registry/ts/interfaces/audit.interfaces.ts

/**
 * Audit logging interfaces
 */

// =============================================================================
// Audit Action Types
// =============================================================================

export type TAuditAction =
  // Authentication
  | 'AUTH_LOGIN'
  | 'AUTH_LOGOUT'
  | 'AUTH_FAILED'
  | 'AUTH_MFA_ENABLED'
  | 'AUTH_MFA_DISABLED'
  | 'AUTH_PASSWORD_CHANGED'
  | 'AUTH_PASSWORD_RESET'
  // API Tokens
  | 'TOKEN_CREATED'
  | 'TOKEN_USED'
  | 'TOKEN_REVOKED'
  | 'TOKEN_EXPIRED'
  // User Management
  | 'USER_CREATED'
  | 'USER_UPDATED'
  | 'USER_DELETED'
  | 'USER_SUSPENDED'
  | 'USER_ACTIVATED'
  // Organization Management
  | 'ORG_CREATED'
  | 'ORG_UPDATED'
  | 'ORG_DELETED'
  | 'ORG_MEMBER_ADDED'
  | 'ORG_MEMBER_REMOVED'
  | 'ORG_MEMBER_ROLE_CHANGED'
  // Team Management
  | 'TEAM_CREATED'
  | 'TEAM_UPDATED'
  | 'TEAM_DELETED'
  | 'TEAM_MEMBER_ADDED'
  | 'TEAM_MEMBER_REMOVED'
  // Repository Management
  | 'REPO_CREATED'
  | 'REPO_UPDATED'
  | 'REPO_DELETED'
  | 'REPO_VISIBILITY_CHANGED'
  | 'REPO_PERMISSION_GRANTED'
  | 'REPO_PERMISSION_REVOKED'
  // Package Operations
  | 'PACKAGE_PUSHED'
  | 'PACKAGE_PULLED'
  | 'PACKAGE_DELETED'
  | 'PACKAGE_DEPRECATED'
  // Security Events
  | 'SECURITY_SCAN_COMPLETED'
  | 'SECURITY_VULNERABILITY_FOUND'
  | 'SECURITY_IP_BLOCKED'
  | 'SECURITY_RATE_LIMITED';

export type TAuditResourceType =
  | 'user'
  | 'organization'
  | 'team'
  | 'repository'
  | 'package'
  | 'api_token'
  | 'session'
  | 'system';

// =============================================================================
// Audit Log Entry
// =============================================================================

export interface IAuditLog {
  id: string;
  actorId?: string;
  actorType: 'user' | 'api_token' | 'system' | 'anonymous';
  actorTokenId?: string;
  actorIp?: string;
  actorUserAgent?: string;
  action: TAuditAction;
  resourceType: TAuditResourceType;
  resourceId?: string;
  resourceName?: string;
  organizationId?: string;
  repositoryId?: string;
  metadata: Record<string, unknown>;
  success: boolean;
  errorCode?: string;
  errorMessage?: string;
  durationMs?: number;
  timestamp: Date;
}

// =============================================================================
// Audit Query Types
// =============================================================================

export interface IAuditQuery {
  actorId?: string;
  organizationId?: string;
  repositoryId?: string;
  resourceType?: TAuditResourceType;
  action?: TAuditAction[];
  success?: boolean;
  startDate?: Date;
  endDate?: Date;
  offset?: number;
  limit?: number;
}

export interface IAuditQueryResult {
  logs: IAuditLog[];
  total: number;
  offset: number;
  limit: number;
}

// =============================================================================
// Audit Event (for logging)
// =============================================================================

export interface IAuditEvent {
  actorId?: string;
  actorType?: 'user' | 'api_token' | 'system' | 'anonymous';
  actorTokenId?: string;
  actorIp?: string;
  actorUserAgent?: string;
  action: TAuditAction;
  resourceType: TAuditResourceType;
  resourceId?: string;
  resourceName?: string;
  organizationId?: string;
  repositoryId?: string;
  metadata?: Record<string, unknown>;
  success?: boolean;
  errorCode?: string;
  errorMessage?: string;
  durationMs?: number;
}

// =============================================================================
// Token Activity
// =============================================================================

export interface ITokenActivitySummary {
  tokenId: string;
  totalActions: number;
  lastUsed?: Date;
  actionBreakdown: Record<string, number>;
  ipAddresses: string[];
}