{ "swagger": "2.0", "info": { "description": "审计服务,提供审计日志记录、查询、分析、异常检测等功能", "title": "Audit Service API", "contact": {}, "version": "1.0.0" }, "basePath": "/api/v1", "paths": { "/admin/audit/alerts": { "get": { "security": [ { "bearerAuth": [] } ], "description": "分页查询告警记录,支持按类型、严重程度、状态、租户筛选。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "获取告警列表", "parameters": [ { "type": "string", "description": "告警类型", "name": "type", "in": "query" }, { "type": "string", "description": "严重程度: low/medium/high/critical", "name": "severity", "in": "query" }, { "type": "string", "description": "状态: open/acknowledged/escalated/resolved/dismissed", "name": "status", "in": "query" }, { "type": "string", "description": "租户ID", "name": "tenant_id", "in": "query" }, { "type": "integer", "default": 1, "description": "页码(默认1)", "name": "page", "in": "query" }, { "type": "integer", "default": 20, "description": "每页条数(默认20)", "name": "page_size", "in": "query" } ], "responses": { "200": { "description": "告警列表", "schema": { "$ref": "#/definitions/dto.AlertListResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/alerts/{id}": { "get": { "security": [ { "bearerAuth": [] } ], "description": "根据告警ID获取完整告警信息。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "获取告警详情", "parameters": [ { "type": "string", "description": "告警ID", "name": "id", "in": "path", "required": true } ], "responses": { "200": { "description": "告警详情", "schema": { "$ref": "#/definitions/dto.AlertDataResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "404": { "description": "告警未找到", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/alerts/{id}/assign": { "post": { "security": [ { "bearerAuth": [] } ], "description": "将告警分配给指定处理人。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "分配告警处理人", "parameters": [ { "type": "string", "description": "告警ID", "name": "id", "in": "path", "required": true }, { "description": "分配请求", "name": "body", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.AssignAlertRequest" } } ], "responses": { "200": { "description": "更新后的告警", "schema": { "$ref": "#/definitions/dto.AlertDataResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "404": { "description": "告警未找到", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/alerts/{id}/status": { "put": { "security": [ { "bearerAuth": [] } ], "description": "更新告警状态(acknowledge/resolve/dismiss/escalate),状态转移受工作流约束。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "更新告警状态", "parameters": [ { "type": "string", "description": "告警ID", "name": "id", "in": "path", "required": true }, { "description": "状态更新请求", "name": "body", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.UpdateAlertStatusRequest" } } ], "responses": { "200": { "description": "更新后的告警", "schema": { "$ref": "#/definitions/dto.AlertDataResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "404": { "description": "告警未找到", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/anomalies": { "get": { "security": [ { "bearerAuth": [] } ], "description": "分页查询审计异常检测记录,支持按类型、严重程度、状态筛选。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "获取审计异常列表", "parameters": [ { "type": "string", "description": "异常类型", "name": "type", "in": "query" }, { "type": "string", "description": "严重程度: low/medium/high/critical", "name": "severity", "in": "query" }, { "type": "string", "description": "状态: open/investigating/resolved/false_positive", "name": "status", "in": "query" }, { "type": "string", "description": "租户ID", "name": "tenant_id", "in": "query" }, { "type": "string", "description": "时间范围: 1h/24h/7d/30d", "name": "time_range", "in": "query" }, { "type": "integer", "default": 1, "description": "页码(默认1)", "name": "page", "in": "query" }, { "type": "integer", "default": 20, "description": "每页条数(默认20)", "name": "page_size", "in": "query" } ], "responses": { "200": { "description": "异常列表", "schema": { "$ref": "#/definitions/dto.AnomalyListResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/anomalies/detect": { "post": { "security": [ { "bearerAuth": [] } ], "description": "手动触发异常检测扫描,检测指定时间范围内的异常行为。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "触发异常检测", "parameters": [ { "description": "time_range: 时间范围, tenant_id: 租户ID", "name": "request", "in": "body", "required": true, "schema": { "type": "object" } } ], "responses": { "200": { "description": "检测到的异常列表", "schema": { "$ref": "#/definitions/dto.AnomalyDetectListResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "404": { "description": "未发现异常", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/anomalies/{id}": { "get": { "security": [ { "bearerAuth": [] } ], "description": "根据 ID 获取单条审计异常的完整信息,包含关联日志、用户信息、时间线摘要。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "获取异常详情", "parameters": [ { "type": "string", "description": "异常ID", "name": "id", "in": "path", "required": true } ], "responses": { "200": { "description": "异常详情", "schema": { "$ref": "#/definitions/dto.AnomalyDetailResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "404": { "description": "异常不存在", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/anomalies/{id}/assign": { "post": { "security": [ { "bearerAuth": [] } ], "description": "将异常分配给指定的安全分析师进行后续调查。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "分配异常分析师", "parameters": [ { "type": "string", "description": "异常ID", "name": "id", "in": "path", "required": true }, { "description": "分配请求", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.AssignAnomalyRequest" } } ], "responses": { "200": { "description": "更新后的异常", "schema": { "$ref": "#/definitions/dto.AnomalyDetailResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "404": { "description": "异常不存在", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/anomalies/{id}/comment": { "post": { "security": [ { "bearerAuth": [] } ], "description": "为异常记录添加调查评论/备注,记录分析师的分析过程。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "添加异常调查评论", "parameters": [ { "type": "string", "description": "异常ID", "name": "id", "in": "path", "required": true }, { "description": "评论请求", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.AddAnomalyCommentRequest" } } ], "responses": { "200": { "description": "更新后的异常", "schema": { "$ref": "#/definitions/dto.AnomalyDetailResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "404": { "description": "异常不存在", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/anomalies/{id}/link": { "post": { "security": [ { "bearerAuth": [] } ], "description": "将审计异常关联到指定的安全案件/工单。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "关联异常到案件", "parameters": [ { "type": "string", "description": "异常ID", "name": "id", "in": "path", "required": true }, { "description": "关联请求", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.LinkAnomalyRequest" } } ], "responses": { "200": { "description": "关联成功", "schema": { "$ref": "#/definitions/dto.MessageResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "404": { "description": "异常不存在", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/anomalies/{id}/related": { "get": { "security": [ { "bearerAuth": [] } ], "description": "获取与指定异常相关的其他异常(同一用户 7 天内的异常记录)。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "获取关联异常", "parameters": [ { "type": "string", "description": "异常ID", "name": "id", "in": "path", "required": true } ], "responses": { "200": { "description": "关联异常列表", "schema": { "$ref": "#/definitions/dto.AnomalyRelatedListResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "404": { "description": "异常不存在", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/anomalies/{id}/status": { "put": { "security": [ { "bearerAuth": [] } ], "description": "更新审计异常状态 (open/acknowledged/investigating/resolved/dismissed),支持同步分配分析师。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "更新异常状态", "parameters": [ { "type": "string", "description": "异常ID", "name": "id", "in": "path", "required": true }, { "description": "状态更新请求", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.UpdateAnomalyStatusRequest" } } ], "responses": { "200": { "description": "更新后的异常", "schema": { "$ref": "#/definitions/dto.AnomalyDetailResponse" } }, "400": { "description": "无效的状态值", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "404": { "description": "异常不存在", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/anomalies/{id}/timeline": { "get": { "security": [ { "bearerAuth": [] } ], "description": "获取异常关联的用户/会话/设备事件时间线(±24h 窗口内按时间排列的审计日志)。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "获取异常事件时间线", "parameters": [ { "type": "string", "description": "异常ID", "name": "id", "in": "path", "required": true } ], "responses": { "200": { "description": "异常时间线", "schema": { "$ref": "#/definitions/dto.AnomalyTimelineDetailResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "404": { "description": "异常不存在", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/archive": { "post": { "security": [ { "bearerAuth": [] } ], "description": "将指定时间之前的审计日志归档以释放存储空间,支持自动归档策略配置。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "归档审计日志", "parameters": [ { "description": "tenant_id: 租户ID, before: Unix时间戳", "name": "request", "in": "body", "required": true, "schema": { "type": "object" } } ], "responses": { "200": { "description": "归档统计结果", "schema": { "$ref": "#/definitions/dto.ArchiveStatsDetailResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/archive/status": { "get": { "security": [ { "bearerAuth": [] } ], "description": "查看当前归档任务的状态和进度。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "获取归档状态", "responses": { "200": { "description": "归档状态信息", "schema": { "$ref": "#/definitions/dto.ArchiveStatusDetailResponse" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/billing-events": { "get": { "security": [ { "bearerAuth": [] } ], "description": "按租户和事件类型查询计费相关的审计日志。