azaharizaman/nexus-compliance 问题修复 & 功能扩展

解决BUG、新增功能、兼容多环境部署,快速响应你的开发需求

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

azaharizaman/nexus-compliance

Composer 安装命令:

composer require azaharizaman/nexus-compliance

包简介

Operational compliance engine for enforcing business rules, SOD (Segregation of Duties), and compliance scheme requirements

README 文档

README

Operational compliance engine for enforcing business rules, SOD (Segregation of Duties), and compliance scheme requirements (ISO 14001, SOX, GDPR, etc.).

Overview

The Compliance package provides a framework-agnostic engine for managing compliance schemes and enforcing Segregation of Duties (SOD) rules across business transactions. It is designed to integrate with various ERP modules to ensure regulatory compliance and internal controls.

Features

  • Compliance Scheme Management: Activate, deactivate, and configure compliance schemes (ISO 14001, SOX, GDPR, HIPAA, PCI_DSS)
  • SOD Rule Engine: Define and enforce segregation of duties rules
  • Violation Tracking: Log and monitor compliance violations
  • Configuration Auditing: Validate required features and settings
  • Multi-Severity Levels: Critical, High, Medium, Low
  • Framework-Agnostic: Pure PHP with no Laravel dependencies

Installation

composer require azaharizaman/nexus-compliance

Architecture

This package follows the Nexus architecture principles:

  • Framework-Agnostic: No Laravel dependencies in core services
  • Contract-Driven: All external dependencies defined via interfaces
  • Value Objects: Immutable objects for domain concepts (SeverityLevel)
  • Repository Pattern: Persistence abstraction via repository interfaces

Package Structure

packages/Compliance/
├── composer.json
├── LICENSE
├── README.md
└── src/
    ├── Contracts/                    # Interfaces
    │   ├── ComplianceManagerInterface.php
    │   ├── ComplianceSchemeInterface.php
    │   ├── ComplianceSchemeRepositoryInterface.php
    │   ├── SodManagerInterface.php
    │   ├── SodRuleInterface.php
    │   ├── SodRuleRepositoryInterface.php
    │   ├── SodViolationInterface.php
    │   └── SodViolationRepositoryInterface.php
    ├── Services/                     # Business logic
    │   ├── ComplianceManager.php
    │   └── SodManager.php
    ├── ValueObjects/                 # Immutable domain objects
    │   └── SeverityLevel.php
    └── Exceptions/                   # Domain exceptions
        ├── DuplicateRuleException.php
        ├── InvalidSchemeException.php
        ├── RuleNotFoundException.php
        ├── SchemeAlreadyActiveException.php
        ├── SchemeNotFoundException.php
        └── SodViolationException.php

Usage

Compliance Scheme Management

use Nexus\Compliance\Services\ComplianceManager;

// Activate a compliance scheme
$schemeId = $complianceManager->activateScheme(
    tenantId: 'tenant-123',
    schemeName: 'ISO14001',
    configuration: [
        'audit_frequency' => 'quarterly',
        'enable_environmental_tracking' => true,
    ]
);

// Check if scheme is active
$isActive = $complianceManager->isSchemeActive('tenant-123', 'ISO14001');

// Get all active schemes
$activeSchemes = $complianceManager->getActiveSchemes('tenant-123');

// Deactivate a scheme
$complianceManager->deactivateScheme('tenant-123', 'ISO14001');

SOD Rule Management

use Nexus\Compliance\Services\SodManager;
use Nexus\Compliance\ValueObjects\SeverityLevel;

// Create a SOD rule
$ruleId = $sodManager->createRule(
    tenantId: 'tenant-123',
    ruleName: 'Purchase Order Approval',
    transactionType: 'purchase_order',
    severityLevel: SeverityLevel::CRITICAL,
    creatorRole: 'purchaser',
    approverRole: 'manager'
);

// Validate a transaction
try {
    $sodManager->validateTransaction(
        tenantId: 'tenant-123',
        transactionType: 'purchase_order',
        creatorId: 'user-001',
        approverId: 'user-002'
    );
} catch (SodViolationException $e) {
    // Handle violation
    echo $e->getMessage();
}

// Get all violations
$violations = $sodManager->getViolations(
    tenantId: 'tenant-123',
    from: new DateTimeImmutable('2025-01-01'),
    to: new DateTimeImmutable('2025-12-31')
);

Supported Compliance Schemes

  • ISO14001: Environmental Management System
  • SOX: Sarbanes-Oxley Act (financial controls)
  • GDPR: General Data Protection Regulation
  • HIPAA: Health Insurance Portability and Accountability Act
  • PCI_DSS: Payment Card Industry Data Security Standard

Severity Levels

use Nexus\Compliance\ValueObjects\SeverityLevel;

SeverityLevel::CRITICAL;  // Priority: 4, Requires immediate action
SeverityLevel::HIGH;      // Priority: 3, Requires immediate action
SeverityLevel::MEDIUM;    // Priority: 2
SeverityLevel::LOW;       // Priority: 1

Integration with Applications

This package defines contracts that must be implemented by the consuming application:

  1. Repository Implementations: Implement all repository interfaces with Eloquent models
  2. Entity Implementations: Implement all entity interfaces
  3. Database Migrations: Create required tables in application layer
  4. Service Provider Bindings: Bind interfaces to implementations in IoC container

Required Tables (Application Layer)

-- Compliance schemes
compliance_schemes (id, tenant_id, scheme_name, is_active, activated_at, configuration, created_at, updated_at)

-- SOD rules
sod_rules (id, tenant_id, rule_name, transaction_type, severity_level, creator_role, approver_role, is_active, created_at, updated_at)

-- SOD violations
sod_violations (id, tenant_id, rule_id, transaction_id, transaction_type, creator_id, approver_id, violated_at, created_at)

Dependencies

  • PHP: ^8.3
  • psr/log: ^3.0 (for logging interface)

Development

Running Tests

composer test

Code Style

This package follows PSR-12 coding standards.

License

MIT License. See LICENSE file for details.

Contributing

Contributions are welcome! Please follow the Nexus architecture principles:

  1. Keep the package framework-agnostic
  2. Define all dependencies via interfaces
  3. Use immutable Value Objects for domain concepts
  4. Place all business logic in services
  5. No database access or migrations in this package

Documentation

Comprehensive documentation is available in the docs/ directory:

Additional Resources

Support

For issues, questions, or contributions, please refer to the main Nexus monorepo documentation.

azaharizaman/nexus-compliance 适用场景与选型建议

azaharizaman/nexus-compliance 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 2 次下载、GitHub Stars 达 0, 最近一次更新时间为 2026 年 05 月 04 日, 在 PHP 生态内属于活跃度较高的组件。

我们在过去多个企业项目中使用过 azaharizaman/nexus-compliance 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。

围绕 azaharizaman/nexus-compliance 我们能提供哪些服务?
定制开发 / 二次开发

基于 azaharizaman/nexus-compliance 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。

BUG 修复 & 性能优化

线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。

项目外包 & 长期维护

承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。

yvsm@zunyunkeji.com QQ:316430983 微信:yvsm316 西安尊云信息科技 · 专注 PHP / Go / 分布式系统研发

统计信息

  • 总下载量: 2
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 0
  • 点击次数: 31
  • 依赖项目数: 2
  • 推荐数: 0

GitHub 信息

  • Stars: 0
  • Watchers: 0
  • Forks: 0
  • 开发语言: PHP

其他信息

  • 授权协议: MIT
  • 更新时间: 2026-05-04