generalbots/src/compliance/mod.rs

use axum::{
    response::IntoResponse,
    routing::{get, post, put},
    Json, Router,
};
use std::sync::Arc;

use crate::shared::state::AppState;

pub mod access_review;
pub mod audit;
pub mod backup_verification;
pub mod code_scanner;
pub mod evidence_collection;
pub mod handlers;
pub mod incident_response;
pub mod policy_checker;
pub mod risk_assessment;
pub mod soc2;
pub mod sop_middleware;
pub mod storage;
pub mod training_tracker;
pub mod types;
pub mod ui;
pub mod vulnerability_scanner;

pub use code_scanner::{
    CodeIssue, CodeScanner, ComplianceReporter, ComplianceScanResult, IssueSeverity, IssueType,
    ScanStats,
};

pub use storage::{
    DbAccessReview, DbAuditLog, DbComplianceCheck, DbComplianceIssue, DbEvidence, DbRisk,
    DbRiskAssessment, DbTrainingRecord,
};

pub use types::{
    AccessReview, ActionResult, AuditEventType, AuditLogEntry, ComplianceCheckResult,
    ComplianceFramework, ComplianceIssueResult, ComplianceReport, ComplianceStatus,
    CreateAuditLogRequest, CreateIssueRequest, CreateTrainingRequest, ListAuditLogsQuery,
    ListChecksQuery, ListIssuesQuery, PermissionReview, ReviewAction, ReviewStatus, Risk,
    RiskAssessment, RiskCategory, RiskStatus, RunCheckRequest, Severity, TrainingRecord,
    TrainingType, TreatmentStrategy, UpdateIssueRequest,
};

#[derive(Debug, thiserror::Error)]
pub enum ComplianceError {
    #[error("Not found: {0}")]
    NotFound(String),
    #[error("Validation error: {0}")]
    Validation(String),
    #[error("Database error: {0}")]
    Database(String),
    #[error("Internal error: {0}")]
    Internal(String),
}

impl IntoResponse for ComplianceError {
    fn into_response(self) -> axum::response::Response {
        use axum::http::StatusCode;
        let (status, message) = match &self {
            Self::NotFound(msg) => (StatusCode::NOT_FOUND, msg.clone()),
            Self::Validation(msg) => (StatusCode::BAD_REQUEST, msg.clone()),
            Self::Database(msg) | Self::Internal(msg) => {
                (StatusCode::INTERNAL_SERVER_ERROR, msg.clone())
            }
        };
        (status, Json(serde_json::json!({ "error": message }))).into_response()
    }
}