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "查询计费事件审计日志", "parameters": [ { "type": "string", "description": "租户ID", "name": "tenant_id", "in": "query" }, { "type": "string", "description": "事件类型,如 billing.subscription_created", "name": "event_type", "in": "query" }, { "type": "integer", "description": "开始时间戳", "name": "start_time", "in": "query" }, { "type": "integer", "description": "结束时间戳", "name": "end_time", "in": "query" }, { "type": "integer", "default": 1, "description": "页码(默认1)", "name": "page", "in": "query" }, { "type": "integer", "default": 20, "description": "每页条数(默认20)", "name": "page_size", "in": "query" } ], "responses": { "200": { "description": "查询结果", "schema": { "$ref": "#/definitions/dto.AuditLogListResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/compliance/ai-decisions": { "get": { "security": [ { "bearerAuth": [] } ], "description": "分页查询当前租户的所有AI决策审计记录,包含模型名称、决策ID和审查状态。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "列表查询AI决策", "responses": { "200": { "description": "AI决策列表", "schema": { "type": "object" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } }, "post": { "security": [ { "bearerAuth": [] } ], "description": "创建新的AI决策审计记录,记录AI模型名称、决策类型、输入和输出数据。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "记录AI决策", "parameters": [ { "description": "AI决策记录请求", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.RecordAIDecisionRequest" } } ], "responses": { "201": { "description": "创建成功", "schema": { "$ref": "#/definitions/dto.CreateIDResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/compliance/breaches": { "get": { "security": [ { "bearerAuth": [] } ], "description": "分页查询当前租户的所有数据泄露通知记录,包含违规标题、严重程度和受影响用户数。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "列表查询违规通知", "responses": { "200": { "description": "违规通知列表", "schema": { "type": "object" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } }, "post": { "security": [ { "bearerAuth": [] } ], "description": "创建新的数据泄露通知记录,记录违规标题、严重程度和受影响用户数。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "创建违规通知", "parameters": [ { "description": "违规通知创建请求", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.CreateBreachNotificationRequest" } } ], "responses": { "201": { "description": "创建成功", "schema": { "$ref": "#/definitions/dto.CreateIDResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/compliance/cleanup-records": { "get": { "security": [ { "bearerAuth": [] } ], "description": "分页查询当前租户的所有数据清理记录,查看记录类型、清理数量和清理周期。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "列表查询清理记录", "responses": { "200": { "description": "清理记录列表", "schema": { "type": "object" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } }, "post": { "security": [ { "bearerAuth": [] } ], "description": "创建新的数据清理记录,记录清理类型、清理数量和清理周期。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "创建清理记录", "parameters": [ { "description": "清理记录创建请求", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.CreateCleanupRecordRequest" } } ], "responses": { "201": { "description": "创建成功", "schema": { "$ref": "#/definitions/dto.CreateIDResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/compliance/cleanup-records/{id}": { "get": { "security": [ { "bearerAuth": [] } ], "description": "根据记录ID获取单条数据清理记录的详细信息。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "查询清理记录详情", "parameters": [ { "type": "string", "description": "清理记录ID", "name": "id", "in": "path", "required": true } ], "responses": { "200": { "description": "清理记录详情", "schema": { "type": "object" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "404": { "description": "清理记录未找到", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/compliance/cross-border": { "get": { "security": [ { "bearerAuth": [] } ], "description": "分页查询当前租户的所有跨境数据传输记录,查看数据类型、来源国、目标国和处理目的。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "列表查询跨境传输", "responses": { "200": { "description": "跨境传输列表", "schema": { "type": "object" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } }, "post": { "security": [ { "bearerAuth": [] } ], "description": "创建新的跨境数据传输记录,指定数据类型、来源国、目标国、处理目的及安全保护措施。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "创建跨境传输记录", "parameters": [ { "description": "跨境传输创建请求", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.CreateCrossBorderTransferRequest" } } ], "responses": { "201": { "description": "创建成功", "schema": { "$ref": "#/definitions/dto.CreateIDResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/compliance/data-classifications": { "get": { "security": [ { "bearerAuth": [] } ], "description": "分页查询当前租户的所有数据分类分级记录,查看数据集名称、分级层级和描述。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "列表查询数据分类", "responses": { "200": { "description": "数据分类列表", "schema": { "type": "object" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } }, "post": { "security": [ { "bearerAuth": [] } ], "description": "创建新的数据分类分级记录,定义数据集名称、分级层级(如公开/内部/机密)和描述。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "创建数据分类", "parameters": [ { "description": "数据分类创建请求", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.CreateDataClassificationRequest" } } ], "responses": { "201": { "description": "创建成功", "schema": { "$ref": "#/definitions/dto.CreateIDResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/compliance/pias": { "get": { "security": [ { "bearerAuth": [] } ], "description": "分页查询当前租户的所有隐私影响评估(PIA)记录,返回评估名称、描述、数据类型、处理目的及风险等级。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "列表查询 PIA", "responses": { "200": { "description": "PIA列表", "schema": { "type": "object" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } }, "post": { "security": [ { "bearerAuth": [] } ], "description": "创建新的隐私影响评估记录,填写评估名称、涉及数据类型、处理目的和风险等级。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "创建 PIA", "parameters": [ { "description": "PIA创建请求", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.CreatePIARequest" } } ], "responses": { "201": { "description": "创建成功", "schema": { "$ref": "#/definitions/dto.CreateIDResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/compliance/role-actions": { "get": { "security": [ { "bearerAuth": [] } ], "description": "查询全局角色操作权限映射表,返回各角色对应的允许操作列表。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "查询角色操作映射", "responses": { "200": { "description": "角色操作映射", "schema": { "type": "object" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/compliance/sod-rules": { "get": { "security": [ { "bearerAuth": [] } ], "description": "查询当前租户的所有职责分离规则,用于防止利益冲突和权限滥用。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "查询SoD规则", "responses": { "200": { "description": "SoD规则", "schema": { "type": "object" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/export": { "post": { "security": [ { "bearerAuth": [] } ], "description": "创建审计日志导出任务,支持 CSV 和 JSON 格式。异步模式:创建任务后返回 pending 状态的 job_id,通过 /export/{job_id}/status 查询进度,完成后通过 /export/{job_id}/download 获取下载链接。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "导出审计日志", "parameters": [ { "description": "导出请求体(format: csv/json, modules: 模块列表, actions: 操作列表, start_date: 开始日期(YYYY-MM-DD), end_date: 结束日期(YYYY-MM-DD))", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.ExportJobRequest" } } ], "responses": { "200": { "description": "导出任务信息", "schema": { "$ref": "#/definitions/dto.ExportJobDetailResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "429": { "description": "已有导出任务进行中", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/export/jobs": { "get": { "security": [ { "bearerAuth": [] } ], "description": "分页查询租户的审计日志导出任务。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "列出导出任务", "parameters": [ { "type": "string", "description": "租户ID", "name": "tenant_id", "in": "query" }, { "type": "integer", "default": 1, "description": "页码(默认1)", "name": "page", "in": "query" }, { "type": "integer", "default": 20, "description": "每页条数(默认20)", "name": "page_size", "in": "query" } ], "responses": { "200": { "description": "任务列表", "schema": { "$ref": "#/definitions/dto.ExportJobListResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/export/{job_id}/download": { "get": { "security": [ { "bearerAuth": [] } ], "description": "下载指定导出任务的文件内容。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/octet-stream" ], "tags": [ "审计服务" ], "summary": "下载导出文件", "parameters": [ { "type": "string", "description": "导出任务ID", "name": "job_id", "in": "path", "required": true } ], "responses": { "200": { "description": "文件内容", "schema": { "type": "file" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "404": { "description": "导出任务未找到或文件不存在", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/export/{job_id}/status": { "get": { "security": [ { "bearerAuth": [] } ], "description": "查询指定导出任务的当前状态。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "获取导出任务状态", "parameters": [ { "type": "string", "description": "导出任务ID", "name": "job_id", "in": "path", "required": true } ], "responses": { "200": { "description": "任务状态", "schema": { "$ref": "#/definitions/dto.ExportJobStatusDetailResponse" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "404": { "description": "导出任务未找到", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/hashchain/{tenant_id}": { "get": { "security": [ { "bearerAuth": [] } ], "description": "获取指定租户的审计日志哈希链的详细信息,用于防篡改完整性验证。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "获取哈希链信息", "parameters": [ { "type": "string", "description": "租户ID", "name": "tenant_id", "in": "path", "required": true } ], "responses": { "200": { "description": "哈希链信息", "schema": { "$ref": "#/definitions/dto.HashChainDetailResponse" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "404": { "description": "哈希链未找到", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/hashchain/{tenant_id}/verify-by-date": { "get": { "security": [ { "bearerAuth": [] } ], "description": "对指定租户在日期范围内的审计日志哈希链进行完整性验证。