{ "swagger": "2.0", "info": { "description": "合规服务 API,提供审计日志、数据保留策略、合规检查等功能", "title": "Compliance Service API", "contact": {}, "version": "1.0.0" }, "basePath": "/api/v1", "paths": { "/admin/compliance/ai-decisions": { "get": { "security": [ { "bearerAuth": [] } ], "description": "查询所有AI决策的记录(GDPR第22条合规)", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - AI 审查" ], "summary": "查询AI决策记录列表", "parameters": [ { "type": "integer", "description": "page number", "name": "page", "in": "query" }, { "type": "integer", "description": "page size", "name": "page_size", "in": "query" }, { "type": "string", "description": "sort field", "name": "sort_by", "in": "query" }, { "type": "string", "description": "sort order", "name": "sort_order", "in": "query" } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.AIDecisionListResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "post": { "security": [ { "bearerAuth": [] } ], "description": "记录一条AI自动决策的结果和依据", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - AI 审查" ], "summary": "记录AI自动决策", "parameters": [ { "description": "request", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.AIDecisionRequest" } } ], "responses": { "201": { "description": "created", "schema": { "$ref": "#/definitions/dto.AIDecisionItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/ai-decisions/{id}": { "delete": { "security": [ { "bearerAuth": [] } ], "description": "删除指定的AI决策记录", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - AI 审查" ], "summary": "删除AI决策记录", "parameters": [ { "type": "string", "description": "decision ID", "name": "id", "in": "path", "required": true } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_compliance-service_internal_handler_dto.SimpleResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/ai-decisions/{id}/review": { "post": { "security": [ { "bearerAuth": [] } ], "description": "对AI决策进行人工审核", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - AI 审查" ], "summary": "人工审核AI决策", "parameters": [ { "type": "string", "description": "decision ID", "name": "id", "in": "path", "required": true }, { "description": "request", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.ReviewAIDecisionRequest" } } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.AIDecisionItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/audit-findings": { "get": { "security": [ { "bearerAuth": [] } ], "description": "分页查询所有审计发现问题", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 审计发现" ], "summary": "查询审计发现问题列表", "parameters": [ { "type": "string", "description": "severity filter", "name": "severity", "in": "query" }, { "type": "string", "description": "status filter", "name": "status", "in": "query" }, { "type": "string", "description": "control type filter", "name": "control_type", "in": "query" }, { "type": "integer", "description": "page number", "name": "page", "in": "query" }, { "type": "integer", "description": "page size", "name": "page_size", "in": "query" } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.AuditFindingListResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "post": { "security": [ { "bearerAuth": [] } ], "description": "创建一条审计发现问题,记录风险等级和整改计划", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 审计发现" ], "summary": "创建审计发现记录", "parameters": [ { "description": "request", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.CreateAuditFindingRequest" } } ], "responses": { "201": { "description": "created", "schema": { "$ref": "#/definitions/dto.AuditFindingItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/audit-findings/{id}": { "get": { "security": [ { "bearerAuth": [] } ], "description": "根据ID获取审计发现问题及整改进展", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 审计发现" ], "summary": "获取审计发现详情", "parameters": [ { "type": "string", "description": "audit finding ID", "name": "id", "in": "path", "required": true } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.AuditFindingItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "put": { "security": [ { "bearerAuth": [] } ], "description": "更新审计发现的状态、整改进度或处理人", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 审计发现" ], "summary": "更新审计发现状态", "parameters": [ { "type": "string", "description": "audit finding ID", "name": "id", "in": "path", "required": true }, { "description": "request", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.UpdateAuditFindingRequest" } } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.AuditFindingItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "delete": { "security": [ { "bearerAuth": [] } ], "description": "删除指定的审计发现记录", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 审计发现" ], "summary": "删除审计发现记录", "parameters": [ { "type": "string", "description": "audit finding ID", "name": "id", "in": "path", "required": true } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_compliance-service_internal_handler_dto.SimpleResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/breach-notifications": { "get": { "security": [ { "bearerAuth": [] } ], "description": "分页查询所有数据泄露通知记录", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 数据泄露" ], "summary": "查询数据泄露通知列表", "parameters": [ { "type": "integer", "description": "page number", "name": "page", "in": "query" }, { "type": "integer", "description": "page size", "name": "page_size", "in": "query" }, { "type": "string", "description": "sort field", "name": "sort_by", "in": "query" }, { "type": "string", "description": "sort order", "name": "sort_order", "in": "query" } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.BreachNotificationListResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "post": { "security": [ { "bearerAuth": [] } ], "description": "创建一条数据泄露通知记录(用于跟踪和合规报告)", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 数据泄露" ], "summary": "创建数据泄露通知", "parameters": [ { "description": "request", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.BreachNotificationRequest" } } ], "responses": { "201": { "description": "created", "schema": { "$ref": "#/definitions/dto.BreachNotificationItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/breach-notifications/{id}": { "put": { "security": [ { "bearerAuth": [] } ], "description": "更新数据泄露通知的处理状态", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 数据泄露" ], "summary": "更新数据泄露通知", "parameters": [ { "type": "string", "description": "notification ID", "name": "id", "in": "path", "required": true }, { "description": "update fields", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.UpdateBreachNotificationRequest" } } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.BreachNotificationItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "delete": { "security": [ { "bearerAuth": [] } ], "description": "删除指定的数据泄露通知记录", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 数据泄露" ], "summary": "删除数据泄露通知", "parameters": [ { "type": "string", "description": "notification ID", "name": "id", "in": "path", "required": true } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_compliance-service_internal_handler_dto.SimpleResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/certifications": { "get": { "security": [ { "bearerAuth": [] } ], "description": "获取合规认证列表", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 合规证据" ], "summary": "查询合规认证列表", "parameters": [ { "type": "string", "description": "认证框架筛选", "name": "framework", "in": "query" }, { "type": "integer", "description": "页码", "name": "page", "in": "query" }, { "type": "integer", "description": "每页条数", "name": "page_size", "in": "query" } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.CertificationListResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "post": { "security": [ { "bearerAuth": [] } ], "description": "创建新的合规认证记录", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 合规证据" ], "summary": "创建合规认证记录", "parameters": [ { "description": "认证详情", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.CreateCertificationRequest" } } ], "responses": { "201": { "description": "success", "schema": { "$ref": "#/definitions/dto.CertificationItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/certifications/{id}": { "get": { "security": [ { "bearerAuth": [] } ], "description": "获取指定的合规认证详情", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 合规证据" ], "summary": "获取合规认证详情", "parameters": [ { "type": "string", "description": "认证记录ID", "name": "id", "in": "path", "required": true } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.CertificationItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "put": { "security": [ { "bearerAuth": [] } ], "description": "更新指定合规认证记录的证书URL、审计日期、审计机构、下次审计日期或认证状态,用于追踪认证生命周期", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 合规证据" ], "summary": "更新合规认证信息", "parameters": [ { "type": "string", "description": "认证记录ID", "name": "id", "in": "path", "required": true }, { "description": "update fields", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.UpdateComplianceCertificationRequest" } } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.CertificationItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "delete": { "security": [ { "bearerAuth": [] } ], "description": "删除指定的合规认证记录", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 合规证据" ], "summary": "删除合规认证记录", "parameters": [ { "type": "string", "description": "认证记录ID", "name": "id", "in": "path", "required": true } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_compliance-service_internal_handler_dto.SimpleResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/cross-border-transfers": { "get": { "security": [ { "bearerAuth": [] } ], "description": "分页查询所有跨境数据传输记录", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 跨境传输" ], "summary": "查询跨境数据传输列表", "parameters": [ { "type": "integer", "description": "page number", "name": "page", "in": "query" }, { "type": "integer", "description": "page size", "name": "page_size", "in": "query" }, { "type": "string", "description": "sort field", "name": "sort_by", "in": "query" }, { "type": "string", "description": "sort order", "name": "sort_order", "in": "query" } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.CrossBorderTransferListResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "post": { "security": [ { "bearerAuth": [] } ], "description": "创建一条跨境数据传输记录(GDPR第五章合规)", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 跨境传输" ], "summary": "创建跨境数据传输记录", "parameters": [ { "description": "request", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.CreateCrossBorderTransferRequest" } } ], "responses": { "201": { "description": "created", "schema": { "$ref": "#/definitions/dto.CrossBorderTransferItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/cross-border-transfers/{id}": { "put": { "security": [ { "bearerAuth": [] } ], "description": "更新跨境数据传输记录的信息", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 跨境传输" ], "summary": "更新跨境数据传输记录", "parameters": [ { "type": "string", "description": "transfer ID", "name": "id", "in": "path", "required": true }, { "description": "update fields", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.UpdateCrossBorderTransferRequest" } } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.CrossBorderTransferItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "delete": { "security": [ { "bearerAuth": [] } ], "description": "删除指定的跨境数据传输记录", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 跨境传输" ], "summary": "删除跨境数据传输记录", "parameters": [ { "type": "string", "description": "transfer ID", "name": "id", "in": "path", "required": true } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_compliance-service_internal_handler_dto.SimpleResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/data-classifications": { "get": { "security": [ { "bearerAuth": [] } ], "description": "分页查询所有数据分类分级的配置", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 数据分类" ], "summary": "查询数据分类列表", "parameters": [ { "type": "integer", "description": "page number", "name": "page", "in": "query" }, { "type": "integer", "description": "page size", "name": "page_size", "in": "query" }, { "type": "string", "description": "sort field", "name": "sort_by", "in": "query" }, { "type": "string", "description": "sort order", "name": "sort_order", "in": "query" } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.DataClassificationListResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "post": { "security": [ { "bearerAuth": [] } ], "description": "创建一条数据分类规则(如:PII / 敏感 / 内部)", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 数据分类" ], "summary": "创建数据分类规则", "parameters": [ { "description": "request", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.DataClassificationRequest" } } ], "responses": { "201": { "description": "created", "schema": { "$ref": "#/definitions/dto.DataClassificationItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/data-classifications/{id}": { "put": { "security": [ { "bearerAuth": [] } ], "description": "更新指定数据分类规则的分类级别、描述或保留要求,支持按分类级别(等级+等保+ISO)联动", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 数据分类" ], "summary": "更新数据分类规则", "parameters": [ { "type": "string", "description": "classification ID", "name": "id", "in": "path", "required": true }, { "description": "update fields", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.UpdateDataClassificationRequest" } } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.DataClassificationItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "delete": { "security": [ { "bearerAuth": [] } ], "description": "删除指定的数据分类规则", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 数据分类" ], "summary": "删除数据分类规则", "parameters": [ { "type": "string", "description": "classification ID", "name": "id", "in": "path", "required": true } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_compliance-service_internal_handler_dto.SimpleResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/dengbao/controls": { "get": { "security": [ { "bearerAuth": [] } ], "description": "分页查询所有等级保护(Dengbao)安全控制项", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 等保" ], "summary": "查询等级保护控制项列表", "parameters": [ { "type": "integer", "description": "page number", "name": "page", "in": "query" }, { "type": "integer", "description": "page size", "name": "page_size", "in": "query" } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.DengbaoControlListResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "post": { "security": [ { "bearerAuth": [] } ], "description": "创建一条等级保护(Dengbao)安全控制项的记录", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 等保" ], "summary": "创建等级保护控制项", "parameters": [ { "description": "request", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.CreateDengbaoControlRequest" } } ], "responses": { "201": { "description": "created", "schema": { "$ref": "#/definitions/dto.DengbaoControlItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/dengbao/controls/{id}": { "put": { "security": [ { "bearerAuth": [] } ], "description": "更新指定等级保护(Dengbao)安全控制项的状态和证据", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 等保" ], "summary": "更新等级保护控制项", "parameters": [ { "type": "string", "description": "control ID", "name": "id", "in": "path", "required": true }, { "description": "update fields", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.UpdateDengbaoControlRequest" } } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.DengbaoControlItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "delete": { "security": [ { "bearerAuth": [] } ], "description": "删除指定等级保护(Dengbao)安全控制项的记录", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 等保" ], "summary": "删除等级保护控制项", "parameters": [ { "type": "string", "description": "control ID", "name": "id", "in": "path", "required": true } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_compliance-service_internal_handler_dto.SimpleResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/evidence": { "get": { "security": [ { "bearerAuth": [] } ], "description": "分页查询所有合规证据文件", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 合规证据" ], "summary": "查询合规证据列表", "parameters": [ { "type": "string", "description": "control type", "name": "control_type", "in": "query" }, { "type": "string", "description": "control ID", "name": "control_id", "in": "query" }, { "type": "integer", "description": "page number", "name": "page", "in": "query" }, { "type": "integer", "description": "page size", "name": "page_size", "in": "query" } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.EvidenceListResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "post": { "security": [ { "bearerAuth": [] } ], "description": "上传一条合规证据(如审计文档、截图等)", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 合规证据" ], "summary": "上传合规证据", "parameters": [ { "description": "request", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.CreateEvidenceRequest" } } ], "responses": { "201": { "description": "created", "schema": { "$ref": "#/definitions/dto.EvidenceItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/evidence/{id}": { "get": { "security": [ { "bearerAuth": [] } ], "description": "根据ID获取合规证据的详细信息", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 合规证据" ], "summary": "获取合规证据详情", "parameters": [ { "type": "string", "description": "evidence ID", "name": "id", "in": "path", "required": true } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.EvidenceItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "delete": { "security": [ { "bearerAuth": [] } ], "description": "删除指定的合规证据文件", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 合规证据" ], "summary": "删除合规证据", "parameters": [ { "type": "string", "description": "evidence ID", "name": "id", "in": "path", "required": true } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_compliance-service_internal_handler_dto.SimpleResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/gdpr/consent": { "get": { "security": [ { "bearerAuth": [] } ], "description": "分页查询所有用户同意的记录,支持按目的和用户过滤", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 同意" ], "summary": "查询同意记录列表", "parameters": [ { "type": "string", "description": "user ID", "name": "user_id", "in": "query" }, { "type": "string", "description": "service filter", "name": "service", "in": "query" }, { "type": "string", "description": "purpose filter", "name": "purpose", "in": "query" }, { "type": "integer", "description": "page number", "name": "page", "in": "query" }, { "type": "integer", "description": "page