@cullet/erp-core 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/KIT_CONTEXT.md +39 -0
- package/README.md +110 -0
- package/dist/errors/index.d.ts +2 -0
- package/dist/errors/index.js +3 -0
- package/dist/exceptions/validation-field.d.ts +2 -0
- package/dist/exceptions/validation-field.js +2 -0
- package/dist/gate-engine-registry.js +260 -0
- package/dist/gate-engine-registry.js.map +1 -0
- package/dist/gate-types.d.ts +307 -0
- package/dist/gate-v1-payload.schema.js +677 -0
- package/dist/gate-v1-payload.schema.js.map +1 -0
- package/dist/index.d.ts +88 -0
- package/dist/index.js +153 -0
- package/dist/index.js.map +1 -0
- package/dist/outcome.js +92 -0
- package/dist/outcome.js.map +1 -0
- package/dist/parse-gate-payload.d.ts +136 -0
- package/dist/policies/engines/index.d.ts +3 -0
- package/dist/policies/engines/index.js +2 -0
- package/dist/policies/engines/v1/gate/index.d.ts +115 -0
- package/dist/policies/engines/v1/gate/index.js +84 -0
- package/dist/policies/engines/v1/gate/index.js.map +1 -0
- package/dist/policies/index.d.ts +4 -0
- package/dist/policies/index.js +5 -0
- package/dist/policy-service.d.ts +541 -0
- package/dist/policy-service.js +992 -0
- package/dist/policy-service.js.map +1 -0
- package/dist/validation-code.js +210 -0
- package/dist/validation-code.js.map +1 -0
- package/dist/validation-error.d.ts +686 -0
- package/dist/validation-error.js +757 -0
- package/dist/validation-error.js.map +1 -0
- package/dist/validation-field.d.ts +12 -0
- package/dist/validation-field.js +23 -0
- package/dist/validation-field.js.map +1 -0
- package/meta.json +66 -0
- package/package.json +59 -0
- package/src/core/application/commands/command.ts +28 -0
- package/src/core/application/commands/index.ts +2 -0
- package/src/core/application/commands/requested-by.ts +97 -0
- package/src/core/application/index.ts +31 -0
- package/src/core/application/policy-error-mapper.ts +60 -0
- package/src/core/application/ports/index.ts +14 -0
- package/src/core/application/ports/logger.port.ts +10 -0
- package/src/core/application/ports/metrics.port.ts +9 -0
- package/src/core/application/ports/policy-port.ts +20 -0
- package/src/core/application/ports/repository.port.ts +7 -0
- package/src/core/application/ports/temporal-repository.port.ts +14 -0
- package/src/core/application/ports/tracer.port.ts +16 -0
- package/src/core/application/queries/index.ts +2 -0
- package/src/core/application/queries/query.ts +53 -0
- package/src/core/application/temporal/index.ts +11 -0
- package/src/core/application/temporal/temporal-context.ts +41 -0
- package/src/core/application/temporal/temporal-use-case.ts +41 -0
- package/src/core/application/use-case.ts +24 -0
- package/src/core/config/core-config.instance.ts +14 -0
- package/src/core/config/core-config.ts +87 -0
- package/src/core/config/index.ts +12 -0
- package/src/core/config/policy-reporter.ts +60 -0
- package/src/core/config/silent-policy-reporter.ts +5 -0
- package/src/core/domain/entity.ts +69 -0
- package/src/core/domain/rulesets/entity-ruleset.contracts.ts +16 -0
- package/src/core/domain/rulesets/ruleset-registry.ts +71 -0
- package/src/core/domain/rulesets/ruleset.contracts.ts +15 -0
- package/src/core/domain/rulesets/value-object-ruleset.contracts.ts +13 -0
- package/src/core/domain/temporal/index.ts +18 -0
- package/src/core/domain/temporal/temporal-range.ts +53 -0
- package/src/core/domain/temporal/temporal-snapshot.ts +47 -0
- package/src/core/domain/temporal/transaction-time.ts +60 -0
- package/src/core/domain/temporal/valid-time.ts +57 -0
- package/src/core/domain/value-object.ts +30 -0
- package/src/core/errors/app-error.ts +85 -0
- package/src/core/errors/authentication-error.ts +171 -0
- package/src/core/errors/authorization-error.ts +204 -0
- package/src/core/errors/business-rule-violation-error.ts +28 -0
- package/src/core/errors/conflict-error.ts +246 -0
- package/src/core/errors/error-codes.ts +60 -0
- package/src/core/errors/idempotency-error.ts +372 -0
- package/src/core/errors/index.ts +99 -0
- package/src/core/errors/integration-error.ts +157 -0
- package/src/core/errors/legacy-incompatible-error.ts +26 -0
- package/src/core/errors/not-found-error.ts +27 -0
- package/src/core/errors/serialization-error.ts +233 -0
- package/src/core/errors/temporal-error.ts +145 -0
- package/src/core/errors/types.ts +74 -0
- package/src/core/errors/unexpected-error.ts +22 -0
- package/src/core/errors/utils/index.ts +4 -0
- package/src/core/errors/utils/json-safe.ts +93 -0
- package/src/core/errors/validation-error.ts +34 -0
- package/src/core/exceptions/business-rule-violation-exception.ts +12 -0
- package/src/core/exceptions/domain-exception.ts +9 -0
- package/src/core/exceptions/entity-not-found-exception.ts +12 -0
- package/src/core/exceptions/invalid-state-transition-exception.ts +15 -0
- package/src/core/exceptions/invariant-violation-exception.ts +9 -0
- package/src/core/exceptions/validation-code.ts +39 -0
- package/src/core/exceptions/validation-exception.ts +39 -0
- package/src/core/exceptions/validation-field.ts +32 -0
- package/src/core/index.ts +15 -0
- package/src/core/policies/asof/asof.ts +68 -0
- package/src/core/policies/asof/index.ts +2 -0
- package/src/core/policies/catalog/catalog-types.ts +12 -0
- package/src/core/policies/catalog/catalog.instance.ts +21 -0