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "按日期范围验证哈希链", "parameters": [ { "type": "string", "description": "租户ID", "name": "tenant_id", "in": "path", "required": true }, { "type": "string", "description": "开始日期(YYYY-MM-DD)", "name": "start_date", "in": "query" }, { "type": "string", "description": "结束日期(YYYY-MM-DD)", "name": "end_date", "in": "query" } ], "responses": { "200": { "description": "验证结果", "schema": { "$ref": "#/definitions/dto.VerifyChainDetailResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/incidents": { "get": { "security": [ { "bearerAuth": [] } ], "description": "分页查询安全事件记录,支持按状态、严重程度、关键词筛选。参考:NIST SP 800-61 Rev.2 (Incident Handling)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "获取安全事件列表", "parameters": [ { "type": "string", "description": "状态筛选: open/investigating/contained/resolved/closed", "name": "status", "in": "query" }, { "type": "string", "description": "严重程度: low/medium/high/critical", "name": "severity", "in": "query" }, { "type": "string", "description": "关键词搜索", "name": "search", "in": "query" }, { "type": "integer", "default": 1, "description": "页码(默认1)", "name": "page", "in": "query" }, { "type": "integer", "default": 20, "description": "每页条数(默认20)", "name": "page_size", "in": "query" } ], "responses": { "200": { "description": "事件列表", "schema": { "$ref": "#/definitions/dto.IncidentListResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } }, "post": { "security": [ { "bearerAuth": [] } ], "description": "创建一个新的安全事件 (Incident)。参考:NIST SP 800-61 Rev.2 (Incident Handling)、ISO 27001:2022 Annex A.5.24-5.26。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "创建安全事件", "parameters": [ { "description": "事件信息", "name": "body", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.CreateIncidentRequest" } } ], "responses": { "201": { "description": "创建的事件", "schema": { "$ref": "#/definitions/dto.IncidentDataResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/incidents/{id}": { "get": { "security": [ { "bearerAuth": [] } ], "description": "根据事件ID获取完整事件信息。参考:NIST SP 800-61 Rev.2 (Incident Handling)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "获取安全事件详情", "parameters": [ { "type": "string", "description": "事件ID", "name": "id", "in": "path", "required": true } ], "responses": { "200": { "description": "事件详情", "schema": { "$ref": "#/definitions/dto.IncidentDataResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "404": { "description": "事件未找到", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/incidents/{id}/comment": { "post": { "security": [ { "bearerAuth": [] } ], "description": "为安全事件添加调查评论。参考:NIST SP 800-61 Rev.2 (Incident Handling)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "添加安全事件评论", "parameters": [ { "type": "string", "description": "事件ID", "name": "id", "in": "path", "required": true }, { "description": "评论内容", "name": "body", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.AddIncidentCommentRequest" } } ], "responses": { "200": { "description": "更新后的事件", "schema": { "$ref": "#/definitions/dto.IncidentDataResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "404": { "description": "事件未找到", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/incidents/{id}/status": { "put": { "security": [ { "bearerAuth": [] } ], "description": "更新安全事件状态,支持工作流状态转移(如 open→investigating→contained→resolved→closed)。参考:NIST SP 800-61 Rev.2 (Incident Handling)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "更新安全事件状态", "parameters": [ { "type": "string", "description": "事件ID", "name": "id", "in": "path", "required": true }, { "description": "状态更新请求", "name": "body", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.UpdateIncidentStatusRequest" } } ], "responses": { "200": { "description": "更新后的事件", "schema": { "$ref": "#/definitions/dto.IncidentDataResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "404": { "description": "事件未找到", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/logs": { "get": { "security": [ { "bearerAuth": [] } ], "description": "按租户、用户、操作类型、时间范围等条件查询审计日志。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "查询审计日志", "parameters": [ { "type": "string", "description": "租户ID", "name": "tenant_id", "in": "query" }, { "type": "string", "description": "用户ID", "name": "user_id", "in": "query" }, { "type": "string", "description": "操作类型", "name": "action", "in": "query" }, { "type": "string", "description": "资源类型", "name": "resource_type", "in": "query" }, { "type": "integer", "description": "开始时间戳", "name": "start_time", "in": "query" }, { "type": "integer", "description": "结束时间戳", "name": "end_time", "in": "query" }, { "type": "integer", "default": 1, "description": "页码(默认1)", "name": "page", "in": "query" }, { "type": "integer", "default": 20, "description": "每页条数(默认20)", "name": "page_size", "in": "query" } ], "responses": { "200": { "description": "查询结果", "schema": { "$ref": "#/definitions/dto.AuditLogListResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/logs/{id}": { "get": { "security": [ { "bearerAuth": [] } ], "description": "根据日志ID获取单条审计日志详情,支持租户隔离。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "根据ID获取审计日志", "parameters": [ { "type": "string", "description": "日志ID", "name": "id", "in": "path", "required": true } ], "responses": { "200": { "description": "审计日志详情", "schema": { "$ref": "#/definitions/dto.AuditLogDetailResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "404": { "description": "审计日志未找到", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/merkle-proof": { "get": { "security": [ { "bearerAuth": [] } ], "description": "为指定审计日志条目生成 Merkle Proof 路径,第三方可通过 Proof 独立验证该条目是否被篡改。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "获取指定审计日志条目的 Merkle Proof", "parameters": [ { "type": "string", "description": "租户ID", "name": "tenant_id", "in": "query", "required": true }, { "type": "string", "description": "审计日志条目ID", "name": "entry_id", "in": "query", "required": true } ], "responses": { "200": { "description": "Merkle Proof 信息", "schema": { "$ref": "#/definitions/dto.MerkleProofDetailResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/merkle-proofs": { "post": { "security": [ { "bearerAuth": [] } ], "description": "一次查询多个审计日志条目的 Merkle Proof,复用同一棵 Merkle Tree 减少重复查询。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "批量获取多个审计日志条目的 Merkle Proof", "parameters": [ { "description": "批量 Proof 请求体", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.MerkleProofsRequest" } } ], "responses": { "200": { "description": "批量 Proof 结果", "schema": { "$ref": "#/definitions/dto.MerkleProofsDetailResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/merkle-root": { "get": { "security": [ { "bearerAuth": [] } ], "description": "计算指定租户在日期范围内的审计日志 Merkle Root,用于 SOC2/ISO27001 完整性鉴证。不指定日期范围时计算该租户全部日志的 Root。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "获取租户审计日志的 Merkle Root", "parameters": [ { "type": "string", "description": "租户ID", "name": "tenant_id", "in": "query", "required": true }, { "type": "string", "description": "开始日期 (YYYY-MM-DD)", "name": "start", "in": "query" }, { "type": "string", "description": "结束日期 (YYYY-MM-DD)", "name": "end", "in": "query" } ], "responses": { "200": { "description": "Merkle Root 信息", "schema": { "$ref": "#/definitions/dto.MerkleRootDetailResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/payment-events": { "get": { "security": [ { "bearerAuth": [] } ], "description": "按租户和事件类型查询支付相关的审计日志。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "查询支付事件审计日志", "parameters": [ { "type": "string", "description": "租户ID", "name": "tenant_id", "in": "query" }, { "type": "string", "description": "事件类型,如 payment.succeeded", "name": "event_type", "in": "query" }, { "type": "integer", "description": "开始时间戳", "name": "start_time", "in": "query" }, { "type": "integer", "description": "结束时间戳", "name": "end_time", "in": "query" }, { "type": "integer", "default": 1, "description": "页码(默认1)", "name": "page", "in": "query" }, { "type": "integer", "default": 20, "description": "每页条数(默认20)", "name": "page_size", "in": "query" } ], "responses": { "200": { "description": "查询结果", "schema": { "$ref": "#/definitions/dto.AuditLogListResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/reports/compliance": { "get": { "security": [ { "bearerAuth": [] } ], "description": "生成并返回指定租户、周期和合规标准的审计报告。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "获取合规审计报告", "parameters": [ { "type": "string", "description": "合规标准: GDPR/SOX/ISO27001", "name": "standard", "in": "query" }, { "type": "string", "description": "报告周期: 7d/30d/90d", "name": "period", "in": "query" }, { "type": "string", "description": "租户ID", "name": "tenant_id", "in": "query" } ], "responses": { "200": { "description": "合规报告", "schema": { "$ref": "#/definitions/dto.ComplianceReportDetailResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/reports/security": { "get": { "security": [ { "bearerAuth": [] } ], "description": "生成并返回指定租户和周期的安全审计报告。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "获取安全审计报告", "parameters": [ { "type": "string", "description": "报告周期: 7d/30d/90d", "name": "period", "in": "query" }, { "type": "string", "description": "租户ID", "name": "tenant_id", "in": "query" } ], "responses": { "200": { "description": "安全报告", "schema": { "$ref": "#/definitions/dto.SecurityReportDetailResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/retention-policy": { "get": { "security": [ { "bearerAuth": [] } ], "description": "返回指定租户的审计日志保留策略配置;若租户未配置,返回系统默认值(90天/minio/audit-archive)。