import { PrismaService } from "../../database/prisma/prisma.service"; import { HashChainService } from './services/hash-chain.service'; import { AuditAction, AuditStatus, ComplianceLevel, RiskLevel, Prisma } from '@prisma/client'; export interface CreateAuditLogDto { region: string; tenantId: string; who: string; what: string; where: string; why?: string; how: string; module: string; action: AuditAction; entityType: string; entityId: string; oldValue?: any; newValue?: any; changes?: any; userId?: string; sessionId?: string; traceId?: string; requestId?: string; ipAddress: string; userAgent: string; deviceId?: string; geoLocation?: string; businessType?: string; businessKey?: string; status?: AuditStatus; errorMessage?: string; duration?: number; isFinancial?: boolean; isSensitive?: boolean; riskLevel?: RiskLevel; complianceLevel?: ComplianceLevel; } export interface AuditQueryFilters { region: string; tenantId: string; userId?: string; module?: string; action?: AuditAction; entityType?: string; entityId?: string; status?: AuditStatus; startDate?: Date; endDate?: Date; isFinancial?: boolean; isSensitive?: boolean; riskLevel?: RiskLevel; complianceLevel?: ComplianceLevel; traceId?: string; sessionId?: string; keyword?: string; sortBy?: 'when' | 'module' | 'action' | 'userId'; sortOrder?: 'asc' | 'desc'; page?: number; limit?: number; } export interface IntegrityCheckJob { jobId: string; region: string; tenantId: string; status: 'QUEUED' | 'RUNNING' | 'COMPLETED' | 'FAILED'; createdAt: Date; startedAt?: Date; completedAt?: Date; scope?: 'ALL' | 'FINANCIAL_ONLY' | 'SENSITIVE_ONLY' | 'HIGH_RISK_ONLY'; startDate?: Date; endDate?: Date; result?: { verified: boolean; totalRecords: number; passCount: number; failCount: number; failures?: any[]; }; error?: string; } export declare class AuditService { private readonly prisma; private readonly hashChain; private readonly logger; constructor(prisma: PrismaService, hashChain: HashChainService); private alertService?; setAlertService(alertService: any): void; log(dto: CreateAuditLogDto): Promise<{ region: string; id: string; currentHash: string; signature: string | null; createdAt: Date; archivedAt: Date | null; when: Date; module: string; action: import("@prisma/client").$Enums.AuditAction; userId: string | null; tenantId: string; who: string; what: string; where: string; why: string | null; how: string; entityType: string; entityId: string; oldValue: Prisma.JsonValue | null; newValue: Prisma.JsonValue | null; changes: Prisma.JsonValue | null; sessionId: string; traceId: string; requestId: string; ipAddress: string; userAgent: string; deviceId: string | null; geoLocation: string | null; businessType: string | null; businessKey: string | null; status: import("@prisma/client").$Enums.AuditStatus; errorMessage: string | null; duration: number | null; isFinancial: boolean; isSensitive: boolean; riskLevel: import("@prisma/client").$Enums.RiskLevel; complianceLevel: import("@prisma/client").$Enums.ComplianceLevel; retentionYears: number; previousHash: string | null; }>; private calculateRetentionYears; private getLatestLog; private sanitizeData; query(filters: AuditQueryFilters): Promise<{ items: ({ id: any; region: any; tenantId: any; who: any; what: any; when: any; where: any; why: any; how: any; module: any; action: any; entityType: any; entityId: any; userId: any; ipAddress: any; userAgent: any; status: any; duration: any; riskLevel: any; complianceLevel: any; isFinancial: any; isSensitive: any; user: any; } | { oldValue: any; newValue: any; changes: any; sessionId: any; traceId: any; requestId: any; deviceId: any; geoLocation: any; businessType: any; businessKey: any; errorMessage: any; previousHash: any; currentHash: any; signature: any; createdAt: any; archivedAt: any; retentionYears: any; id: any; region: any; tenantId: any; who: any; what: any; when: any; where: any; why: any; how: any; module: any; action: any; entityType: any; entityId: any; userId: any; ipAddress: any; userAgent: any; status: any; duration: any; riskLevel: any; complianceLevel: any; isFinancial: any; isSensitive: any; user: any; })[]; total: number; page: number; limit: number; totalPages: number; hasNext: boolean; hasPrev: boolean; }>; getById(id: string, region: string, tenantId: string): Promise<{ id: any; region: any; tenantId: any; who: any; what: any; when: any; where: any; why: any; how: any; module: any; action: any; entityType: any; entityId: any; userId: any; ipAddress: any; userAgent: any; status: any; duration: any; riskLevel: any; complianceLevel: any; isFinancial: any; isSensitive: any; user: any; } | null>; verifySingleLog(id: string, region: string, tenantId: string): Promise<{ id: string; valid: boolean; storedHash: string; calculatedHash: string; verifiedAt: string; } | null>; getEntityHistory(entityType: string, entityId: string, region: string, tenantId: string, options?: { page?: number; limit?: number; includeDiff?: boolean; }): Promise<{ entityType: string; entityId: string; history: { status: import("@prisma/client").$Enums.AuditStatus; user: { displayName: string; id: string; username: string; } | null; oldValue?: Prisma.JsonValue | undefined; newValue?: Prisma.JsonValue | undefined; changes?: Prisma.JsonValue | undefined; id: string; action: import("@prisma/client").$Enums.AuditAction; when: string; who: string; }[]; total: number; page: number; limit: number; totalPages: number; hasNext: boolean; hasPrev: boolean; }>; getUserHistory(userId: string, region: string, tenantId: string, filters?: { startDate?: Date; endDate?: Date; module?: string; action?: AuditAction; isSensitive?: boolean; isFinancial?: boolean; riskLevel?: RiskLevel; page?: number; limit?: number; }): Promise<{ userId: string; username: string | undefined; displayName: string | undefined; operations: { id: string; action: import("@prisma/client").$Enums.AuditAction; module: string; when: string; entityType: string; entityId: string; what: string; status: import("@prisma/client").$Enums.AuditStatus; riskLevel: import("@prisma/client").$Enums.RiskLevel; isFinancial: boolean; isSensitive: boolean; }[]; summary: { total: number; byAction: { [k: string]: number; }; byModule: { [k: string]: number; }; sensitiveCount: number; financialCount: number; failedCount: number; }; total: number; page: number; limit: number; totalPages: number; hasNext: boolean; hasPrev: boolean; }>; private getUserOperationSummary; getFinancialLogs(region: string, tenantId: string, filters: { startDate: Date; endDate: Date; userId?: string; action?: AuditAction; module?: string; sortBy?: string; sortOrder?: 'asc' | 'desc'; page?: number; limit?: number; }): Promise<{ items: ({ oldValue: Prisma.JsonValue; newValue: Prisma.JsonValue; retentionYears: number; id: any; region: any; tenantId: any; who: any; what: any; when: any; where: any; why: any; how: any; module: any; action: any; entityType: any; entityId: any; userId: any; ipAddress: any; userAgent: any; status: any; duration: any; riskLevel: any; complianceLevel: any; isFinancial: any; isSensitive: any; user: any; } | { oldValue: Prisma.JsonValue; newValue: Prisma.JsonValue; retentionYears: number; changes: any; sessionId: any; traceId: any; requestId: any; deviceId: any; geoLocation: any; businessType: any; businessKey: any; errorMessage: any; previousHash: any; currentHash: any; signature: any; createdAt: any; archivedAt: any; id: any; region: any; tenantId: any; who: any; what: any; when: any; where: any; why: any; how: any; module: any; action: any; entityType: any; entityId: any; userId: any; ipAddress: any; userAgent: any; status: any; duration: any; riskLevel: any; complianceLevel: any; isFinancial: any; isSensitive: any; user: any; })[]; summary: { total: number; byAction: { [k: string]: number; }; byModule: { [k: string]: number; }; }; total: number; page: number; limit: number; totalPages: number; hasNext: boolean; hasPrev: boolean; }>; private getFinancialSummary; getSensitiveLogs(region: string, tenantId: string, filters?: { startDate?: Date; endDate?: Date; userId?: string; action?: AuditAction; riskLevel?: RiskLevel; page?: number; limit?: number; }): Promise<{ items: ({ mfaVerified: boolean; deviceId: string | null; geoLocation: string | null; requiresApproval: boolean; approvedBy: string | null; approvalTime: string | undefined; id: any; region: any; tenantId: any; who: any; what: any; when: any; where: any; why: any; how: any; module: any; action: any; entityType: any; entityId: any; userId: any; ipAddress: any; userAgent: any; status: any; duration: any; riskLevel: any; complianceLevel: any; isFinancial: any; isSensitive: any; user: any; } | { mfaVerified: boolean; deviceId: string | null; geoLocation: string | null; requiresApproval: boolean; approvedBy: string | null; approvalTime: string | undefined; oldValue: any; newValue: any; changes: any; sessionId: any; traceId: any; requestId: any; businessType: any; businessKey: any; errorMessage: any; previousHash: any; currentHash: any; signature: any; createdAt: any; archivedAt: any; retentionYears: any; id: any; region: any; tenantId: any; who: any; what: any; when: any; where: any; why: any; how: any; module: any; action: any; entityType: any; entityId: any; userId: any; ipAddress: any; userAgent: any; status: any; duration: any; riskLevel: any; complianceLevel: any; isFinancial: any; isSensitive: any; user: any; })[]; total: number; page: number; limit: number; totalPages: number; hasNext: boolean; hasPrev: boolean; }>; getByTraceId(traceId: string, region: string, tenantId: string): Promise<{ traceId: string; logs: { id: string; action: import("@prisma/client").$Enums.AuditAction; module: string; when: string; duration: number | null; status: import("@prisma/client").$Enums.AuditStatus; errorMessage: string | null; }[]; totalDuration: number; }>; getStatistics(region: string, tenantId: string, startDate: Date, endDate: Date, filters?: { module?: string; userId?: string; }): Promise<{ period: { start: string; end: string; }; summary: { total: number; success: number; failed: number; financial: number; sensitive: number; }; byModule: { module: string; count: number; successRate: number; }[]; byAction: { action: import("@prisma/client").$Enums.AuditAction; count: number; }[]; byDay: { date: string; count: number; }[]; }>; private getStatisticsByDay; verifyIntegrity(region: string, tenantId: string, startDate?: Date, endDate?: Date): Promise<{ verified: boolean; totalRecords: number; passCount: number; failCount: number; failures: { logId: string; type: "HASH_CHAIN_BROKEN" | "HASH_MISMATCH" | "INVALID_GENESIS" | "SIGNATURE_INVALID"; message: string; expectedHash: string | undefined; actualHash: string | undefined; }[]; verifiedAt: string; duration: number; }>; estimateExportCount(region: string, tenantId: string, startDate: Date, endDate: Date, filters?: any): Promise; private integrityJobs; dailyIntegrityCheck(): Promise; weeklyIntegrityCheck(): Promise; cleanupOldIntegrityJobs(): Promise; triggerAsyncIntegrityCheck(region: string, tenantId: string, options?: { startDate?: Date; endDate?: Date; scope?: 'ALL' | 'FINANCIAL_ONLY' | 'SENSITIVE_ONLY' | 'HIGH_RISK_ONLY'; }): Promise; getIntegrityJobStatus(jobId: string, region: string, tenantId: string): Promise; private executeAsyncIntegrityCheck; private runScheduledIntegrityCheck; private getActiveTenants; exportLogs(region: string, tenantId: string, startDate: Date, endDate: Date, filters?: any, fields?: string[]): Promise; private formatAuditLog; }