- package/src/core/policies/catalog/index.ts +11 -0
- package/src/core/policies/catalog/policy-catalog-entry.ts +220 -0
- package/src/core/policies/catalog/policy-catalog.ts +124 -0
- package/src/core/policies/catalog/policy-key.ts +78 -0
- package/src/core/policies/context/context-builder.ts +391 -0
- package/src/core/policies/context/context-registry.instance.ts +26 -0
- package/src/core/policies/context/context-registry.ts +95 -0
- package/src/core/policies/context/context-resolver.ts +31 -0
- package/src/core/policies/context/context-seed.ts +32 -0
- package/src/core/policies/context/index.ts +21 -0
- package/src/core/policies/context/path.ts +152 -0
- package/src/core/policies/defs/in-memory-policy-definition-repo.ts +73 -0
- package/src/core/policies/defs/index.ts +20 -0
- package/src/core/policies/defs/policy-definition-repository.ts +8 -0
- package/src/core/policies/defs/policy-definition.ts +192 -0
- package/src/core/policies/defs/policy-payload.contracts.ts +13 -0
- package/src/core/policies/defs/policy-scope.ts +53 -0
- package/src/core/policies/defs/policy-semver.ts +83 -0
- package/src/core/policies/engines/compute-engine-registry.ts +57 -0
- package/src/core/policies/engines/compute-evaluator-registry.ts +28 -0
- package/src/core/policies/engines/compute-payload.ts +5 -0
- package/src/core/policies/engines/compute-registry.ts +67 -0
- package/src/core/policies/engines/compute-types.ts +51 -0
- package/src/core/policies/engines/condition-evaluator-reporter.ts +34 -0
- package/src/core/policies/engines/gate-engine-registry.ts +38 -0
- package/src/core/policies/engines/gate-payload.ts +5 -0
- package/src/core/policies/engines/gate-types.ts +63 -0
- package/src/core/policies/engines/index.ts +48 -0
- package/src/core/policies/engines/parse-compute-payload.ts +71 -0
- package/src/core/policies/engines/parse-gate-payload.ts +68 -0
- package/src/core/policies/engines/v1/compute/compute-engine-v1.ts +55 -0
- package/src/core/policies/engines/v1/compute/compute-payload.schema.ts +75 -0
- package/src/core/policies/engines/v1/compute/index.ts +12 -0
- package/src/core/policies/engines/v1/compute/resolve-decision-table-v1.ts +54 -0
- package/src/core/policies/engines/v1/condition-evaluator.ts +592 -0
- package/src/core/policies/engines/v1/condition-schema.ts +50 -0
- package/src/core/policies/engines/v1/condition-types.ts +41 -0
- package/src/core/policies/engines/v1/gate/gate-engine-v1.ts +157 -0
- package/src/core/policies/engines/v1/gate/gate-types-v1.ts +12 -0
- package/src/core/policies/engines/v1/gate/gate-v1-payload.schema.ts +46 -0
- package/src/core/policies/engines/v1/gate/index.ts +9 -0
- package/src/core/policies/engines/v1/index.ts +13 -0
- package/src/core/policies/index.ts +132 -0
- package/src/core/policies/package/policy-package.ts +17 -0
- package/src/core/policies/policy-ids.ts +60 -0
- package/src/core/policies/resolver/index.ts +1 -0
- package/src/core/policies/resolver/policy-resolver.ts +57 -0
- package/src/core/policies/service/index.ts +10 -0
- package/src/core/policies/service/policy-evaluation-error.ts +148 -0
- package/src/core/policies/service/policy-service.ts +493 -0
- package/src/core/policies/utils/date.ts +7 -0
- package/src/core/policies/utils/hash.ts +90 -0
- package/src/core/policies/utils/index.ts +3 -0
- package/src/core/policies/utils/result.ts +4 -0
- package/src/core/result/outcome.ts +158 -0
- package/src/core/result/result.ts +153 -0
- package/src/core/shared/aggregate-version.ts +11 -0
- package/src/core/shared/hashing.ts +38 -0
- package/src/core/shared/immutable.ts +46 -0
- package/src/core/shared/temporal-guards.ts +22 -0
- package/src/core/versioning/domain-event-contracts.ts +73 -0
- package/src/core/versioning/version.ts +34 -0
- package/src/errors/index.ts +1 -0
- package/src/examples/rulesets/entity/order-creation-rules-v1.ts +31 -0
- package/src/examples/rulesets/entity/order-invariants-v1.ts +48 -0
- package/src/examples/rulesets/entity/order-invariants-v2.ts +28 -0
- package/src/examples/rulesets/entity/order.ts +162 -0
- package/src/examples/rulesets/value-object/cpf-rules-v1.ts +52 -0
- package/src/examples/rulesets/value-object/cpf-rules-v2.ts +27 -0
- package/src/examples/rulesets/value-object/cpf.ts +37 -0
- package/src/examples/rulesets/value-object/customer.ts +67 -0
- package/src/examples/rulesets/value-object/person-name-rules-v1.ts +37 -0
- package/src/examples/rulesets/value-object/person-name-rules-v2.ts +27 -0
- package/src/examples/rulesets/value-object/person-name.ts +39 -0
- package/src/exceptions/validation-field.ts +1 -0
- package/src/index.ts +11 -0
- package/src/policies/engines/index.ts +1 -0
- package/src/policies/engines/v1/gate/index.ts +1 -0
- package/src/policies/index.ts +1 -0
- package/src/version.ts +7 -0
|
@@ -0,0 +1,541 @@
|
|
|
1
|
+
import { C as TenantId, I as Result, S as SchoolId, b as PolicyDecisionId, g as CoreConfig, t as GateOutcome, u as GatePayload, x as PolicyDefinitionId, y as PolicyReporter } from "./gate-types.js";
|
|
2
|
+
import { _ as ComputePayload, c as ComputeRegistry, f as ComputeEvaluatorRegistration, p as ComputeOutcome, s as GateEngineRegistry } from "./parse-gate-payload.js";
|
|
3
|
+
|
|
4
|
+
//#region src/core/config/core-config.instance.d.ts
|
|
5
|
+
|
|
6
|
+
/**
|
|
7
|
+
* Shared instance for the application composition root.