pub fn configure_compliance_routes() -> Router<Arc<AppState>> {
    Router::new()
        .route("/api/compliance/checks", get(handlers::handle_list_checks))
        .route("/api/compliance/checks", post(handlers::handle_run_check))
        .route(
            "/api/compliance/checks/:check_id",
            get(handlers::handle_get_check),
        )
        .route("/api/compliance/issues", get(handlers::handle_list_issues))
        .route("/api/compliance/issues", post(handlers::handle_create_issue))
        .route(
            "/api/compliance/issues/:issue_id",
            put(handlers::handle_update_issue),
        )
        .route("/api/compliance/audit", get(handlers::handle_list_audit_logs))
        .route(
            "/api/compliance/audit",
            post(handlers::handle_create_audit_log),
        )
        .route(
            "/api/compliance/training",
            post(handlers::handle_create_training),
        )
        .route("/api/compliance/report", get(handlers::handle_get_report))
        .route("/api/compliance/evidence", post(handlers::handle_upload_evidence))
}
Implement database persistence for dashboards, legal, and compliance modules - Add PostgreSQL persistence for dashboards module (was returning empty vec![]) - Tables: dashboards, dashboard_widgets, dashboard_data_sources, dashboard_filters, dashboard_widget_data_sources, conversational_queries - Full CRUD operations with spawn_blocking pattern - Add PostgreSQL persistence for legal module (was using in-memory HashMap) - Tables: legal_documents, legal_document_versions, cookie_consents, consent_history, legal_acceptances, data_deletion_requests, data_export_requests - GDPR-compliant consent tracking and document management - Add PostgreSQL persistence for compliance module (was returning empty results) - Tables: compliance_checks, compliance_issues, compliance_audit_log, compliance_evidence, compliance_risk_assessments, compliance_risks, compliance_training_records, compliance_access_reviews - Support for GDPR, SOC2, ISO27001, HIPAA, PCI-DSS frameworks - Add migration files for all new tables - Update schema.rs with new table definitions and joinables - Register new routes in main.rs - Add recursion_limit = 512 for macro expansion 2026-01-13 00:07:22 -03:00			`use axum::{`
			`response::IntoResponse,`
Implement TODO items: session auth, face API, task logs, intent storage Learn Module: - All 9 handlers now use AuthenticatedUser extractor Security: - validate_session_sync reads roles from SESSION_CACHE AutoTask: - get_task_logs reads from manifest with status logs - store_compiled_intent saves to cache and database Face API: - AWS Rekognition, OpenCV, InsightFace implementations - Detection, verification, analysis methods Other fixes: - Calendar/task integration database queries - Recording database methods - Analytics insights trends - Email/folder monitoring mock data 2026-01-13 14:48:49 -03:00			`routing::{get, post, put},`
Implement database persistence for dashboards, legal, and compliance modules - Add PostgreSQL persistence for dashboards module (was returning empty vec![]) - Tables: dashboards, dashboard_widgets, dashboard_data_sources, dashboard_filters, dashboard_widget_data_sources, conversational_queries - Full CRUD operations with spawn_blocking pattern - Add PostgreSQL persistence for legal module (was using in-memory HashMap) - Tables: legal_documents, legal_document_versions, cookie_consents, consent_history, legal_acceptances, data_deletion_requests, data_export_requests - GDPR-compliant consent tracking and document management - Add PostgreSQL persistence for compliance module (was returning empty results) - Tables: compliance_checks, compliance_issues, compliance_audit_log, compliance_evidence, compliance_risk_assessments, compliance_risks, compliance_training_records, compliance_access_reviews - Support for GDPR, SOC2, ISO27001, HIPAA, PCI-DSS frameworks - Add migration files for all new tables - Update schema.rs with new table definitions and joinables - Register new routes in main.rs - Add recursion_limit = 512 for macro expansion 2026-01-13 00:07:22 -03:00			`Json, Router,`
			`};`
			`use std::sync::Arc;`

