refactor: Rename audit_trails module to main and update locking configuration structure

itsyaasir · itsyaasir · commit bc512d842caf · 2025-12-22T15:36:44.000+03:00
diff --git a/audit-trails-move/sources/audit_trails.move b/audit-trails-move/sources/audit_trails.move
@@ -7,7 +7,7 @@
 /// references its predecessor, ensuring verifiable continuity and integrity.
 ///
 /// Records are addressed by trail_id + sequence_number
-module audit_trails::audit_trails;
+module audit_trails::main;
 
 use audit_trails::capabilities::{Self, Capability};
 use audit_trails::locking::{Self, LockingConfig};
@@ -47,7 +47,7 @@ public struct AuditTrail<D: store + copy> has key, store {
     /// Deletion locking rules
     locking_config: LockingConfig,
     /// Role name -> set of permissions (TODO: implement)
-    permissions: VecMap<String, VecSet<Permission>>,
+    roles: VecMap<String, VecSet<Permission>>,
     /// Set at creation, cannot be changed
     immutable_metadata: TrailImmutableMetadata,
     /// Can be updated by holders of MetadataUpdate permission
@@ -140,7 +140,7 @@ public fun create<D: store + copy>(
         record_count,
         records,
         locking_config,
-        permissions: vec_map::empty(),
+        roles: vec_map::empty(),
         immutable_metadata: trail_metadata,
         updatable_metadata,
         issued_capabilities: iota::vec_set::empty(),
diff --git a/audit-trails-move/sources/locking.move b/audit-trails-move/sources/locking.move
@@ -2,102 +2,159 @@
 // SPDX-License-Identifier: Apache-2.0
 
 /// Locking configuration for audit trail records
-///
-/// Controls when records can be deleted based on time window (records locked for N seconds)
-/// or count window (last N records always locked).
 module audit_trails::locking;
 
-/// Controls when records can be deleted (time OR count based)
-public struct LockingConfig has copy, drop, store {
+/// Defines a locking window (time OR count based)
+public struct LockingWindow has copy, drop, store {
     /// Records locked for N seconds after creation
     time_window_seconds: Option<u64>,
     /// Last N records are always locked
     count_window: Option<u64>,
 }
 
-// ===== Constructors =====
+/// Top-level locking configuration for the audit trail
+public struct LockingConfig has copy, drop, store {
+    /// Locking rules for record deletion
+    delete_record_lock: LockingWindow,
+}
+
+// ===== LockingWindow Constructors =====
 
-/// Create a new locking configuration
+/// Create a new locking window
 ///
 /// - `time_window_seconds`: Records are locked for N seconds after creation (None = no time lock)
 /// - `count_window`: Last N records are always locked (None = no count lock)
-public fun new(time_window_seconds: Option<u64>, count_window: Option<u64>): LockingConfig {
-    LockingConfig { time_window_seconds, count_window }
+public fun new_window(time_window_seconds: Option<u64>, count_window: Option<u64>): LockingWindow {
+    LockingWindow { time_window_seconds, count_window }
+}
+
+/// Create a locking window with no restrictions
+public fun window_none(): LockingWindow {
+    LockingWindow {
+        time_window_seconds: option::none(),
+        count_window: option::none(),
+    }
+}
+
+/// Create a time-based locking window
+public fun window_time_based(seconds: u64): LockingWindow {
+    LockingWindow {
+        time_window_seconds: option::some(seconds),
+        count_window: option::none(),
+    }
+}
+
+/// Create a count-based locking window
+public fun window_count_based(count: u64): LockingWindow {
+    LockingWindow {
+        time_window_seconds: option::none(),
+        count_window: option::some(count),
+    }
+}
+
+// ===== LockingConfig Constructors =====
+
+/// Create a new locking configuration
+public fun new(delete_record_lock: LockingWindow): LockingConfig {
+    LockingConfig { delete_record_lock }
 }
 
