Phase 7 Task 3: 数据安全与合规

- 创建 security_manager.py 安全模块
  - SecurityManager: 安全管理主类
  - 审计日志系统 - 记录所有数据操作
  - 端到端加密 - AES-256-GCM 加密项目数据
  - 数据脱敏 - 支持手机号、邮箱、身份证等敏感信息脱敏
  - 数据访问策略 - 基于用户、角色、IP、时间的访问控制
  - 访问审批流程 - 敏感数据访问需要审批

- 更新 schema.sql 添加安全相关数据库表
  - audit_logs: 审计日志表
  - encryption_configs: 加密配置表
  - masking_rules: 脱敏规则表
  - data_access_policies: 数据访问策略表
  - access_requests: 访问请求表

- 更新 main.py 添加安全相关 API 端点
  - GET /api/v1/audit-logs - 查询审计日志
  - GET /api/v1/audit-logs/stats - 审计统计
  - POST /api/v1/projects/{id}/encryption/enable - 启用加密
  - POST /api/v1/projects/{id}/encryption/disable - 禁用加密
  - POST /api/v1/projects/{id}/encryption/verify - 验证密码
  - GET /api/v1/projects/{id}/encryption - 获取加密配置
  - POST /api/v1/projects/{id}/masking-rules - 创建脱敏规则
  - GET /api/v1/projects/{id}/masking-rules - 获取脱敏规则
  - PUT /api/v1/masking-rules/{id} - 更新脱敏规则
  - DELETE /api/v1/masking-rules/{id} - 删除脱敏规则
  - POST /api/v1/projects/{id}/masking/apply - 应用脱敏
  - POST /api/v1/projects/{id}/access-policies - 创建访问策略
  - GET /api/v1/projects/{id}/access-policies - 获取访问策略
  - POST /api/v1/access-policies/{id}/check - 检查访问权限
  - POST /api/v1/access-requests - 创建访问请求
  - POST /api/v1/access-requests/{id}/approve - 批准访问
  - POST /api/v1/access-requests/{id}/reject - 拒绝访问

- 更新 requirements.txt 添加 cryptography 依赖

- 更新 STATUS.md 和 README.md 记录完成状态

backend/requirements.txt

@@ -50,3 +50,6 @@ urllib3==2.2.0
 # Phase 7: Plugin & Integration
 beautifulsoup4==4.12.3
 webdavclient3==3.14.6
+
+# Phase 7 Task 3: Security & Compliance
+cryptography==42.0.0

