Skip to main content

do_memory_mcp/server/audit/
security_ops.rs

1//! Audit logging operations - Security and configuration operations
2//!
3//! This module provides logging methods for security and configuration operations.
4
5use super::core::AuditLogger;
6use super::types::AuditLogLevel;
7use serde_json::json;
8
9impl AuditLogger {
10    // === Configuration Operations ===
11
12    /// Log configuration change
13    pub async fn log_config_change(
14        &self,
15        client_id: &str,
16        config_key: &str,
17        old_value: &serde_json::Value,
18        new_value: &serde_json::Value,
19        success: bool,
20    ) {
21        let metadata = json!({
22            "config_key": config_key,
23            "old_value": old_value,
24            "new_value": new_value
25        });
26
27        self.log_event(
28            AuditLogLevel::Warn,
29            client_id,
30            "config_change",
31            if success { "success" } else { "failure" },
32            metadata,
33        )
34        .await;
35    }
36
37    /// Log embedding configuration change
38    pub async fn log_embedding_config(
39        &self,
40        client_id: &str,
41        provider: &str,
42        model: Option<&str>,
43        success: bool,
44    ) {
45        let metadata = json!({
46            "provider": provider,
47            "model": model
48        });
49
50        self.log_event(
51            AuditLogLevel::Warn,
52            client_id,
53            "embedding_config_change",
54            if success { "success" } else { "failure" },
55            metadata,
56        )
57        .await;
58    }
59
60    /// Log embedding generation event
61    pub async fn log_embedding_generation(&self, client_id: &str, success: bool) {
62        let metadata = json!({});
63
64        self.log_event(
65            AuditLogLevel::Info,
66            client_id,
67            "embedding_generation",
68            if success { "success" } else { "failure" },
69            metadata,
70        )
71        .await;
72    }
73
74    /// Log embedding search event
75    pub async fn log_embedding_search(&self, client_id: &str, result_count: usize, success: bool) {
76        let metadata = json!({
77            "result_count": result_count
78        });
79
80        self.log_event(
81            AuditLogLevel::Info,
82            client_id,
83            "embedding_search",
84            if success { "success" } else { "failure" },
85            metadata,
86        )
87        .await;
88    }
89
90    // === Authentication & Security ===
91
92    /// Log authentication event
93    pub async fn log_authentication(
94        &self,
95        client_id: &str,
96        auth_type: &str,
97        success: bool,
98        error: Option<&str>,
99    ) {
100        let metadata = json!({
101            "auth_type": auth_type,
102            "error": error
103        });
104
105        self.log_event(
106            AuditLogLevel::Info,
107            client_id,
108            "authentication",
109            if success { "success" } else { "failure" },
110            metadata,
111        )
112        .await;
113    }
114
115    /// Log rate limit violation
116    pub async fn log_rate_limit_violation(
117        &self,
118        client_id: &str,
119        operation: &str,
120        limit: u32,
121        current_count: u32,
122    ) {
123        let metadata = json!({
124            "operation": operation,
125            "limit": limit,
126            "current_count": current_count
127        });
128
129        self.log_event(
130            AuditLogLevel::Warn,
131            client_id,
132            "rate_limit_violation",
133            "blocked",
134            metadata,
135        )
136        .await;
137    }
138
139    /// Log security violation
140    pub async fn log_security_violation(
141        &self,
142        client_id: &str,
143        violation_type: &str,
144        details: &str,
145    ) {
146        let metadata = json!({
147            "violation_type": violation_type,
148            "details": details
149        });
150
151        self.log_event(
152            AuditLogLevel::Error,
153            client_id,
154            "security_violation",
155            "detected",
156            metadata,
157        )
158        .await;
159    }
160
161    /// Log code execution event
162    pub async fn log_code_execution(
163        &self,
164        client_id: &str,
165        sandbox_type: &str,
166        execution_time_ms: u64,
167        success: bool,
168        error: Option<&str>,
169    ) {
170        let metadata = json!({
171            "sandbox_type": sandbox_type,
172            "execution_time_ms": execution_time_ms,
173            "error": error
174        });
175
176        self.log_event(
177            AuditLogLevel::Info,
178            client_id,
179            "code_execution",
180            if success { "success" } else { "failure" },
181            metadata,
182        )
183        .await;
184    }
185
186    // === Relationship Operations ===
187
188    /// Log relationship change
189    pub async fn log_relationship_change(
190        &self,
191        client_id: &str,
192        source_id: &str,
193        target_id: &str,
194        relationship_type: &str,
195        operation: &str,
196        success: bool,
197    ) {
198        let metadata = json!({
199            "source_id": source_id,
200            "target_id": target_id,
201            "relationship_type": relationship_type,
202            "operation": operation
203        });
204
205        self.log_event(
206            AuditLogLevel::Info,
207            client_id,
208            "relationship_change",
209            if success { "success" } else { "failure" },
210            metadata,
211        )
212        .await;
213    }
214
215    // === External Signal Provider Operations ===
216
217    /// Log external signal provider configuration change
218    pub async fn log_external_signal_config(
219        &self,
220        client_id: &str,
221        provider: &str,
222        db_path: &str,
223        enabled: bool,
224        success: bool,
225    ) {
226        let metadata = json!({
227            "provider": provider,
228            "db_path": db_path,
229            "enabled": enabled
230        });
231
232        self.log_event(
233            AuditLogLevel::Warn,
234            client_id,
235            "external_signal_config_change",
236            if success { "success" } else { "failure" },
237            metadata,
238        )
239        .await;
240    }
241
242    /// Log external signal provider connection test
243    pub async fn log_external_signal_test(&self, client_id: &str, provider: &str, success: bool) {
244        let metadata = json!({
245            "provider": provider
246        });
247
248        self.log_event(
249            AuditLogLevel::Info,
250            client_id,
251            "external_signal_connection_test",
252            if success { "success" } else { "failure" },
253            metadata,
254        )
255        .await;
256    }
257}