Shipflash logoDocs

Compliance

Compliance gives operators security, RBAC, audit-log, and retention views without mixing them into unrelated modules.

On this page

Where to look

AreaPaths
Routessrc/app/(dashboard)/admin/security, src/app/(dashboard)/admin/audit-log
Security overviewsrc/features/compliance/server/security/queries.ts
Permission matrixsrc/features/compliance/server/permissions/matrix-query.ts
Auditsrc/features/compliance/server/audit/query.ts, redaction.ts, descriptions.ts, values.ts
Retentionsrc/features/compliance/server/retention/service.ts
Sharedsrc/features/compliance/shared/types.ts, formatters.ts
UIsrc/features/compliance/ui/security-dashboard.tsx, audit-log-client.tsx

Code-backed compliance map

Security and audit surfaces

Admin pages render security overview, permission matrix, audit log, and retention status.

  • src/app/(dashboard)/admin/security/page.tsx
  • src/app/(dashboard)/admin/audit-log/page.tsx
  • src/features/compliance/ui/security-dashboard.tsx
  • src/features/compliance/ui/audit-log-client.tsx

Compliance reads

Security, permission, and audit queries keep admin reporting server-owned and role-aware.

  • src/features/compliance/server/security/queries.ts
  • src/features/compliance/server/permissions/matrix-query.ts
  • src/features/compliance/server/audit/query.ts

Redaction and retention

Audit redaction and retention services preserve useful context without exposing sensitive payloads.

  • src/features/compliance/server/audit/redaction.ts
  • src/features/compliance/server/audit/descriptions.ts
  • src/features/compliance/server/retention/service.ts

Compliance reporting flow

  1. 1

    Gate admin routes

    Security and audit surfaces should only render after server-side access checks.

    • src/app/(dashboard)/admin/security/page.tsx
    • src/lib/auth/guards/route.ts
  2. 2

    Read security and permission state

    Dashboard cards and permission matrix exports are assembled from compliance-owned server queries.

    • src/features/compliance/server/security/queries.ts
    • src/features/compliance/server/permissions/matrix-query.ts
  3. 3

    Redact audit fields by role

    Audit descriptions, values, and redaction helpers keep logs useful without exposing raw sensitive payloads.

    • src/features/compliance/server/audit/query.ts
    • src/features/compliance/server/audit/redaction.ts
    • src/features/compliance/server/audit/values.ts
  4. 4

    Run retention as protected work

    Retention cleanup is handled by the compliance service behind the protected cron route.

    • src/features/compliance/server/retention/service.ts

Audit redaction branch

Source: src/features/compliance/server/audit/redaction.ts

Profile audit entries preserve role changes but remove raw metadata and sensitive state.

ts
if (entry.entityType === "profile") {
  return {
    ...entry,
    actorEmail: maskedActorEmail,
    targetLabel: maskedTargetLabel,
    description: maskedDescription,
    metadata: {},
    beforeState: pickObjectKeys(entry.beforeState, ["role"]),
    afterState: pickObjectKeys(entry.afterState, ["role"]),
    redacted: true,
  };
}

Compliance rules

  • Keep admin-only pages behind server-side role checks.
  • Do not log secrets, raw tokens, or full provider payloads.
  • Preserve stable identifiers in audit entries.
  • Treat retention work as operational work and make it easy to verify.