GeneralBots/generalbots
1
0
Fork 0
Code Activity Actions 5
generalbots/botserver/src/compliance/mod.rs

83 lines
2.9 KiB
Rust
Raw Normal View History

Implement database persistence for dashboards, legal, and compliance modules - Add PostgreSQL persistence for dashboards module (was returning empty vec![]) - Tables: dashboards, dashboard_widgets, dashboard_data_sources, dashboard_filters, dashboard_widget_data_sources, conversational_queries - Full CRUD operations with spawn_blocking pattern - Add PostgreSQL persistence for legal module (was using in-memory HashMap) - Tables: legal_documents, legal_document_versions, cookie_consents, consent_history, legal_acceptances, data_deletion_requests, data_export_requests - GDPR-compliant consent tracking and document management - Add PostgreSQL persistence for compliance module (was returning empty results) - Tables: compliance_checks, compliance_issues, compliance_audit_log, compliance_evidence, compliance_risk_assessments, compliance_risks, compliance_training_records, compliance_access_reviews - Support for GDPR, SOC2, ISO27001, HIPAA, PCI-DSS frameworks - Add migration files for all new tables - Update schema.rs with new table definitions and joinables - Register new routes in main.rs - Add recursion_limit = 512 for macro expansion
2026-01-13 00:07:22 -03:00
use axum::{
response::IntoResponse,
Implement TODO items: session auth, face API, task logs, intent storage Learn Module: - All 9 handlers now use AuthenticatedUser extractor Security: - validate_session_sync reads roles from SESSION_CACHE AutoTask: - get_task_logs reads from manifest with status logs - store_compiled_intent saves to cache and database Face API: - AWS Rekognition, OpenCV, InsightFace implementations - Detection, verification, analysis methods Other fixes: - Calendar/task integration database queries - Recording database methods - Analytics insights trends - Email/folder monitoring mock data
2026-01-13 14:48:49 -03:00
routing::{get, post, put},
Implement database persistence for dashboards, legal, and compliance modules - Add PostgreSQL persistence for dashboards module (was returning empty vec![]) - Tables: dashboards, dashboard_widgets, dashboard_data_sources, dashboard_filters, dashboard_widget_data_sources, conversational_queries - Full CRUD operations with spawn_blocking pattern - Add PostgreSQL persistence for legal module (was using in-memory HashMap) - Tables: legal_documents, legal_document_versions, cookie_consents, consent_history, legal_acceptances, data_deletion_requests, data_export_requests - GDPR-compliant consent tracking and document management - Add PostgreSQL persistence for compliance module (was returning empty results) - Tables: compliance_checks, compliance_issues, compliance_audit_log, compliance_evidence, compliance_risk_assessments, compliance_risks, compliance_training_records, compliance_access_reviews - Support for GDPR, SOC2, ISO27001, HIPAA, PCI-DSS frameworks - Add migration files for all new tables - Update schema.rs with new table definitions and joinables - Register new routes in main.rs - Add recursion_limit = 512 for macro expansion
2026-01-13 00:07:22 -03:00
Json, Router,
};
use std::sync::Arc;
Refactor: Split large files into modular subdirectories Split 20+ files over 1000 lines into focused subdirectories for better maintainability and code organization. All changes maintain backward compatibility through re-export wrappers. Major splits: - attendance/llm_assist.rs (2074→7 modules) - basic/keywords/face_api.rs → face_api/ (7 modules) - basic/keywords/file_operations.rs → file_ops/ (8 modules) - basic/keywords/hear_talk.rs → hearing/ (6 modules) - channels/wechat.rs → wechat/ (10 modules) - channels/youtube.rs → youtube/ (5 modules) - contacts/mod.rs → contacts_api/ (6 modules) - core/bootstrap/mod.rs → bootstrap/ (5 modules) - core/shared/admin.rs → admin_*.rs (5 modules) - designer/canvas.rs → canvas_api/ (6 modules) - designer/mod.rs → designer_api/ (6 modules) - docs/handlers.rs → handlers_api/ (11 modules) - drive/mod.rs → drive_handlers.rs, drive_types.rs - learn/mod.rs → types.rs - main.rs → main_module/ (7 modules) - meet/webinar.rs → webinar_api/ (8 modules) - paper/mod.rs → (10 modules) - security/auth.rs → auth_api/ (7 modules) - security/passkey.rs → (4 modules) - sources/mod.rs → sources_api/ (5 modules) - tasks/mod.rs → task_api/ (5 modules) Stats: 38,040 deletions, 1,315 additions across 318 files Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-12 21:09:30 +00:00
use crate::core::shared::state::AppState;
- New security features and compliance checklist.