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "获取租户审计日志保留策略", "parameters": [ { "type": "string", "description": "租户ID(为空时尝试从JWT上下文获取)", "name": "tenant_id", "in": "query" } ], "responses": { "200": { "description": "保留策略详情", "schema": { "$ref": "#/definitions/dto.RetentionPolicyDetailResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } }, "put": { "security": [ { "bearerAuth": [] } ], "description": "为指定租户设置审计日志保留天数、自动归档开关及归档目标。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "保存或更新租户审计日志保留策略", "parameters": [ { "description": "保留策略配置", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.RetentionPolicyRequest" } } ], "responses": { "200": { "description": "保存后的保留策略", "schema": { "$ref": "#/definitions/dto.RetentionPolicyDetailResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/server-logs": { "get": { "security": [ { "bearerAuth": [] } ], "description": "按服务/级别/关键词/时间范围查询服务运行时错误日志,结果按租户隔离。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "查询服务错误日志", "parameters": [ { "type": "string", "description": "服务名筛选", "name": "service", "in": "query" }, { "type": "string", "description": "级别筛选: error/warn", "name": "level", "in": "query" }, { "type": "string", "description": "关键词搜索", "name": "keyword", "in": "query" }, { "type": "integer", "description": "开始时间戳", "name": "start_time", "in": "query" }, { "type": "integer", "description": "结束时间戳", "name": "end_time", "in": "query" }, { "type": "integer", "default": 1, "description": "页码(默认1)", "name": "page", "in": "query" }, { "type": "integer", "default": 20, "description": "每页条数(默认20)", "name": "page_size", "in": "query" } ], "responses": { "200": { "description": "服务错误日志列表", "schema": { "$ref": "#/definitions/dto.ListResponse-dto_ServerLogResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/server-logs/services": { "get": { "security": [ { "bearerAuth": [] } ], "description": "返回所有在 error_logs 集合中有记录的服务名称列表。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "获取已记录日志的服务列表", "responses": { "200": { "description": "服务名列表", "schema": { "$ref": "#/definitions/dto.ServerLogServicesResponse" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/siem/connectors": { "get": { "security": [ { "bearerAuth": [] } ], "description": "获取租户的所有 SIEM 连接器配置。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "列出 SIEM 连接器", "parameters": [ { "type": "string", "description": "租户ID", "name": "tenant_id", "in": "query" }, { "type": "integer", "default": 1, "description": "页码(默认1)", "name": "page", "in": "query" }, { "type": "integer", "default": 20, "description": "每页条数(默认20)", "name": "page_size", "in": "query" } ], "responses": { "200": { "description": "连接器列表", "schema": { "$ref": "#/definitions/dto.SIEMConnectorListResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } }, "post": { "security": [ { "bearerAuth": [] } ], "description": "创建新的 SIEM 连接器配置。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "创建 SIEM 连接器", "parameters": [ { "description": "连接器配置(name: 名称, type: 类型, endpoint: 地址, api_key: 密钥, index: 索引, enabled: 启用)", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.SIEMConnectorRequest" } } ], "responses": { "201": { "description": "创建成功", "schema": { "$ref": "#/definitions/dto.SIEMConnectorDetailResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/siem/connectors/{id}": { "put": { "security": [ { "bearerAuth": [] } ], "description": "更新指定 SIEM 连接器配置。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "更新 SIEM 连接器", "parameters": [ { "type": "string", "description": "连接器ID", "name": "id", "in": "path", "required": true }, { "description": "连接器配置", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.SIEMConnectorRequest" } } ], "responses": { "200": { "description": "更新成功", "schema": { "$ref": "#/definitions/dto.SIEMConnectorDetailResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "404": { "description": "SIEM连接器未找到", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } }, "delete": { "security": [ { "bearerAuth": [] } ], "description": "删除指定 SIEM 连接器。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "删除 SIEM 连接器", "parameters": [ { "type": "string", "description": "连接器ID", "name": "id", "in": "path", "required": true } ], "responses": { "200": { "description": "删除成功", "schema": { "$ref": "#/definitions/dto.DeleteStatusResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "404": { "description": "SIEM连接器未找到", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/siem/connectors/{id}/test": { "post": { "security": [ { "bearerAuth": [] } ], "description": "测试指定 SIEM 连接器的连通性。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "测试 SIEM 连接器", "parameters": [ { "type": "string", "description": "连接器ID", "name": "id", "in": "path", "required": true } ], "responses": { "200": { "description": "测试结果", "schema": { "$ref": "#/definitions/dto.SIEMTestResultResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "404": { "description": "SIEM连接器未找到", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/stats": { "get": { "security": [ { "bearerAuth": [] } ], "description": "获取审计日志的统计信息,包括各操作类型的分布、趋势等。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "获取审计统计", "responses": { "200": { "description": "统计信息", "schema": { "$ref": "#/definitions/dto.AuditStatsDetailResponse" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/stream": { "get": { "security": [ { "bearerAuth": [] } ], "description": "Server-Sent Events 实时推送审计日志、异常和告警。按租户过滤,支持重连。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "text/event-stream" ], "tags": [ "审计服务" ], "summary": "实时审计事件流", "parameters": [ { "type": "string", "description": "租户ID", "name": "tenant_id", "in": "query" } ], "responses": { "200": { "description": "SSE stream", "schema": { "type": "string" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/tenant-config": { "get": { "security": [ { "bearerAuth": [] } ], "description": "获取指定租户的异常检测配置(阈值、启用的检测器等)。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "获取租户异常检测配置", "responses": { "200": { "description": "租户配置", "schema": { "$ref": "#/definitions/domain.AuditTenantConfig" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } }, "put": { "security": [ { "bearerAuth": [] } ], "description": "创建或更新指定租户的异常检测配置(阈值、启用的检测器等)。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "更新租户异常检测配置", "parameters": [ { "description": "租户配置", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/domain.AuditTenantConfig" } } ], "responses": { "200": { "description": "更新后的租户配置", "schema": { "$ref": "#/definitions/domain.AuditTenantConfig" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/verifications": { "get": { "security": [ { "bearerAuth": [] } ], "description": "返回后台定时验证器对各租户哈希链的最新验证结果,用于自动化防篡改监控。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "查询最近一次自动哈希链验证结果", "responses": { "200": { "description": "各租户验证结果", "schema": { "$ref": "#/definitions/dto.VerificationResultListResponse" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } }, "post": { "security": [ { "bearerAuth": [] } ], "description": "验证指定租户的审计日志哈希链是否完整未被篡改,支持防篡改鉴证。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "验证哈希链完整性", "parameters": [ { "description": "tenant_id: 租户ID", "name": "request", "in": "body", "required": true, "schema": { "type": "object" } } ], "responses": { "200": { "description": "valid: true, message: 哈希链验证通过", "schema": { "$ref": "#/definitions/dto.VerifyChainDetailResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/admin/audit/wallet-events": { "get": { "security": [ { "bearerAuth": [] } ], "description": "按租户和事件类型查询钱包相关的审计日志。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务" ], "summary": "查询钱包事件审计日志", "parameters": [ { "type": "string", "description": "租户ID", "name": "tenant_id", "in": "query" }, { "type": "string", "description": "事件类型,如 wallet.deposited", "name": "event_type", "in": "query" }, { "type": "integer", "description": "开始时间戳", "name": "start_time", "in": "query" }, { "type": "integer", "description": "结束时间戳", "name": "end_time", "in": "query" }, { "type": "integer", "default": 1, "description": "页码(默认1)", "name": "page", "in": "query" }, { "type": "integer", "default": 20, "description": "每页条数(默认20)", "name": "page_size", "in": "query" } ], "responses": { "200": { "description": "查询结果", "schema": { "$ref": "#/definitions/dto.AuditLogListResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/audit/public/hashchain": { "get": { "description": "Trust Center: 获取审计日志哈希链公开摘要(哈希值截断保留前16位),用于公开的完整性鉴证。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - Trust Center" ], "summary": "获取公开哈希链", "responses": { "200": { "description": "公开哈希链", "schema": { "$ref": "#/definitions/dto.PublicHashChainDetailResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/audit/public/logs-summary": { "get": { "description": "Trust Center: 获取审计日志公开摘要,包含总日志数、最近活动和模块数量。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - Trust Center" ], "summary": "获取公开日志摘要", "responses": { "200": { "description": "公开日志摘要", "schema": { "$ref": "#/definitions/dto.PublicLogsSummaryDetailResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/audit/public/stats": { "get": { "description": "Trust Center: 获取审计日志公开统计(脱敏,不含租户ID和精细操作分类)。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - Trust Center" ], "summary": "获取公开审计统计", "responses": { "200": { "description": "公开审计统计", "schema": { "$ref": "#/definitions/dto.PublicAuditStatsDetailResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/internal/audit/logs": { "get": { "description": "服务间调用查询审计日志,无 JWT 认证,通过 InternalAPIKey 鉴权。