			`use crate::shared::state::AppState;`
- New security features and compliance checklist. 2025-11-22 13:24:53 -03:00
			`pub mod access_review;`
			`pub mod audit;`
Add video module, RBAC, security features, billing, contacts, dashboards, learn, social, and multiple new modules Major additions: - Video editing engine with AI features (transcription, captions, TTS, scene detection) - RBAC middleware and organization management - Security enhancements (MFA, passkey, DLP, encryption, audit) - Billing and subscription management - Contacts management - Dashboards module - Learn/LMS module - Social features - Compliance (SOC2, SOP middleware, vulnerability scanner) - New migrations for RBAC, learn, and video tables 2026-01-08 13:16:17 -03:00			`pub mod backup_verification;`
Add docs, UI pages, code scanner, and Docker deployment guide - Add CRM contacts template documentation - Add Docker deployment documentation with compose examples - Add BASIC code scanner for security compliance checking - Add visual dialog designer UI (designer.html) - Add drive file manager UI (drive/index.html) - Add sources browser UI (sources/index.html) - Add compliance report tool UI (tools/compliance.html) 2025-11-30 19:36:50 -03:00			`pub mod code_scanner;`
Add video module, RBAC, security features, billing, contacts, dashboards, learn, social, and multiple new modules Major additions: - Video editing engine with AI features (transcription, captions, TTS, scene detection) - RBAC middleware and organization management - Security enhancements (MFA, passkey, DLP, encryption, audit) - Billing and subscription management - Contacts management - Dashboards module - Learn/LMS module - Social features - Compliance (SOC2, SOP middleware, vulnerability scanner) - New migrations for RBAC, learn, and video tables 2026-01-08 13:16:17 -03:00			`pub mod evidence_collection;`
Implement TODO items: session auth, face API, task logs, intent storage Learn Module: - All 9 handlers now use AuthenticatedUser extractor Security: - validate_session_sync reads roles from SESSION_CACHE AutoTask: - get_task_logs reads from manifest with status logs - store_compiled_intent saves to cache and database Face API: - AWS Rekognition, OpenCV, InsightFace implementations - Detection, verification, analysis methods Other fixes: - Calendar/task integration database queries - Recording database methods - Analytics insights trends - Email/folder monitoring mock data 2026-01-13 14:48:49 -03:00			`pub mod handlers;`
Add video module, RBAC, security features, billing, contacts, dashboards, learn, social, and multiple new modules Major additions: - Video editing engine with AI features (transcription, captions, TTS, scene detection) - RBAC middleware and organization management - Security enhancements (MFA, passkey, DLP, encryption, audit) - Billing and subscription management - Contacts management - Dashboards module - Learn/LMS module - Social features - Compliance (SOC2, SOP middleware, vulnerability scanner) - New migrations for RBAC, learn, and video tables 2026-01-08 13:16:17 -03:00			`pub mod incident_response;`
- New security features and compliance checklist. 2025-11-22 13:24:53 -03:00			`pub mod policy_checker;`
			`pub mod risk_assessment;`
Add video module, RBAC, security features, billing, contacts, dashboards, learn, social, and multiple new modules Major additions: - Video editing engine with AI features (transcription, captions, TTS, scene detection) - RBAC middleware and organization management - Security enhancements (MFA, passkey, DLP, encryption, audit) - Billing and subscription management - Contacts management - Dashboards module - Learn/LMS module - Social features - Compliance (SOC2, SOP middleware, vulnerability scanner) - New migrations for RBAC, learn, and video tables 2026-01-08 13:16:17 -03:00			`pub mod soc2;`
			`pub mod sop_middleware;`
Implement TODO items: session auth, face API, task logs, intent storage Learn Module: - All 9 handlers now use AuthenticatedUser extractor Security: - validate_session_sync reads roles from SESSION_CACHE AutoTask: - get_task_logs reads from manifest with status logs - store_compiled_intent saves to cache and database Face API: - AWS Rekognition, OpenCV, InsightFace implementations - Detection, verification, analysis methods Other fixes: - Calendar/task integration database queries - Recording database methods - Analytics insights trends - Email/folder monitoring mock data 2026-01-13 14:48:49 -03:00			`pub mod storage;`
- New security features and compliance checklist. 2025-11-22 13:24:53 -03:00			`pub mod training_tracker;`
Implement TODO items: session auth, face API, task logs, intent storage Learn Module: - All 9 handlers now use AuthenticatedUser extractor Security: - validate_session_sync reads roles from SESSION_CACHE AutoTask: - get_task_logs reads from manifest with status logs - store_compiled_intent saves to cache and database Face API: - AWS Rekognition, OpenCV, InsightFace implementations - Detection, verification, analysis methods Other fixes: - Calendar/task integration database queries - Recording database methods - Analytics insights trends - Email/folder monitoring mock data 2026-01-13 14:48:49 -03:00			`pub mod types;`
			`pub mod ui;`
Add video module, RBAC, security features, billing, contacts, dashboards, learn, social, and multiple new modules Major additions: - Video editing engine with AI features (transcription, captions, TTS, scene detection) - RBAC middleware and organization management - Security enhancements (MFA, passkey, DLP, encryption, audit) - Billing and subscription management - Contacts management - Dashboards module - Learn/LMS module - Social features - Compliance (SOC2, SOP middleware, vulnerability scanner) - New migrations for RBAC, learn, and video tables 2026-01-08 13:16:17 -03:00			`pub mod vulnerability_scanner;`
- New security features and compliance checklist. 2025-11-22 13:24:53 -03:00
Add docs, UI pages, code scanner, and Docker deployment guide - Add CRM contacts template documentation - Add Docker deployment documentation with compose examples - Add BASIC code scanner for security compliance checking - Add visual dialog designer UI (designer.html) - Add drive file manager UI (drive/index.html) - Add sources browser UI (sources/index.html) - Add compliance report tool UI (tools/compliance.html) 2025-11-30 19:36:50 -03:00			`pub use code_scanner::{`
			`CodeIssue, CodeScanner, ComplianceReporter, ComplianceScanResult, IssueSeverity, IssueType,`
			`ScanStats,`
			`};`