2025-11-22 13:24:53 -03:00
pub mod access_review;
pub mod audit;
Add video module, RBAC, security features, billing, contacts, dashboards, learn, social, and multiple new modules Major additions: - Video editing engine with AI features (transcription, captions, TTS, scene detection) - RBAC middleware and organization management - Security enhancements (MFA, passkey, DLP, encryption, audit) - Billing and subscription management - Contacts management - Dashboards module - Learn/LMS module - Social features - Compliance (SOC2, SOP middleware, vulnerability scanner) - New migrations for RBAC, learn, and video tables
2026-01-08 13:16:17 -03:00
pub mod backup_verification;
Add docs, UI pages, code scanner, and Docker deployment guide - Add CRM contacts template documentation - Add Docker deployment documentation with compose examples - Add BASIC code scanner for security compliance checking - Add visual dialog designer UI (designer.html) - Add drive file manager UI (drive/index.html) - Add sources browser UI (sources/index.html) - Add compliance report tool UI (tools/compliance.html)
2025-11-30 19:36:50 -03:00
pub mod code_scanner;
Add video module, RBAC, security features, billing, contacts, dashboards, learn, social, and multiple new modules Major additions: - Video editing engine with AI features (transcription, captions, TTS, scene detection) - RBAC middleware and organization management - Security enhancements (MFA, passkey, DLP, encryption, audit) - Billing and subscription management - Contacts management - Dashboards module - Learn/LMS module - Social features - Compliance (SOC2, SOP middleware, vulnerability scanner) - New migrations for RBAC, learn, and video tables
2026-01-08 13:16:17 -03:00
pub mod evidence_collection;
Implement TODO items: session auth, face API, task logs, intent storage Learn Module: - All 9 handlers now use AuthenticatedUser extractor Security: - validate_session_sync reads roles from SESSION_CACHE AutoTask: - get_task_logs reads from manifest with status logs - store_compiled_intent saves to cache and database Face API: - AWS Rekognition, OpenCV, InsightFace implementations - Detection, verification, analysis methods Other fixes: - Calendar/task integration database queries - Recording database methods - Analytics insights trends - Email/folder monitoring mock data
2026-01-13 14:48:49 -03:00
pub mod handlers;
Add video module, RBAC, security features, billing, contacts, dashboards, learn, social, and multiple new modules Major additions: - Video editing engine with AI features (transcription, captions, TTS, scene detection) - RBAC middleware and organization management - Security enhancements (MFA, passkey, DLP, encryption, audit) - Billing and subscription management - Contacts management - Dashboards module - Learn/LMS module - Social features - Compliance (SOC2, SOP middleware, vulnerability scanner) - New migrations for RBAC, learn, and video tables
2026-01-08 13:16:17 -03:00
pub mod incident_response;
- New security features and compliance checklist.
