Struct AuditQuery 

pub struct AuditQuery<'a> { /* private fields */ }

Audit-query builder reading the substrate’s admin audit ring. Constructed via DeckClient::audit; chain filter methods, then call Self::collect to materialize the matching entries.

Scope

Reads the in-memory admin audit ring exported on every super::meshos::MeshOsSnapshot. The ring carries every admin commit the loop observed — signed ICE bundles AND unsigned admin events — bounded at super::meshos::DEFAULT_MAX_ADMIN_AUDIT_RECORDS. The unbounded historical replay path is the eventual admin audit subchain (substrate gap); this in-memory ring is the near-history surface Deck-the-binary renders against.

Per-method semantics:

• Self::recent — keep the last N entries (newest-first in the result). When unspecified, returns every entry on the ring.
• Self::by_operator — keep entries whose super::meshos::AdminAuditRecord::operator_ids include the given id.
• Self::between — keep entries whose committed_at_ms falls inside [start_ms, end_ms] (inclusive).
• Self::force_only — restrict the result to ICE-class admin events (AdminEvent::is_ice returns true). Drops ordinary admin commits (drain, cordon, …) from the result.

Implementations

impl<'a> AuditQuery<'a>

pub fn recent(self, limit: usize) -> Self

Cap the result at the most-recent limit entries. Returned order is newest-first.

limit = 0 returns an empty result by design — useful in higher-level builder flows that compute the cap from runtime config (operator typed 0, no records wanted). Callers that want “as many as the ring holds” should omit recent() entirely; the builder’s default returns every entry.

pub fn by_operator(self, op_id: u64) -> Self

Keep only entries that carry op_id in their operator_ids list. Records where one of several operators in a multi-op bundle matches still surface.

pub fn between(self, start_ms: u64, end_ms: u64) -> Self

Keep only entries whose committed_at_ms falls inside [start_ms, end_ms] (inclusive on both ends). Milliseconds since UNIX_EPOCH.

pub fn force_only(self) -> Self

Restrict the result to ICE force operations. The audit ring now interleaves ordinary signed-admin commits with ICE bundles, so this filter actively drops non-ICE records via super::meshos::AdminEvent::is_ice.

pub fn since(self, since_seq: u64) -> Self

Restrict the result to records with seq > since_seq. Pagination primitive: consumers persist the last-seen seq and resume from there across restarts. For Self::stream the value seeds the stream’s watermark — the stream tails from since_seq + 1 onward rather than from “first new record after now”.

since(0) means “from the beginning of what’s still in the ring” — equivalent to omitting since() entirely in terms of what records are returned. To tail only records that arrive after subscribe time, pair this with DeckClient::audit_head_seq: read the head once, then since(head). The same convention applies to LogFilter::since and DeckClient::subscribe_failures.

pub fn collect(self) -> Vec<AdminAuditRecord>

Materialize matching entries. Reads the runtime’s latest snapshot, applies the configured filters, and returns the matching entries newest-first. Cheap — one snapshot read + a single iterator pass.

pub fn stream(self) -> AuditStream

Tail mode: convert the query into an async stream that yields each matching audit record as it arrives on the substrate’s ring. Polls the snapshot reader at DeckClientConfig::snapshot_poll_interval. The recent(limit) filter is ignored in tail mode — the stream emits continuously, not a bounded batch.

Uses super::meshos::AdminAuditRecord::seq to dedup across polls so two commits in the same millisecond never collapse.