|
|
8
|
+
* Use `new CoreConfig()` for isolated runtimes, tests, or multi-tenant hosts.
|
|
9
|
+
*
|
|
10
|
+
* The default reporter is silent so the core has no runtime logging dependency.
|
|
11
|
+
* Hosts can swap in their own `PolicyReporter` via
|
|
12
|
+
* `coreConfig.configure({ observability: { reporter } })`.
|
|
13
|
+
*/
|
|
14
|
+
declare const coreConfig: CoreConfig;
|
|
15
|
+
//#endregion
|
|
16
|
+
//#region src/core/policies/utils/hash.d.ts
|
|
17
|
+
/**
|
|
18
|
+
* Produces a deterministic SHA-256 hex digest of a canonical JSON representation.
|
|
19
|
+
* Object keys are sorted recursively so key order does not affect the hash.
|
|
20
|
+
* Array item order is preserved on purpose; callers that treat arrays as sets
|
|
21
|
+
* must normalize or sort them before hashing.
|
|
22
|
+
*
|
|
23
|
+
* Values that JSON.stringify would silently drop or coerce (undefined,
|
|
24
|
+
* non-finite numbers, functions, symbols, bigint) are rejected up-front to
|
|
25
|
+
* prevent semantically different payloads from collapsing to the same hash.
|
|
26
|
+
*/
|
|
27
|
+
declare class PolicyHashing {
|
|
28
|
+
static sha256(input: string): string;
|
|
29
|
+
private static assertHashable;
|
|
30
|
+
static canonicalJson(value: unknown): string;
|
|
31
|
+
static computePayloadHash(payload: unknown, policyKey: string, policyVersion: string): string;
|
|
32
|
+
}
|
|
33
|
+
//#endregion
|
|
34
|
+
//#region src/core/policies/catalog/catalog-types.d.ts
|
|
35
|
+
type PolicyKind = "GATE" | "COMPUTE";
|
|
36
|
+
type PolicyOwner = "PLATFORM_OWNER" | "TENANT_ADMIN" | "SCHOOL_ADMIN";
|
|
37
|
+
type PolicyScopeLevel = "GLOBAL" | "TENANT" | "SCHOOL";
|
|
38
|
+
/**
|
|
39
|
+
* Defines where the "as of" date comes from for a given policy.
|
|
40
|
+
*/
|
|
41
|
+
type AsOfSource = "NOW" | "CALLER_PROVIDED";
|
|
42
|
+
//#endregion
|
|
43
|
+
//#region src/core/policies/catalog/policy-key.d.ts
|
|
44
|
+
declare class PolicyKey {
|
|
45
|
+
readonly module: string;
|
|
46
|
+
readonly area: string;
|
|
47
|
+
readonly name: string;
|
|
48
|
+
private constructor();
|
|
49
|
+
static parse(raw: string): Result<PolicyKey, string>;
|
|
50
|
+
toString(): string;
|
|
51
|
+
equals(other: PolicyKey): boolean;
|
|
52
|
+
}
|
|
53
|
+
//#endregion
|
|
54
|
+
//#region src/core/policies/catalog/policy-catalog-entry.d.ts
|
|
55
|
+
/**
|
|
56
|
+
* Properties for creating a PolicyCatalogEntry.
|
|
57
|
+
*/
|
|
58
|
+
interface PolicyCatalogEntryProps {
|
|
59
|
+
readonly key: PolicyKey;
|
|
60
|
+
readonly kind: PolicyKind;
|
|
61
|
+
readonly gateEngineVersion?: number;
|
|
62
|
+
readonly computeEngineVersion?: number;
|
|
63
|
+
readonly payloadSchemaVersion?: number;
|
|
64
|
+
readonly owner: PolicyOwner;
|
|
65
|
+
readonly allowedScopes: readonly PolicyScopeLevel[];
|
|
66
|
+
readonly asOfSource: AsOfSource;
|
|
67
|
+
/** Paths the context must contain for this policy to be evaluable. */
|
|
68
|
+
readonly contextRequirements: readonly string[];
|
|
69
|
+
readonly tags?: readonly string[];
|
|
70
|
+
readonly description: string;
|
|
71
|
+
}
|
|
72
|
+
/**
|
|
73
|
+
* Represents a single entry in the Policy Catalog.
