feat: Add initial implementation of audit trails module#161
Draft
feat: Add initial implementation of audit trails module#161
Conversation
…ails for consistency
* rename `audit_trails` folder to `audit-trails-move` * Add folders for audit-trails-rs and audit_trails_wasm
* First implementation of the permission module based on a `Permission` enum * Unit tests for the `Permission` enum * Renamed `AuditTrail::permissions` to `AuditTrail::roles` * Renamed all modules and type-names from plural to singular name * audit_trails -> audit_trail * permissions -> permission * capabilities -> capability
Unit tests are still buggy and will be fixed with the next commit.
…guration structure
Rename MetaDataUpdate to MetadataUpdate Co-authored-by: Yasir <yasir@shariff.dev>
…corresponding tests
…otaledger/notarization into feat/audit-trails-api-roles-management
…e verb-subject format
…-management # Conflicts: # audit-trail-move/sources/locking.move # audit-trails-move/sources/audit_trails.move
…anagement Feat/audit trails api roles management
Audit Trails API
itsyaasir
commented
Jan 5, 2026
Comment on lines
+31
to
+38
| // TODO: Is this needed? What is a setup capability? | ||
| // | ||
| // /// Create a setup capability for trail initialization | ||
| // public fun new_setup_cap(ctx: &mut TxContext): Capability { | ||
| // Capability { | ||
| // id: object::new(ctx), | ||
| // } | ||
| // } |
Also split of the role and capability management from the AT main module to allow reuse with other products.
…extended # Conflicts: # audit-trail-move/sources/audit_trail.move # audit-trail-move/sources/capability.move # audit-trail-move/tests/capability_tests.move # audit-trail-move/tests/create_audit_trail_tests.move # audit-trail-move/tests/role_tests.move # audit-trail-move/tests/test_utils.move
…error handling - Introduced `from_iota_client` method for creating an `AuditTrailClient` without signing capabilities. - Added `NoSigner` marker type and `FromIotaClientError` for improved error handling during client creation. - Updated `AuditTrailClient` to manage public keys and signers more effectively. - Enhanced `AuditTrailClientReadOnly` with a new method for custom package ID handling.
… initialization - Replaced the custom `new` method in `AuditTrailBuilder` with the `Default` trait for simpler instantiation. - Added `Default` implementation to `LockingWindow` and `LockingConfig` structs for consistent default behavior. - Refactored tests to remove unused environment variable handling and directly use `Data::text` for record creation.
- Moved `AuditTrailHandle`, `AuditTrailFull`, and `AuditTrailReadOnly` traits to a new `trail` module for better organization. - Introduced new modules for capabilities, creation, locking, metadata, records, and roles to enhance modularity. - Updated import paths across the codebase to reflect the new module structure. - Removed deprecated `handler` and `transactions` modules to streamline the codebase. - Enhanced `TrailRecords` and `TrailCapabilities` with new functionalities for managing audit trail records and capabilities.
- Updated import for `CreateTrail` to reflect its new location in the `create` module. - Added a new `trail.rs` module containing traits and structures for managing audit trails, including `AuditTrailReadOnly`, `AuditTrailFull`, and `AuditTrailHandle`. - Enhanced organization of audit trail components for improved modularity and maintainability.
…ures for improved clarity and performance
…ed utility functions
…it trail module - Added `RolesOps` struct with methods for creating, updating, deleting roles, and issuing capabilities. - Removed the `capability` module and integrated its functionality into the `role_map` module. - Introduced new event types: `RoleCreated`, `RoleUpdated`, and `RoleDeleted` to track role changes. - Updated the `AuditTrailHandle` to remove capability-related methods and focus on role management. - Created comprehensive end-to-end tests for role creation, permission updates, capability issuance, revocation, and destruction. - Refactored client tests to remove unnecessary dependencies and streamline functionality.
