1  package daemon
 2  
 3  import (
 4  	"encoding/json"
 5  	"fmt"
 6  	"time"
 7  
 8  	"github.com/Kocoro-lab/ShanClaw/internal/audit"
 9  )
10  
11  // memoryAuditAdapter bridges the memory package's AuditLogger interface to
12  // the daemon's *audit.AuditLogger (which writes AuditEntry rows). The adapter
13  // never inspects field values — it is the memory package's responsibility to
14  // keep API key bytes out of the payload (see internal/memory/audit_test.go
15  // privacy invariant). Mirrors the syncAuditAdapter pattern in server.go.
16  type memoryAuditAdapter struct {
17  	logger *audit.AuditLogger
18  }
19  
20  func (a memoryAuditAdapter) Log(event string, fields map[string]any) {
21  	if a.logger == nil {
22  		return
23  	}
24  	// Render fields as a stable, compact string. JSON gives us deterministic
25  	// formatting and is already what the rest of audit.log uses.
26  	var summary string
27  	if data, err := json.Marshal(fields); err == nil {
28  		summary = string(data)
29  	} else {
30  		summary = fmt.Sprintf("%v", fields)
31  	}
32  	a.logger.Log(audit.AuditEntry{
33  		Timestamp:    time.Now(),
34  		ToolName:     event,
35  		InputSummary: summary,
36  		Decision:     "logged",
37  		Approved:     true,
38  	})
39  }