oxirs-core 0.3.1

Core RDF and SPARQL functionality for OxiRS - native Rust implementation with zero dependencies
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108

//! GDPR compliance services for the audit trail.
//!
//! Implements the operational primitives required under:
//! - **Article 15** – right of access (data subject report).
//! - **Article 17** – right to erasure (pseudonymisation of PII fields).

use chrono::Utc;
use serde::{Deserialize, Serialize};

use super::event::AuditEvent;

// ─────────────────────────────────────────────
// DataSubjectReport
// ─────────────────────────────────────────────

/// A complete record of all audit events that concern a specific data subject.
///
/// Generated by [`GdprService::data_subject_report`] to satisfy GDPR Article 15
/// (subject access request). The report is serialisable to JSON for handover to
/// the data subject or a data protection authority.
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct DataSubjectReport {
    /// The data subject whose events this report covers.
    pub data_subject_id: String,
    /// All matching audit events, in chronological order.
    pub events: Vec<AuditEvent>,
    /// UTC timestamp at which this report was generated.
    pub generated_at: chrono::DateTime<Utc>,
    /// Convenience count; equals `events.len()`.
    pub event_count: usize,
}

impl DataSubjectReport {
    /// Serialise this report to a compact JSON string.
    ///
    /// Returns a [`serde_json::Error`] if serialisation fails (should not
    /// happen for well-formed reports, but callers must handle the error).
    pub fn to_json(&self) -> Result<String, serde_json::Error> {
        serde_json::to_string(self)
    }
}

// ─────────────────────────────────────────────
// GdprService
// ─────────────────────────────────────────────

/// GDPR compliance operations over an in-memory audit log.
///
/// All methods operate on borrowed slices or mutable `Vec` values so that
/// they compose with any storage backend.
pub struct GdprService;

impl GdprService {
    /// **GDPR Article 15** — Generate a data subject access report.
    ///
    /// Collects every event where `data_subject_id` equals `subject_id`,
    /// sorts them chronologically, and packages them in a [`DataSubjectReport`].
    pub fn data_subject_report(events: &[AuditEvent], data_subject_id: &str) -> DataSubjectReport {
        let mut matching: Vec<AuditEvent> = events
            .iter()
            .filter(|e| e.data_subject_id.as_deref() == Some(data_subject_id))
            .cloned()
            .collect();

        // Chronological order for the subject's convenience.
        matching.sort_by_key(|e| e.timestamp);

        let event_count = matching.len();
        DataSubjectReport {
            data_subject_id: data_subject_id.to_string(),
            events: matching,
            generated_at: Utc::now(),
            event_count,
        }
    }

    /// **GDPR Article 17** — Pseudonymise PII fields for a data subject.
    ///
    /// Replaces the following fields with `"[redacted]"` in every event where
    /// `data_subject_id` matches the target:
    ///
    /// | Field | Location |
    /// |---|---|
    /// | `actor.actor_id` | [`AuditActor`](super::event::AuditActor) |
    /// | `actor.ip_address` | [`AuditActor`](super::event::AuditActor) |
    /// | `actor.session_id` | [`AuditActor`](super::event::AuditActor) |
    /// | `data_subject_id` | [`AuditEvent`] |
    ///
    /// The event itself is **not deleted** — deleting records would break the
    /// audit chain required by SOC2. Instead, PII is replaced in-place while
    /// the event skeleton (timestamp, kind, action, outcome, resource) is
    /// preserved for compliance reporting.
    ///
    /// Returns the count of events that were modified.
    pub fn pseudonymise(events: &mut [AuditEvent], data_subject_id: &str) -> usize {
        let mut count = 0usize;
        for event in events.iter_mut() {
            if event.data_subject_id.as_deref() == Some(data_subject_id) {
                event.actor.actor_id = "[redacted]".to_string();
                event.actor.ip_address = Some("[redacted]".to_string());
                event.actor.session_id = Some("[redacted]".to_string());
                event.data_subject_id = Some("[redacted]".to_string());
                count += 1;
            }
        }
        count
    }
}