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务 - 内部接口" ], "summary": "内部查询审计日志", "parameters": [ { "type": "string", "description": "租户ID", "name": "tenant_id", "in": "query" }, { "type": "string", "description": "用户ID", "name": "user_id", "in": "query" }, { "type": "string", "description": "操作类型", "name": "action", "in": "query" }, { "type": "string", "description": "资源类型", "name": "resource_type", "in": "query" }, { "type": "integer", "description": "开始时间戳", "name": "start_time", "in": "query" }, { "type": "integer", "description": "结束时间戳", "name": "end_time", "in": "query" }, { "type": "integer", "default": 1, "description": "页码(默认1)", "name": "page", "in": "query" }, { "type": "integer", "default": 20, "description": "每页条数(默认20)", "name": "page_size", "in": "query" } ], "responses": { "200": { "description": "查询结果", "schema": { "$ref": "#/definitions/dto.AuditLogListResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } }, "post": { "description": "将一条审计日志写入系统,支持溯源追踪。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务 - 内部接口" ], "summary": "记录单条审计日志", "parameters": [ { "description": "审计日志内容", "name": "request", "in": "body", "required": true, "schema": { "type": "object" } } ], "responses": { "201": { "description": "status: created", "schema": { "$ref": "#/definitions/dto.CreateStatusResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/internal/audit/logs/batch": { "post": { "description": "批量写入多条审计日志,单次最多1000条。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务 - 内部接口" ], "summary": "批量记录审计日志", "parameters": [ { "description": "审计日志列表", "name": "request", "in": "body", "required": true, "schema": { "type": "array", "items": { "type": "object" } } } ], "responses": { "201": { "description": "status: created, count: 数量", "schema": { "$ref": "#/definitions/dto.BatchCreateStatusResponse" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/internal/runtime": { "get": { "description": "返回服务的运行时健康信息,用于运维监控和探活检测", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务-内部接口" ], "summary": "获取服务运行时状态", "responses": { "200": { "description": "服务正常", "schema": { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.SimpleResponse" } }, "503": { "description": "健康检查处理器不可用", "schema": { "$ref": "#/definitions/dto.Problem" } } } } }, "/internal/schedulers": { "get": { "description": "返回审计服务所有后台定时任务(归档、验证、异常检测等)的运行状态和统计信息。参考:ISO 27001:2022 Annex A.12.4 (Event Logging)、PCI DSS v4.0 Req 10 (Log \u0026 Monitor)。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "审计服务 - 内部接口" ], "summary": "列出审计服务定时任务", "responses": { "200": { "description": "定时任务列表", "schema": { "type": "object" } }, "400": { "description": "请求参数校验失败", "schema": { "$ref": "#/definitions/dto.Problem" } }, "401": { "description": "未认证", "schema": { "$ref": "#/definitions/dto.Problem" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.Problem" } } } } } }, "definitions": { "domain.AuditTenantConfig": { "type": "object", "properties": { "brute_force_min_attempts": { "type": "integer" }, "brute_force_severity_critical": { "type": "integer" }, "brute_force_severity_high": { "type": "integer" }, "created_at": { "type": "string" }, "id": { "type": "string" }, "off_hours_end": { "type": "integer" }, "off_hours_min_events": { "type": "integer" }, "off_hours_start": { "type": "integer" }, "tenant_id": { "type": "string" }, "updated_at": { "type": "string" } } }, "dto.AddAnomalyCommentRequest": { "description": "添加异常调查评论", "type": "object", "required": [ "content" ], "properties": { "content": { "description": "评论内容", "type": "string", "example": "经初步分析,此为合法用户使用VPN访问" } } }, "dto.AddIncidentCommentRequest": { "type": "object", "required": [ "content" ], "properties": { "content": { "type": "string", "example": "已确认攻击源头并封锁IP" } } }, "dto.AlertDataResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.AlertResponse" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.AlertListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.AlertResponse" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.AlertResponse": { "type": "object", "properties": { "acknowledged_at": { "type": "string", "example": "2024-01-01T01:00:00Z" }, "assignee": { "type": "string", "example": "analyst-001" }, "created_at": { "type": "string", "example": "2024-01-01T00:00:00Z" }, "escalated_at": { "type": "string", "example": "2024-01-01T02:00:00Z" }, "id": { "type": "string", "example": "alert_abc123" }, "message": { "type": "string", "example": "用户频繁登录失败" }, "resolved_at": { "type": "string", "example": "2024-01-01T03:00:00Z" }, "resolved_by": { "type": "string", "example": "op-001" }, "severity": { "type": "string", "example": "high" }, "source": { "type": "string", "example": "anomaly_detector" }, "status": { "type": "string", "example": "open" }, "tenant_id": { "type": "string", "example": "tnt_abc123" }, "title": { "type": "string", "example": "暴力破解检测" }, "type": { "type": "string", "example": "anomaly" }, "updated_at": { "type": "string", "example": "2024-01-01T00:00:00Z" } } }, "dto.AnomalyCommentResponse": { "description": "异常调查评论", "type": "object", "properties": { "author_id": { "description": "评论者ID", "type": "string", "example": "usr_analyst001" }, "author_name": { "description": "评论者名", "type": "string", "example": "Zhang San" }, "content": { "description": "内容", "type": "string", "example": "经调查确认为误报" }, "created_at": { "description": "时间戳", "type": "integer", "example": 1713175800 }, "id": { "description": "评论ID", "type": "string", "example": "cmt_abc123" } } }, "dto.AnomalyDetailResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.AnomalyResponse" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.AnomalyDetectListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "type": "array", "items": { "$ref": "#/definitions/dto.AnomalyResponse" } }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.AnomalyListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.AnomalyResponse" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.AnomalyRelatedListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.AnomalyResponse" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.AnomalyResponse": { "description": "审计异常记录", "type": "object", "properties": { "assignee": { "description": "分析师", "type": "string", "example": "usr_analyst001" }, "comments": { "description": "评论", "type": "array", "items": { "$ref": "#/definitions/dto.AnomalyCommentResponse" } }, "created_at": { "description": "创建时间戳", "type": "integer", "example": 1713175800 }, "description": { "description": "描述", "type": "string", "example": "检测到连续5次登录失败" }, "detected_at": { "description": "检测时间戳", "type": "integer", "example": 1713175800 }, "event_ids": { "description": "关联事件ID", "type": "array", "items": { "type": "string" } }, "id": { "description": "异常ID", "type": "string", "example": "ano_abc123" }, "mitre_tactic": { "description": "MITRE战术", "type": "string", "example": "T1110" }, "related_case_id": { "description": "关联案件ID", "type": "string" }, "resolved_at": { "description": "解决时间戳", "type": "integer" }, "resolved_by": { "description": "解决者", "type": "string" }, "severity": { "description": "严重程度", "type": "string", "example": "high" }, "status": { "description": "状态", "type": "string", "example": "open" }, "tenant_id": { "description": "租户ID", "type": "string", "example": "tnt_abc123" }, "type": { "description": "类型", "type": "string", "example": "brute_force" }, "updated_at": { "description": "更新时间戳", "type": "integer" }, "user_id": { "description": "用户ID", "type": "string", "example": "usr_abc123" } } }, "dto.AnomalyTimelineDetailResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.AnomalyTimelineResponse" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.AnomalyTimelineResponse": { "description": "异常关联的用户事件时间线,包含设备/会话上下文", "type": "object", "properties": { "anomaly": { "$ref": "#/definitions/dto.AnomalyResponse" }, "context": { "$ref": "#/definitions/dto.ContextSummary" }, "events": { "type": "array", "items": { "$ref": "#/definitions/dto.AuditLogResponse" } }, "login_sessions": { "type": "array", "items": { "$ref": "#/definitions/dto.DeviceSummary" } } } }, "dto.ArchiveStatsDetailResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.ArchiveStatsResponse" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.ArchiveStatsResponse": { "description": "审计日志归档操作结果统计", "type": "object", "properties": { "archived_count": { "type": "integer", "example": 1000 }, "deleted_count": { "type": "integer", "example": 1000 }, "tenant_id": { "type": "string", "example": "tnt_abc123" } } }, "dto.ArchiveStatusDetailResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.ArchiveStatusResponse" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.ArchiveStatusResponse": { "description": "审计日志归档状态", "type": "object", "properties": { "bucket": { "description": "存储桶", "type": "string", "example": "audit-archive" }, "days": { "description": "保留天数", "type": "integer", "example": 90 }, "enabled": { "description": "启用", "type": "boolean", "example": true }, "last_archive": { "description": "上次归档时间戳", "type": "integer", "example": 1711929600 } } }, "dto.AssignAlertRequest": { "type": "object", "required": [ "assignee" ], "properties": { "assignee": { "type": "string", "example": "analyst-001" } } }, "dto.AssignAnomalyRequest": { "description": "分配异常给安全分析师", "type": "object", "required": [ "assignee" ], "properties": { "assignee": { "description": "分析师ID", "type": "string", "example": "usr_analyst001" } } }, "dto.AuditLogDetailResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.AuditLogResponse" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.AuditLogListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.AuditLogResponse" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.AuditLogResponse": { "description": "审计日志记录信息", "type": "object", "properties": { "action": { "description": "操作", "type": "string", "example": "user.login" }, "app_id": { "description": "应用ID", "type": "string", "example": "app_xyz" }, "duration": { "description": "耗时(ms)", "type": "integer", "example": 