|
|
74
|
+
* Encapsulates metadata and validation logic for a policy.
|
|
75
|
+
*/
|
|
76
|
+
declare class PolicyCatalogEntry {
|
|
77
|
+
readonly key: PolicyKey;
|
|
78
|
+
readonly kind: PolicyKind;
|
|
79
|
+
readonly gateEngineVersion?: number;
|
|
80
|
+
readonly computeEngineVersion?: number;
|
|
81
|
+
readonly payloadSchemaVersion?: number;
|
|
82
|
+
readonly owner: PolicyOwner;
|
|
83
|
+
readonly allowedScopes: readonly PolicyScopeLevel[];
|
|
84
|
+
readonly asOfSource: AsOfSource;
|
|
85
|
+
readonly contextRequirements: readonly string[];
|
|
86
|
+
readonly tags: readonly string[];
|
|
87
|
+
readonly description: string;
|
|
88
|
+
constructor(props: PolicyCatalogEntryProps);
|
|
89
|
+
static assertFamilyConsistency(entries: readonly PolicyCatalogEntry[]): void;
|
|
90
|
+
static from(entry: PolicyCatalogEntry | PolicyCatalogEntryProps): PolicyCatalogEntry;
|
|
91
|
+
isGate(): boolean;
|
|
92
|
+
isCompute(): boolean;
|
|
93
|
+
allowsScope(scope: PolicyScopeLevel): boolean;
|
|
94
|
+
hasExplicitVersionSelector(): boolean;
|
|
95
|
+
matchesVersion(params: {
|
|
96
|
+
readonly kind: PolicyKind;
|
|
97
|
+
readonly gateEngineVersion?: number;
|
|
98
|
+
readonly computeEngineVersion?: number;
|
|
99
|
+
readonly payloadSchemaVersion?: number;
|
|
100
|
+
}): boolean;
|
|
101
|
+
toVariantKey(): string;
|
|
102
|
+
usesNowAsOf(): boolean;
|
|
103
|
+
usesCallerProvidedAsOf(): boolean;
|
|
104
|
+
requiresContext(path: string): boolean;
|
|
105
|
+
requiresAllContexts(paths: readonly string[]): boolean;
|
|
106
|
+
hasTag(tag: string): boolean;
|
|
107
|
+
equals(other: PolicyCatalogEntry): boolean;
|
|
108
|
+
toJSON(): PolicyCatalogEntryProps;
|
|
109
|
+
}
|
|
110
|
+
//#endregion
|
|
111
|
+
//#region src/core/policies/catalog/policy-catalog.d.ts
|
|
112
|
+
/**
|
|
113
|
+
* In-code catalog of all known policies.
|
|
114
|
+
* The catalog defines the universe of policies; the database cannot invent new ones.
|
|
115
|
+
*/
|
|
116
|
+
declare class PolicyCatalog {
|
|
117
|
+
private readonly versionedEntries;
|
|
118
|
+
private readonly entriesByKey;
|
|
119
|
+
constructor(entries: readonly PolicyCatalogEntry[]);
|
|
120
|
+
get(key: string): Result<PolicyCatalogEntry, string>;
|
|
121
|
+
getFamily(key: string): Result<readonly PolicyCatalogEntry[], string>;
|
|
122
|
+
getVersioned(params: {
|
|
123
|
+
readonly key: string;
|
|
124
|
+
readonly kind: "GATE" | "COMPUTE";
|
|
125
|
+
readonly gateEngineVersion?: number;
|
|
126
|
+
readonly computeEngineVersion?: number;
|
|
127
|
+
readonly payloadSchemaVersion?: number;
|
|
128
|
+
}): Result<PolicyCatalogEntry, string>;
|
|
129
|
+
list(): readonly PolicyCatalogEntry[];
|
|
130
|
+
has(key: string): boolean;
|
|
131
|
+
}
|
|
132
|
+
//#endregion
|
|
133
|
+
//#region src/core/policies/defs/policy-payload.contracts.d.ts
|
|
134
|
+
type AnyPolicyPayload = GatePayload | ComputePayload;
|
|
135
|
+
/**
|
|
136
|
+
* Payload type associated with a policy key.
|
|
137
|
+
*
|
|
138
|
+
* Intentionally NOT backed by global module augmentation: two modules registering
|
|
139
|
+
* different shapes for the same literal key would silently override each other and
|
|
140
|
+
* the last `declare module` wins. Per-key payload typing must be expressed
|
|
141
|
+
* explicitly at the definition site (see {@link PolicyDefinition} type params).
|
|
142
|
+
*/
|
|
143
|
+
//#endregion
|
|
144
|
+
//#region src/core/policies/defs/policy-scope.d.ts
|
|
145
|
+
/**
|
|
146
|
+
* Scope attached to a PolicyDefinition — defines where it applies.