…ties - Implemented `destroy_initial_admin_capability` and `revoke_initial_admin_capability` methods in `RolesOps`. - Created new transaction types for managing roles and capabilities, including `CreateRole`, `UpdateRole`, `DeleteRole`, `IssueCapability`, `RevokeCapability`, `DestroyCapability`, `DestroyInitialAdminCapability`, and `RevokeInitialAdminCapability`. - Updated `AuditTrailHandle` to remove unnecessary `records_as` method. - Refactored `RoleMap` structure to improve clarity and maintainability. - Enhanced end-to-end tests to cover new functionality for destroying and revoking initial admin capabilities, ensuring proper event emissions and error handling.
…ons and transactions modules for better structure
- Simplified transaction builder calls in `TrailRecords`, `TrailRoles`, and `RolesOps` by removing unnecessary line breaks. - Updated `RecordsOps` to use a unified transaction building method with permission checks. - Enhanced `RolesOps` to streamline role management operations, including creating, updating, and deleting roles. - Improved error handling in `AuditTrailHandle` for fetching on-chain trail data. - Refactored permission handling in `Permission` enum to include a method for retrieving Move function names. - Cleaned up imports and organized code structure for better readability across multiple modules. - Added tests for role and record functionalities to ensure proper integration and functionality.
- Updated `RoleUpdated` struct to remove unused fields. - Enhanced `Permission` enum with new methods for type tagging and programmable transaction building. - Changed `PermissionSet` to use `HashSet` instead of `Vec` for permissions. - Modified `PaginatedRecord` to use `BTreeMap` for ordered records. - Added new test functions for role creation, capability issuance, and record management. - Improved error handling and assertions in tests for better clarity and reliability. - Updated dependencies in `Cargo.toml` for `iota_interaction` and `product_common` to use the latest branch with event emission features.
- Introduced `DeleteAllRecords` permission to manage batch deletions. - Implemented `delete_records_batch` functionality in the records module to allow deletion of multiple records at once. - Enhanced permission checks to ensure that only authorized roles can perform batch deletions. - Added tests to validate the new batch deletion feature and its integration with existing audit trail functionalities. - Updated the audit trail deletion process to ensure it fails when records exist, enforcing data integrity. - Refactored locking mechanisms to accommodate new deletion workflows.
…notarization into feat/audit-trail-rs-scaffold
- Updated role_tests to include TimeLock parameters in locking configurations. - Modified CreateOps to accept tf_components_package_id for trail creation. - Introduced new transactions for updating delete trail locks and write locks. - Enhanced LockingOps with methods to update delete trail locks and write locks. - Expanded LockingConfig to include TimeLock fields for delete trail and write locks. - Added TimeLock enum with various locking strategies and serialization methods. - Updated permission types to include new locking permissions. - Refactored tests to validate new locking configurations and permissions.
- Updated `Cargo.toml` to pin `iota_interaction`, `iota_interaction_rust`, `iota_interaction_ts`, and `product_common` to the `feat/tf-compoenents-dev` branch. - Updated `Move.lock` to use the new chain ID and published IDs. - Removed role-related event structs (`RoleCreated`, `RoleUpdated`, `RoleDeleted`) from `audit_trail.move` and replaced them with a single `RoleRemoved` struct. - Refactored transaction handling in `transactions.rs` to accommodate the new `RoleRemoved` event. - Updated event handling in `event.rs` to reflect the changes in role event structures. - Adjusted tests across multiple files to ensure compatibility with the new role event structure and locking configurations. - Updated package ID for `TF_COMPONENTS_PACKAGE_ID` in `package.rs`.
AT: Rust Library Implementation
Feat/delete and write protection
# Conflicts: # Cargo.toml # bindings/wasm/notarization_wasm/Cargo.toml # notarization-move/Move.history.json # notarization-move/Move.lock
…le-data (#207) * Update audit-trail-move to be compilable and testable with generic role-data * Temporarily deactivate Rust tests for Audit Trails * Ignore AT Rust examples on CI checks * Switch product-core TfComponents dependency to feat/tf-compoenents-dev branch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description of change
Links to any relevant issues
Type of change
How the change has been tested
Change checklist