size", "name": "page_size", "in": "query" }, { "type": "string", "description": "sort field", "name": "sort_by", "in": "query" }, { "type": "string", "description": "sort order", "name": "sort_order", "in": "query" } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.ConsentListResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "post": { "security": [ { "bearerAuth": [] } ], "description": "为指定用户创建一条数据处理同意记录", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 同意" ], "summary": "创建同意记录", "parameters": [ { "description": "request", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.CreateConsentRequest" } } ], "responses": { "201": { "description": "created", "schema": { "$ref": "#/definitions/dto.ConsentItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "delete": { "security": [ { "bearerAuth": [] } ], "description": "撤销用户对特定处理目的的数据处理同意", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 同意" ], "summary": "撤销数据处理同意", "parameters": [ { "description": "request", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.RevokeConsentRequest" } } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_compliance-service_internal_handler_dto.SimpleResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/gdpr/consent/{id}": { "get": { "security": [ { "bearerAuth": [] } ], "description": "根据ID获取单个用户同意记录的详细信息", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 同意" ], "summary": "获取同意记录详情", "parameters": [ { "type": "string", "description": "consent ID", "name": "id", "in": "path", "required": true } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.ConsentItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/gdpr/dsar": { "get": { "security": [ { "bearerAuth": [] } ], "description": "分页查询所有数据主体访问请求(DSAR),支持状态过滤", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - DSAR" ], "summary": "查询DSAR列表", "parameters": [ { "type": "string", "description": "status filter", "name": "status", "in": "query" }, { "type": "integer", "description": "page number", "name": "page", "in": "query" }, { "type": "integer", "description": "page size", "name": "page_size", "in": "query" }, { "type": "string", "description": "sort field", "name": "sort_by", "in": "query" }, { "type": "string", "description": "sort order", "name": "sort_order", "in": "query" } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.DSARListResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "post": { "security": [ { "bearerAuth": [] } ], "description": "创建一个新的数据主体访问请求", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - DSAR" ], "summary": "创建DSAR", "parameters": [ { "description": "request", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.CreateDSARRequest" } } ], "responses": { "201": { "description": "created", "schema": { "$ref": "#/definitions/dto.DSARItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/gdpr/dsar/{id}": { "get": { "security": [ { "bearerAuth": [] } ], "description": "根据ID获取数据主体访问请求的详细信息", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - DSAR" ], "summary": "获取DSAR详情", "parameters": [ { "type": "string", "description": "DSAR ID", "name": "id", "in": "path", "required": true } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.DSARItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "put": { "security": [ { "bearerAuth": [] } ], "description": "更新数据主体访问请求的处理状态或响应内容", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - DSAR" ], "summary": "更新DSAR", "parameters": [ { "type": "string", "description": "DSAR ID", "name": "id", "in": "path", "required": true }, { "description": "request", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.UpdateDSARRequest" } } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.DSARItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "delete": { "security": [ { "bearerAuth": [] } ], "description": "删除指定的数据主体访问请求记录", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - DSAR" ], "summary": "删除DSAR", "parameters": [ { "type": "string", "description": "DSAR ID", "name": "id", "in": "path", "required": true } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_compliance-service_internal_handler_dto.SimpleResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/gdpr/right-to-erasure": { "get": { "security": [ { "bearerAuth": [] } ], "description": "分页查询所有数据删除权请求", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 擦除" ], "summary": "查询删除权请求列表", "parameters": [ { "type": "string", "description": "status filter", "name": "status", "in": "query" }, { "type": "integer", "description": "page number", "name": "page", "in": "query" }, { "type": "integer", "description": "page size", "name": "page_size", "in": "query" }, { "type": "string", "description": "sort field", "name": "sort_by", "in": "query" }, { "type": "string", "description": "sort order", "name": "sort_order", "in": "query" } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.ErasureListResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "post": { "security": [ { "bearerAuth": [] } ], "description": "创建一个新的数据删除权请求(GDPR第17条)", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 擦除" ], "summary": "创建数据删除权请求", "parameters": [ { "description": "request", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.CreateErasureRequest" } } ], "responses": { "201": { "description": "created", "schema": { "$ref": "#/definitions/dto.ErasureItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/gdpr/right-to-erasure/{id}": { "get": { "security": [ { "bearerAuth": [] } ], "description": "根据ID获取删除权请求的详细信息", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 擦除" ], "summary": "获取删除权请求详情", "parameters": [ { "type": "string", "description": "erasure ID", "name": "id", "in": "path", "required": true } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.ErasureItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "put": { "security": [ { "bearerAuth": [] } ], "description": "更新删除权请求的处理状态", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 擦除" ], "summary": "更新删除权请求状态", "parameters": [ { "type": "string", "description": "erasure ID", "name": "id", "in": "path", "required": true }, { "description": "request", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.UpdateErasureRequest" } } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.ErasureItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/gdpr/right-to-erasure/{id}/execute": { "post": { "security": [ { "bearerAuth": [] } ], "description": "执行删除权请求,实际删除对应的用户数据", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 擦除" ], "summary": "执行数据擦除", "parameters": [ { "type": "string", "description": "erasure ID", "name": "id", "in": "path", "required": true } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_compliance-service_internal_handler_dto.SimpleResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/hipaa/controls": { "get": { "security": [ { "bearerAuth": [] } ], "description": "分页查询所有HIPAA安全控制项", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - HIPAA" ], "summary": "查询HIPAA控制项列表", "parameters": [ { "type": "integer", "description": "page number", "name": "page", "in": "query" }, { "type": "integer", "description": "page size", "name": "page_size", "in": "query" } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.HIPAAControlListResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "post": { "security": [ { "bearerAuth": [] } ], "description": "创建一条HIPAA安全控制项的记录", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - HIPAA" ], "summary": "创建HIPAA控制项", "parameters": [ { "description": "request", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.CreateHIPAAControlRequest" } } ], "responses": { "201": { "description": "created", "schema": { "$ref": "#/definitions/dto.HIPAAControlItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/hipaa/controls/{id}": { "put": { "security": [ { "bearerAuth": [] } ], "description": "更新指定HIPAA安全控制项的状态和证据", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - HIPAA" ], "summary": "更新HIPAA控制项", "parameters": [ { "type": "string", "description": "control ID", "name": "id", "in": "path", "required": true }, { "description": "update fields", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.UpdateHIPAAControlRequest" } } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.HIPAAControlItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "delete": { "security": [ { "bearerAuth": [] } ], "description": "删除指定HIPAA安全控制项的记录", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - HIPAA" ], "summary": "删除HIPAA控制项", "parameters": [ { "type": "string", "description": "control ID", "name": "id", "in": "path", "required": true } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_compliance-service_internal_handler_dto.SimpleResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/iso27001/controls": { "get": { "security": [ { "bearerAuth": [] } ], "description": "分页查询所有ISO27001安全控制项", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - ISO27001" ], "summary": "查询ISO27001控制项列表", "parameters": [ { "type": "integer", "description": "page number", "name": "page", "in": "query" }, { "type": "integer", "description": "page size", "name": "page_size", "in": "query" } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.ISO27001ControlListResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "post": { "security": [ { "bearerAuth": [] } ], "description": "创建一条ISO27001安全控制项的记录", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - ISO27001" ], "summary": "创建ISO27001控制项", "parameters": [ { "description": "request", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.CreateISO27001ControlRequest" } } ], "responses": { "201": { "description": "created", "schema": { "$ref": "#/definitions/dto.ISO27001ControlItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/iso27001/controls/{id}": { "put": { "security": [ { "bearerAuth": [] } ], "description": "更新指定ISO27001安全控制项的状态和证据", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - ISO27001" ], "summary": "更新ISO27001控制项", "parameters": [ { "type": "string", "description": "control ID", "name": "id", "in": "path", "required": true }, { "description": "update fields", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.UpdateISO27001ControlRequest" } } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.ISO27001ControlItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "delete": { "security": [ { "bearerAuth": [] } ], "description": "删除指定ISO27001安全控制项的记录", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - ISO27001" ], "summary": "删除ISO27001控制项", "parameters": [ { "type": "string", "description": "control ID", "name": "id", "in": "path", "required": true } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_compliance-service_internal_handler_dto.SimpleResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/pcidss/controls": { "get": { "security": [ { "bearerAuth": [] } ], "description": "分页查询所有PCI DSS安全控制项", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - PCI DSS" ], "summary": "查询PCI DSS控制项列表", "parameters": [ { "type": "integer", "description": "page number", "name": "page", "in": "query" }, { "type": "integer", "description": "page size", "name": "page_size", "in": "query" } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.PCIDSSControlListResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "post": { "security": [ { "bearerAuth": [] } ], "description": "创建一条PCI DSS安全控制项的记录", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - PCI DSS" ], "summary": "创建PCI DSS控制项", "parameters": [ { "description": "request", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.CreatePCIDSSControlRequest" } } ], "responses": { "201": { "description": "created", "schema": { "$ref": "#/definitions/dto.PCIDSSControlItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/pcidss/controls/{id}": { "put": { "security": [ { "bearerAuth": [] } ], "description": "更新指定PCI DSS安全控制项的状态和证据", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - PCI DSS" ], "summary": "更新PCI DSS控制项", "parameters": [ { "type": "string", "description": "control ID", "name": "id", "in": "path", "required": true }, { "description": "update fields", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.UpdatePCIDSSControlRequest" } } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.PCIDSSControlItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "delete": { "security": [ { "bearerAuth": [] } ], "description": "删除指定PCI DSS安全控制项的记录", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - PCI DSS" ], "summary": "删除PCI DSS控制项", "parameters": [ { "type": "string", "description": "control ID", "name": "id", "in": "path", "required": true } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_compliance-service_internal_handler_dto.SimpleResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/penetration-test-reports": { "get": { "security": [ { "bearerAuth": [] } ], "description": "分页查询所有渗透测试报告的记录", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 渗透测试" ], "summary": "查询渗透测试报告列表", "parameters": [ { "type": "integer", "description": "page number", "name": "page", "in": "query" }, { "type": "integer", "description": "page size", "name": "page_size", "in": "query" } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.PenTestReportListResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "post": { "security": [ { "bearerAuth": [] } ], "description": "创建一份渗透测试报告的记录", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 渗透测试" ], "summary": "创建渗透测试报告", "parameters": [ { "description": "request", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.CreatePenTestReportRequest" } } ], "responses": { "201": { "description": "created", "schema": { "$ref": "#/definitions/dto.PenTestReportItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/penetration-test-reports/{id}": { "put": { "security": [ { "bearerAuth": [] } ], "description": "更新渗透测试报告的信息", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 渗透测试" ], "summary": "更新渗透测试报告", "parameters": [ { "type": "string", "description": "report ID", "name": "id", "in": "path", "required": true }, { "description": "update fields", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.UpdatePenTestReportRequest" } } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.PenTestReportItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "delete": { "security": [ { "bearerAuth": [] } ], "description": "删除指定的渗透测试报告记录", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 渗透测试" ], "summary": "删除渗透测试报告", "parameters": [ { "type": "string", "description": "report ID", "name": "id", "in": "path", "required": true } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_compliance-service_internal_handler_dto.SimpleResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/pipl/controls": { "get": { "security": [ { "bearerAuth": [] } ], "description": "分页查询所有个人信息保护法(PIPL)安全控制项", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - PIPL" ], "summary": "查询PIPL控制项列表", "parameters": [ { "type": "integer", "description": "page number", "name": "page", "in": "query" }, { "type": "integer", "description": "page size", "name": "page_size", "in": "query" } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.PIPLControlListResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "post": { "security": [ { "bearerAuth": [] } ], "description": "创建一条个人信息保护法(PIPL)安全控制项的记录", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - PIPL" ], "summary": "创建PIPL控制项", "parameters": [ { "description": "request", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.CreatePIPLControlRequest" } } ], "responses": { "201": { "description": "created", "schema": { "$ref": "#/definitions/dto.PIPLControlItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/pipl/controls/{id}": { "put": { "security": [ { "bearerAuth": [] } ], "description": "更新指定PIPL安全控制项的状态和证据", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - PIPL" ], "summary": "更新PIPL控制项", "parameters": [ { "type": "string", "description": "control ID", "name": "id", "in": "path", "required": true }, { "description": "update fields", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.UpdatePIPLControlRequest" } } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.PIPLControlItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "delete": { "security": [ { "bearerAuth": [] } ], "description": "删除指定PIPL安全控制项的记录", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - PIPL" ], "summary": "删除PIPL控制项", "parameters": [ { "type": "string", "description": "control ID", "name": "id", "in": "path", "required": true } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_compliance-service_internal_handler_dto.SimpleResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/privacy-impact": { "get": { "security": [ { "bearerAuth": [] } ], "description": "分页查询所有隐私影响评估记录", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 隐私影响评估" ], "summary": "查询隐私影响评估列表", "parameters": [ { "type": "integer", "description": "page number", "name": "page", "in": "query" }, { "type": "integer", "description": "page size", "name": "page_size", "in": "query" }, { "type": "string", "description": "sort field", "name": "sort_by", "in": "query" }, { "type": "string", "description": "sort order", "name": "sort_order", "in": "query" } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.PIAListResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "post": { "security": [ { "bearerAuth": [] } ], "description": "创建一条隐私影响评估(如新功能上线前的隐私风险评估)", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 隐私影响评估" ], "summary": "创建隐私影响评估", "parameters": [ { "description": "request", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.PIARequest" } } ], "responses": { "201": { "description": "created", "schema": { "$ref": "#/definitions/dto.PIAItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/privacy-impact/{id}": { "put": { "security": [ { "bearerAuth": [] } ], "description": "更新隐私影响评估的内容或状态", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 隐私影响评估" ], "summary": "更新隐私影响评估", "parameters": [ { "type": "string", "description": "PIA ID", "name": "id", "in": "path", "required": true }, { "description": "update fields", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.UpdatePIARequest" } } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.PIAItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "delete": { "security": [ { "bearerAuth": [] } ], "description": "删除指定的隐私影响评估记录", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 隐私影响评估" ], "summary": "删除隐私影响评估", "parameters": [ { "type": "string", "description": "PIA ID", "name": "id", "in": "path", "required": true } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_compliance-service_internal_handler_dto.SimpleResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/privacy-policies": { "post": { "security": [ { "bearerAuth": [] } ], "description": "Admin:管理隐私政策版本。