2025-11-22 13:24:53 -03:00
pub mod policy_checker;
pub mod risk_assessment;
Add video module, RBAC, security features, billing, contacts, dashboards, learn, social, and multiple new modules Major additions: - Video editing engine with AI features (transcription, captions, TTS, scene detection) - RBAC middleware and organization management - Security enhancements (MFA, passkey, DLP, encryption, audit) - Billing and subscription management - Contacts management - Dashboards module - Learn/LMS module - Social features - Compliance (SOC2, SOP middleware, vulnerability scanner) - New migrations for RBAC, learn, and video tables
2026-01-08 13:16:17 -03:00
pub mod soc2;
pub mod sop_middleware;
Implement TODO items: session auth, face API, task logs, intent storage Learn Module: - All 9 handlers now use AuthenticatedUser extractor Security: - validate_session_sync reads roles from SESSION_CACHE AutoTask: - get_task_logs reads from manifest with status logs - store_compiled_intent saves to cache and database Face API: - AWS Rekognition, OpenCV, InsightFace implementations - Detection, verification, analysis methods Other fixes: - Calendar/task integration database queries - Recording database methods - Analytics insights trends - Email/folder monitoring mock data
2026-01-13 14:48:49 -03:00
pub mod storage;
- New security features and compliance checklist.
2025-11-22 13:24:53 -03:00
pub mod training_tracker;
Implement TODO items: session auth, face API, task logs, intent storage Learn Module: - All 9 handlers now use AuthenticatedUser extractor Security: - validate_session_sync reads roles from SESSION_CACHE AutoTask: - get_task_logs reads from manifest with status logs - store_compiled_intent saves to cache and database Face API: - AWS Rekognition, OpenCV, InsightFace implementations - Detection, verification, analysis methods Other fixes: - Calendar/task integration database queries - Recording database methods - Analytics insights trends - Email/folder monitoring mock data
2026-01-13 14:48:49 -03:00
pub mod types;
pub mod ui;
Add video module, RBAC, security features, billing, contacts, dashboards, learn, social, and multiple new modules Major additions: - Video editing engine with AI features (transcription, captions, TTS, scene detection) - RBAC middleware and organization management - Security enhancements (MFA, passkey, DLP, encryption, audit) - Billing and subscription management - Contacts management - Dashboards module - Learn/LMS module - Social features - Compliance (SOC2, SOP middleware, vulnerability scanner) - New migrations for RBAC, learn, and video tables
2026-01-08 13:16:17 -03:00
pub mod vulnerability_scanner;
- New security features and compliance checklist.
2025-11-22 13:24:53 -03:00
Add docs, UI pages, code scanner, and Docker deployment guide - Add CRM contacts template documentation - Add Docker deployment documentation with compose examples - Add BASIC code scanner for security compliance checking - Add visual dialog designer UI (designer.html) - Add drive file manager UI (drive/index.html) - Add sources browser UI (sources/index.html) - Add compliance report tool UI (tools/compliance.html)
2025-11-30 19:36:50 -03:00
pub use code_scanner::{
CodeIssue, CodeScanner, ComplianceReporter, ComplianceScanResult, IssueSeverity, IssueType,
ScanStats,
};
Implement TODO items: session auth, face API, task logs, intent storage Learn Module: - All 9 handlers now use AuthenticatedUser extractor Security: - validate_session_sync reads roles from SESSION_CACHE AutoTask: - get_task_logs reads from manifest with status logs - store_compiled_intent saves to cache and database Face API: - AWS Rekognition, OpenCV, InsightFace implementations - Detection, verification, analysis methods Other fixes: - Calendar/task integration database queries - Recording database methods - Analytics insights trends - Email/folder monitoring mock data
2026-01-13 14:48:49 -03:00
pub use storage::{
DbAccessReview, DbAuditLog, DbComplianceCheck, DbComplianceIssue, DbEvidence, DbRisk,
DbRiskAssessment, DbTrainingRecord,
};