|
|
147
|
+
*/
|
|
148
|
+
interface PolicyScope {
|
|
149
|
+
readonly level: PolicyScopeLevel;
|
|
150
|
+
readonly tenantId: TenantId | null;
|
|
151
|
+
readonly schoolId: SchoolId | null;
|
|
152
|
+
}
|
|
153
|
+
/**
|
|
154
|
+
* Ordered list of scopes from most-specific to least-specific.
|
|
155
|
+
* Used by the resolver to match definitions.
|
|
156
|
+
*
|
|
157
|
+
* Example:
|
|
158
|
+
* ```
|
|
159
|
+
* [
|
|
160
|
+
* { level: 'SCHOOL', tenantId: 't1', schoolId: 's1' },
|
|
161
|
+
* { level: 'TENANT', tenantId: 't1', schoolId: null },
|
|
162
|
+
* { level: 'GLOBAL', tenantId: null, schoolId: null },
|
|
163
|
+
* ]
|
|
164
|
+
* ```
|
|
165
|
+
*/
|
|
166
|
+
type ScopeChain = readonly PolicyScope[];
|
|
167
|
+
declare class PolicyScopeMatcher {
|
|
168
|
+
static weight(level: PolicyScopeLevel): number;
|
|
169
|
+
static matchesChain(defScope: PolicyScope, chain: ScopeChain): boolean;
|
|
170
|
+
static equals(a: PolicyScope, b: PolicyScope): boolean;
|
|
171
|
+
}
|
|
172
|
+
//#endregion
|
|
173
|
+
//#region src/core/policies/defs/policy-definition.d.ts
|
|
174
|
+
type PolicyDefinitionStatus = "DRAFT" | "PUBLISHED" | "RETIRED";
|
|
175
|
+
interface BasePolicyDefinitionProps<K extends string = string, P extends AnyPolicyPayload = AnyPolicyPayload> {
|
|
176
|
+
readonly id: PolicyDefinitionId;
|
|
177
|
+
readonly policyKey: K;
|
|
178
|
+
readonly policyVersion: string;
|
|
179
|
+
readonly payloadSchemaVersion: number;
|
|
180
|
+
readonly contextVersionMin: number;
|
|
181
|
+
readonly contextVersionMax: number;
|
|
182
|
+
readonly enabled: boolean;
|
|
183
|
+
readonly status: PolicyDefinitionStatus;
|
|
184
|
+
readonly scope: PolicyScope;
|
|
185
|
+
readonly effectiveFrom: Date;
|
|
186
|
+
readonly effectiveTo: Date | null;
|
|
187
|
+
readonly priority: number;
|
|
188
|
+
readonly payloadJson: P;
|
|
189
|
+
readonly payloadHash: string;
|
|
190
|
+
readonly createdAt: Date;
|
|
191
|
+
readonly publishedAt: Date | null;
|
|
192
|
+
}
|
|
193
|
+
interface GatePolicyDefinitionProps<K extends string = string, P extends AnyPolicyPayload = AnyPolicyPayload> extends BasePolicyDefinitionProps<K, P> {
|
|
194
|
+
readonly kind: "GATE";
|
|
195
|
+
readonly gateEngineVersion: number;
|
|
196
|
+
}
|
|
197
|
+
interface ComputePolicyDefinitionProps<K extends string = string, P extends AnyPolicyPayload = AnyPolicyPayload> extends BasePolicyDefinitionProps<K, P> {
|
|
198
|
+
readonly kind: "COMPUTE";
|
|
199
|
+
readonly computeEngineVersion: number;
|
|
200
|
+
}
|
|
201
|
+
type GatePolicyDefinitionInput<K extends string = string, P extends AnyPolicyPayload = AnyPolicyPayload> = Omit<GatePolicyDefinitionProps<K, P>, "kind" | "enabled"> & {
|
|
202
|
+
readonly enabled?: boolean;
|
|
203
|
+
};
|
|
204
|
+
type ComputePolicyDefinitionInput<K extends string = string, P extends AnyPolicyPayload = AnyPolicyPayload> = Omit<ComputePolicyDefinitionProps<K, P>, "kind" | "enabled"> & {
|
|
205
|
+
readonly enabled?: boolean;
|
|
206
|
+
};
|
|
207
|
+
type PolicyDefinitionProps<K extends string = string, P extends AnyPolicyPayload = AnyPolicyPayload> = GatePolicyDefinitionProps<K, P> | ComputePolicyDefinitionProps<K, P>;
|
|
208
|
+
declare class PolicyDefinition<K extends string = string, P extends AnyPolicyPayload = AnyPolicyPayload> {
|
|
209
|
+
private static assertPolicyVersionIsSemver;
|
|
210
|
+
readonly id: PolicyDefinitionId;
|
|
211
|
+
readonly policyKey: K;
|
|
212
|
+
readonly policyVersion: string;
|
|
213
|
+
readonly payloadSchemaVersion: number;
|
|
214
|
+
readonly contextVersionMin: number;
|
|
215
|
+
readonly contextVersionMax: number;
|
|
216
|
+
readonly gateEngineVersion?: number;
|
|
217
|
+
readonly computeEngineVersion?: number;
|
|
218
|
+
readonly enabled: boolean;
|
|
219
|
+
