lijiaoqiao/supply-api/internal/audit/events/cred_events.go

package events

import (
	"strings"
)

// CRED事件类别常量
const (
	CategoryCRED         = "CRED"
	SubCategoryEXPOSE    = "EXPOSE"
	SubCategoryINGRESS   = "INGRESS"
	SubCategoryROTATE    = "ROTATE"
	SubCategoryREVOKE    = "REVOKE"
	SubCategoryVALIDATE  = "VALIDATE"
	SubCategoryDIRECT    = "DIRECT"
)

// CRED事件列表
var credEvents = []string{
	// 凭证暴露事件 (CRED-EXPOSE)
	"CRED-EXPOSE-RESPONSE", // 响应中暴露凭证
	"CRED-EXPOSE-LOG",      // 日志中暴露凭证
	"CRED-EXPOSE-EXPORT",   // 导出文件中暴露凭证

	// 凭证入站事件 (CRED-INGRESS)
	"CRED-INGRESS-PLATFORM",  // 平台凭证入站
	"CRED-INGRESS-SUPPLIER", // 供应商凭证入站

	// 凭证轮换事件 (CRED-ROTATE)
	"CRED-ROTATE",

	// 凭证吊销事件 (CRED-REVOKE)
	"CRED-REVOKE",

	// 凭证验证事件 (CRED-VALIDATE)
	"CRED-VALIDATE",

	// 直连绕过事件 (CRED-DIRECT)
	"CRED-DIRECT-SUPPLIER", // 直连供应商
	"CRED-DIRECT-BYPASS",   // 绕过直连
}

// CRED事件结果码映射
var credResultCodes = map[string]string{
	"CRED-EXPOSE-RESPONSE": "SEC_CRED_EXPOSED",
	"CRED-EXPOSE-LOG":      "SEC_CRED_EXPOSED",
	"CRED-EXPOSE-EXPORT":   "SEC_CRED_EXPOSED",
	"CRED-INGRESS-PLATFORM": "CRED_INGRESS_OK",
	"CRED-INGRESS-SUPPLIER": "CRED_INGRESS_OK",
	"CRED-DIRECT-SUPPLIER":  "SEC_DIRECT_BYPASS",
	"CRED-DIRECT-BYPASS":    "SEC_DIRECT_BYPASS",
	"CRED-ROTATE":           "CRED_ROTATE_OK",
	"CRED-REVOKE":           "CRED_REVOKE_OK",
	"CRED-VALIDATE":         "CRED_VALIDATE_OK",
}

// CRED指标名称映射
var credMetricNames = map[string]string{
	"CRED-EXPOSE-RESPONSE":    "supplier_credential_exposure_events",
	"CRED-EXPOSE-LOG":         "supplier_credential_exposure_events",
	"CRED-EXPOSE-EXPORT":      "supplier_credential_exposure_events",
	"CRED-INGRESS-PLATFORM":   "platform_credential_ingress_coverage_pct",
	"CRED-INGRESS-SUPPLIER":   "platform_credential_ingress_coverage_pct",
	"CRED-DIRECT-SUPPLIER":    "direct_supplier_call_by_consumer_events",
	"CRED-DIRECT-BYPASS":      "direct_supplier_call_by_consumer_events",
}

// GetCREDEvents 返回所有CRED事件
func GetCREDEvents() []string {
	return credEvents
}

// GetCREDExposeEvents 返回所有凭证暴露事件
func GetCREDExposeEvents() []string {
	return []string{
		"CRED-EXPOSE-RESPONSE",
		"CRED-EXPOSE-LOG",
		"CRED-EXPOSE-EXPORT",
	}
}

// GetCREDFngressEvents 返回所有凭证入站事件
func GetCREDFngressEvents() []string {
	return []string{
		"CRED-INGRESS-PLATFORM",
		"CRED-INGRESS-SUPPLIER",
	}
}

// GetCREDDnirectEvents 返回所有直连绕过事件
func GetCREDDnirectEvents() []string {
	return []string{
		"CRED-DIRECT-SUPPLIER",
		"CRED-DIRECT-BYPASS",
	}
}

// GetCREDEventCategory 返回CRED事件的类别
func GetCREDEventCategory(eventName string) string {
	if strings.HasPrefix(eventName, "CRED-") {
		return CategoryCRED
	}
	if eventName == "CRED-ROTATE" || eventName == "CRED-REVOKE" || eventName == "CRED-VALIDATE" {
		return CategoryCRED
	}
	return ""
}

// GetCREDEventSubCategory 返回CRED事件的子类别
func GetCREDEventSubCategory(eventName string) string {
	if strings.HasPrefix(eventName, "CRED-EXPOSE") {
		return SubCategoryEXPOSE
	}
	if strings.HasPrefix(eventName, "CRED-INGRESS") {
		return SubCategoryINGRESS
	}
	if strings.HasPrefix(eventName, "CRED-DIRECT") {
		return SubCategoryDIRECT
	}
	if strings.HasPrefix(eventName, "CRED-ROTATE") {
		return SubCategoryROTATE
	}
	if strings.HasPrefix(eventName, "CRED-REVOKE") {
		return SubCategoryREVOKE
	}
	if strings.HasPrefix(eventName, "CRED-VALIDATE") {
		return SubCategoryVALIDATE
	}
	return ""
}

// IsValidCREDEvent 检查事件名称是否为有效的CRED事件
func IsValidCREDEvent(eventName string) bool {
	for _, e := range credEvents {
		if e == eventName {
			return true
		}
	}
	return false
}

// IsCREDExposeEvent 检查是否为凭证暴露事件（M-013相关）
func IsCREDExposeEvent(eventName string) bool {
	return strings.HasPrefix(eventName, "CRED-EXPOSE")
}

// IsCREDFngressEvent 检查是否为凭证入站事件（M-014相关）
func IsCREDFngressEvent(eventName string) bool {
	return strings.HasPrefix(eventName, "CRED-INGRESS")
}

// IsCREDDnirectEvent 检查是否为直连绕过事件（M-015相关）
func IsCREDDnirectEvent(eventName string) bool {
	return strings.HasPrefix(eventName, "CRED-DIRECT")
}

// GetCREDMetricName 获取CRED事件对应的指标名称
func GetCREDMetricName(eventName string) string {
	if metric, ok := credMetricNames[eventName]; ok {
		return metric
	}
	return ""
}

// GetCREDEventResultCode 获取CRED事件对应的结果码
func GetCREDEventResultCode(eventName string) string {
	if code, ok := credResultCodes[eventName]; ok {
		return code
	}
	return ""
}

// IsCREDExposeEvent 检查是否为M-013事件（凭证暴露）
func IsM013RelatedEvent(eventName string) bool {
	return IsCREDExposeEvent(eventName)
}

// IsCREDFngressEvent 检查是否为M-014事件（凭证入站）
func IsM014RelatedEvent(eventName string) bool {
	return IsCREDFngressEvent(eventName)
}

// IsCREDDnirectEvent 检查是否为M-015事件（直连绕过）
func IsM015RelatedEvent(eventName string) bool {
	return IsCREDDnirectEvent(eventName)
}