backend/schema.sql

@@ -539,3 +539,97 @@ CREATE INDEX IF NOT EXISTS idx_webdav_syncs_plugin ON webdav_syncs(plugin_id);
 CREATE INDEX IF NOT EXISTS idx_plugin_logs_plugin ON plugin_activity_logs(plugin_id);
 CREATE INDEX IF NOT EXISTS idx_plugin_logs_type ON plugin_activity_logs(activity_type);
 CREATE INDEX IF NOT EXISTS idx_plugin_logs_created ON plugin_activity_logs(created_at);
+
+-- ============================================
+-- Phase 7 Task 3: 数据安全与合规
+-- ============================================
+
+-- 审计日志表
+CREATE TABLE IF NOT EXISTS audit_logs (
+    id TEXT PRIMARY KEY,
+    action_type TEXT NOT NULL,  -- create, read, update, delete, login, export, etc.
+    user_id TEXT,
+    user_ip TEXT,
+    user_agent TEXT,
+    resource_type TEXT,  -- project, entity, transcript, api_key, etc.
+    resource_id TEXT,
+    action_details TEXT,  -- JSON: 详细操作信息
+    before_value TEXT,  -- 变更前的值
+    after_value TEXT,  -- 变更后的值
+    success INTEGER DEFAULT 1,  -- 0 = 失败, 1 = 成功
+    error_message TEXT,
+    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
+);
+
+-- 加密配置表
+CREATE TABLE IF NOT EXISTS encryption_configs (
+    id TEXT PRIMARY KEY,
+    project_id TEXT NOT NULL,
+    is_enabled INTEGER DEFAULT 0,
+    encryption_type TEXT DEFAULT 'aes-256-gcm',  -- aes-256-gcm, chacha20-poly1305
+    key_derivation TEXT DEFAULT 'pbkdf2',  -- pbkdf2, argon2
+    master_key_hash TEXT,  -- 主密钥哈希（用于验证）
+    salt TEXT,  -- 密钥派生盐值
+    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+    updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+    FOREIGN KEY (project_id) REFERENCES projects(id)
+);
+
+-- 脱敏规则表
+CREATE TABLE IF NOT EXISTS masking_rules (
+    id TEXT PRIMARY KEY,
+    project_id TEXT NOT NULL,
+    name TEXT NOT NULL,
+    rule_type TEXT NOT NULL,  -- phone, email, id_card, bank_card, name, address, custom
+    pattern TEXT NOT NULL,  -- 正则表达式
+    replacement TEXT NOT NULL,  -- 替换模板
+    is_active INTEGER DEFAULT 1,
+    priority INTEGER DEFAULT 0,
+    description TEXT,
+    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+    updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+    FOREIGN KEY (project_id) REFERENCES projects(id)
+);
+
+-- 数据访问策略表
+CREATE TABLE IF NOT EXISTS data_access_policies (
+    id TEXT PRIMARY KEY,
+    project_id TEXT NOT NULL,
+    name TEXT NOT NULL,
+    description TEXT,
+    allowed_users TEXT,  -- JSON array: 允许访问的用户ID列表
+    allowed_roles TEXT,  -- JSON array: 允许的角色列表
+    allowed_ips TEXT,  -- JSON array: 允许的IP模式列表
+    time_restrictions TEXT,  -- JSON: {"start_time": "09:00", "end_time": "18:00", "days_of_week": [0,1,2,3,4]}
+    max_access_count INTEGER,  -- 最大访问次数限制
+    require_approval INTEGER DEFAULT 0,  -- 是否需要审批
+    is_active INTEGER DEFAULT 1,
+    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+    updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+    FOREIGN KEY (project_id) REFERENCES projects(id)
+);
+
+-- 访问请求表（用于需要审批的访问）
+CREATE TABLE IF NOT EXISTS access_requests (
+    id TEXT PRIMARY KEY,
+    policy_id TEXT NOT NULL,
+    user_id TEXT NOT NULL,
+    request_reason TEXT,
+    status TEXT DEFAULT 'pending',  -- pending, approved, rejected, expired
+    approved_by TEXT,
+    approved_at TIMESTAMP,
+    expires_at TIMESTAMP,
+    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+    FOREIGN KEY (policy_id) REFERENCES data_access_policies(id)
+);
+
+-- 数据安全相关索引
+CREATE INDEX IF NOT EXISTS idx_audit_logs_user ON audit_logs(user_id);
+CREATE INDEX IF NOT EXISTS idx_audit_logs_resource ON audit_logs(resource_type, resource_id);
+CREATE INDEX IF NOT EXISTS idx_audit_logs_action ON audit_logs(action_type);
+CREATE INDEX IF NOT EXISTS idx_audit_logs_created ON audit_logs(created_at);
+CREATE INDEX IF NOT EXISTS idx_encryption_project ON encryption_configs(project_id);
+CREATE INDEX IF NOT EXISTS idx_masking_project ON masking_rules(project_id);
+CREATE INDEX IF NOT EXISTS idx_access_policy_project ON data_access_policies(project_id);
+CREATE INDEX IF NOT EXISTS idx_access_requests_policy ON access_requests(policy_id);
+CREATE INDEX IF NOT EXISTS idx_access_requests_user ON access_requests(user_id);