Implement TODO items: session auth, face API, task logs, intent storage Learn Module: - All 9 handlers now use AuthenticatedUser extractor Security: - validate_session_sync reads roles from SESSION_CACHE AutoTask: - get_task_logs reads from manifest with status logs - store_compiled_intent saves to cache and database Face API: - AWS Rekognition, OpenCV, InsightFace implementations - Detection, verification, analysis methods Other fixes: - Calendar/task integration database queries - Recording database methods - Analytics insights trends - Email/folder monitoring mock data 2026-01-13 14:48:49 -03:00			`pub use storage::{`
			`DbAccessReview, DbAuditLog, DbComplianceCheck, DbComplianceIssue, DbEvidence, DbRisk,`
			`DbRiskAssessment, DbTrainingRecord,`
			`};`
Implement database persistence for dashboards, legal, and compliance modules - Add PostgreSQL persistence for dashboards module (was returning empty vec![]) - Tables: dashboards, dashboard_widgets, dashboard_data_sources, dashboard_filters, dashboard_widget_data_sources, conversational_queries - Full CRUD operations with spawn_blocking pattern - Add PostgreSQL persistence for legal module (was using in-memory HashMap) - Tables: legal_documents, legal_document_versions, cookie_consents, consent_history, legal_acceptances, data_deletion_requests, data_export_requests - GDPR-compliant consent tracking and document management - Add PostgreSQL persistence for compliance module (was returning empty results) - Tables: compliance_checks, compliance_issues, compliance_audit_log, compliance_evidence, compliance_risk_assessments, compliance_risks, compliance_training_records, compliance_access_reviews - Support for GDPR, SOC2, ISO27001, HIPAA, PCI-DSS frameworks - Add migration files for all new tables - Update schema.rs with new table definitions and joinables - Register new routes in main.rs - Add recursion_limit = 512 for macro expansion 2026-01-13 00:07:22 -03:00
Implement TODO items: session auth, face API, task logs, intent storage Learn Module: - All 9 handlers now use AuthenticatedUser extractor Security: - validate_session_sync reads roles from SESSION_CACHE AutoTask: - get_task_logs reads from manifest with status logs - store_compiled_intent saves to cache and database Face API: - AWS Rekognition, OpenCV, InsightFace implementations - Detection, verification, analysis methods Other fixes: - Calendar/task integration database queries - Recording database methods - Analytics insights trends - Email/folder monitoring mock data 2026-01-13 14:48:49 -03:00			`pub use types::{`
			`AccessReview, ActionResult, AuditEventType, AuditLogEntry, ComplianceCheckResult,`
			`ComplianceFramework, ComplianceIssueResult, ComplianceReport, ComplianceStatus,`
			`CreateAuditLogRequest, CreateIssueRequest, CreateTrainingRequest, ListAuditLogsQuery,`
			`ListChecksQuery, ListIssuesQuery, PermissionReview, ReviewAction, ReviewStatus, Risk,`
			`RiskAssessment, RiskCategory, RiskStatus, RunCheckRequest, Severity, TrainingRecord,`
			`TrainingType, TreatmentStrategy, UpdateIssueRequest,`
			`};`
Implement database persistence for dashboards, legal, and compliance modules - Add PostgreSQL persistence for dashboards module (was returning empty vec![]) - Tables: dashboards, dashboard_widgets, dashboard_data_sources, dashboard_filters, dashboard_widget_data_sources, conversational_queries - Full CRUD operations with spawn_blocking pattern - Add PostgreSQL persistence for legal module (was using in-memory HashMap) - Tables: legal_documents, legal_document_versions, cookie_consents, consent_history, legal_acceptances, data_deletion_requests, data_export_requests - GDPR-compliant consent tracking and document management - Add PostgreSQL persistence for compliance module (was returning empty results) - Tables: compliance_checks, compliance_issues, compliance_audit_log, compliance_evidence, compliance_risk_assessments, compliance_risks, compliance_training_records, compliance_access_reviews - Support for GDPR, SOC2, ISO27001, HIPAA, PCI-DSS frameworks - Add migration files for all new tables - Update schema.rs with new table definitions and joinables - Register new routes in main.rs - Add recursion_limit = 512 for macro expansion 2026-01-13 00:07:22 -03:00
			`#[derive(Debug, thiserror::Error)]`
			`pub enum ComplianceError {`
			`#[error("Not found: {0}")]`
			`NotFound(String),`
			`#[error("Validation error: {0}")]`
			`Validation(String),`
			`#[error("Database error: {0}")]`
			`Database(String),`
			`#[error("Internal error: {0}")]`
			`Internal(String),`
			`}`