150 }, "id": { "description": "日志ID", "type": "string", "example": "audit_abc123" }, "ip": { "description": "IP", "type": "string", "example": "192.168.1.1" }, "level": { "description": "级别", "type": "string", "example": "info" }, "message": { "description": "消息", "type": "string", "example": "用户登录成功" }, "metadata": { "description": "元数据", "type": "object", "additionalProperties": true }, "module": { "description": "模块", "type": "string", "example": "identity" }, "operator_id": { "description": "操作者ID", "type": "string", "example": "usr_abc123" }, "operator_type": { "description": "操作者类型", "type": "string", "example": "user" }, "request_id": { "description": "请求ID", "type": "string", "example": "req_xyz789" }, "sequence": { "description": "序列号", "type": "integer", "example": 12345 }, "status": { "description": "状态", "type": "integer", "example": 0 }, "target_id": { "description": "目标ID", "type": "string", "example": "usr_target" }, "target_type": { "description": "目标类型", "type": "string", "example": "user" }, "tenant_id": { "description": "租户ID", "type": "string", "example": "tnt_abc123" }, "timestamp": { "description": "时间戳", "type": "integer", "example": 1713175800 }, "user_agent": { "description": "UA", "type": "string", "example": "Mozilla/5.0..." } } }, "dto.AuditStatsDetailResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.AuditStatsResponse" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.AuditStatsResponse": { "description": "审计日志统计信息", "type": "object", "properties": { "active_tenants": { "type": "integer" }, "avg_response_ms": { "type": "number" }, "by_action": { "description": "按操作", "type": "object", "additionalProperties": { "type": "integer" } }, "by_level": { "description": "按级别", "type": "object", "additionalProperties": { "type": "integer" } }, "by_module": { "description": "按模块", "type": "object", "additionalProperties": { "type": "integer" } }, "by_status": { "description": "按状态", "type": "object", "additionalProperties": { "type": "integer" } }, "mttd_minutes": { "type": "number" }, "mttr_minutes": { "type": "number" }, "tenant_id": { "description": "租户ID", "type": "string", "example": "tnt_abc123" }, "today_entries": { "type": "integer" }, "total_logs": { "description": "总数", "type": "integer", "example": 1000000 }, "trend": { "description": "趋势", "type": "array", "items": { "$ref": "#/definitions/dto.TimePointResp" } } } }, "dto.BatchCreateStatusResponse": { "type": "object", "properties": { "count": { "type": "integer", "example": 10 }, "status": { "type": "string", "example": "created" } } }, "dto.ComplianceCheckResp": { "description": "单条合规检查项", "type": "object", "properties": { "description": { "description": "描述", "type": "string", "example": "所有数据已加密" }, "issues": { "description": "问题", "type": "array", "items": { "type": "string" } }, "item": { "description": "检查项", "type": "string", "example": "数据加密" }, "passed": { "description": "是否通过", "type": "boolean", "example": true }, "severity": { "description": "严重程度", "type": "string", "example": "high" }, "status": { "description": "状态", "type": "string", "example": "passed" } } }, "dto.ComplianceReportDetailResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.ComplianceReportResponse" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.ComplianceReportResponse": { "description": "合规审计报告", "type": "object", "properties": { "checks": { "description": "检查项", "type": "array", "items": { "$ref": "#/definitions/dto.ComplianceCheckResp" } }, "compliance_score": { "description": "合规得分", "type": "integer", "example": 95 }, "generated_at": { "description": "生成时间戳", "type": "integer", "example": 1713175800 }, "overall_status": { "description": "状态", "type": "string", "example": "pass" }, "period": { "description": "周期", "type": "string", "example": "30d" }, "recommendations": { "description": "建议", "type": "array", "items": { "type": "string" } }, "standard": { "description": "标准", "type": "string", "example": "GDPR" } } }, "dto.ContextSummary": { "description": "异常关联事件的高层统计信息", "type": "object", "properties": { "time_span_seconds": { "type": "integer", "example": 86400 }, "total_events": { "type": "integer", "example": 27 }, "unique_devices": { "type": "integer", "example": 3 }, "unique_ips": { "type": "integer", "example": 2 } } }, "dto.CreateBreachNotificationRequest": { "type": "object", "required": [ "severity", "title" ], "properties": { "affected_users": { "type": "integer", "example": 150 }, "description": { "type": "string", "example": "Suspicious API access patterns detected" }, "severity": { "type": "string", "example": "high" }, "title": { "type": "string", "example": "Unauthorized access detected" } } }, "dto.CreateCleanupRecordRequest": { "type": "object", "required": [ "record_type" ], "properties": { "count": { "type": "integer", "example": 5000 }, "period": { "type": "string", "example": "2024-01-01~2024-06-30" }, "record_type": { "type": "string", "example": "retention_cleanup" } } }, "dto.CreateCrossBorderTransferRequest": { "type": "object", "required": [ "data_type", "from_country", "to_country" ], "properties": { "data_type": { "type": "string", "example": "user_profiles" }, "from_country": { "type": "string", "example": "CN" }, "purpose": { "type": "string", "example": "Data backup replication" }, "safeguard": { "type": "string", "example": "Standard Contractual Clauses" }, "to_country": { "type": "string", "example": "SG" } } }, "dto.CreateDataClassificationRequest": { "type": "object", "required": [ "data_set_name", "tiers" ], "properties": { "data_set_name": { "type": "string", "example": "User Profile Data" }, "description": { "type": "string", "example": "Contains personally identifiable information" }, "tiers": { "type": "string", "example": "PII/Confidential" } } }, "dto.CreateIDResponse": { "type": "object", "properties": { "id": { "type": "string", "example": "pia_abc123" } } }, "dto.CreateIncidentRequest": { "type": "object", "required": [ "severity", "title" ], "properties": { "assignee": { "type": "string", "example": "analyst-001" }, "description": { "type": "string", "example": "发现多个租户账户遭到暴力破解攻击" }, "related_evidence_ids": { "type": "array", "items": { "type": "string" } }, "severity": { "type": "string", "example": "critical" }, "source_anomaly_ids": { "type": "array", "items": { "type": "string" } }, "title": { "type": "string", "example": "多账户暴力破解" } } }, "dto.CreatePIARequest": { "type": "object", "required": [ "name" ], "properties": { "data_types": { "type": "array", "items": { "type": "string" }, "example": [ "[\"email\"", "\"name\"", "\"phone\"]" ] }, "description": { "type": "string", "example": "Processing customer personal data" }, "name": { "type": "string", "example": "Customer Data Processing" }, "purpose": { "type": "string", "example": "Marketing analytics" }, "risk_level": { "type": "string", "example": "medium" } } }, "dto.CreateStatusResponse": { "type": "object", "properties": { "status": { "type": "string", "example": "created" } } }, "dto.DeleteStatusResponse": { "type": "object", "properties": { "status": { "description": "状态", "type": "string", "example": "deleted" } } }, "dto.DeviceSummary": { "description": "异常时间线中某个设备指纹的摘要信息", "type": "object", "properties": { "event_count": { "type": "integer", "example": 5 }, "fingerprint": { "type": "string", "example": "f7a3c8e1b2d4..." }, "first_seen": { "type": "integer", "example": 1713175800 }, "ip": { "type": "string", "example": "192.168.1.1" }, "last_seen": { "type": "integer", "example": 1713180000 }, "user_agent": { "type": "string", "example": "Mozilla/5.0..." } } }, "dto.ExportJobDetailResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.ExportJobResponse" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.ExportJobListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.ExportJobResponse" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.ExportJobRequest": { "type": "object", "required": [ "format" ], "properties": { "actions": { "description": "操作类型筛选", "type": "array", "items": { "type": "string" }, "example": [ "[\"create\"", "\"update\"]" ] }, "end_date": { "description": "结束日期(YYYY-MM-DD)", "type": "string", "example": "2026-01-31" }, "format": { "description": "导出格式: json/csv", "type": "string", "example": "json" }, "modules": { "description": "模块筛选", "type": "array", "items": { "type": "string" }, "example": [ "[\"order\"", "\"user\"]" ] }, "start_date": { "description": "开始日期(YYYY-MM-DD)", "type": "string", "example": "2026-01-01" } } }, "dto.ExportJobResponse": { "description": "审计日志导出任务信息", "type": "object", "properties": { "content_type": { "description": "内容类型", "type": "string", "example": "text/csv" }, "filename": { "description": "文件名", "type": "string", "example": "audit_logs_20260510.csv" }, "generated_at": { "description": "生成时间戳", "type": "integer", "example": 1713175800 }, "job_id": { "description": "任务ID", "type": "string", "example": "exp_abc123" }, "record_count": { "description": "记录数", "type": "integer", "example": 1000 }, "status": { "description": "状态", "type": "string", "example": "completed" } } }, "dto.ExportJobStatusDetailResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.ExportJobStatusResponse" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.ExportJobStatusResponse": { "description": "审计日志导出任务状态", "type": "object", "properties": { "job_id": { "description": "任务ID", "type": "string", "example": "exp_abc123" }, "status": { "description": "状态", "type": "string", "example": "completed" } } }, "dto.FieldViolation": { "type": "object", "properties": { "code": { "description": "Code 