Implement database persistence for dashboards, legal, and compliance modules - Add PostgreSQL persistence for dashboards module (was returning empty vec![]) - Tables: dashboards, dashboard_widgets, dashboard_data_sources, dashboard_filters, dashboard_widget_data_sources, conversational_queries - Full CRUD operations with spawn_blocking pattern - Add PostgreSQL persistence for legal module (was using in-memory HashMap) - Tables: legal_documents, legal_document_versions, cookie_consents, consent_history, legal_acceptances, data_deletion_requests, data_export_requests - GDPR-compliant consent tracking and document management - Add PostgreSQL persistence for compliance module (was returning empty results) - Tables: compliance_checks, compliance_issues, compliance_audit_log, compliance_evidence, compliance_risk_assessments, compliance_risks, compliance_training_records, compliance_access_reviews - Support for GDPR, SOC2, ISO27001, HIPAA, PCI-DSS frameworks - Add migration files for all new tables - Update schema.rs with new table definitions and joinables - Register new routes in main.rs - Add recursion_limit = 512 for macro expansion
2026-01-13 00:07:22 -03:00
Implement TODO items: session auth, face API, task logs, intent storage Learn Module: - All 9 handlers now use AuthenticatedUser extractor Security: - validate_session_sync reads roles from SESSION_CACHE AutoTask: - get_task_logs reads from manifest with status logs - store_compiled_intent saves to cache and database Face API: - AWS Rekognition, OpenCV, InsightFace implementations - Detection, verification, analysis methods Other fixes: - Calendar/task integration database queries - Recording database methods - Analytics insights trends - Email/folder monitoring mock data
2026-01-13 14:48:49 -03:00
pub use types::{
AccessReview, ActionResult, AuditEventType, AuditLogEntry, ComplianceCheckResult,
ComplianceFramework, ComplianceIssueResult, ComplianceReport, ComplianceStatus,
CreateAuditLogRequest, CreateIssueRequest, CreateTrainingRequest, ListAuditLogsQuery,
ListChecksQuery, ListIssuesQuery, PermissionReview, ReviewAction, ReviewStatus, Risk,
RiskAssessment, RiskCategory, RiskStatus, RunCheckRequest, Severity, TrainingRecord,
TrainingType, TreatmentStrategy, UpdateIssueRequest,
};
Implement database persistence for dashboards, legal, and compliance modules - Add PostgreSQL persistence for dashboards module (was returning empty vec![]) - Tables: dashboards, dashboard_widgets, dashboard_data_sources, dashboard_filters, dashboard_widget_data_sources, conversational_queries - Full CRUD operations with spawn_blocking pattern - Add PostgreSQL persistence for legal module (was using in-memory HashMap) - Tables: legal_documents, legal_document_versions, cookie_consents, consent_history, legal_acceptances, data_deletion_requests, data_export_requests - GDPR-compliant consent tracking and document management - Add PostgreSQL persistence for compliance module (was returning empty results) - Tables: compliance_checks, compliance_issues, compliance_audit_log, compliance_evidence, compliance_risk_assessments, compliance_risks, compliance_training_records, compliance_access_reviews - Support for GDPR, SOC2, ISO27001, HIPAA, PCI-DSS frameworks - Add migration files for all new tables - Update schema.rs with new table definitions and joinables - Register new routes in main.rs - Add recursion_limit = 512 for macro expansion
2026-01-13 00:07:22 -03:00
#[derive(Debug, thiserror::Error)]
pub enum ComplianceError {
#[error("Not found: {0}")]
NotFound(String),
#[error("Validation error: {0}")]
Validation(String),
#[error("Database error: {0}")]
Database(String),
#[error("Internal error: {0}")]
Internal(String),
}
impl IntoResponse for ComplianceError {
fn into_response(self) -> axum::response::Response {
use axum::http::StatusCode;
let (status, message) = match &self {
Self::NotFound(msg) => (StatusCode::NOT_FOUND, msg.clone()),
Self::Validation(msg) => (StatusCode::BAD_REQUEST, msg.clone()),
Self::Database(msg) | Self::Internal(msg) => {
(StatusCode::INTERNAL_SERVER_ERROR, msg.clone())
}
};
(status, Json(serde_json::json!({ "error": message }))).into_response()
- New security features and compliance checklist.
