68 lines
2.4 KiB
TypeScript
68 lines
2.4 KiB
TypeScript
import {
|
|
buildAuditPayload,
|
|
buildComputedSnapshotPayload,
|
|
computePayloadHash,
|
|
createSqlClient,
|
|
getSnapshotDocumentData,
|
|
getSnapshotTemplateInput,
|
|
summarizeIssues,
|
|
writeAuditArtifact
|
|
} from './pdf-audit-utils.ts';
|
|
|
|
async function main() {
|
|
const sql = createSqlClient();
|
|
|
|
try {
|
|
const payload = await buildAuditPayload(sql);
|
|
const computedSnapshot = buildComputedSnapshotPayload(payload, {
|
|
generatedAt: 'audit-generated',
|
|
generatedBy: 'audit-suite'
|
|
});
|
|
const storedTemplateInput = getSnapshotTemplateInput(payload.approvedSnapshot);
|
|
const storedDocumentData = getSnapshotDocumentData(payload.approvedSnapshot);
|
|
const comparableKeys = storedTemplateInput
|
|
? Object.keys(computedSnapshot.templateInput).filter((key) => key in storedTemplateInput)
|
|
: [];
|
|
const inconsistentTemplateKeys = storedTemplateInput
|
|
? comparableKeys.filter(
|
|
(key) =>
|
|
JSON.stringify(computedSnapshot.templateInput[key]) !==
|
|
JSON.stringify(storedTemplateInput[key])
|
|
)
|
|
: [];
|
|
const computedSignatureHash = computePayloadHash(
|
|
(computedSnapshot.documentData.signatures as Record<string, unknown>) ?? {}
|
|
);
|
|
const storedSignatureHash = storedDocumentData
|
|
? computePayloadHash((storedDocumentData.signatures as Record<string, unknown>) ?? {})
|
|
: null;
|
|
const status = summarizeIssues([
|
|
payload.approvedSnapshot ? 'PASS' : 'WARNING',
|
|
inconsistentTemplateKeys.length ? 'FAIL' : 'PASS',
|
|
payload.approvedSnapshot && computedSignatureHash !== storedSignatureHash ? 'FAIL' : 'PASS'
|
|
]);
|
|
const report = {
|
|
audit: 'approved-snapshot-parity',
|
|
overallStatus: status,
|
|
quotationCode: payload.quotationCode,
|
|
approvedSnapshotAvailable: Boolean(payload.approvedSnapshot),
|
|
approvedTemplateVersionId: payload.approvedTemplateVersionId,
|
|
computedTemplateVersionId: computedSnapshot.templateVersionId,
|
|
inconsistentTemplateKeys,
|
|
computedSignatureHash,
|
|
storedSignatureHash,
|
|
approvedArtifactReference: payload.approvedArtifactReference
|
|
};
|
|
const artifactPath = await writeAuditArtifact('signature-audit-report.json', report);
|
|
|
|
console.log(JSON.stringify({ ...report, artifactPath }, null, 2));
|
|
} finally {
|
|
await sql.end({ timeout: 5 });
|
|
}
|
|
}
|
|
|
|
main().catch((error) => {
|
|
console.error(`[audit-approved-snapshot-parity] ${error.message}`);
|
|
process.exit(1);
|
|
});
|