readonly status: PolicyDefinitionStatus;
|
|
220
|
+
readonly scope: PolicyScope;
|
|
221
|
+
readonly effectiveFrom: Date;
|
|
222
|
+
readonly effectiveTo: Date | null;
|
|
223
|
+
readonly priority: number;
|
|
224
|
+
readonly payloadJson: P;
|
|
225
|
+
readonly payloadHash: string;
|
|
226
|
+
readonly createdAt: Date;
|
|
227
|
+
readonly publishedAt: Date | null;
|
|
228
|
+
readonly kind: PolicyKind;
|
|
229
|
+
private constructor();
|
|
230
|
+
static gate<K extends string, P extends AnyPolicyPayload = AnyPolicyPayload>(props: GatePolicyDefinitionInput<K, P>): PolicyDefinition<K, P>;
|
|
231
|
+
static compute<K extends string, P extends AnyPolicyPayload = AnyPolicyPayload>(props: ComputePolicyDefinitionInput<K, P>): PolicyDefinition<K, P>;
|
|
232
|
+
isGate(): this is PolicyDefinition<K, P> & {
|
|
233
|
+
readonly kind: "GATE";
|
|
234
|
+
readonly gateEngineVersion: number;
|
|
235
|
+
};
|
|
236
|
+
isCompute(): this is PolicyDefinition<K, P> & {
|
|
237
|
+
readonly kind: "COMPUTE";
|
|
238
|
+
readonly computeEngineVersion: number;
|
|
239
|
+
};
|
|
240
|
+
}
|
|
241
|
+
interface FindCandidatesParams {
|
|
242
|
+
readonly policyKey: string;
|
|
243
|
+
readonly kind: PolicyKind;
|
|
244
|
+
readonly payloadSchemaVersion?: number;
|
|
245
|
+
readonly asOf: Date;
|
|
246
|
+
readonly contextVersion: number;
|
|
247
|
+
readonly scopeChain: readonly PolicyScope[];
|
|
248
|
+
}
|
|
249
|
+
//#endregion
|
|
250
|
+
//#region src/core/policies/defs/policy-definition-repository.d.ts
|
|
251
|
+
interface PolicyDefinitionRepository {
|
|
252
|
+
findCandidates(params: FindCandidatesParams): PolicyDefinition[];
|
|
253
|
+
}
|
|
254
|
+
//#endregion
|
|
255
|
+
//#region src/core/policies/defs/in-memory-policy-definition-repo.d.ts
|
|
256
|
+
declare class InMemoryPolicyDefinitionRepository implements PolicyDefinitionRepository {
|
|
257
|
+
private readonly definitions;
|
|
258
|
+
private readonly definitionsByPolicyKey;
|
|
259
|
+
constructor(definitions: readonly PolicyDefinition[]);
|
|
260
|
+
findCandidates(params: FindCandidatesParams): PolicyDefinition[];
|
|
261
|
+
}
|
|
262
|
+
//#endregion
|
|
263
|
+
//#region src/core/policies/package/policy-package.d.ts
|
|
264
|
+
/**
|
|
265
|
+
* Protocol of contribution: a module declares what it wants to add to the
|
|
266
|
+
* policy system without the core knowing which module it is.
|
|
267
|
+
*
|
|
268
|
+
* - catalogEntries: static policy descriptors the catalog will register.
|
|
269
|
+
* - definitions: default policy definitions (rules/parameters) to seed.
|
|
270
|
+
* - evaluators: compute evaluator registrations keyed by policy/version.
|
|
271
|
+
*/
|
|
272
|
+
interface PolicyPackage {
|
|
273
|
+
readonly catalogEntries: readonly PolicyCatalogEntryProps[];
|
|
274
|
+
readonly definitions: readonly PolicyDefinition[];
|
|
275
|
+
readonly evaluators: readonly ComputeEvaluatorRegistration[];
|
|
276
|
+
}
|
|
277
|
+
//#endregion
|
|
278
|
+
//#region src/core/policies/catalog/catalog.instance.d.ts
|
|
279
|
+
/**
|
|
280
|
+
* Aggregates catalog entries contributed by each module package into a single
|
|
281
|
+
* PolicyCatalog. The core knows nothing about concrete modules — callers
|
|
282
|
+
* are responsible for passing all relevant packages at composition time.
|
|
283
|
+
*/
|
|
284
|
+
declare class PolicyCatalogFactory {
|
|
285
|
+
static build(packages: readonly PolicyPackage[]): PolicyCatalog;
|
|
286
|
+
}
|
|
287
|
+
//#endregion
|
|
288
|
+
//#region src/core/policies/context/context-seed.d.ts
|
|
289
|
+
/**
|
|
290
|
+
* Seed data provided by the use case / caller.
|
|
291
|
+
* Contains raw IDs and inputs that the context system will resolve into paths.
|
|
292
|
+
* Each resolver is responsible for validating and extracting what it needs from fields.