2025-11-22 13:24:53 -03:00
}
Implement database persistence for dashboards, legal, and compliance modules - Add PostgreSQL persistence for dashboards module (was returning empty vec![]) - Tables: dashboards, dashboard_widgets, dashboard_data_sources, dashboard_filters, dashboard_widget_data_sources, conversational_queries - Full CRUD operations with spawn_blocking pattern - Add PostgreSQL persistence for legal module (was using in-memory HashMap) - Tables: legal_documents, legal_document_versions, cookie_consents, consent_history, legal_acceptances, data_deletion_requests, data_export_requests - GDPR-compliant consent tracking and document management - Add PostgreSQL persistence for compliance module (was returning empty results) - Tables: compliance_checks, compliance_issues, compliance_audit_log, compliance_evidence, compliance_risk_assessments, compliance_risks, compliance_training_records, compliance_access_reviews - Support for GDPR, SOC2, ISO27001, HIPAA, PCI-DSS frameworks - Add migration files for all new tables - Update schema.rs with new table definitions and joinables - Register new routes in main.rs - Add recursion_limit = 512 for macro expansion
2026-01-13 00:07:22 -03:00
}
- New security features and compliance checklist.
2025-11-22 13:24:53 -03:00
Implement database persistence for dashboards, legal, and compliance modules - Add PostgreSQL persistence for dashboards module (was returning empty vec![]) - Tables: dashboards, dashboard_widgets, dashboard_data_sources, dashboard_filters, dashboard_widget_data_sources, conversational_queries - Full CRUD operations with spawn_blocking pattern - Add PostgreSQL persistence for legal module (was using in-memory HashMap) - Tables: legal_documents, legal_document_versions, cookie_consents, consent_history, legal_acceptances, data_deletion_requests, data_export_requests - GDPR-compliant consent tracking and document management - Add PostgreSQL persistence for compliance module (was returning empty results) - Tables: compliance_checks, compliance_issues, compliance_audit_log, compliance_evidence, compliance_risk_assessments, compliance_risks, compliance_training_records, compliance_access_reviews - Support for GDPR, SOC2, ISO27001, HIPAA, PCI-DSS frameworks - Add migration files for all new tables - Update schema.rs with new table definitions and joinables - Register new routes in main.rs - Add recursion_limit = 512 for macro expansion
2026-01-13 00:07:22 -03:00
pub fn configure_compliance_routes() -> Router<Arc<AppState>> {
Router::new()
Fix all duplicate route conflicts: combine methods and move UI routes to /api/ui/
2026-01-14 09:37:07 -03:00
.route("/api/compliance/checks", get(handlers::handle_list_checks).post(handlers::handle_run_check))
.route("/api/compliance/checks/:check_id", get(handlers::handle_get_check))
.route("/api/compliance/issues", get(handlers::handle_list_issues).post(handlers::handle_create_issue))
.route("/api/compliance/issues/:issue_id", put(handlers::handle_update_issue))
.route("/api/compliance/audit", get(handlers::handle_list_audit_logs).post(handlers::handle_create_audit_log))
.route("/api/compliance/training", post(handlers::handle_create_training))
Implement TODO items: session auth, face API, task logs, intent storage Learn Module: - All 9 handlers now use AuthenticatedUser extractor Security: - validate_session_sync reads roles from SESSION_CACHE AutoTask: - get_task_logs reads from manifest with status logs - store_compiled_intent saves to cache and database Face API: - AWS Rekognition, OpenCV, InsightFace implementations - Detection, verification, analysis methods Other fixes: - Calendar/task integration database queries - Recording database methods - Analytics insights trends - Email/folder monitoring mock data
2026-01-13 14:48:49 -03:00
.route("/api/compliance/report", get(handlers::handle_get_report))
Fix 5 errors and 32 warnings: calendar, compliance, billing_alert_broadcast, unused vars
2026-01-13 22:21:25 -03:00
.route("/api/compliance/evidence", post(handlers::handle_upload_evidence))
- New security features and compliance checklist.
2025-11-22 13:24:53 -03:00
}
Copy permalink