如版本号已存在则更新,否则创建新版本", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 合规策略" ], "summary": "创建/更新隐私政策", "parameters": [ { "description": "请求体", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.UpsertPrivacyPolicyRequest" } } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_compliance-service_internal_handler_dto.SimpleResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/profile": { "put": { "security": [ { "bearerAuth": [] } ], "description": "创建或更新租户的合规配置", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - Trust Center" ], "summary": "创建或更新合规配置", "parameters": [ { "description": "request", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.UpsertComplianceProfileRequest" } } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.ComplianceProfileResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/psd2/controls": { "get": { "security": [ { "bearerAuth": [] } ], "description": "分页查询所有PSD2安全控制项", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - PSD2" ], "summary": "查询PSD2控制项列表", "parameters": [ { "type": "integer", "description": "page number", "name": "page", "in": "query" }, { "type": "integer", "description": "page size", "name": "page_size", "in": "query" } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.PSD2ControlListResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "post": { "security": [ { "bearerAuth": [] } ], "description": "创建一条PSD2安全控制项的记录", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - PSD2" ], "summary": "创建PSD2控制项", "parameters": [ { "description": "request", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.CreatePSD2ControlRequest" } } ], "responses": { "201": { "description": "created", "schema": { "$ref": "#/definitions/dto.PSD2ControlItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/psd2/controls/{id}": { "put": { "security": [ { "bearerAuth": [] } ], "description": "更新指定PSD2安全控制项的状态和证据", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - PSD2" ], "summary": "更新PSD2控制项", "parameters": [ { "type": "string", "description": "control ID", "name": "id", "in": "path", "required": true }, { "description": "update fields", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.UpdatePSD2ControlRequest" } } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.PSD2ControlItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "delete": { "security": [ { "bearerAuth": [] } ], "description": "删除指定PSD2安全控制项的记录", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - PSD2" ], "summary": "删除PSD2控制项", "parameters": [ { "type": "string", "description": "control ID", "name": "id", "in": "path", "required": true } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_compliance-service_internal_handler_dto.SimpleResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/regulatory-watch": { "get": { "security": [ { "bearerAuth": [] } ], "description": "分页查询所有法规动态监控项", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 监管监控" ], "summary": "查询法规动态监控列表", "parameters": [ { "type": "integer", "description": "page number", "name": "page", "in": "query" }, { "type": "integer", "description": "page size", "name": "page_size", "in": "query" } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.RegulatoryWatchListResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "post": { "security": [ { "bearerAuth": [] } ], "description": "创建一条法规动态更新的监控记录", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 监管监控" ], "summary": "创建法规动态监控项", "parameters": [ { "description": "request", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.CreateRegulatoryWatchItemRequest" } } ], "responses": { "201": { "description": "created", "schema": { "$ref": "#/definitions/dto.RegulatoryWatchItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/regulatory-watch/{id}": { "put": { "security": [ { "bearerAuth": [] } ], "description": "更新法规动态监控项的信息", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 监管监控" ], "summary": "更新法规动态监控项", "parameters": [ { "type": "string", "description": "watch item ID", "name": "id", "in": "path", "required": true }, { "description": "update fields", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.UpdateRegulatoryWatchItemRequest" } } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.RegulatoryWatchItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "delete": { "security": [ { "bearerAuth": [] } ], "description": "删除指定的法规动态监控记录", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 监管监控" ], "summary": "删除法规动态监控项", "parameters": [ { "type": "string", "description": "watch item ID", "name": "id", "in": "path", "required": true } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_compliance-service_internal_handler_dto.SimpleResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/retention-policies": { "get": { "security": [ { "bearerAuth": [] } ], "description": "分页查询所有数据保留策略配置", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 数据保留" ], "summary": "查询保留策略列表", "parameters": [ { "type": "integer", "description": "page number", "name": "page", "in": "query" }, { "type": "integer", "description": "page size", "name": "page_size", "in": "query" } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.RetentionPolicyListResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "post": { "security": [ { "bearerAuth": [] } ], "description": "创建一条数据保留策略(数据类型、保留期限、法律依据)", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 数据保留" ], "summary": "创建数据保留策略", "parameters": [ { "description": "request", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.CreateRetentionPolicyRequest" } } ], "responses": { "201": { "description": "created", "schema": { "$ref": "#/definitions/dto.RetentionPolicyItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/retention-policies/{id}": { "put": { "security": [ { "bearerAuth": [] } ], "description": "更新数据保留策略的参数", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 数据保留" ], "summary": "更新数据保留策略", "parameters": [ { "type": "string", "description": "policy ID", "name": "id", "in": "path", "required": true }, { "description": "update fields", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.UpdateRetentionPolicyRequest" } } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.RetentionPolicyItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "delete": { "security": [ { "bearerAuth": [] } ], "description": "删除指定的数据保留策略", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 数据保留" ], "summary": "删除数据保留策略", "parameters": [ { "type": "string", "description": "policy ID", "name": "id", "in": "path", "required": true } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_compliance-service_internal_handler_dto.SimpleResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/sod-checks": { "get": { "security": [ { "bearerAuth": [] } ], "description": "执行职责分离检查,检测角色冲突", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 职责分离" ], "summary": "执行职责分离检查", "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.SoDCheckResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/sod-rules": { "get": { "security": [ { "bearerAuth": [] } ], "description": "分页查询所有职责分离规则", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 职责分离" ], "summary": "查询职责分离规则列表", "parameters": [ { "type": "integer", "description": "page number", "name": "page", "in": "query" }, { "type": "integer", "description": "page size", "name": "page_size", "in": "query" } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.SoDRuleListResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "post": { "security": [ { "bearerAuth": [] } ], "description": "创建一条职责分离规则(定义互斥的角色组合)", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 职责分离" ], "summary": "创建职责分离规则", "parameters": [ { "description": "request", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.CreateSoDRuleRequest" } } ], "responses": { "201": { "description": "created", "schema": { "$ref": "#/definitions/dto.SoDRuleItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/sod-rules/{id}": { "put": { "security": [ { "bearerAuth": [] } ], "description": "更新指定职责分离规则的名称、角色组或启用状态,启用后将阻止同时拥有互斥角色的用户分配", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 职责分离" ], "summary": "更新职责分离规则", "parameters": [ { "type": "string", "description": "rule ID", "name": "id", "in": "path", "required": true }, { "description": "update fields", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.UpdateSoDRuleRequest" } } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.SoDRuleItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "delete": { "security": [ { "bearerAuth": [] } ], "description": "删除指定的职责分离规则", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 职责分离" ], "summary": "删除职责分离规则", "parameters": [ { "type": "string", "description": "rule ID", "name": "id", "in": "path", "required": true } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_compliance-service_internal_handler_dto.SimpleResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/sox/itgc": { "get": { "security": [ { "bearerAuth": [] } ], "description": "分页查询所有SOX IT一般控制项的记录", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - SOX" ], "summary": "查询SOX ITGC控制项列表", "parameters": [ { "type": "integer", "description": "page number", "name": "page", "in": "query" }, { "type": "integer", "description": "page size", "name": "page_size", "in": "query" } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.SOXITGCListResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "post": { "security": [ { "bearerAuth": [] } ], "description": "创建一条SOX ITGC控制项的新记录", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - SOX" ], "summary": "创建SOX ITGC控制项", "parameters": [ { "description": "request", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.CreateSOXITGCControlRequest" } } ], "responses": { "201": { "description": "created", "schema": { "$ref": "#/definitions/dto.SOXITGCItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/sox/itgc/{id}": { "put": { "security": [ { "bearerAuth": [] } ], "description": "更新SOX ITGC控制项的状态、测试结果等", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - SOX" ], "summary": "更新SOX ITGC控制项", "parameters": [ { "type": "string", "description": "control ID", "name": "id", "in": "path", "required": true }, { "description": "update fields", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.UpdateSOXITGCControlRequest" } } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.SOXITGCItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "delete": { "security": [ { "bearerAuth": [] } ], "description": "删除指定SOX ITGC控制项", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - SOX" ], "summary": "删除SOX ITGC控制项", "parameters": [ { "type": "string", "description": "control ID", "name": "id", "in": "path", "required": true } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_compliance-service_internal_handler_dto.SimpleResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/standards": { "get": { "security": [ { "bearerAuth": [] } ], "description": "返回系统支持的所有合规标准列表(GDPR、ISO27001、SOC2、HIPAA、PCI-DSS等),包含名称、版本、类别和描述", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 合规标准" ], "summary": "列出所有合规标准", "responses": { "200": { "description": "OK", "schema": { "type": "array", "items": { "$ref": "#/definitions/dto.StandardItemResponse" } } }, "401": { "description": "unauthorized", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } }, "403": { "description": "forbidden", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } }, "500": { "description": "server error", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/standards/reload": { "post": { "security": [ { "bearerAuth": [] } ], "description": "从文件系统重新加载所有合规标准定义文件,更新内存缓存", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 合规标准" ], "summary": "重载合规标准文件", "responses": { "200": { "description": "ok", "schema": { "type": "string" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } }, "401": { "description": "unauthorized", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } }, "403": { "description": "forbidden", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } }, "500": { "description": "server error", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/standards/{id}": { "get": { "security": [ { "bearerAuth": [] } ], "description": "根据标准ID获取合规标准的完整信息,包含所有控制项列表及每项的要求、参数、运算符和目标值", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 合规标准" ], "summary": "获取合规标准详情", "parameters": [ { "type": "string", "description": "标准ID", "name": "id", "in": "path", "required": true } ], "responses": { "200": { "description": "OK", "schema": { "$ref": "#/definitions/dto.StandardDetailResponse" } }, "401": { "description": "unauthorized", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } }, "403": { "description": "forbidden", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } }, "404": { "description": "not found", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } }, "500": { "description": "server error", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/standards/{id}/controls": { "get": { "security": [ { "bearerAuth": [] } ], "description": "列出指定合规标准的所有控制项,每项包含要求描述、参数、运算符、目标值和严重级别", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 合规标准" ], "summary": "列出合规标准控制项", "parameters": [ { "type": "string", "description": "标准ID", "name": "id", "in": "path", "required": true } ], "responses": { "200": { "description": "OK", "schema": { "type": "array", "items": { "$ref": "#/definitions/dto.ControlItemResponse" } } }, "401": { "description": "unauthorized", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } }, "403": { "description": "forbidden", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } }, "404": { "description": "not found", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } }, "500": { "description": "server error", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/subprocessors": { "get": { "security": [ { "bearerAuth": [] } ], "description": "GDPR第28条合规:列出所有子处理商信息", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 供应商风险" ], "summary": "查询子处理商列表", "parameters": [ { "type": "string", "description": "category filter", "name": "category", "in": "query" }, { "type": "integer", "description": "page number", "name": "page", "in": "query" }, { "type": "integer", "description": "page size", "name": "page_size", "in": "query" } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.SubProcessorListResponse" } } } }, "post": { "security": [ { "bearerAuth": [] } ], "description": "添加一个新的子处理商记录(GDPR第28条合规)", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 供应商风险" ], "summary": "创建子处理商记录", "parameters": [ { "description": "request", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.CreateSubProcessorRequest" } } ], "responses": { "201": { "description": "created", "schema": { "$ref": "#/definitions/dto.SubProcessorItemResponse" } } } } }, "/admin/compliance/subprocessors/{id}": { "get": { "security": [ { "bearerAuth": [] } ], "description": "获取子处理商的详细信息", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 供应商风险" ], "summary": "获取子处理商详情", "parameters": [ { "type": "string", "description": "sub-processor ID", "name": "id", "in": "path", "required": true } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.SubProcessorItemResponse" } } } }, "put": { "security": [ { "bearerAuth": [] } ], "description": "更新子处理商的信息", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 供应商风险" ], "summary": "更新子处理商信息", "parameters": [ { "type": "string", "description": "sub-processor ID", "name": "id", "in": "path", "required": true }, { "description": "update fields", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.UpdateSubProcessorRequest" } } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.SubProcessorItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "delete": { "security": [ { "bearerAuth": [] } ], "description": "删除指定的子处理商记录", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 供应商风险" ], "summary": "删除子处理商记录", "parameters": [ { "type": "string", "description": "子处理商ID", "name": "id", "in": "path", "required": true } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_compliance-service_internal_handler_dto.SimpleResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/tenants/self/overrides": { "get": { "security": [ { "bearerAuth": [] } ], "description": "查询当前租户的所有合规参数覆盖配置", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 合规策略" ], "summary": "查询合规参数覆盖列表", "responses": { "200": { "description": "OK", "schema": { "$ref": "#/definitions/dto.OverrideListResponse" } }, "401": { "description": "unauthorized", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } }, "403": { "description": "forbidden", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } }, "404": { "description": "not found", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } }, "500": { "description": "server error", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "post": { "security": [ { "bearerAuth": [] } ], "description": "为当前租户创建一个合规参数覆盖配置", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 合规策略" ], "summary": "创建合规参数覆盖", "parameters": [ { "description": "覆盖配置", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.OverrideRequest" } } ], "responses": { "200": { "description": "ok", "schema": { "type": "string" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } }, "401": { "description": "unauthorized", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } }, "403": { "description": "forbidden", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } }, "500": { "description": "server error", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/tenants/self/overrides/{param}": { "delete": { "security": [ { "bearerAuth": [] } ], "description": "删除指定参数的合规覆盖配置", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 合规策略" ], "summary": "删除合规参数覆盖", "parameters": [ { "type": "string", "description": "参数名", "name": "param", "in": "path", "required": true } ], "responses": { "200": { "description": "ok", "schema": { "type": "string" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } }, "401": { "description": "unauthorized", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } }, "403": { "description": "forbidden", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } }, "500": { "description": "server error", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/tenants/{tid}/gap-analysis": { "post": { "security": [ { "bearerAuth": [] } ], "description": "对比租户当前配置与解析后的合规策略参数,计算合规差距和评分", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 合规策略" ], "summary": "运行合规差距分析", "parameters": [ { "type": "string", "description": "租户ID", "name": "tid", "in": "path", "required": true }, { "description": "当前配置", "name": "request", "in": "body", "schema": { "$ref": "#/definitions/dto.CurrentConfigRequest" } } ], "responses": { "200": { "description": "OK", "schema": { "$ref": "#/definitions/dto.GapReportResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } }, "401": { "description": "unauthorized", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } }, "403": { "description": "forbidden", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } }, "500": { "description": "server error", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/tenants/{tid}/policy": { "get": { "security": [ { "bearerAuth": [] } ], "description": "根据租户选中的合规标准,解析并返回合并后的合规检查参数策略", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 合规策略" ], "summary": "获取解析后的合规策略", "parameters": [ { "type": "string", "description": "租户ID", "name": "tid", "in": "path", "required": true } ], "responses": { "200": { "description": "OK", "schema": { "$ref": "#/definitions/dto.ResolvedPolicyResponse" } }, "401": { "description": "unauthorized", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } }, "403": { "description": "forbidden", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } }, "404": { "description": "not found", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } }, "500": { "description": "server error", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/tenants/{tid}/readiness/{id}": { "post": { "security": [ { "bearerAuth": [] } ], "description": "针对指定合规标准,评估租户当前配置的认证就绪程度,返回未通过控制项和整改建议", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 合规策略" ], "summary": "获取认证就绪报告", "parameters": [ { "type": "string", "description": "租户ID", "name": "tid", "in": "path", "required": true }, { "type": "string", "description": "标准ID", "name": "id", "in": "path", "required": true }, { "description": "当前配置", "name": "request", "in": "body", "schema": { "$ref": "#/definitions/dto.CurrentConfigRequest" } } ], "responses": { "200": { "description": "OK", "schema": { "$ref": "#/definitions/dto.ReadinessReportResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } }, "401": { "description": "unauthorized", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } }, "403": { "description": "forbidden", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } }, "500": { "description": "server error", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/tenants/{tid}/score": { "get": { "security": [ { "bearerAuth": [] } ], "description": "根据租户合规状态计算安全评分(0-100),返回综合评分和等级", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 合规策略" ], "summary": "获取合规评分", "parameters": [ { "type": "string", "description": "租户ID", "name": "tid", "in": "path", "required": true } ], "responses": { "200": { "description": "OK", "schema": { "$ref": "#/definitions/dto.ComplianceScoreResponse" } }, "401": { "description": "unauthorized", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } }, "403": { "description": "forbidden", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } }, "404": { "description": "not found", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } }, "500": { "description": "server error", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/tenants/{tid}/standards": { "put": { "security": [ { "bearerAuth": [] } ], "description": "更新租户启用的合规框架标准列表,触发标准控制项自动初始化及策略合并", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 合规策略" ], "summary": "更新租户选中的合规标准", "parameters": [ { "type": "string", "description": "租户ID", "name": "tid", "in": "path", "required": true }, { "description": "标准IDs", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.TenantStandardsRequest" } } ], "responses": { "200": { "description": "ok", "schema": { "type": "string" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } }, "401": { "description": "unauthorized", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } }, "403": { "description": "forbidden", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } }, "500": { "description": "server error", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/vendor-risk-assessment": { "get": { "security": [ { "bearerAuth": [] } ], "description": "分页查询所有供应商安全风险评估记录", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 供应商风险" ], "summary": "查询供应商风险评估列表", "parameters": [ { "type": "string", "description": "vendor name filter", "name": "vendor_name", "in": "query" }, { "type": "integer", "description": "page number", "name": "page", "in": "query" }, { "type": "integer", "description": "page size", "name": "page_size", "in": "query" }, { "type": "string", "description": "sort field", "name": "sort_by", "in": "query" }, { "type": "string", "description": "sort order", "name": "sort_order", "in": "query" } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.VendorRiskAssessmentListResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "post": { "security": [ { "bearerAuth": [] } ], "description": "为指定供应商创建安全风险评估", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 供应商风险" ], "summary": "创建供应商风险评估", "parameters": [ { "description": "request", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.VendorRiskAssessmentRequest" } } ], "responses": { "201": { "description": "created", "schema": { "$ref": "#/definitions/dto.VendorRiskAssessmentDetailResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/admin/compliance/vendor-risk-assessment/{id}": { "put": { "security": [ { "bearerAuth": [] } ], "description": "更新供应商风险评估的结果和风险等级", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 供应商风险" ], "summary": "更新供应商风险评估", "parameters": [ { "type": "string", "description": "assessment ID", "name": "id", "in": "path", "required": true }, { "description": "update fields", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.UpdateVendorRiskAssessmentRequest" } } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.VendorRiskAssessmentDetailResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "delete": { "security": [ { "bearerAuth": [] } ], "description": "删除指定的供应商风险评估记录", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 供应商风险" ], "summary": "删除供应商风险评估", "parameters": [ { "type": "string", "description": "assessment ID", "name": "id", "in": "path", "required": true } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/gitee_com_linmes_authms_micro-services_compliance-service_internal_handler_dto.SimpleResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/compliance/cleanup-records": { "get": { "security": [ { "bearerAuth": [] } ], "description": "查询数据清理(过期数据删除)的历史记录", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - 数据清理" ], "summary": "查询数据清理历史记录", "parameters": [ { "type": "integer", "description": "page number", "name": "page", "in": "query" }, { "type": "integer", "description": "page size", "name": "page_size", "in": "query" }, { "type": "string", "description": "sort field", "name": "sort_by", "in": "query" }, { "type": "string", "description": "sort order", "name": "sort_order", "in": "query" } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.CleanupRecordListResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/compliance/gdpr/dsar/me": { "get": { "security": [ { "bearerAuth": [] } ], "description": "用户查看自己提交的所有数据主体访问请求历史", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - DSAR" ], "summary": "查询我的DSAR列表", "parameters": [ { "type": "integer", "description": "page number", "name": "page", "in": "query" }, { "type": "integer", "description": "page size", "name": "page_size", "in": "query" } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.DSARListResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } }, "post": { "security": [ { "bearerAuth": [] } ], "description": "用户自助提交数据主体访问请求,user_id 从 JWT 令牌自动提取", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - DSAR" ], "summary": "提交我的DSAR", "parameters": [ { "description": "request", "name": "request", "in": "body", "required": true, "schema": { "$ref": "#/definitions/dto.CreateMyDSARRequest" } } ], "responses": { "201": { "description": "created", "schema": { "$ref": "#/definitions/dto.DSARItemResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/compliance/gdpr/dsar/{id}/status": { "get": { "security": [ { "bearerAuth": [] } ], "description": "用户查看自己某个数据主体访问请求的当前状态", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - DSAR" ], "summary": "获取DSAR状态", "parameters": [ { "type": "string", "description": "DSAR ID", "name": "id", "in": "path", "required": true } ], "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.DSARStatusDetailResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } }, "403": { "description": "forbidden", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/compliance/privacy/policy": { "get": { "description": "公开端点:获取当前生效的隐私政策版本", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - Trust Center" ], "summary": "获取当前隐私政策", "parameters": [ { "type": "string", "description": "租户ID", "name": "X-Tenant-ID", "in": "header" } ], "responses": { "200": { "description": "当前隐私政策", "schema": { "$ref": "#/definitions/dto.PrivacyPolicyDetailResponse" } }, "404": { "description": "未找到隐私政策", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/compliance/privacy/policy/versions": { "get": { "description": "公开端点:获取隐私政策所有版本历史记录", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - Trust Center" ], "summary": "获取隐私政策版本历史", "parameters": [ { "type": "string", "description": "租户ID", "name": "X-Tenant-ID", "in": "header" }, { "type": "integer", "description": "页码", "name": "page", "in": "query" }, { "type": "integer", "description": "每页条数", "name": "page_size", "in": "query" } ], "responses": { "200": { "description": "版本历史列表", "schema": { "$ref": "#/definitions/dto.PrivacyPolicyListResponse" } } } } }, "/compliance/privacy/retention": { "get": { "description": "公开端点:获取当前租户的数据保留策略公示信息", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - Trust Center" ], "summary": "获取数据保留策略公示", "parameters": [ { "type": "string", "description": "租户ID", "name": "X-Tenant-ID", "in": "header" }, { "type": "integer", "description": "页码", "name": "page", "in": "query" }, { "type": "integer", "description": "每页条数", "name": "page_size", "in": "query" } ], "responses": { "200": { "description": "保留策略列表", "schema": { "$ref": "#/definitions/dto.RetentionPolicyPublicListResponse" } } } } }, "/compliance/profile": { "get": { "security": [ { "bearerAuth": [] } ], "description": "获取当前租户的合规配置信息(DPO、保留策略、已启用框架等)", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - Trust Center" ], "summary": "获取合规配置信息", "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.ComplianceProfileResponse" } }, "404": { "description": "not found", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/compliance/public/audit-findings": { "get": { "description": "Trust Center: 获取审计发现列表(脱敏,仅返回high/critical级别)", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - Trust Center" ], "summary": "获取公开审计发现", "parameters": [ { "type": "string", "description": "租户ID", "name": "X-Tenant-ID", "in": "header" }, { "type": "string", "description": "严重级别筛选", "name": "severity", "in": "query" }, { "type": "integer", "description": "页码", "name": "page", "in": "query" }, { "type": "integer", "description": "每页条数", "name": "page_size", "in": "query" } ], "responses": { "200": { "description": "审计发现列表", "schema": { "$ref": "#/definitions/dto.PublicAuditFindingListResponse" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/compliance/public/breach-notifications": { "get": { "description": "Trust Center: 获取数据泄露通知(脱敏,无认证,仅公开已审核的通知)", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - Trust Center" ], "summary": "获取公开泄露通知", "parameters": [ { "type": "string", "description": "租户ID", "name": "X-Tenant-ID", "in": "header" }, { "type": "integer", "description": "页码", "name": "page", "in": "query" }, { "type": "integer", "description": "每页条数", "name": "page_size", "in": "query" } ], "responses": { "200": { "description": "泄露通知列表", "schema": { "$ref": "#/definitions/dto.PublicBreachNotificationListResponse" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/compliance/public/certifications": { "get": { "description": "获取所有公开的SOC2/ISO等合规认证信息(无需认证)。Trust Center 使用。", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - Trust Center" ], "summary": "获取公开合规认证列表", "parameters": [ { "type": "string", "description": "认证框架筛选 (SOC2 Type II, ISO 27001)", "name": "framework", "in": "query" }, { "type": "integer", "default": 1, "description": "页码", "name": "page", "in": "query" }, { "type": "integer", "default": 20, "description": "每页条数", "name": "page_size", "in": "query" } ], "responses": { "200": { "description": "公开认证列表", "schema": { "$ref": "#/definitions/dto.PublicCertificationListResponse" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/compliance/public/cross-border-transfers": { "get": { "description": "Trust Center: 获取跨境数据传输信息(无认证)", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - Trust Center" ], "summary": "获取公开跨境数据传输", "parameters": [ { "type": "string", "description": "租户ID", "name": "X-Tenant-ID", "in": "header" }, { "type": "integer", "description": "页码", "name": "page", "in": "query" }, { "type": "integer", "description": "每页条数", "name": "page_size", "in": "query" } ], "responses": { "200": { "description": "跨境传输列表", "schema": { "$ref": "#/definitions/dto.PublicCrossBorderTransferListResponse" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/compliance/public/data-classifications": { "get": { "description": "Trust Center: 获取数据分类信息(无认证)", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - Trust Center" ], "summary": "获取公开数据分类", "parameters": [ { "type": "string", "description": "租户ID", "name": "X-Tenant-ID", "in": "header" }, { "type": "integer", "description": "页码", "name": "page", "in": "query" }, { "type": "integer", "description": "每页条数", "name": "page_size", "in": "query" } ], "responses": { "200": { "description": "数据分类列表", "schema": { "$ref": "#/definitions/dto.PublicDataClassificationListResponse" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/compliance/public/dengbao/controls": { "get": { "description": "Trust Center: 获取等级保护(Dengbao)控制项列表(无认证,摘要级别)", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - Trust Center" ], "summary": "获取公开等级保护控制项", "parameters": [ { "type": "string", "description": "租户ID", "name": "X-Tenant-ID", "in": "header" }, { "type": "integer", "description": "页码", "name": "page", "in": "query" }, { "type": "integer", "description": "每页条数", "name": "page_size", "in": "query" } ], "responses": { "200": { "description": "等级保护控制项列表", "schema": { "$ref": "#/definitions/dto.PublicDengbaoListResponse" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/compliance/public/evidence": { "get": { "description": "Trust Center: 获取合规证据文件列表摘要(无认证,P2,不含具体文件URL)", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - Trust Center" ], "summary": "获取公开合规证据", "parameters": [ { "type": "string", "description": "租户ID", "name": "X-Tenant-ID", "in": "header" }, { "type": "integer", "description": "页码", "name": "page", "in": "query" }, { "type": "integer", "description": "每页条数", "name": "page_size", "in": "query" } ], "responses": { "200": { "description": "证据列表", "schema": { "$ref": "#/definitions/dto.EvidenceListResponse" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/compliance/public/hipaa/controls": { "get": { "description": "Trust Center: 获取HIPAA控制项列表(无认证,摘要级别)", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - Trust Center" ], "summary": "获取公开HIPAA控制项", "parameters": [ { "type": "string", "description": "租户ID", "name": "X-Tenant-ID", "in": "header" }, { "type": "integer", "description": "页码", "name": "page", "in": "query" }, { "type": "integer", "description": "每页条数", "name": "page_size", "in": "query" } ], "responses": { "200": { "description": "HIPAA控制项列表", "schema": { "$ref": "#/definitions/dto.PublicHIPAAAListResponse" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/compliance/public/iso27001/controls": { "get": { "description": "Trust Center: 获取ISO27001控制项列表(无认证,摘要级别)", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - Trust Center" ], "summary": "获取公开ISO27001控制项", "parameters": [ { "type": "string", "description": "租户ID", "name": "X-Tenant-ID", "in": "header" }, { "type": "integer", "description": "页码", "name": "page", "in": "query" }, { "type": "integer", "description": "每页条数", "name": "page_size", "in": "query" } ], "responses": { "200": { "description": "ISO27001控制项列表", "schema": { "$ref": "#/definitions/dto.PublicISO27001ControlListResponse" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/compliance/public/pcidss/controls": { "get": { "description": "Trust Center: 获取PCI DSS控制项列表(无认证,摘要级别)", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - Trust Center" ], "summary": "获取公开PCI DSS控制项", "parameters": [ { "type": "string", "description": "租户ID", "name": "X-Tenant-ID", "in": "header" }, { "type": "integer", "description": "页码", "name": "page", "in": "query" }, { "type": "integer", "description": "每页条数", "name": "page_size", "in": "query" } ], "responses": { "200": { "description": "PCI DSS控制项列表", "schema": { "$ref": "#/definitions/dto.PublicPCIListResponse" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/compliance/public/penetration-test-reports": { "get": { "description": "Trust Center: 获取渗透测试报告摘要(无认证,仅返回摘要级别)", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - Trust Center" ], "summary": "获取公开渗透测试报告", "parameters": [ { "type": "string", "description": "租户ID", "name": "X-Tenant-ID", "in": "header" }, { "type": "integer", "description": "页码", "name": "page", "in": "query" }, { "type": "integer", "description": "每页条数", "name": "page_size", "in": "query" } ], "responses": { "200": { "description": "渗透测试报告列表", "schema": { "$ref": "#/definitions/dto.PublicPenTestReportListResponse" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/compliance/public/pipl/controls": { "get": { "description": "Trust Center: 获取个人信息保护法(PIPL)控制项列表(无认证,摘要级别)", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - Trust