|
|
293
|
+
*/
|
|
294
|
+
interface ContextSeed {
|
|
295
|
+
readonly tenantId: TenantId;
|
|
296
|
+
readonly schoolId: SchoolId;
|
|
297
|
+
readonly fields: Record<string, unknown>;
|
|
298
|
+
}
|
|
299
|
+
declare class ContextSeedValidator {
|
|
300
|
+
private static isBlankSeedId;
|
|
301
|
+
static validate(seed: ContextSeed): Result<ContextSeed, string>;
|
|
302
|
+
}
|
|
303
|
+
//#endregion
|
|
304
|
+
//#region src/core/policies/context/context-resolver.d.ts
|
|
305
|
+
interface ContextResolverRetryOptions {
|
|
306
|
+
readonly maxAttempts?: number;
|
|
307
|
+
readonly initialDelayMs?: number;
|
|
308
|
+
readonly maxDelayMs?: number;
|
|
309
|
+
readonly backoffMultiplier?: number;
|
|
310
|
+
}
|
|
311
|
+
interface ContextResolverCircuitBreakerOptions {
|
|
312
|
+
readonly failureThreshold?: number;
|
|
313
|
+
readonly cooldownMs?: number;
|
|
314
|
+
}
|
|
315
|
+
interface ContextResolverResilienceOptions {
|
|
316
|
+
readonly timeoutMs?: number;
|
|
317
|
+
readonly retry?: ContextResolverRetryOptions | false;
|
|
318
|
+
readonly circuitBreaker?: ContextResolverCircuitBreakerOptions | false;
|
|
319
|
+
}
|
|
320
|
+
/**
|
|
321
|
+
* A resolver that knows how to produce a value for a specific context path.
|
|
322
|
+
* Designed as async to allow future DB/API lookups without breaking the interface.
|
|
323
|
+
*/
|
|
324
|
+
interface ContextValueResolver {
|
|
325
|
+
readonly path: string;
|
|
326
|
+
readonly resilience?: ContextResolverResilienceOptions;
|
|
327
|
+
resolve(seed: ContextSeed): Promise<Result<unknown, string>>;
|
|
328
|
+
}
|
|
329
|
+
//#endregion
|
|
330
|
+
//#region src/core/policies/context/context-registry.d.ts
|
|
331
|
+
interface ContextResolverRegistrationOptions {
|
|
332
|
+
readonly namespace?: string;
|
|
333
|
+
}
|
|
334
|
+
/**
|
|
335
|
+
* Registry of context value resolvers, keyed by path.
|
|
336
|
+
*/
|
|
337
|
+
declare class ContextResolverRegistry {
|
|
338
|
+
private readonly resolvers;
|
|
339
|
+
register(resolver: ContextValueResolver, options?: ContextResolverRegistrationOptions): Result<void, string>;
|
|
340
|
+
registerAll(resolvers: readonly ContextValueResolver[], options?: ContextResolverRegistrationOptions): Result<void, string>;
|
|
341
|
+
get(path: string): ContextValueResolver | undefined;
|
|
342
|
+
has(path: string): boolean;
|
|
343
|
+
getNamespace(path: string): string | undefined;
|
|
344
|
+
}
|
|
345
|
+
declare function registerNamespacedContextResolversIn(registry: ContextResolverRegistry, namespace: string, resolvers: readonly ContextValueResolver[]): Result<ContextResolverRegistry, string>;
|
|
346
|
+
//#endregion
|
|
347
|
+
//#region src/core/policies/context/context-builder.d.ts
|
|
348
|
+
interface PolicyContextBuilderOptions {
|
|
349
|
+
readonly defaultResolverResilience?: ContextResolverResilienceOptions;
|
|
350
|
+
readonly now?: () => number;
|
|
351
|
+
readonly sleep?: (delayMs: number) => Promise<void>;
|
|
352
|
+
}
|
|
353
|
+
/**
|
|
354
|
+
* Builds a context object by resolving required paths from a seed.
|
|
355
|
+
*/
|
|
356
|
+
declare class PolicyContextBuilder {
|
|
357
|
+
private readonly registry;
|
|
358
|
+
private readonly circuitStates;
|
|
359
|
+
private readonly defaultResolverResilience?;
|
|
360
|
+
private readonly now;
|
|
361
|
+
private readonly sleep;
|
|
362
|
+
constructor(registry: ContextResolverRegistry, options?: PolicyContextBuilderOptions);
|
|
363
|
+
private static clampPositiveInteger;
|
|
364
|
+
private static clampNonNegativeInteger;
|
|
365
|
+
private static normalizeTimeoutMs;
|
|
366
|
+
private static mergeRetryOptions;
|
|
367
|
+
private static mergeCircuitBreakerOptions;
|
|
368
|
+
private resolveResilienceOptions;
|
|
369
|
+
private getRetryDelayMs;
|
|
370
|
+
private resetCircuit;
|
|
371
|
+
private isCircuitOpen;
|
|
372
|
+
private recordResolverFailure;
|
|
373
|
+
private static describeThrownResolverError;
|
|
374
|
+
private resolveOnce;
|
|
375
|
+
private resolveWithResilience;
|
|
376
|
+
/**
|
|
377
|
+
* Resolves all required context paths and returns a flat context object.
|
|
378
|
+
* If any required path cannot be resolved, returns an error.
|
|
379
|
+
*/
|
|
380
|
+
build(requirements: readonly string[], seed: ContextSeed): Promise<Result<Record<string, unknown>, string>>;
|
|
381
|
+
}
|
|
382
|
+
//#endregion
|
|
383
|
+
//#region src/core/policies/context/context-registry.instance.d.ts
|
|
384
|
+
/**
|
|
385
|
+
* Official instance of the ContextResolverRegistry.
|
|
386
|
+
* Use `new ContextResolverRegistry()` plus `registerNamespacedContextResolversIn`
|
|
387
|
+
* when each runtime/composition root needs its own isolated resolver graph.
