Joseph Doherty
933dd1a874
Deep-adopt the shared audit record. Deletes the bespoke 8-field positional Commons AuditEvent and repoints the writer path at ZB.MOM.WW.Audit.AuditEvent (0.1.0, feed-mapped via dohertj2-gitea). Adds the package reference to both Commons and ControlPlane. - AuditWriterActor now implements IAuditWriter: WriteAsync(evt, ct) is a best-effort, never-throwing entry point that Self.Tell()s the event onto the same batching/dedup/flush pipeline and returns Task.CompletedTask. Existing Receive<AuditEvent> + 500/5s batching + two-layer dedup unchanged. - Flush mapping updated for the canonical field types: OccurredAtUtc is now DateTimeOffset (.UtcDateTime into the datetime2 column), SourceNode is string? (was NodeId.Value), CorrelationId is Guid? (stored null when null). Outcome is NOT yet persisted (column lands in Task 2.2). - New AuditOutcomeMapper.FromAction maps the OtOpcUa action vocabulary to the required canonical Outcome: OpcUaAccessDenied / CrossClusterNamespaceAttempt -> Denied; config verbs (DraftCreated/Edited, Published, RolledBack, NodeApplied, ClusterCreated, NodeAdded, CredentialAdded/Disabled, ExternalIdReleased) -> Success. OtOpcUa emits no Failure events. The Akka message shape changed, but the structured audit path is dormant (zero production emit/Tell sites; all live audit flows through the bespoke SP path), so there is no rolling-deploy wire-compat concern. Tested-not-exercised by design. ControlPlane.Tests: 44/44 green (AuditWriterActor suite rewritten to construct the canonical record + assert the Outcome derivation table + the WriteAsync best-effort/mailbox-routing contract + null SourceNode/CorrelationId handling).
45 lines
2.0 KiB
C#
45 lines
2.0 KiB
C#
using ZB.MOM.WW.Audit;
|
|
|
|
namespace ZB.MOM.WW.OtOpcUa.ControlPlane.Audit;
|
|
|
|
/// <summary>
|
|
/// Maps OtOpcUa's audit <c>Action</c> vocabulary onto the canonical
|
|
/// <see cref="AuditOutcome"/>. The vocabulary is the set of values documented on
|
|
/// <c>ConfigAuditLog.EventType</c>: config verbs are <see cref="AuditOutcome.Success"/>,
|
|
/// the two authorization-rejection events are <see cref="AuditOutcome.Denied"/>. OtOpcUa
|
|
/// emits no <see cref="AuditOutcome.Failure"/> events today.
|
|
/// </summary>
|
|
/// <remarks>
|
|
/// Pure function — no live emit sites construct an <see cref="AuditEvent"/> in production
|
|
/// (the structured audit path is dormant; all live audit flows through the bespoke stored
|
|
/// procedure path). This helper exists so that when the structured path is wired up, the
|
|
/// required <c>Outcome</c> field is derived consistently from the action verb. Tested, not
|
|
/// yet exercised in production.
|
|
/// </remarks>
|
|
public static class AuditOutcomeMapper
|
|
{
|
|
/// <summary>
|
|
/// Derives the canonical <see cref="AuditOutcome"/> for an OtOpcUa audit action verb.
|
|
/// Unknown verbs default to <see cref="AuditOutcome.Success"/> (config writes are the
|
|
/// overwhelming majority and the only non-success cases are the two explicit
|
|
/// authorization rejections enumerated below).
|
|
/// </summary>
|
|
/// <param name="action">The audit action verb (e.g. <c>DraftCreated</c>, <c>OpcUaAccessDenied</c>).</param>
|
|
/// <returns>The mapped outcome.</returns>
|
|
public static AuditOutcome FromAction(string action) => action switch
|
|
{
|
|
"OpcUaAccessDenied" or "CrossClusterNamespaceAttempt" => AuditOutcome.Denied,
|
|
"DraftCreated"
|
|
or "DraftEdited"
|
|
or "Published"
|
|
or "RolledBack"
|
|
or "NodeApplied"
|
|
or "ClusterCreated"
|
|
or "NodeAdded"
|
|
or "CredentialAdded"
|
|
or "CredentialDisabled"
|
|
or "ExternalIdReleased" => AuditOutcome.Success,
|
|
_ => AuditOutcome.Success,
|
|
};
|
|
}
|