -> Self {
        self.audit_logging_enabled = enabled;
        self
    }

    /// Enable lineage tracking.
    pub fn with_lineage_tracking(mut self, enabled: bool) -> Self {
        self.lineage_tracking_enabled = enabled;
        self
    }

    /// Enable multi-tenancy.
    pub fn with_multitenancy(mut self, enabled: bool) -> Self {
        self.multitenancy_enabled = enabled;
        self
    }

    /// Create a secure configuration with all features enabled.
    pub fn secure() -> Self {
        Self {
            encryption_enabled: true,
            access_control_enabled: true,
            audit_logging_enabled: true,
            lineage_tracking_enabled: true,
            multitenancy_enabled: true,
        }
    }

    /// Create a minimal configuration.
    pub fn minimal() -> Self {
        Self {
            encryption_enabled: true,
            access_control_enabled: false,
            audit_logging_enabled: false,
            lineage_tracking_enabled: false,
            multitenancy_enabled: false,
        }
    }
}

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn test_security_config() {
        let config = SecurityConfig::new()
            .with_encryption(true)
            .with_access_control(true);

        assert!(config.encryption_enabled);
        assert!(config.access_control_enabled);
    }

    #[test]
    fn test_secure_config() {
        let config = SecurityConfig::secure();
        assert!(config.encryption_enabled);
        assert!(config.access_control_enabled);
        assert!(config.audit_logging_enabled);
        assert!(config.lineage_tracking_enabled);
        assert!(config.multitenancy_enabled);
    }

    #[test]
    fn test_minimal_config() {
        let config = SecurityConfig::minimal();
        assert!(config.encryption_enabled);
        assert!(!config.access_control_enabled);
        assert!(!config.audit_logging_enabled);
    }
}