Center" ], "summary": "获取公开PIPL控制项", "parameters": [ { "type": "string", "description": "租户ID", "name": "X-Tenant-ID", "in": "header" }, { "type": "integer", "description": "页码", "name": "page", "in": "query" }, { "type": "integer", "description": "每页条数", "name": "page_size", "in": "query" } ], "responses": { "200": { "description": "PIPL控制项列表", "schema": { "$ref": "#/definitions/dto.PublicPIPLListResponse" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/compliance/public/privacy-impact": { "get": { "description": "Trust Center: 获取隐私影响评估摘要列表(无认证)", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - Trust Center" ], "summary": "获取公开隐私影响评估", "parameters": [ { "type": "string", "description": "租户ID", "name": "X-Tenant-ID", "in": "header" }, { "type": "integer", "description": "页码", "name": "page", "in": "query" }, { "type": "integer", "description": "每页条数", "name": "page_size", "in": "query" } ], "responses": { "200": { "description": "PIA列表", "schema": { "$ref": "#/definitions/dto.PublicPIAListResponse" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/compliance/public/psd2/controls": { "get": { "description": "Trust Center: 获取PSD2控制项列表(无认证,摘要级别)", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - Trust Center" ], "summary": "获取公开PSD2控制项", "parameters": [ { "type": "string", "description": "租户ID", "name": "X-Tenant-ID", "in": "header" }, { "type": "integer", "description": "页码", "name": "page", "in": "query" }, { "type": "integer", "description": "每页条数", "name": "page_size", "in": "query" } ], "responses": { "200": { "description": "PSD2控制项列表", "schema": { "$ref": "#/definitions/dto.PublicPSD2ListResponse" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/compliance/public/regulatory-watch": { "get": { "description": "Trust Center: 获取法规变更跟踪信息(无认证,P2)", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - Trust Center" ], "summary": "获取公开监管监控", "parameters": [ { "type": "string", "description": "租户ID", "name": "X-Tenant-ID", "in": "header" }, { "type": "integer", "description": "页码", "name": "page", "in": "query" }, { "type": "integer", "description": "每页条数", "name": "page_size", "in": "query" } ], "responses": { "200": { "description": "监管监控列表", "schema": { "$ref": "#/definitions/dto.RegulatoryWatchListResponse" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/compliance/public/security-score": { "get": { "description": "Trust Center: 计算并返回安全评分(无认证)", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - Trust Center" ], "summary": "获取公开安全评分", "parameters": [ { "type": "string", "description": "租户ID", "name": "X-Tenant-ID", "in": "header" } ], "responses": { "200": { "description": "安全评分", "schema": { "$ref": "#/definitions/dto.PublicSecurityScoreResponse" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/compliance/public/status": { "get": { "description": "Trust Center: 获取系统级合规状态概览(无认证)", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - Trust Center" ], "summary": "获取公开合规状态", "parameters": [ { "type": "string", "description": "租户ID", "name": "X-Tenant-ID", "in": "header" } ], "responses": { "200": { "description": "合规状态", "schema": { "$ref": "#/definitions/dto.PublicComplianceStatusDetailResponse" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/compliance/public/subprocessors": { "get": { "description": "Trust Center: GDPR Art.28要求的子处理商公示清单(无认证)", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - Trust Center" ], "summary": "获取公开子处理商清单", "parameters": [ { "type": "string", "description": "租户ID", "name": "X-Tenant-ID", "in": "header" }, { "type": "string", "description": "类别筛选: infrastructure/service_provider/third_party", "name": "category", "in": "query" }, { "type": "integer", "description": "页码", "name": "page", "in": "query" }, { "type": "integer", "description": "每页条数", "name": "page_size", "in": "query" } ], "responses": { "200": { "description": "子处理商列表", "schema": { "$ref": "#/definitions/dto.PublicSubProcessorListResponse" } }, "500": { "description": "服务内部错误", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } }, "/compliance/status": { "get": { "security": [ { "bearerAuth": [] } ], "description": "获取当前租户的整体合规状态概览(框架覆盖、违规数量等)", "consumes": [ "application/json" ], "produces": [ "application/json" ], "tags": [ "合规管理 - Trust Center" ], "summary": "获取合规状态概览", "responses": { "200": { "description": "success", "schema": { "$ref": "#/definitions/dto.ComplianceStatusDetailResponse" } }, "400": { "description": "bad request", "schema": { "$ref": "#/definitions/dto.ErrorResponse" } } } } } }, "definitions": { "dto.AIDecisionItemResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.AIDecisionResponse" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.AIDecisionListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.AIDecisionResponse" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.AIDecisionRequest": { "type": "object", "required": [ "decision_id", "model" ], "properties": { "decision_id": { "type": "string", "example": "DEC-2026-001" }, "input": { "type": "string", "example": "{\"credit_score\":720,\"amount\":5000}" }, "model": { "type": "string", "example": "credit_risk_v3" }, "output": { "type": "string", "example": "{\"decision\":\"approved\",\"confidence\":0.92}" } } }, "dto.AIDecisionResponse": { "type": "object", "properties": { "created_at": { "type": "string", "example": "2026-05-01T10:00:00Z" }, "decision_id": { "type": "string", "example": "DEC-2026-001" }, "id": { "type": "string", "example": "01JQ..." }, "input": { "type": "string", "example": "{\"credit_score\":720,\"amount\":5000}" }, "model": { "type": "string", "example": "credit_risk_v3" }, "output": { "type": "string", "example": "{\"decision\":\"approved\",\"confidence\":0.92}" }, "reviewed": { "type": "boolean", "example": false }, "reviewer": { "type": "string", "example": "compliance_officer" } } }, "dto.AuditFindingItem": { "type": "object", "properties": { "assignee_id": { "type": "string", "example": "usr_security_lead" }, "control_id": { "type": "string", "example": "01JQ..." }, "control_type": { "type": "string", "example": "iso27001" }, "created_at": { "type": "string", "example": "2026-05-01T10:00:00Z" }, "description": { "type": "string", "example": "A.9.1.2 requires quarterly review, last review 6 months ago" }, "due_date": { "type": "string", "example": "2026-06-01T00:00:00Z" }, "id": { "type": "string", "example": "01JQ..." }, "remediation_plan": { "type": "string", "example": "Establish automated review reminders" }, "severity": { "type": "string", "example": "high" }, "status": { "type": "string", "example": "open" }, "title": { "type": "string", "example": "Access Control Policy Not Reviewed" } } }, "dto.AuditFindingItemResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.AuditFindingItem" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.AuditFindingListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.AuditFindingItem" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.BreachNotificationItemResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.BreachNotificationResponse" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.BreachNotificationListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.BreachNotificationResponse" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.BreachNotificationRequest": { "type": "object", "required": [ "description", "severity", "title" ], "properties": { "affected_users": { "type": "integer", "example": 1000 }, "description": { "type": "string", "example": "发现未经授权的数据库访问" }, "severity": { "type": "string", "example": "high" }, "title": { "type": "string", "example": "数据库泄露事件" } } }, "dto.BreachNotificationResponse": { "type": "object", "properties": { "affected_users": { "type": "integer", "example": 1000 }, "created_at": { "type": "string", "example": "2026-05-01T10:00:00Z" }, "description": { "type": "string", "example": "Unauthorized database access detected" }, "id": { "type": "string", "example": "01JQ..." }, "reported_at": { "type": "string", "example": "2026-05-01T14:00:00Z" }, "reported_to_dpa": { "type": "boolean", "example": true }, "severity": { "type": "string", "example": "high" }, "status": { "type": "string", "example": "reported" }, "title": { "type": "string", "example": "Database Breach Incident" } } }, "dto.CertificationItem": { "type": "object", "properties": { "auditor": { "type": "string" }, "certificate_url": { "type": "string" }, "created_at": { "type": "string" }, "criteria_scopes": { "type": "string" }, "framework": { "type": "string" }, "id": { "type": "string" }, "last_audited_date": { "type": "string" }, "next_audit_date": { "type": "string" }, "status": { "type": "string" } } }, "dto.CertificationItemResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.CertificationItem" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.CertificationListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.CertificationItem" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.CleanupRecordListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.CleanupRecordResponse" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.CleanupRecordResponse": { "type": "object", "properties": { "created_at": { "type": "string", "example": "2026-05-01T10:00:00Z" }, "date_range": { "type": "string", "example": "2024-01-01 to 2025-12-31" }, "id": { "type": "string", "example": "01JQ..." }, "operator_id": { "type": "string", "example": "usr_admin_001" }, "reason": { "type": "string", "example": "Retention policy expired" }, "records_count": { "type": "integer", "example": 1500 } } }, "dto.ComplianceProfileResponse": { "type": "object", "properties": { "ai_review_required": { "type": "boolean", "example": false }, "auto_delete_enabled": { "type": "boolean", "example": true }, "breach_report_threshold": { "type": "integer", "example": 1 }, "consent_ttl_years": { "type": "integer", "example": 1 }, "data_protection_officer": { "type": "string", "example": "dpo@example.com" }, "default_retention_days": { "type": "integer", "example": 365 }, "enabled_frameworks": { "type": "array", "items": { "type": "string" }, "example": [ "[\"gdpr\"", "\"iso27001\"", "\"sox\"]" ] }, "max_concurrent_erasures": { "type": "integer", "example": 10 }, "pen_test_schedule_days": { "type": "integer", "example": 365 }, "score_weights": { "type": "string", "example": "{\"iso27001\":0.25,\"soc2\":0.15,\"gdpr\":0.15,\"issues\":0.25,\"pen_test\":0.10,\"breach\":0.10}" }, "selected_standards": { "type": "array", "items": { "type": "string" }, "example": [ "[\"pci_dss_v4\"", "\"dengbao_l3\"]" ] }, "sod_auto_init_enabled": { "type": "boolean", "example": true }, "tenant_id": { "type": "string", "example": "01JQ..." } } }, "dto.ComplianceScoreResponse": { "type": "object", "properties": { "grade": { "type": "string", "example": "B" }, "overall_score": { "type": "number", "example": 85.5 }, "tenant_id": { "type": "string" } } }, "dto.ComplianceStatusDetailResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.ComplianceStatusResponse" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.ComplianceStatusResponse": { "description": "整体合规状态", "type": "object", "properties": { "evaluation_error": { "description": "评估错误", "type": "string" }, "gdpr_compliant": { "description": "GDPR", "type": "boolean", "example": true }, "iso27001_compliant": { "description": "ISO27001", "type": "boolean", "example": true }, "last_audit_date": { "description": "上次审计", "type": "string", "example": "2026-01-15T00:00:00Z" }, "next_audit_date": { "description": "下次审计", "type": "string", "example": "2026-07-15T00:00:00Z" }, "open_breaches": { "description": "开放泄露", "type": "integer", "example": 2 }, "open_issues": { "description": "未解决问题", "type": "integer", "example": 8 }, "overall_status": { "description": "总体状态", "type": "string", "example": "non_compliant" }, "pending_dsar": { "description": "待处理DSAR", "type": "integer", "example": 5 }, "pending_pias": { "description": "待处理PIA", "type": "integer", "example": 1 }, "sod_rules_enabled": { "description": "启用SoD", "type": "integer", "example": 3 }, "sox_compliant": { "description": "SOX", "type": "boolean", "example": true } } }, "dto.ConsentItem": { "description": "用户同意记录", "type": "object", "properties": { "consent_method": { "description": "同意方式", "type": "string", "example": "explicit" }, "expired_at": { "description": "过期时间", "type": "string", "example": "2026-04-16T14:00:00Z" }, "granted": { "description": "是否同意", "type": "boolean", "example": true }, "granted_at": { "description": "同意时间", "type": "string", "example": "2026-04-15T10:00:00Z" }, "id": { "description": "同意记录ID", "type": "string", "example": "consent_001" }, "purpose": { "description": "处理目的", "type": "string", "example": "marketing_communication" }, "service": { "description": "服务名称", "type": "string", "example": "newsletter" }, "user_id": { "description": "用户ID", "type": "string", "example": "usr_abc123" } } }, "dto.ConsentItemResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.ConsentItem" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.ConsentListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.ConsentItem" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.ControlItemResponse": { "type": "object", "properties": { "description": { "type": "string", "example": "单因子认证时密码最小长度 12 字符" }, "id": { "type": "string", "example": "pci_8.6.3" }, "name": { "type": "string", "example": "最小密码长度 (单因子)" }, "operator": { "type": "string", "example": "gte" }, "parameter": { "type": "string", "example": "password_min_length_sfa" }, "requirement": { "type": "string", "example": "8.6.3" }, "severity": { "type": "string", "example": "critical" }, "tags": { "type": "array", "items": { "type": "string" }, "example": [ "[\"password\"", "\"complexity\"]" ] }, "value": { "example": "12" } } }, "dto.CreateAuditFindingRequest": { "type": "object", "required": [ "assignee_id", "control_id", "control_type", "description", "due_date", "severity", "title" ], "properties": { "assignee_id": { "type": "string", "example": "usr_security_lead" }, "control_id": { "type": "string", "example": "01JQ..." }, "control_type": { "type": "string", "example": "iso27001" }, "description": { "type": "string", "example": "A.9.1.2 要求每季度审查但上次审查距今已6个月" }, "due_date": { "type": "string", "example": "2026-06-01T00:00:00Z" }, "remediation_plan": { "type": "string", "example": "建立自动化审查提醒并在一周内完成审查" }, "severity": { "type": "string", "enum": [ "critical", "high", "medium", "low" ], "example": "high" }, "title": { "type": "string", "example": "访问控制策略未定期审查" } } }, "dto.CreateCertificationRequest": { "type": "object", "required": [ "framework" ], "properties": { "auditor": { "type": "string", "example": "Ernst \u0026 Young" }, "certificate_url": { "type": "string", "example": "https://trust.example.com/certs/soc2-2026.pdf" }, "criteria_scopes": { "type": "string", "example": "[\"Security\",\"Availability\",\"Confidentiality\"]" }, "framework": { "type": "string", "example": "SOC2 Type II" }, "last_audited_date": { "type": "string", "example": "2026-03-15" }, "next_audit_date": { "type": "string", "example": "2026-09-15" } } }, "dto.CreateConsentRequest": { "description": "用户同意请求参数", "type": "object", "required": [ "granted", "purpose", "service", "user_id" ], "properties": { "consent_method": { "description": "同意方式", "type": "string", "example": "explicit" }, "granted": { "description": "是否同意", "type": "boolean", "example": true }, "purpose": { "description": "目的", "type": "string", "example": "marketing_communication" }, "service": { "description": "服务", "type": "string", "example": "newsletter" }, "user_id": { "description": "用户ID", "type": "string", "example": "usr_abc123" } } }, "dto.CreateCrossBorderTransferRequest": { "type": "object", "required": [ "data_category", "legal_basis", "origin_region", "target_region" ], "properties": { "data_category": { "type": "string", "example": "User Personal Data" }, "legal_basis": { "type": "string", "example": "Standard Contractual Clauses" }, "origin_region": { "type": "string", "example": "EU" }, "target_region": { "type": "string", "example": "US" } } }, "dto.CreateDSARRequest": { "description": "创建GDPR数据主体访问请求参数", "type": "object", "required": [ "type", "user_id" ], "properties": { "additional_info": { "description": "补充信息", "type": "string", "example": "请提供所有与账户相关的数据" }, "address": { "description": "地址", "type": "string", "example": "123 Main St, City" }, "email": { "description": "邮箱", "type": "string", "example": "user@example.com" }, "phone": { "description": "电话", "type": "string", "example": "+8613800138000" }, "type": { "description": "请求类型", "type": "string", "enum": [ "access", "delete", "portability" ], "example": "access" }, "user_id": { "description": "用户ID", "type": "string", "example": "usr_abc123" } } }, "dto.CreateDengbaoControlRequest": { "type": "object", "required": [ "code", "level", "name" ], "properties": { "category": { "type": "string", "example": "物理安全" }, "code": { "type": "string", "example": "G3-01" }, "description": { "type": "string", "example": "机房应具备防火、防水、防雷等物理防护措施" }, "evidence_url": { "type": "string", "example": "https://docs.example.com/dengbao/G3-01" }, "level": { "type": "string", "example": "Level 3" }, "name": { "type": "string", "example": "安全物理环境" }, "status": { "type": "string", "example": "non_compliant" } } }, "dto.CreateErasureRequest": { "description": "用户请求删除其数据请求参数", "type": "object", "required": [ "data_categories", "user_id" ], "properties": { "confirmation_code": { "description": "确认码", "type": "string", "example": "DELETE-CONFIRM-123" }, "data_categories": { "description": "数据类别", "type": "array", "items": { "type": "string" }, "example": [ "[\"profile\"", "\"history\"]" ] }, "reason": { "description": "删除原因", "type": "string", "example": "账户不再使用" }, "user_id": { "description": "用户ID", "type": "string", "example": "usr_abc123" } } }, "dto.CreateEvidenceRequest": { "type": "object", "required": [ "collected_at", "collector_id", "control_id", "control_type", "file_url", "title" ], "properties": { "collected_at": { "type": "string", "example": "2026-05-01T10:00:00Z" }, "collector_id": { "type": "string", "example": "usr_auditor_001" }, "control_id": { "type": "string", "example": "01JQ..." }, "control_type": { "type": "string", "example": "iso27001" }, "description": { "type": "string", "example": "A.9.1.2 