 /// Create a locking config with no restrictions
 public fun none(): LockingConfig {
     LockingConfig {
-        time_window_seconds: option::none(),
-        count_window: option::none(),
+        delete_record_lock: window_none(),
     }
 }
 
-/// Create a time-based locking config
+/// Create a locking config with time-based record deletion lock
 public fun time_based(seconds: u64): LockingConfig {
     LockingConfig {
-        time_window_seconds: option::some(seconds),
-        count_window: option::none(),
+        delete_record_lock: window_time_based(seconds),
     }
 }
 
-/// Create a count-based locking config
+/// Create a locking config with count-based record deletion lock
 public fun count_based(count: u64): LockingConfig {
     LockingConfig {
-        time_window_seconds: option::none(),
-        count_window: option::some(count),
+        delete_record_lock: window_count_based(count),
     }
 }
 
-// ===== Getters =====
+// ===== LockingWindow Getters =====
 
 /// Get the time window in seconds (if set)
-public fun time_window_seconds(config: &LockingConfig): &Option<u64> {
-    &config.time_window_seconds
+public fun time_window_seconds(window: &LockingWindow): &Option<u64> {
+    &window.time_window_seconds
 }
 
 /// Get the count window (if set)
-public fun count_window(config: &LockingConfig): &Option<u64> {
-    &config.count_window
+public fun count_window(window: &LockingWindow): &Option<u64> {
+    &window.count_window
 }
 
-// ===== Locking Logic =====
+// ===== LockingConfig Getters =====
+
+/// Get the record deletion locking window
+public fun delete_record_lock(config: &LockingConfig): &LockingWindow {
+    &config.delete_record_lock
+}
+
+// ===== Locking Logic (LockingWindow) =====
 
 /// Check if a record is locked based on time window
 ///
 /// Returns true if the record was created within the time window
-public fun is_time_locked(config: &LockingConfig, record_timestamp: u64, current_time: u64): bool {
-    if (config.time_window_seconds.is_none()) {
+public fun is_time_locked(window: &LockingWindow, record_timestamp: u64, current_time: u64): bool {
+    if (window.time_window_seconds.is_none()) {
         return false
     };
 
-    let time_window_ms = (*config.time_window_seconds.borrow()) * 1000;
+    let time_window_ms = (*window.time_window_seconds.borrow()) * 1000;
     let record_age = current_time - record_timestamp;
     record_age < time_window_ms
 }
 
 /// Check if a record is locked based on count window
 ///
 /// Returns true if the record is among the last N records
-public fun is_count_locked(config: &LockingConfig, sequence_number: u64, total_records: u64): bool {
-    if (config.count_window.is_none()) {
+public fun is_count_locked(window: &LockingWindow, sequence_number: u64, total_records: u64): bool {
+    if (window.count_window.is_none()) {
         return false
     };
 
-    let count_window = *config.count_window.borrow();
+    let count_window = *window.count_window.borrow();
 
     let records_after = total_records - sequence_number - 1;
     records_after < count_window
 }
 
-/// Check if a record is locked (either by time or count)
+/// Check if a record is locked by a window (either by time or count)
+public fun is_window_locked(
+    window: &LockingWindow,
+    sequence_number: u64,
+    record_timestamp: u64,
+    total_records: u64,
+    current_time: u64,
+): bool {
+    is_time_locked(window, record_timestamp, current_time)
+        || is_count_locked(window, sequence_number, total_records)
+}
+
+// ===== Locking Logic (LockingConfig) =====
+
+/// Check if a record is locked for deletion
 public fun is_locked(
     config: &LockingConfig,
     sequence_number: u64,
     record_timestamp: u64,
     total_records: u64,
     current_time: u64,
 ): bool {
-    is_time_locked(config, record_timestamp, current_time)
-        || is_count_locked(config, sequence_number, total_records)
+    is_window_locked(
+        &config.delete_record_lock,
+        sequence_number,
+        record_timestamp,
+        total_records,
+        current_time,
+    )
 }