			`impl IntoResponse for ComplianceError {`
			`fn into_response(self) -> axum::response::Response {`
			`use axum::http::StatusCode;`
			`let (status, message) = match &self {`
			`Self::NotFound(msg) => (StatusCode::NOT_FOUND, msg.clone()),`
			`Self::Validation(msg) => (StatusCode::BAD_REQUEST, msg.clone()),`
			`Self::Database(msg) \| Self::Internal(msg) => {`
			`(StatusCode::INTERNAL_SERVER_ERROR, msg.clone())`
			`}`
			`};`
			`(status, Json(serde_json::json!({ "error": message }))).into_response()`
- New security features and compliance checklist. 2025-11-22 13:24:53 -03:00			`}`
Implement database persistence for dashboards, legal, and compliance modules - Add PostgreSQL persistence for dashboards module (was returning empty vec![]) - Tables: dashboards, dashboard_widgets, dashboard_data_sources, dashboard_filters, dashboard_widget_data_sources, conversational_queries - Full CRUD operations with spawn_blocking pattern - Add PostgreSQL persistence for legal module (was using in-memory HashMap) - Tables: legal_documents, legal_document_versions, cookie_consents, consent_history, legal_acceptances, data_deletion_requests, data_export_requests - GDPR-compliant consent tracking and document management - Add PostgreSQL persistence for compliance module (was returning empty results) - Tables: compliance_checks, compliance_issues, compliance_audit_log, compliance_evidence, compliance_risk_assessments, compliance_risks, compliance_training_records, compliance_access_reviews - Support for GDPR, SOC2, ISO27001, HIPAA, PCI-DSS frameworks - Add migration files for all new tables - Update schema.rs with new table definitions and joinables - Register new routes in main.rs - Add recursion_limit = 512 for macro expansion 2026-01-13 00:07:22 -03:00			`}`
- New security features and compliance checklist. 2025-11-22 13:24:53 -03:00
Implement database persistence for dashboards, legal, and compliance modules - Add PostgreSQL persistence for dashboards module (was returning empty vec![]) - Tables: dashboards, dashboard_widgets, dashboard_data_sources, dashboard_filters, dashboard_widget_data_sources, conversational_queries - Full CRUD operations with spawn_blocking pattern - Add PostgreSQL persistence for legal module (was using in-memory HashMap) - Tables: legal_documents, legal_document_versions, cookie_consents, consent_history, legal_acceptances, data_deletion_requests, data_export_requests - GDPR-compliant consent tracking and document management - Add PostgreSQL persistence for compliance module (was returning empty results) - Tables: compliance_checks, compliance_issues, compliance_audit_log, compliance_evidence, compliance_risk_assessments, compliance_risks, compliance_training_records, compliance_access_reviews - Support for GDPR, SOC2, ISO27001, HIPAA, PCI-DSS frameworks - Add migration files for all new tables - Update schema.rs with new table definitions and joinables - Register new routes in main.rs - Add recursion_limit = 512 for macro expansion 2026-01-13 00:07:22 -03:00			`pub fn configure_compliance_routes() -> Router<Arc<AppState>> {`
			`Router::new()`
Implement TODO items: session auth, face API, task logs, intent storage Learn Module: - All 9 handlers now use AuthenticatedUser extractor Security: - validate_session_sync reads roles from SESSION_CACHE AutoTask: - get_task_logs reads from manifest with status logs - store_compiled_intent saves to cache and database Face API: - AWS Rekognition, OpenCV, InsightFace implementations - Detection, verification, analysis methods Other fixes: - Calendar/task integration database queries - Recording database methods - Analytics insights trends - Email/folder monitoring mock data 2026-01-13 14:48:49 -03:00			`.route("/api/compliance/checks", get(handlers::handle_list_checks))`
			`.route("/api/compliance/checks", post(handlers::handle_run_check))`
			`.route(`
			`"/api/compliance/checks/:check_id",`
			`get(handlers::handle_get_check),`
			`)`
			`.route("/api/compliance/issues", get(handlers::handle_list_issues))`
			`.route("/api/compliance/issues", post(handlers::handle_create_issue))`
			`.route(`
			`"/api/compliance/issues/:issue_id",`
			`put(handlers::handle_update_issue),`
			`)`
			`.route("/api/compliance/audit", get(handlers::handle_list_audit_logs))`
			`.route(`
			`"/api/compliance/audit",`
			`post(handlers::handle_create_audit_log),`
			`)`
			`.route(`
			`"/api/compliance/training",`
			`post(handlers::handle_create_training),`
			`)`
			`.route("/api/compliance/report", get(handlers::handle_get_report))`
Fix 5 errors and 32 warnings: calendar, compliance, billing_alert_broadcast, unused vars 2026-01-13 22:21:25 -03:00			`.route("/api/compliance/evidence", post(handlers::handle_upload_evidence))`
- New security features and compliance checklist. 2025-11-22 13:24:53 -03:00			`}`