是错误代码(可选)\n用于程序识别错误类型,如 \"required\", \"format\", \"range\"", "type": "string" }, "description": { "description": "Description 是人类可读的错误描述\n应该说明违反了什么规则,如 \"必须是一个有效的邮箱地址\"", "type": "string" }, "field": { "description": "Field 是错误字段的路径\n使用点号表示嵌套字段,如 \"user.email\" 或 \"addresses[0].city\"", "type": "string" }, "value": { "description": "Value 是导致错误的值(可选,开发模式下使用)\n生产环境可能不返回此字段以避免泄露敏感信息" } } }, "dto.HashChainDetailResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.HashChainResponse" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.HashChainResponse": { "description": "哈希链详细信息", "type": "object", "properties": { "end_hash": { "description": "结束哈希", "type": "string", "example": "def456..." }, "is_valid": { "description": "有效", "type": "boolean", "example": true }, "log_count": { "description": "日志数", "type": "integer", "example": 100000 }, "start_hash": { "description": "起始哈希", "type": "string", "example": "abc123..." }, "tenant_id": { "description": "租户ID", "type": "string", "example": "tnt_abc123" }, "verified_at": { "description": "验证时间戳", "type": "integer", "example": 1713175800 } } }, "dto.IncidentDataResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.IncidentResponse" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.IncidentListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.IncidentResponse" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.IncidentResponse": { "type": "object", "properties": { "assignee": { "type": "string", "example": "analyst-001" }, "created_at": { "type": "string", "example": "2026-01-01T00:00:00Z" }, "description": { "type": "string", "example": "发现多个租户账户遭到暴力破解攻击" }, "id": { "type": "string", "example": "inc_abc123" }, "related_evidence_ids": { "type": "array", "items": { "type": "string" } }, "resolved_at": { "type": "string", "example": "2026-01-01T03:00:00Z" }, "resolved_by": { "type": "string", "example": "op-001" }, "severity": { "type": "string", "example": "critical" }, "source_anomaly_ids": { "type": "array", "items": { "type": "string" } }, "status": { "type": "string", "example": "open" }, "tenant_id": { "type": "string", "example": "tnt_abc123" }, "title": { "type": "string", "example": "多账户暴力破解" }, "updated_at": { "type": "string", "example": "2026-01-01T00:00:00Z" } } }, "dto.LinkAnomalyRequest": { "type": "object", "required": [ "case_id" ], "properties": { "case_id": { "type": "string", "example": "CASE-2026-001" } } }, "dto.ListResponse-dto_ServerLogResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.ServerLogResponse" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.MerkleProofDetailResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.MerkleProofResponse" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.MerkleProofResponse": { "description": "指定审计日志条目的 Merkle Proof,用于第三方验证日志未被篡改", "type": "object", "properties": { "entry_id": { "description": "审计日志ID", "type": "string", "example": "audit_001" }, "leaf_count": { "description": "总叶子数", "type": "integer", "example": 1000 }, "leaf_hash": { "description": "叶节点哈希", "type": "string", "example": "abc123..." }, "leaf_index": { "description": "叶节点索引", "type": "integer", "example": 42 }, "proof": { "description": "Proof 路径", "type": "array", "items": { "type": "string" }, "example": [ "[R:def456", "L:ghi789]" ] }, "root_hash": { "description": "Merkle Root", "type": "string", "example": "a3f5c8..." }, "tenant_id": { "description": "租户ID", "type": "string", "example": "tenant-1" } } }, "dto.MerkleProofsDetailResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.MerkleProofsResponse" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.MerkleProofsRequest": { "description": "批量查询多个审计日志条目的 Merkle Proof", "type": "object", "required": [ "entry_ids" ], "properties": { "entry_ids": { "description": "条目ID列表", "type": "array", "maxItems": 1000, "minItems": 1, "items": { "type": "string" }, "example": [ "[\"audit_001\"", "\"audit_002\"]" ] } } }, "dto.MerkleProofsResponse": { "type": "object", "properties": { "found": { "description": "成功找到的数量", "type": "integer", "example": 3 }, "not_found": { "description": "未找到的条目ID", "type": "array", "items": { "type": "string" }, "example": [ "[\"audit_003\"", "\"audit_005\"]" ] }, "proofs": { "description": "Proof 列表", "type": "array", "items": { "$ref": "#/definitions/dto.MerkleProofResponse" } }, "total": { "description": "总数", "type": "integer", "example": 5 } } }, "dto.MerkleRootDetailResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.MerkleRootResponse" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.MerkleRootResponse": { "description": "指定租户审计日志的 Merkle Root 摘要", "type": "object", "properties": { "generated_at": { "description": "生成时间", "type": "integer", "example": 1713175800 }, "leaf_count": { "description": "叶子节点数", "type": "integer", "example": 1000 }, "period": { "description": "时间范围", "type": "string", "example": "2026-01-01~2026-01-31" }, "root_hash": { "description": "Merkle Root 哈希", "type": "string", "example": "a3f5c8..." }, "tenant_id": { "description": "租户ID", "type": "string", "example": "tenant-1" } } }, "dto.MessageResponse": { "type": "object", "properties": { "code": { "type": "integer", "example": 0 }, "message": { "type": "string", "example": "success" } } }, "dto.Problem": { "type": "object", "properties": { "code": { "description": "Code 是业务错误码\n用于程序处理特定错误场景\n示例:30101001", "type": "integer" }, "detail": { "description": "Detail 是针对此具体错误实例的人类可读解释\n可以包含具体的错误细节,如\"Field 'email' is required\"", "type": "string" }, "errors": { "description": "Errors 是字段级验证错误列表(扩展字段)\n遵循 Web API 标准实践,每个错误包含字段名和错误信息", "type": "array", "items": { "$ref": "#/definitions/dto.FieldViolation" } }, "i18n_args": { "description": "I18nArgs 是国际化参数\n用于动态填充翻译模板", "type": "object", "additionalProperties": {} }, "i18n_key": { "description": "I18nKey 是国际化键\n用于客户端本地化错误消息\n示例:\"error.user_not_found\"", "type": "string" }, "instance": { "description": "Instance 是发生问题的具体URI引用\n通常是请求的URL,可能包含查询参数\n示例:\"/api/v1/users?limit=invalid\"", "type": "string" }, "request_id": { "description": "RequestID 是请求唯一标识\n用于日志关联和问题追踪\n示例:\"req_550e8400-e29b-41d4-a716-446655440000\"", "type": "string" }, "retry_after": { "description": "RetryAfter 用于 429 Too Many Requests 响应\n指示客户端应在多少秒后重试请求(RFC 6585)", "type": "integer" }, "service": { "description": "Service 是服务名\n用于微服务架构中定位错误来源\n示例:\"auth-service\"", "type": "string" }, "span_id": { "description": "SpanID 是当前 span 标识\n用于精确定位分布式链路中的当前节点", "type": "string" }, "status": { "description": "Status 是产生的HTTP状态码\n用于客户端区分问题类型,不随Accept-Language变化\n示例:400, 401, 403, 404, 500", "type": "integer" }, "timestamp": { "description": "Timestamp 是错误发生时间\nISO 8601 格式\n示例:\"2026-04-03T12:00:00Z\"", "type": "string" }, "title": { "description": "Title 是简短、人类可读的问题类型摘要\n相同的 Type 应该始终有相同的 Title(不随实例变化)\n示例:\"Invalid Request Parameters\"", "type": "string" }, "trace_id": { "description": "TraceID 是分布式追踪标识\n遵循 W3C Trace Context 标准\n示例:\"00-0af7651916cd43dd8448eb211c80319c-b7ad6b7169203331-01\"", "type": "string" }, "type": { "description": "Type 是标识问题类型的URI引用\n当该URI被解引用时,应提供人类可读的文档\n示例:\"https://api.example.com/errors/invalid-request\"", "type": "string" } } }, "dto.PublicAuditStats": { "type": "object", "properties": { "by_level": { "type": "object", "additionalProperties": { "type": "integer" } }, "by_module": { "type": "object", "additionalProperties": { "type": "integer" } }, "by_status": { "type": "object", "additionalProperties": { "type": "integer" } }, "total_logs": { "type": "integer", "example": 1000000 } } }, "dto.PublicAuditStatsDetailResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.PublicAuditStats" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.PublicHashChain": { "type": "object", "properties": { "end_hash": { "description": "前16位", "type": "string", "example": "789ghi012jkl..." }, "last_validated": { "type": "string", "example": "2026-05-12T00:00:00Z" }, "log_count": { "type": "integer", "example": 100000 }, "start_hash": { "description": "前16位", "type": "string", "example": "abc123def456..." } } }, "dto.PublicHashChainDetailResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.PublicHashChain" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.PublicLogsSummary": { "type": "object", "properties": { "active_since": { "type": "string", "example": "2025-01-01T00:00:00Z" }, "last_activity": { "type": "string", "example": "2026-05-12T10:00:00Z" }, "module_count": { "type": "integer", "example": 12 }, "total_logs": { "type": "integer", "example": 1000000 } } }, "dto.PublicLogsSummaryDetailResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.PublicLogsSummary" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.RecordAIDecisionRequest": { "description": "记录AI自动化决策参数", "type": "object", "required": [ "decision_id", "model" ], "properties": { "decision_id": { "description": "决策ID", "type": "string", "example": "ai-dec-001" }, "input": { "description": "输入", "type": "object", "additionalProperties": true }, "model": { "description": "模型", "type": "string", "example": "risk-scoring-v1" }, "output": { "description": "输出", "type": "object", "additionalProperties": true }, "reviewed": { "description": "已复核", "type": "boolean" }, "reviewer": { "description": "复核人", "type": "string" } } }, "dto.RetentionPolicyDetailResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.RetentionPolicyResponse" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.RetentionPolicyRequest": { "description": "租户审计日志保留策略配置", "type": "object", "properties": { "archive_to": { "description": "归档目标", "type": "string", "example": "minio" }, "bucket": { "description": "归档桶名", "type": "string", "example": "audit-archive" }, "days": { "description": "保留天数", "type": "integer", "minimum": 