访问控制策略的年度审批记录" }, "file_url": { "type": "string", "example": "https://docs.example.com/evidence/ac-policy.pdf" }, "title": { "type": "string", "example": "访问控制策略审批记录" } } }, "dto.CreateHIPAAControlRequest": { "type": "object", "required": [ "code", "name" ], "properties": { "category": { "type": "string", "example": "Administrative Safeguards" }, "code": { "type": "string", "example": "164.308(a)(1)" }, "description": { "type": "string", "example": "Implement policies and procedures to prevent, detect, contain, and correct security violations" }, "evidence_url": { "type": "string", "example": "https://docs.example.com/hipaa/164.308.a.1" }, "name": { "type": "string", "example": "Security Management Process" }, "status": { "type": "string", "example": "compliant" } } }, "dto.CreateISO27001ControlRequest": { "type": "object", "required": [ "code", "name" ], "properties": { "category": { "type": "string", "example": "组织控制" }, "code": { "type": "string", "example": "A.5.1.1" }, "description": { "type": "string", "example": "应定义并批准信息安全策略" }, "evidence_url": { "type": "string", "example": "https://docs.example.com/iso27001/A.5.1.1" }, "name": { "type": "string", "example": "信息安全策略" }, "status": { "type": "string", "example": "compliant" } } }, "dto.CreateMyDSARRequest": { "description": "用户自助提交数据主体访问请求(user_id 从 JWT 提取)", "type": "object", "required": [ "type" ], "properties": { "email": { "description": "邮箱", "type": "string", "example": "user@example.com" }, "type": { "description": "请求类型", "type": "string", "enum": [ "access", "delete", "portability" ], "example": "access" } } }, "dto.CreatePCIDSSControlRequest": { "type": "object", "required": [ "code", "name" ], "properties": { "category": { "type": "string", "example": "Build and Maintain a Secure Network" }, "code": { "type": "string", "example": "Req.1.1" }, "description": { "type": "string", "example": "Install and maintain a firewall configuration to protect cardholder data" }, "evidence_url": { "type": "string", "example": "https://docs.example.com/pcidss/Req.1.1" }, "name": { "type": "string", "example": "Install and maintain a firewall" }, "status": { "type": "string", "example": "compliant" } } }, "dto.CreatePIPLControlRequest": { "type": "object", "required": [ "code", "name" ], "properties": { "category": { "type": "string", "example": "个人信息处理规则" }, "code": { "type": "string", "example": "Art.13" }, "description": { "type": "string", "example": "处理个人信息前应告知并取得个人同意" }, "evidence_url": { "type": "string", "example": "https://docs.example.com/pipl/Art.13" }, "name": { "type": "string", "example": "告知-同意规则" }, "status": { "type": "string", "example": "compliant" } } }, "dto.CreatePSD2ControlRequest": { "type": "object", "required": [ "code", "name" ], "properties": { "category": { "type": "string", "example": "Security Measures" }, "code": { "type": "string", "example": "Art.95.1" }, "description": { "type": "string", "example": "Implement strong customer authentication for electronic payment transactions" }, "evidence_url": { "type": "string", "example": "https://docs.example.com/psd2/Art.95.1" }, "name": { "type": "string", "example": "Strong Customer Authentication" }, "status": { "type": "string", "example": "compliant" } } }, "dto.CreatePenTestReportRequest": { "type": "object", "required": [ "conducted_at", "next_test_date", "severity", "summary", "title" ], "properties": { "conducted_at": { "type": "string", "example": "2026-04-01T00:00:00Z" }, "findings": { "type": "integer", "example": 5 }, "next_test_date": { "type": "string", "example": "2026-07-01T00:00:00Z" }, "severity": { "type": "string", "example": "medium" }, "summary": { "type": "string", "example": "Security assessment summary" }, "title": { "type": "string", "example": "Q1 2026 Penetration Test" } } }, "dto.CreateRegulatoryWatchItemRequest": { "type": "object", "required": [ "category", "effective_date", "region", "regulation", "summary", "title" ], "properties": { "category": { "type": "string", "example": "Data Protection" }, "effective_date": { "type": "string", "example": "2026-06-01T00:00:00Z" }, "region": { "type": "string", "example": "EU" }, "regulation": { "type": "string", "example": "GDPR Art. 17" }, "summary": { "type": "string", "example": "New right to erasure requirements" }, "title": { "type": "string", "example": "GDPR Enforcement Update" } } }, "dto.CreateRetentionPolicyRequest": { "description": "创建数据保留策略请求参数", "type": "object", "required": [ "data_type", "legal_basis", "name", "purpose", "retention_period_days" ], "properties": { "auto_delete": { "description": "自动删除", "type": "boolean", "example": true }, "data_type": { "description": "数据类型", "type": "string", "example": "user_activity_logs" }, "legal_basis": { "description": "法律依据", "type": "string", "example": "合同义务" }, "name": { "description": "策略名称", "type": "string", "example": "用户日志保留策略" }, "purpose": { "description": "目的", "type": "string", "example": "安全审计" }, "retention_period_days": { "description": "保留天数", "type": "integer", "example": 365 } } }, "dto.CreateSOXITGCControlRequest": { "type": "object", "required": [ "control_id", "control_type", "name" ], "properties": { "control_id": { "type": "string", "example": "ITGC-001" }, "control_type": { "type": "string", "example": "preventive" }, "description": { "type": "string", "example": "Ensures only authorized personnel have access" }, "name": { "type": "string", "example": "Access Control" } } }, "dto.CreateSoDRuleRequest": { "type": "object", "required": [ "description", "name", "roles_a", "roles_b" ], "properties": { "description": { "type": "string" }, "enabled": { "type": "boolean" }, "name": { "type": "string" }, "roles_a": { "type": "string" }, "roles_b": { "type": "string" } } }, "dto.CreateSubProcessorRequest": { "type": "object", "required": [ "applicable_services", "entity_name" ], "properties": { "applicable_services": { "type": "string", "example": "Cloud Infrastructure" }, "category": { "type": "string", "example": "infrastructure" }, "compliance_links": { "type": "string", "example": "https://aws.amazon.com/compliance/" }, "entity_name": { "type": "string", "example": "Amazon Web Services EMEA SARL" }, "locations": { "type": "string", "example": "[\"EU (Frankfurt)\",\"US (Virginia)\"]" }, "purpose": { "type": "string", "example": "Infrastructure Hosting" }, "subject_matter": { "type": "string", "example": "Customer data stored on cloud infrastructure" }, "transfer_mechanism": { "type": "string", "example": "Standard Contractual Clauses" } } }, "dto.CrossBorderTransferItemResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.CrossBorderTransferResponse" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.CrossBorderTransferListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.CrossBorderTransferResponse" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.CrossBorderTransferResponse": { "type": "object", "properties": { "created_at": { "type": "string", "example": "2026-05-01T10:00:00Z" }, "data_category": { "type": "string", "example": "User Personal Data" }, "id": { "type": "string", "example": "01JQ..." }, "legal_basis": { "type": "string", "example": "Standard Contractual Clauses" }, "origin_region": { "type": "string", "example": "EU" }, "status": { "type": "string", "example": "approved" }, "target_region": { "type": "string", "example": "US" } } }, "dto.CurrentConfigRequest": { "type": "object", "properties": { "parameters": { "type": "object", "additionalProperties": true } } }, "dto.DSARItem": { "description": "GDPR数据主体访问请求记录", "type": "object", "properties": { "completed_at": { "description": "完成时间", "type": "string", "example": "2026-04-20T14:00:00Z" }, "created_at": { "description": "创建时间", "type": "string", "example": "2026-04-15T10:00:00Z" }, "id": { "description": "DSAR ID", "type": "string", "example": "dsar_001" }, "status": { "description": "状态", "type": "string", "example": "pending" }, "type": { "description": "请求类型", "type": "string", "example": "access" }, "user_id": { "description": "用户ID", "type": "string", "example": "usr_abc123" } } }, "dto.DSARItemResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.DSARItem" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.DSARListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.DSARItem" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.DSARStatusDetailResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.DSARStatusResponse" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.DSARStatusResponse": { "description": "DSAR 状态跟踪响应", "type": "object", "properties": { "completed_at": { "description": "完成时间", "type": "string", "example": "2026-04-20T14:00:00Z" }, "created_at": { "description": "创建时间", "type": "string", "example": "2026-04-15T10:00:00Z" }, "id": { "description": "DSAR ID", "type": "string", "example": "dsar_001" }, "status": { "description": "状态", "type": "string", "example": "processing" }, "type": { "description": "请求类型", "type": "string", "example": "access" } } }, "dto.DataClassificationItemResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.DataClassificationResponse" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.DataClassificationListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.DataClassificationResponse" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.DataClassificationRequest": { "type": "object", "required": [ "classification", "data_category" ], "properties": { "classification": { "type": "string", "example": "confidential" }, "data_category": { "type": "string", "example": "用户个人资料" }, "description": { "type": "string", "example": "包含姓名、地址、联系方式等" }, "retention_required": { "type": "boolean", "example": true } } }, "dto.DataClassificationResponse": { "type": "object", "properties": { "classification": { "type": "string", "example": "confidential" }, "created_at": { "type": "string", "example": "2026-05-01T10:00:00Z" }, "data_category": { "type": "string", "example": "User Personal Data" }, "description": { "type": "string", "example": "Contains name, address, contact info" }, "id": { "type": "string", "example": "01JQ..." }, "retention_required": { "type": "boolean", "example": true } } }, "dto.DengbaoControlItem": { "type": "object", "properties": { "category": { "type": "string", "example": "物理安全" }, "control_id": { "type": "string", "example": "G3-01" }, "control_name": { "type": "string", "example": "安全物理环境" }, "evidence_url": { "type": "string", "example": "https://docs.example.com/..." }, "id": { "type": "string", "example": "01JQ..." }, "last_reviewed": { "type": "string", "example": "2026-04-01T00:00:00Z" }, "status": { "type": "string", "example": "non_compliant" } } }, "dto.DengbaoControlItemResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.DengbaoControlItem" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.DengbaoControlListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.DengbaoControlItem" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.ErasureItem": { "description": "数据删除请求记录", "type": "object", "properties": { "completed_at": { "description": "完成时间", "type": "string", "example": "2026-04-20T14:00:00Z" }, "created_at": { "description": "创建时间", "type": "string", "example": "2026-04-15T10:00:00Z" }, "data_categories": { "description": "数据类别", "type": "array", "items": { "type": "string" }, "example": [ "[\"profile\"", "\"history\"]" ] }, "id": { "description": "删除请求ID", "type": "string", "example": "erasure_001" }, "reason": { "description": "删除原因", "type": "string", "example": "账户不再使用" }, "status": { "description": "状态", "type": "string", "example": "processing" }, "user_id": { "description": "用户ID", "type": "string", "example": "usr_abc123" } } }, "dto.ErasureItemResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.ErasureItem" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.ErasureListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.ErasureItem" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.ErrorResponse": { "type": "object", "properties": { "code": { "type": "integer", "example": 400 }, "message": { "type": "string", "example": "invalid request" } } }, "dto.EvidenceItem": { "type": "object", "properties": { "collected_at": { "type": "string", "example": "2026-05-01T10:00:00Z" }, "collector_id": { "type": "string", "example": "usr_auditor_001" }, "control_id": { "type": "string", "example": "01JQ..." }, "control_type": { "type": "string", "example": "iso27001" }, "created_at": { "type": "string", "example": "2026-05-01T10:00:00Z" }, "description": { "type": "string", "example": "Annual approval record for A.9.1.2" }, "file_url": { "type": "string", "example": "https://docs.example.com/evidence/ac-policy.pdf" }, "id": { "type": "string", "example": "01JQ..." }, "title": { "type": "string", "example": "Access Control Policy Approval" } } }, "dto.EvidenceItemResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.EvidenceItem" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.EvidenceListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.EvidenceItem" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.GapReportResponse": { "type": "object", "properties": { "critical_gaps": { "type": "integer", "example": 2 }, "high_gaps": { "type": "integer", "example": 3 }, "low_gaps": { "type": "integer", "example": 0 }, "medium_gaps": { "type": "integer", "example": 1 }, "overall_score": { "type": "number", "example": 75 }, "parameters": { "type": "array", "items": { "$ref": "#/definitions/dto.ParameterGapItem" } }, "standards": { "type": "array", "items": { "type": "string" } } } }, "dto.HIPAAControlItem": { "type": "object", "properties": { "category": { "type": "string", "example": "Administrative Safeguards" }, "control_id": { "type": "string", "example": "164.308(a)(1)" }, "control_name": { "type": "string", "example": "Security Management Process" }, "evidence_url": { "type": "string", "example": "https://docs.example.com/..." }, "id": { "type": "string", "example": "01JQ..." }, "last_reviewed": { "type": "string", "example": "2026-04-01T00:00:00Z" }, "status": { "type": "string", "example": "compliant" } } }, "dto.HIPAAControlItemResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.HIPAAControlItem" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.HIPAAControlListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.HIPAAControlItem" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.ISO27001ControlItem": { "description": "ISO 27001安全控制项", "type": "object", "properties": { "category": { "description": "类别", "type": "string", "example": "组织安全" }, "control_id": { "description": "控制ID", "type": "string", "example": "A.5.1.1" }, "control_name": { "description": "控制名称", "type": "string", "example": "信息安全策略" }, "evidence_url": { "description": "证据", "type": "string", "example": "https://docs.example.com/..." }, "id": { "description": "主键ID", "type": "string", "example": "01JQ..." }, "last_reviewed": { "description": "审查时间", "type": "string", "example": "2026-04-01T00:00:00Z" }, "status": { "description": "状态", "type": "string", "example": "implemented" } } }, "dto.ISO27001ControlItemResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.ISO27001ControlItem" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.ISO27001ControlListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.ISO27001ControlItem" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.OverrideItem": { "type": "object", "properties": { "created_at": { "type": "string", "example": "2026-06-04T10:00:00Z" }, "created_by": { "type": "string", "example": "admin_xxx" }, "parameter": { "type": "string", "example": "password_min_length_sfa" }, "reason": { "type": "string", "example": "内部安全要求" }, "value": { "example": "16" } } }, "dto.OverrideListResponse": { "type": "object", "properties": { "overrides": { "type": "array", "items": { "$ref": "#/definitions/dto.OverrideItem" } } } }, "dto.OverrideRequest": { "type": "object", "required": [ "parameter", "value" ], "properties": { "parameter": { "type": "string", "example": "password_min_length_sfa" }, "reason": { "type": "string", "example": "内部安全要求" }, "value": { "example": "16" } } }, "dto.PCIDSSControlItem": { "type": "object", "properties": { "category": { "type": "string", "example": "Build and Maintain a Secure Network" }, "control_id": { "type": "string", "example": "Req.1.1" }, "control_name": { "type": "string", "example": "Install and maintain a firewall" }, "evidence_url": { "type": "string", "example": "https://docs.example.com/..." }, "id": { "type": "string", "example": "01JQ..." }, "last_reviewed": { "type": "string", "example": "2026-04-01T00:00:00Z" }, "status": { "type": "string", "example": "compliant" } } }, "dto.PCIDSSControlItemResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.PCIDSSControlItem" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.PCIDSSControlListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.PCIDSSControlItem" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.PIAItemResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.PIAResponse" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.PIAListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.PIAResponse" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.PIARequest": { "type": "object", "required": [ "description", "title" ], "properties": { "data": { "type": "string", "example": "{\"processing_activity\":\"用户行为分析\"}" }, "description": { "type": "string", "example": "评估用户画像功能的隐私风险" }, "title": { "type": "string", "example": "新用户画像功能PIA" } } }, "dto.PIAResponse": { "type": "object", "properties": { "created_at": { "type": "string", "example": "2026-05-01T10:00:00Z" }, "description": { "type": "string", "example": "Privacy impact assessment for user profiling feature" }, "id": { "type": "string", "example": "01JQ..." }, "status": { "type": "string", "example": "completed" }, "title": { "type": "string", "example": "New User Profiling PIA" } } }, "dto.PIPLControlItem": { "type": "object", "properties": { "category": { "type": "string", "example": "个人信息处理规则" }, "control_id": { "type": "string", "example": "Art.13" }, "control_name": { "type": "string", "example": "告知-同意规则" }, "evidence_url": { "type": "string", "example": "https://docs.example.com/..." }, "id": { "type": "string", "example": "01JQ..." }, "last_reviewed": { "type": "string", "example": "2026-04-01T00:00:00Z" }, "status": { "type": "string", "example": "compliant" } } }, "dto.PIPLControlItemResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.PIPLControlItem" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.PIPLControlListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.PIPLControlItem" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.PSD2ControlItem": { "type": "object", "properties": { "category": { "type": "string", "example": "Security