dohertj2/ScadaBridge
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

feat(audit): SecuredWrite audit kinds + best-effort per-lifecycle central direct-write; guard approve Decode (T14b)

Browse Source
This commit is contained in:
Joseph Doherty
2026-06-18 03:17:56 -04:00
parent c8d9303031
commit b08bfae329
4 changed files with 322 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/ZB.MOM.WW.ScadaBridge.Commons/Types/Enums/AuditChannel.cs
+4 -2
View File
@@ -2,12 +2,14 @@ namespace ZB.MOM.WW.ScadaBridge.Commons.Types.Enums;
/// <summary>
/// Top-level Audit Log (#23) channel — the trust boundary the audited action crosses.
/// One of: outbound API call, outbound DB write, notification send/deliver, or inbound API request.
/// One of: outbound API call, outbound DB write, notification send/deliver, inbound API request,
/// or a two-person ("secured") write through its submit/approve/reject/execute lifecycle.
/// </summary>
public enum AuditChannel
{
ApiOutbound,
DbOutbound,
Notification,
ApiInbound
ApiInbound,
SecuredWrite
}
src/ZB.MOM.WW.ScadaBridge.Commons/Types/Enums/AuditKind.cs
+7 -1
View File
@@ -3,6 +3,8 @@ namespace ZB.MOM.WW.ScadaBridge.Commons.Types.Enums;
/// <summary>
/// Specific Audit Log (#23) event kind within a channel — what action produced the row.
/// Cached variants emit multiple rows per operation (submit → forward → attempt → resolve).
/// The <c>SecuredWrite*</c> kinds emit one row per two-person-write lifecycle event
/// (submit → approve → execute, or submit → reject).
/// See alog.md §4 for the full taxonomy.
/// </summary>
public enum AuditKind
@@ -16,5 +18,9 @@ public enum AuditKind
InboundRequest,
InboundAuthFailure,
CachedSubmit,
CachedResolve
CachedResolve,
SecuredWriteSubmit,
SecuredWriteApprove,
SecuredWriteReject,
SecuredWriteExecute
}