1, "example": 90 }, "enabled": { "description": "是否启用自动归档", "type": "boolean", "example": true } } }, "dto.RetentionPolicyResponse": { "type": "object", "properties": { "archive_to": { "description": "归档目标", "type": "string", "example": "minio" }, "bucket": { "description": "归档桶名", "type": "string", "example": "audit-archive" }, "created_at": { "description": "创建时间", "type": "integer", "example": 1713175800 }, "days": { "description": "保留天数", "type": "integer", "example": 90 }, "enabled": { "description": "是否启用自动归档", "type": "boolean", "example": true }, "tenant_id": { "description": "租户ID", "type": "string", "example": "tenant-1" }, "updated_at": { "description": "更新时间", "type": "integer", "example": 1713175800 } } }, "dto.SIEMConnectorDetailResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.SIEMConnectorResponse" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.SIEMConnectorListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.SIEMConnectorResponse" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.SIEMConnectorRequest": { "type": "object", "required": [ "endpoint", "name", "type" ], "properties": { "api_key": { "description": "API Key", "type": "string", "example": "tok-xxx" }, "config": { "description": "扩展配置", "type": "object", "additionalProperties": true }, "enabled": { "description": "是否启用", "type": "boolean", "example": true }, "endpoint": { "description": "端点", "type": "string", "example": "https://splunk.example.com:8088" }, "index": { "description": "索引", "type": "string", "example": "main" }, "name": { "description": "名称", "type": "string", "example": "Splunk-Prod" }, "type": { "description": "类型", "type": "string", "enum": [ "splunk", "elk", "cef" ], "example": "splunk" } } }, "dto.SIEMConnectorResponse": { "type": "object", "properties": { "config": { "description": "扩展配置", "type": "object", "additionalProperties": true }, "created_at": { "description": "创建时间", "type": "integer", "example": 1713175800 }, "enabled": { "description": "是否启用", "type": "boolean", "example": true }, "endpoint": { "description": "端点", "type": "string", "example": "https://..." }, "id": { "description": "ID", "type": "string", "example": "siem_abc123" }, "index": { "description": "索引", "type": "string", "example": "main" }, "last_tested_at": { "description": "最近测试时间", "type": "integer" }, "name": { "description": "名称", "type": "string", "example": "Splunk-Prod" }, "tenant_id": { "description": "租户ID", "type": "string", "example": "tenant-1" }, "test_status": { "description": "测试状态", "type": "string", "example": "passed" }, "type": { "description": "类型", "type": "string", "example": "splunk" }, "updated_at": { "description": "更新时间", "type": "integer", "example": 1713175800 } } }, "dto.SIEMTestResultResponse": { "type": "object", "properties": { "message": { "description": "消息", "type": "string", "example": "connection ok" }, "status": { "description": "状态", "type": "string", "example": "passed" }, "success": { "description": "是否成功", "type": "boolean", "example": true } } }, "dto.SecurityDetailsResp": { "description": "安全详情", "type": "object", "properties": { "failed_login_ips": { "description": "失败登录IP", "type": "object", "additionalProperties": { "type": "integer" } }, "suspicious_users": { "description": "可疑用户", "type": "array", "items": { "type": "string" } }, "unusual_access_times": { "description": "异常访问时间", "type": "array", "items": { "$ref": "#/definitions/dto.TimeRangeResp" } } } }, "dto.SecurityReportDetailResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.SecurityReportResponse" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.SecurityReportResponse": { "description": "安全审计报告", "type": "object", "properties": { "details": { "description": "详情", "allOf": [ { "$ref": "#/definitions/dto.SecurityDetailsResp" } ] }, "generated_at": { "description": "生成时间戳", "type": "integer", "example": 1713175800 }, "period": { "description": "周期", "type": "string", "example": "7d" }, "recommendations": { "description": "建议", "type": "array", "items": { "type": "string" } }, "summary": { "description": "摘要", "allOf": [ { "$ref": "#/definitions/dto.SecuritySummaryResp" } ] }, "top_risks": { "description": "主要风险", "type": "array", "items": { "$ref": "#/definitions/dto.SecurityRiskResp" } } } }, "dto.SecurityRiskResp": { "description": "单条安全风险", "type": "object", "properties": { "count": { "description": "数量", "type": "integer", "example": 15 }, "description": { "description": "描述", "type": "string", "example": "检测到暴力破解" }, "severity": { "description": "严重程度", "type": "string", "example": "high" }, "type": { "description": "类型", "type": "string", "example": "brute_force" } } }, "dto.SecuritySummaryResp": { "description": "安全摘要统计", "type": "object", "properties": { "anomalies_detected": { "description": "异常", "type": "integer", "example": 10 }, "blocked_ips": { "description": "被阻止IP", "type": "integer", "example": 5 }, "failed_logins": { "description": "失败登录", "type": "integer", "example": 50 }, "suspicious_activities": { "description": "可疑活动", "type": "integer", "example": 20 }, "total_events": { "description": "总事件", "type": "integer", "example": 10000 } } }, "dto.ServerLogResponse": { "type": "object", "properties": { "level": { "type": "string", "example": "error" }, "message": { "type": "string", "example": "failed to connect to database" }, "service": { "type": "string", "example": "identity-service" }, "timestamp": { "type": "string", "example": "2026-06-04T12:00:00Z" }, "trace_id": { "type": "string", "example": "a1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6" }, "user_id": { "type": "string", "example": "usr_abc123" } } }, "dto.ServerLogServicesResponse": { "type": "object", "properties": { "services": { "type": "array", "items": { "type": "string" }, "example": [ "[\"identity-service\"", "\"wallet-service\"]" ] } } }, "dto.TimePointResp": { "description": "时间点统计", "type": "object", "properties": { "count": { "description": "数量", "type": "integer", "example": 100 }, "timestamp": { "description": "时间戳", "type": "integer", "example": 1713175800 } } }, "dto.TimeRangeResp": { "description": "时间范围", "type": "object", "properties": { "end": { "description": "结束时间戳", "type": "integer", "example": 1713179400 }, "start": { "description": "开始时间戳", "type": "integer", "example": 1713175800 } } }, "dto.UpdateAlertStatusRequest": { "type": "object", "required": [ "status" ], "properties": { "status": { "type": "string", "example": "acknowledged" } } }, "dto.UpdateAnomalyStatusRequest": { "description": "更新异常调查状态", "type": "object", "required": [ "status" ], "properties": { "assignee": { "description": "分析师", "type": "string", "example": "usr_analyst001" }, "status": { "description": "状态", "type": "string", "example": "investigating" } } }, "dto.UpdateIncidentStatusRequest": { "type": "object", "required": [ "status" ], "properties": { "status": { "type": "string", "example": "investigating" } } }, "dto.VerificationResultListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.VerificationResultResponse" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.VerificationResultResponse": { "description": "后台定时哈希链验证的单租户结果", "type": "object", "properties": { "entries_checked": { "type": "integer", "example": 10000 }, "error_message": { "type": "string" }, "last_hash": { "type": "string", "example": "abc123def456..." }, "last_sequence": { "type": "integer", "example": 12345 }, "tenant_id": { "type": "string", "example": "tnt_abc123" }, "valid": { "type": "boolean", "example": true }, "validated_at": { "type": "integer", "example": 1713175800 } } }, "dto.VerifyChainDetailResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.VerifyChainResponse" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.VerifyChainResponse": { "description": "哈希链验证结果", "type": "object", "properties": { "broken_at": { "description": "断裂位置", "type": "integer" }, "checked_count": { "description": "检查数", "type": "integer", "example": 10000 }, "first_hash": { "description": "首哈希", "type": "string", "example": "a1b2c3d4e5f6..." }, "last_hash": { "description": "末哈希", "type": "string", "example": "f6e5d4c3b2a1..." }, "message": { "description": "信息", "type": "string" }, "valid": { "description": "有效", "type": "boolean", "example": true } } }, "gitee_com_linmes_authms_base_dto.PageInfo": { "type": "object", "properties": { "has_next": { "description": "HasNext indicates whether there is a next page", "type": "boolean" }, "has_prev": { "description": "HasPrev indicates whether there is a previous page", "type": "boolean" }, "page": { "description": "Page is the current page number (1-based)", "type": "integer" }, "page_size": { "description": "PageSize is the number of items per page", "type": "integer" }, "total": { "description": "Total is the total number of items across all pages", "type": "integer" }, "total_pages": { "description": "TotalPages is the total number of pages", "type": "integer" } } }, "gitee_com_linmes_authms_base_dto.SimpleResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } } }, "securityDefinitions": { "bearerAuth": { "description": "Type \"Bearer\" followed by a space and JWT token.", "type": "apiKey", "name": "Authorization", "in": "header" } }, "tags": [ { "description": "审计日志:查询、导出、归档", "name": "审计服务" }, { "description": "公开信任中心:安全状态、合规证书、文档", "name": "Trust Center" } ] }