Measures" }, "control_id": { "type": "string", "example": "Art.95.1" }, "control_name": { "type": "string", "example": "Strong Customer Authentication" }, "evidence_url": { "type": "string", "example": "https://docs.example.com/..." }, "id": { "type": "string", "example": "01JQ..." }, "last_reviewed": { "type": "string", "example": "2026-04-01T00:00:00Z" }, "status": { "type": "string", "example": "compliant" } } }, "dto.PSD2ControlItemResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.PSD2ControlItem" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.PSD2ControlListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.PSD2ControlItem" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.ParameterGapItem": { "type": "object", "properties": { "compliant": { "type": "boolean", "example": false }, "control_ref": { "type": "string", "example": "pci_8.6.3" }, "current": { "example": "8" }, "description": { "type": "string", "example": "最小密码长度 (单因子)" }, "operator": { "type": "string", "example": "gte" }, "parameter": { "type": "string", "example": "password_min_length_sfa" }, "required": { "example": "12" }, "severity": { "type": "string", "example": "critical" }, "standard": { "type": "string", "example": "pci_dss_v4" } } }, "dto.PenTestReportItem": { "description": "安全渗透测试报告", "type": "object", "properties": { "findings": { "description": "发现问题数", "type": "integer", "example": 5 }, "next_test_date": { "description": "下次测试", "type": "string", "example": "2026-07-01T00:00:00Z" }, "report_id": { "description": "报告ID", "type": "string", "example": "pentest_2026q1" }, "severity": { "description": "严重级别", "type": "string", "example": "medium" }, "tested_at": { "description": "测试时间", "type": "string", "example": "2026-04-01T00:00:00Z" }, "title": { "description": "标题", "type": "string", "example": "2026年Q1渗透测试报告" } } }, "dto.PenTestReportItemResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.PenTestReportItem" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.PenTestReportListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.PenTestReportItem" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.PrivacyPolicyDetailResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.PrivacyPolicyResponse" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.PrivacyPolicyListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.PrivacyPolicyVersionItem" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.PrivacyPolicyResponse": { "description": "隐私政策版本信息(公开)", "type": "object", "properties": { "content": { "description": "政策内容", "type": "string", "example": "# 隐私政策\n\n最后更新: 2026-01-01\n\n..." }, "effective_at": { "description": "生效时间", "type": "string", "example": "2026-01-15T00:00:00Z" }, "published_at": { "description": "发布时间", "type": "string", "example": "2026-01-01T00:00:00Z" }, "summary": { "description": "摘要", "type": "string", "example": "本隐私政策说明我们如何收集和使用您的个人数据" }, "version": { "description": "版本号", "type": "string", "example": "1.0" } } }, "dto.PrivacyPolicyVersionItem": { "description": "隐私政策版本历史记录(公开)", "type": "object", "properties": { "effective_at": { "description": "生效时间", "type": "string", "example": "2026-04-15T00:00:00Z" }, "published_at": { "description": "发布时间", "type": "string", "example": "2026-04-01T00:00:00Z" }, "summary": { "description": "摘要", "type": "string", "example": "新增数据传输附录" }, "version": { "description": "版本号", "type": "string", "example": "2.0" } } }, "dto.PublicAuditFinding": { "type": "object", "properties": { "category": { "type": "string", "example": "access_control" }, "control_type": { "type": "string", "example": "iso27001" }, "created_at": { "type": "string", "example": "2026-04-15T10:00:00Z" }, "severity": { "type": "string", "example": "high" }, "status": { "type": "string", "example": "open" }, "title": { "type": "string", "example": "访问控制策略审查" } } }, "dto.PublicAuditFindingListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.PublicAuditFinding" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.PublicBreachNotification": { "type": "object", "properties": { "affected_users_range": { "type": "string", "example": "\u003c100" }, "description": { "type": "string", "example": "发现并修复了数据库访问配置问题" }, "disclosed_at": { "type": "string", "example": "2026-04-20T10:00:00Z" }, "reported_to_dpa": { "type": "boolean", "example": true }, "severity": { "type": "string", "example": "high" }, "title": { "type": "string", "example": "数据库未授权访问" } } }, "dto.PublicBreachNotificationListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.PublicBreachNotification" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.PublicCertification": { "type": "object", "properties": { "auditor": { "type": "string", "example": "Ernst \u0026 Young" }, "certificate_url": { "type": "string", "example": "https://trust.example.com/certs/soc2-2026.pdf" }, "criteria_scopes": { "type": "string", "example": "[\"Security\",\"Availability\",\"Confidentiality\"]" }, "framework": { "type": "string", "example": "SOC2 Type II" }, "last_audited_date": { "type": "string", "example": "2026-03-15" }, "next_audit_date": { "type": "string", "example": "2026-09-15" } } }, "dto.PublicCertificationListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.PublicCertification" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.PublicComplianceStatusDetailResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.PublicComplianceStatusResponse" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.PublicComplianceStatusResponse": { "type": "object", "properties": { "frameworks_enabled": { "type": "array", "items": { "type": "string" }, "example": [ "[\"gdpr\"", "\"iso27001\"", "\"sox\"]" ] }, "gdpr_compliant": { "type": "boolean", "example": true }, "iso27001_compliant": { "type": "boolean", "example": true }, "last_audit_date": { "type": "string", "example": "2026-03-15" }, "next_audit_date": { "type": "string", "example": "2026-09-15" }, "open_issues_range": { "type": "string", "example": "1-5" }, "overall_status": { "type": "string", "example": "compliant" }, "sox_compliant": { "type": "boolean", "example": true } } }, "dto.PublicCrossBorderTransfer": { "type": "object", "properties": { "data_category": { "type": "string", "example": "用户个人资料" }, "legal_basis": { "type": "string", "example": "Standard Contractual Clauses" }, "origin_region": { "type": "string", "example": "EU" }, "target_region": { "type": "string", "example": "US" } } }, "dto.PublicCrossBorderTransferListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.PublicCrossBorderTransfer" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.PublicDataClassification": { "type": "object", "properties": { "classification": { "type": "string", "example": "confidential" }, "data_category": { "type": "string", "example": "用户个人资料" }, "description": { "type": "string", "example": "包含姓名、地址、联系方式等" }, "retention_required": { "type": "boolean", "example": true } } }, "dto.PublicDataClassificationListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.PublicDataClassification" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.PublicDengbaoControl": { "type": "object", "properties": { "category": { "type": "string", "example": "物理安全" }, "control_id": { "type": "string", "example": "G3-01" }, "control_name": { "type": "string", "example": "安全物理环境" }, "status": { "type": "string", "example": "non_compliant" } } }, "dto.PublicDengbaoListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.PublicDengbaoControl" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.PublicHIPAAAListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.PublicHIPAAControl" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.PublicHIPAAControl": { "type": "object", "properties": { "category": { "type": "string", "example": "Administrative Safeguards" }, "control_id": { "type": "string", "example": "164.308(a)(1)" }, "control_name": { "type": "string", "example": "Security Management Process" }, "status": { "type": "string", "example": "compliant" } } }, "dto.PublicISO27001Control": { "type": "object", "properties": { "category": { "type": "string", "example": "组织安全" }, "control_id": { "type": "string", "example": "A.5.1.1" }, "control_name": { "type": "string", "example": "信息安全策略" }, "status": { "type": "string", "example": "implemented" } } }, "dto.PublicISO27001ControlListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.PublicISO27001Control" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.PublicPCIDSSControl": { "type": "object", "properties": { "category": { "type": "string", "example": "Build and Maintain a Secure Network" }, "control_id": { "type": "string", "example": "Req.1.1" }, "control_name": { "type": "string", "example": "Install and maintain a firewall" }, "status": { "type": "string", "example": "compliant" } } }, "dto.PublicPCIListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.PublicPCIDSSControl" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.PublicPIA": { "type": "object", "properties": { "created_at": { "type": "string", "example": "2026-04-15T10:00:00Z" }, "description": { "type": "string", "example": "评估新功能的隐私风险" }, "status": { "type": "string", "example": "completed" }, "title": { "type": "string", "example": "新功能隐私影响评估" } } }, "dto.PublicPIAListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.PublicPIA" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.PublicPIPLControl": { "type": "object", "properties": { "category": { "type": "string", "example": "个人信息处理规则" }, "control_id": { "type": "string", "example": "Art.13" }, "control_name": { "type": "string", "example": "告知-同意规则" }, "status": { "type": "string", "example": "compliant" } } }, "dto.PublicPIPLListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.PublicPIPLControl" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.PublicPSD2Control": { "type": "object", "properties": { "category": { "type": "string", "example": "Security Measures" }, "control_id": { "type": "string", "example": "Art.95.1" }, "control_name": { "type": "string", "example": "Strong Customer Authentication" }, "status": { "type": "string", "example": "compliant" } } }, "dto.PublicPSD2ListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.PublicPSD2Control" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.PublicPenTestReport": { "type": "object", "properties": { "findings": { "type": "integer", "example": 5 }, "next_test_at": { "type": "string", "example": "2026-06-01T00:00:00Z" }, "severity": { "type": "string", "example": "medium" }, "summary": { "type": "string", "example": "Quarterly penetration test completed successfully" }, "tested_at": { "type": "string", "example": "2026-03-01T00:00:00Z" }, "title": { "type": "string", "example": "2026 Q1 Penetration Test" } } }, "dto.PublicPenTestReportListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.PublicPenTestReport" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.PublicSecurityScoreResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.SecurityScore" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.PublicSubProcessor": { "type": "object", "properties": { "applicable_services": { "type": "string", "example": "Cloud Infrastructure" }, "category": { "type": "string", "example": "infrastructure" }, "compliance_links": { "type": "string", "example": "https://aws.amazon.com/compliance/" }, "entity_name": { "type": "string", "example": "Amazon Web Services EMEA SARL" }, "locations": { "type": "string", "example": "[\"EU (Frankfurt)\",\"US (Virginia)\"]" }, "purpose": { "type": "string", "example": "Infrastructure Hosting" }, "subject_matter": { "type": "string", "example": "Customer data stored on cloud infrastructure" }, "transfer_mechanism": { "type": "string", "example": "Standard Contractual Clauses" } } }, "dto.PublicSubProcessorListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.PublicSubProcessor" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.ReadinessReportResponse": { "type": "object", "properties": { "compliance_rate": { "type": "number", "example": 77.8 }, "failed_controls": { "type": "array", "items": { "$ref": "#/definitions/dto.ParameterGapItem" } }, "passed_controls": { "type": "integer", "example": 7 }, "ready_for_audit": { "type": "boolean", "example": false }, "recommendations": { "type": "array", "items": { "type": "string" } }, "standard_id": { "type": "string", "example": "pci_dss_v4" }, "standard_name": { "type": "string", "example": "PCI DSS v4.0.1" }, "total_controls": { "type": "integer", "example": 9 } } }, "dto.RegulatoryUpdateItem": { "description": "法规动态更新", "type": "object", "properties": { "affected_services": { "description": "受影响服务", "type": "array", "items": { "type": "string" }, "example": [ "[\"identity\"", "\"profile\"]" ] }, "effective_date": { "description": "生效日期", "type": "string", "example": "2026-06-01T00:00:00Z" }, "impact_level": { "description": "影响级别", "type": "string", "example": "high" }, "jurisdiction": { "description": "管辖", "type": "string", "example": "EU" }, "regulation": { "description": "法规名称", "type": "string", "example": "GDPR Art. 17" }, "summary": { "description": "摘要", "type": "string", "example": "新增数据删除权利的具体要求" }, "update_id": { "description": "更新ID", "type": "string", "example": "reg_001" } } }, "dto.RegulatoryWatchItemResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.RegulatoryUpdateItem" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.RegulatoryWatchListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.RegulatoryUpdateItem" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.ResolvedParamItem": { "type": "object", "properties": { "merge_rule": { "type": "string", "example": "max" }, "overridden": { "type": "boolean", "example": false }, "override_value": {}, "severity": { "type": "string", "example": "critical" }, "source": { "type": "array", "items": { "type": "string" }, "example": [ "[\"pci_dss_v4\"", "\"dengbao_l3\"]" ] }, "value": {} } }, "dto.ResolvedPolicyResponse": { "type": "object", "properties": { "parameters": { "type": "object", "additionalProperties": { "$ref": "#/definitions/dto.ResolvedParamItem" } }, "resolved_at": { "type": "string", "example": "2026-06-04T10:00:00Z" }, "standards": { "type": "array", "items": { "type": "string" }, "example": [ "[\"pci_dss_v4\"", "\"dengbao_l3\"]" ] }, "tenant_id": { "type": "string" }, "version": { "type": "string", "example": "a1b2c3d4" } } }, "dto.RetentionPolicyItem": { "description": "数据保留策略", "type": "object", "properties": { "data_type": { "description": "数据类型", "type": "string", "example": "user_activity_logs" }, "legal_basis": { "description": "法律依据", "type": "string", "example": "合同义务" }, "policy_id": { "description": "策略ID", "type": "string", "example": "ret_001" }, "purpose": { "description": "保留目的", "type": "string", "example": "安全审计" }, "retention_period_days": { "description": "保留天数", "type": "integer", "example": 365 }, "status": { "description": "状态", "type": "string", "example": "active" } } }, "dto.RetentionPolicyItemResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.RetentionPolicyItem" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.RetentionPolicyListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.RetentionPolicyItem" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.RetentionPolicyPublicListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.RetentionPolicyPublicResponse" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.RetentionPolicyPublicResponse": { "description": "数据保留策略公示信息(公开)", "type": "object", "properties": { "data_category": { "description": "数据类别", "type": "string", "example": "user_profile" }, "description": { "description": "说明", "type": "string", "example": "用户账户相关数据, 保留至账户注销后365天" }, "legal_basis": { "description": "法律依据", "type": "string", "example": "GDPR Art.6(1)(b) - 合同必要性" }, "retention_days": { "description": "保留天数", "type": "integer", "example": 365 } } }, "dto.ReviewAIDecisionRequest": { "type": "object", "required": [ "reviewed", "reviewer" ], "properties": { "reviewed": { "type": "boolean" }, "reviewer": { "type": "string" } } }, "dto.RevokeConsentRequest": { "description": "撤回用户同意请求参数", "type": "object", "required": [ "purpose", "user_id" ], "properties": { "purpose": { "description": "处理目的", "type": "string", "example": "marketing" }, "reason": { "description": "撤回原因", "type": "string", "example": "不再希望接收营销邮件" }, "user_id": { "description": "用户ID", "type": "string", "example": "usr_abc123" } } }, "dto.SOXITGCItem": { "description": "SOX法案IT一般控制项", "type": "object", "properties": { "control_id": { "description": "控制ID", "type": "string", "example": "IT-001" }, "control_type": { "description": "控制类型", "type": "string", "example": "preventive" }, "description": { "description": "描述", "type": "string", "example": "访问权限管理" }, "last_test_date": { "description": "测试日期", "type": "string", "example": "2026-04-01T00:00:00Z" }, "status": { "description": "状态", "type": "string", "example": "effective" }, "test_result": { "description": "测试结果", "type": "string", "example": "通过" } } }, "dto.SOXITGCItemResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.SOXITGCItem" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.SOXITGCListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.SOXITGCItem" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.SecurityScore": { "type": "object", "properties": { "calculated_at": { "type": "string", "example": "2026-05-09T12:00:00Z" }, "dimensions": { "type": "array", "items": { "$ref": "#/definitions/dto.SecurityScoreDim" } }, "grade": { "type": "string", "example": "A" }, "max_score": { "type": "integer", "example": 100 }, "methodology_version": { "type": "string", "example": "v1.0" }, "overall_score": { "type": "integer", "example": 94 } } }, "dto.SecurityScoreDim": { "type": "object", "properties": { "name": { "type": "string", "example": "iso27001_coverage" }, "score": { "type": "integer", "example": 98 }, "weight": { "type": "number", "example": 0.3 } } }, "dto.SoDCheckResponse": { "type": "object", "properties": { "checked_at": { "type": "string" }, "is_compliant": { "type": "boolean" }, "rules": { "type": "array", "items": { "$ref": "#/definitions/dto.SoDRuleResult" } }, "tenant_id": { "type": "string" }, "total_rules": { "type": "integer" }, "violations": { "type": "integer" } } }, "dto.SoDRuleItemResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.SoDRuleResponse" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.SoDRuleListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.SoDRuleResponse" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.SoDRuleResponse": { "type": "object", "properties": { "description": { "type": "string", "example": "Finance and Audit roles must not be held by the same user" }, "enabled": { "type": "boolean", "example": true }, "id": { "type": "string", "example": "01JQ..." }, "name": { "type": "string", "example": "Finance-Audit SoD" }, "roles_a": { "type": "string", "example": "role_finance_admin" }, "roles_b": { "type": "string", "example": "role_audit" } } }, "dto.SoDRuleResult": { "type": "object", "properties": { "affected_users": { "type": "array", "items": { "type": "string" } }, "description": { "type": "string" }, "is_violated": { "type": "boolean" }, "rule_id": { "type": "string" }, "rule_name": { "type": "string" } } }, "dto.StandardDetailResponse": { "type": "object", "properties": { "category": { "type": "string", "example": "financial" }, "controls": { "type": "array", "items": { "$ref": "#/definitions/dto.ControlItemResponse" } }, "description": { "type": "string", "example": "支付卡行业数据安全标准" }, "id": { "type": "string", "example": "pci_dss_v4" }, "name": { "type": "string", "example": "PCI DSS v4.0.1" }, "version": { "type": "string", "example": "4.0.1" } } }, "dto.StandardItemResponse": { "type": "object", "properties": { "category": { "type": "string", "example": "financial" }, "description": { "type": "string", "example": "支付卡行业数据安全标准" }, "id": { "type": "string", "example": "pci_dss_v4" }, "name": { "type": "string", "example": "PCI DSS v4.0.1" }, "version": { "type": "string", "example": "4.0.1" } } }, "dto.SubProcessorItem": { "type": "object", "properties": { "applicable_services": { "type": "string" }, "category": { "type": "string" }, "compliance_links": { "type": "string" }, "created_at": { "type": "string" }, "entity_name": { "type": "string" }, "id": { "type": "string" }, "locations": { "type": "string" }, "purpose": { "type": "string" }, "status": { "type": "string" }, "subject_matter": { "type": "string" }, "transfer_mechanism": { "type": "string" } } }, "dto.SubProcessorItemResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.SubProcessorItem" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.SubProcessorListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.SubProcessorItem" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.TenantStandardsRequest": { "type": "object", "required": [ "standards" ], "properties": { "standards": { "type": "array", "items": { "type": "string" }, "example": [ "[\"pci_dss_v4\"", "\"dengbao_l3\"]" ] } } }, "dto.UpdateAuditFindingRequest": { "type": "object", "properties": { "assignee_id": { "type": "string" }, "description": { "type": "string" }, "due_date": { "type": "string", "example": "2026-06-15T00:00:00Z" }, "remediation_plan": { "type": "string" }, "severity": { "type": "string", "example": "high" }, "status": { "type": "string", "example": "in_progress" }, "title": { "type": "string", "example": "访问控制策略未定期审查" } } }, "dto.UpdateBreachNotificationRequest": { "type": "object", "properties": { "affected_users": { "type": "integer", "example": 500 }, "description": { "type": "string", "example": "Updated breach details" }, "reported_to_dpa": { "type": "boolean", "example": true }, "severity": { "type": "string", "example": "critical" }, "status": { "type": "string", "example": "reported" }, "title": { "type": "string", "example": "Updated Breach Notification" } } }, "dto.UpdateComplianceCertificationRequest": { "type": "object", "properties": { "auditor": { "type": "string", "example": "Deloitte" }, "certificate_url": { "type": "string", "example": "https://trust.example.com/certs/soc2-2026.pdf" }, "criteria_scopes": { "type": "string", "example": "[\"Security\",\"Availability\"]" }, "framework": { "type": "string", "example": "SOC2 Type II" }, "last_audited_date": { "type": "string", "example": "2026-06-15" }, "next_audit_date": { "type": "string", "example": "2026-12-15" }, "status": { "type": "string", "example": "active" } } }, "dto.UpdateCrossBorderTransferRequest": { "type": "object", "properties": { "data_category": { "type": "string", "example": "Payment Data" }, "legal_basis": { "type": "string", "example": "Binding Corporate Rules" }, "origin_region": { "type": "string", "example": "EU" }, "status": { "type": "string", "example": "active" }, "target_region": { "type": "string", "example": "US" } } }, "dto.UpdateDSARRequest": { "description": "更新DSAR状态请求参数", "type": "object", "required": [ "status" ], "properties": { "rejection_reason": { "description": "拒绝原因", "type": "string", "example": "数据包含第三方信息无法提供" }, "response_data": { "description": "响应数据", "type": "object", "additionalProperties": true }, "status": { "description": "新状态", "type": "string", "enum": [ "processing", "completed", "rejected" ], "example": "completed" } } }, "dto.UpdateDataClassificationRequest": { "type": "object", "properties": { "classification": { "type": "string", "example": "restricted" }, "data_category": { "type": "string", "example": "Payment Data" }, "description": { "type": "string", "example": "Updated classification description" }, "retention_required": { "type": "boolean", "example": true } } }, "dto.UpdateDengbaoControlRequest": { "type": "object", "properties": { "category": { "type": "string", "example": "物理安全" }, "description": { "type": "string", "example": "机房应具备防火、防水、防雷等物理防护措施" }, "evidence_url": { "type": "string", "example": "https://docs.example.com/dengbao/G3-01" }, "level": { "type": "string", "example": "Level 3" }, "name": { "type": "string", "example": "安全物理环境" }, "status": { "type": "string", "example": "compliant" } } }, "dto.UpdateErasureRequest": { "description": "更新删除权请求状态", "type": "object", "required": [ "status" ], "properties": { "status": { "description": "新状态", "type": "string", "enum": [ "pending", "processing", "completed", "rejected" ], "example": "completed" } } }, "dto.UpdateHIPAAControlRequest": { "type": "object", "properties": { "category": { "type": "string", "example": "Administrative Safeguards" }, "description": { "type": "string", "example": "Implement policies and procedures" }, "evidence_url": { "type": "string", "example": "https://docs.example.com/hipaa/164.308.a.1" }, "name": { "type": "string", "example": "Security Management Process" }, "status": { "type": "string", "example": "compliant" } } }, "dto.UpdateISO27001ControlRequest": { "type": "object", "properties": { "category": { "type": "string", "example": "组织控制" }, "description": { "type": "string", "example": "应定义并批准信息安全策略" }, "evidence_url": { "type": "string", "example": "https://docs.example.com/iso27001/A.5.1.1" }, "name": { "type": "string", "example": "信息安全策略" }, "status": { "type": "string", "example": "compliant" } } }, "dto.UpdatePCIDSSControlRequest": { "type": "object", "properties": { "category": { "type": "string", "example": "Build and Maintain a Secure Network" }, "description": { "type": "string", "example": "Install and maintain a firewall configuration" }, "evidence_url": { "type": "string", "example": "https://docs.example.com/pcidss/Req.1.1" }, "name": { "type": "string", "example": "Install and maintain a firewall" }, "status": { "type": "string", "example": "compliant" } } }, "dto.UpdatePIARequest": { "type": "object", "properties": { "data": { "type": "string", "example": "{\"processing_activity\":\"updated\"}" }, "description": { "type": "string", "example": "Updated assessment of privacy risks" }, "status": { "type": "string", "example": "completed" }, "title": { "type": "string", "example": "Updated Privacy Impact Assessment" } } }, "dto.UpdatePIPLControlRequest": { "type": "object", "properties": { "category": { "type": "string", "example": "个人信息处理规则" }, "description": { "type": "string", "example": "处理个人信息前应告知并取得个人同意" }, "evidence_url": { "type": "string", "example": "https://docs.example.com/pipl/Art.13" }, "name": { "type": "string", "example": "告知-同意规则" }, "status": { "type": "string", "example": "compliant" } } }, "dto.UpdatePSD2ControlRequest": { "type": "object", "properties": { "category": { "type": "string", "example": "Security Measures" }, "description": { "type": "string", "example": "Implement strong customer authentication" }, "evidence_url": { "type": "string", "example": "https://docs.example.com/psd2/Art.95.1" }, "name": { "type": "string", "example": "Strong Customer Authentication" }, "status": { "type": "string", "example": "compliant" } } }, "dto.UpdatePenTestReportRequest": { "type": "object", "properties": { "conducted_at": { "type": "string", "example": "2026-04-01T00:00:00Z" }, "findings": { "type": "integer", "example": 5 }, "next_test_date": { "type": "string", "example": "2026-07-01T00:00:00Z" }, "severity": { "type": "string", "example": "medium" }, "summary": { "type": "string", "example": "安全评估总结" }, "title": { "type": "string", "example": "2026年Q1渗透测试报告" } } }, "dto.UpdateRegulatoryWatchItemRequest": { "type": "object", "properties": { "category": { "type": "string", "example": "数据保护" }, "effective_date": { "type": "string", "example": "2026-06-01T00:00:00Z" }, "region": { "type": "string", "example": "EU" }, "regulation": { "type": "string", "example": "GDPR Art. 17" }, "summary": { "type": "string", "example": "新增数据删除权利" }, "title": { "type": "string", "example": "GDPR 更新" } } }, "dto.UpdateRetentionPolicyRequest": { "type": "object", "properties": { "auto_delete": { "type": "boolean", "example": true }, "data_type": { "type": "string", "example": "user_activity_logs" }, "legal_basis": { "type": "string", "example": "合同义务" }, "name": { "type": "string", "example": "用户日志保留策略" }, "purpose": { "type": "string", "example": "安全审计" }, "retention_period_days": { "type": "integer", "example": 365 } } }, "dto.UpdateSOXITGCControlRequest": { "type": "object", "properties": { "control_type": { "type": "string", "example": "preventive" }, "description": { "type": "string", "example": "访问权限管理" }, "last_test_date": { "type": "string", "example": "2026-04-01T00:00:00Z" }, "name": { "type": "string", "example": "访问权限管理" }, "status": { "type": "string", "example": "effective" }, "test_result": { "type": "string", "example": "通过" } } }, "dto.UpdateSoDRuleRequest": { "type": "object", "properties": { "description": { "type": "string", "example": "Updated SoD rule description" }, "enabled": { "type": "boolean", "example": true }, "name": { "type": "string", "example": "Finance-Audit SoD" }, "roles_a": { "type": "string", "example": "[\"role_finance_admin\"]" }, "roles_b": { "type": "string", "example": "[\"role_auditor\"]" } } }, "dto.UpdateSubProcessorRequest": { "type": "object", "properties": { "applicable_services": { "type": "string", "example": "Cloud Infrastructure" }, "category": { "type": "string", "example": "infrastructure" }, "compliance_links": { "type": "string", "example": "https://aws.amazon.com/compliance/" }, "entity_name": { "type": "string", "example": "AWS EMEA SARL" }, "locations": { "type": "string", "example": "[\"EU (Frankfurt)\"]" }, "purpose": { "type": "string", "example": "Infrastructure Hosting" }, "status": { "type": "string", "example": "active" }, "subject_matter": { "type": "string", "example": "Customer data storage" }, "transfer_mechanism": { "type": "string", "example": "Standard Contractual Clauses" } } }, "dto.UpdateVendorRiskAssessmentRequest": { "type": "object", "properties": { "remarks": { "type": "string", "example": "评估通过" }, "risk_level": { "type": "string", "example": "medium" }, "score": { "type": "integer", "example": 35 } } }, "dto.UpsertComplianceProfileRequest": { "type": "object", "properties": { "ai_review_required": { "type": "boolean", "example": false }, "auto_delete_enabled": { "type": "boolean" }, "breach_report_threshold": { "type": "integer", "example": 1 }, "consent_ttl_years": { "type": "integer", "example": 1 }, "data_protection_officer": { "type": "string", "example": "dpo@example.com" }, "default_retention_days": { "type": "integer", "example": 365 }, "enabled_frameworks": { "type": "array", "items": { "type": "string" }, "example": [ "[\"gdpr\"", "\"iso27001\"", "\"sox\"]" ] }, "max_concurrent_erasures": { "type": "integer", "example": 10 }, "pen_test_schedule_days": { "type": "integer", "example": 365 }, "score_weights": { "type": "string", "example": "{\"iso27001\":0.25,\"soc2\":0.15,\"gdpr\":0.15,\"issues\":0.25,\"pen_test\":0.10,\"breach\":0.10}" }, "selected_standards": { "type": "array", "items": { "type": "string" }, "example": [ "[\"pci_dss_v4\"", "\"dengbao_l3\"]" ] }, "sod_auto_init_enabled": { "type": "boolean", "example": true } } }, "dto.UpsertPrivacyPolicyRequest": { "description": "管理隐私政策版本", "type": "object", "required": [ "content", "effective_at", "version" ], "properties": { "content": { "description": "政策内容", "type": "string", "example": "# 隐私政策\n\n..." }, "effective_at": { "description": "生效时间", "type": "string", "example": "2026-04-15T00:00:00Z" }, "status": { "description": "状态", "type": "string", "example": "active" }, "summary": { "description": "摘要", "type": "string", "example": "新增数据传输附录" }, "version": { "description": "版本号", "type": "string", "example": "2.0" } } }, "dto.VendorRiskAssessmentDetailResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "data": { "$ref": "#/definitions/dto.VendorRiskAssessmentResponse" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } }, "dto.VendorRiskAssessmentListResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "items": { "description": "统一使用 items", "type": "array", "items": { "$ref": "#/definitions/dto.VendorRiskAssessmentResponse" } }, "message": { "type": "string" }, "pagination": { "description": "分页信息(嵌套对象)", "allOf": [ { "$ref": "#/definitions/gitee_com_linmes_authms_base_dto.PageInfo" } ] }, "timestamp": { "type": "string" }, "total": { "description": "总条数(平铺,便于直接读取)", "type": "integer" } } }, "dto.VendorRiskAssessmentRequest": { "description": "供应商安全风险评估请求参数", "type": "object", "required": [ "remarks", "risk_level", "score", "vendor_name" ], "properties": { "remarks": { "description": "评估备注", "type": "string", "example": "评估通过" }, "risk_level": { "description": "风险等级", "type": "string", "example": "medium" }, "score": { "description": "风险评分", "type": "integer", "example": 35 }, "vendor_name": { "description": "供应商名称", "type": "string", "example": "CloudProvider XYZ" } } }, "dto.VendorRiskAssessmentResponse": { "description": "供应商风险评估结果", "type": "object", "properties": { "assessment_date": { "description": "评估日期", "type": "string", "example": "2026-04-01T00:00:00Z" }, "compliance_certifications": { "description": "合规认证", "type": "array", "items": { "type": "string" }, "example": [ "[\"SOC2\"", "\"ISO27001\"]" ] }, "risk_factors": { "description": "风险因素", "type": "array", "items": { "type": "string" }, "example": [ "[\"数据中心位置\"", "\"数据加密\"]" ] }, "risk_level": { "description": "风险等级", "type": "string", "example": "medium" }, "risk_score": { "description": "风险评分", "type": "integer", "example": 35 }, "valid_until": { "description": "有效期", "type": "string", "example": "2027-04-01T00:00:00Z" }, "vendor_id": { "description": "供应商ID", "type": "string", "example": "vendor_001" } } }, "gitee_com_linmes_authms_base_dto.PageInfo": { "type": "object", "properties": { "has_next": { "description": "HasNext indicates whether there is a next page", "type": "boolean" }, "has_prev": { "description": "HasPrev indicates whether there is a previous page", "type": "boolean" }, "page": { "description": "Page is the current page number (1-based)", "type": "integer" }, "page_size": { "description": "PageSize is the number of items per page", "type": "integer" }, "total": { "description": "Total is the total number of items across all pages", "type": "integer" }, "total_pages": { "description": "TotalPages is the total number of pages", "type": "integer" } } }, "gitee_com_linmes_authms_micro-services_compliance-service_internal_handler_dto.SimpleResponse": { "type": "object", "properties": { "code": { "type": "integer" }, "message": { "type": "string" }, "timestamp": { "type": "string" } } } }, "securityDefinitions": { "bearerAuth": { "description": "Type \"Bearer\" followed by a space and JWT token.", "type": "apiKey", "name": "Authorization", "in": "header" } }, "tags": [ { "description": "数据主体访问请求:提交、查询、审批、执行", "name": "DSAR" }, { "description": "用户同意管理:记录、查询、撤回", "name": "consent" }, { "description": "数据擦除:用户数据删除、匿名化编排", "name": "erasure" }, { "description": "ISO 27001 信息安全管理体系合规", "name": "ISO27001" }, { "description": "PCI DSS 支付卡行业数据安全标准合规", "name": "PCI-DSS" }, { "description": "HIPAA 医疗健康信息隐私与安全合规", "name": "HIPAA" }, { "description": "PSD2 支付服务指令合规", "name": "PSD2" }, { "description": "个人信息保护法合规", "name": "PIPL" }, { "description": "网络安全等级保护(等保)合规", "name": "Dengbao" }, { "description": "Sarbanes-Oxley 法案合规", "name": "SOX" }, { "description": "数据保留策略:配置、执行、审计", "name": "retention" }, { "description": "渗透测试管理:计划、执行、报告", "name": "penetration-test" }, { "description": "供应商风险评估:评估、监控、缓解", "name": "vendor-risk" }, { "description": "法规监管跟踪:法规变更、影响分析", "name": "regulatory-watch" }, { "description": "合规状态总览:各框架合规评分", "name": "compliance-status" }, { "description": "合规档案:组织合规配置与文档", "name": "compliance-profile" }, { "description": "隐私影响评估:评估、审批、跟踪", "name": "PIA" }, { "description": "数据泄露通知:检测、报告、通知", "name": "breach-notification" }, { "description": "数据分类分级:敏感度标记、策略配置", "name": "data-classification" }, { "description": "跨境数据传输:评估、审批、记录", "name": "cross-border-transfer" }, { "description": "AI 自动化决策合规:透明度、可解释性", "name": "AI-decision" }, { "description": "职责分离:审计与配置分离管控", "name": "SoD" }, { "description": "数据清理记录:定期清理日志与审计", "name": "cleanup-record" }, { "description": "合规证据管理:证据收集、存储、导出", "name": "evidence" }, { "description": "合规标准框架管理:标准定义、映射、评估", "name": "Compliance Standards" }, { "description": "合规策略管理:策略创建、分配、执行", "name": "Compliance Policy" } ] }