|
|
388
|
+
*/
|
|
389
|
+
declare const contextResolverRegistry: ContextResolverRegistry;
|
|
390
|
+
declare function registerNamespacedContextResolvers(namespace: string, resolvers: readonly ContextValueResolver[]): Result<ContextResolverRegistry, string>;
|
|
391
|
+
//#endregion
|
|
392
|
+
//#region src/core/policies/context/path.d.ts
|
|
393
|
+
declare class PolicyContextPath {
|
|
394
|
+
private static readonly FORBIDDEN_SEGMENTS;
|
|
395
|
+
private static resolve;
|
|
396
|
+
private static parseSegments;
|
|
397
|
+
private static isPlainRecord;
|
|
398
|
+
static getOrAbsent(obj: Record<string, unknown>, path: string): Result<unknown, "absent">;
|
|
399
|
+
static has(obj: Record<string, unknown>, path: string): boolean;
|
|
400
|
+
static set(obj: Record<string, unknown>, path: string, value: unknown): Result<void, string>;
|
|
401
|
+
}
|
|
402
|
+
//#endregion
|
|
403
|
+
//#region src/core/policies/asof/asof.d.ts
|
|
404
|
+
interface DeriveAsOfOptions {
|
|
405
|
+
readonly maxFutureYears?: number;
|
|
406
|
+
}
|
|
407
|
+
declare class PolicyAsOfResolver {
|
|
408
|
+
private static resolveMaxFutureYears;
|
|
409
|
+
static derive(source: AsOfSource, seed: ContextSeed, now: Date, options?: DeriveAsOfOptions): Result<Date, string>;
|
|
410
|
+
}
|
|
411
|
+
//#endregion
|
|
412
|
+
//#region src/core/policies/resolver/policy-resolver.d.ts
|
|
413
|
+
/**
|
|
414
|
+
* Selects the best policy definition from a list of already-filtered candidates.
|
|
415
|
+
*
|
|
416
|
+
* Ordering criteria (highest priority first):
|
|
417
|
+
* 1. Scope specificity: SCHOOL (3) > TENANT (2) > GLOBAL (1)
|
|
418
|
+
* 2. Priority: higher number wins
|
|
419
|
+
* 3. publishedAt descending (fallback to createdAt)
|
|
420
|
+
* 4. Engine version descending (prefer-latest-engine-version — deterministic tiebreaker)
|
|
421
|
+
* 5. policyVersion descending (semver — final deterministic tiebreaker)
|
|
422
|
+
*/
|
|
423
|
+
declare class PolicyResolver {
|
|
424
|
+
resolveBest(candidates: readonly PolicyDefinition[]): Result<PolicyDefinition, string>;
|
|
425
|
+
}
|
|
426
|
+
//#endregion
|
|
427
|
+
//#region src/core/policies/service/policy-evaluation-error.d.ts
|
|
428
|
+
type PolicyEvaluationError = {
|
|
429
|
+
readonly kind: "INVALID_CONTEXT";
|
|
430
|
+
readonly stage: "SEED_VALIDATION" | "AS_OF_DERIVATION" | "CONTEXT_BUILD";
|
|
431
|
+
readonly policyKey: string;
|
|
432
|
+
readonly message: string;
|
|
433
|
+
readonly cause: string;
|
|
434
|
+
} | {
|
|
435
|
+
readonly kind: "INVALID_POLICY_KEY";
|
|
436
|
+
readonly rawPolicyKey: string;
|
|
437
|
+
readonly message: string;
|
|
438
|
+
readonly cause: string;
|
|
439
|
+
} | {
|
|
440
|
+
readonly kind: "POLICY_NOT_FOUND";
|
|
441
|
+
readonly policyKey: string;
|
|
442
|
+
readonly message: string;
|
|
443
|
+
readonly cause: string;
|
|
444
|
+
} | {
|
|
445
|
+
readonly kind: "POLICY_DEFINITION_NOT_FOUND";
|
|
446
|
+
readonly policyKey: string;
|
|
447
|
+
readonly contextVersion: number;
|
|
448
|
+
readonly asOf: Date;
|
|
449
|
+
readonly message: string;
|
|
450
|
+
readonly cause: string;
|
|
451
|
+
} | {
|
|
452
|
+
readonly kind: "POLICY_VARIANT_NOT_FOUND";
|
|
453
|
+
readonly policyKey: string;
|
|
454
|
+
readonly policyKind: PolicyKind;
|
|
455
|
+
readonly payloadSchemaVersion: number;
|
|
456
|
+
readonly gateEngineVersion?: number;
|
|
457
|
+
readonly computeEngineVersion?: number;
|
|
458
|
+
readonly message: string;
|
|
459
|
+
readonly cause: string;
|
|
460
|
+
} | {
|
|
461
|
+
readonly kind: "ENGINE_FAILURE";
|
|
462
|
+
readonly policyKey: string;
|
|
463
|
+
readonly engine: PolicyKind;
|
|
464
|
+
readonly engineVersion: number;
|
|
465
|
+
readonly message: string;
|
|
466
|
+
readonly cause: string;
|
|
467
|
+
};
|
|
468
|
+
declare class PolicyEvaluationErrors {
|
|
469
|
+
static invalidContext(stage: Extract<PolicyEvaluationError, {
|
|
470
|
+
kind: "INVALID_CONTEXT";
|
|
471
|
+
}>["stage"], policyKey: string, cause: string): PolicyEvaluationError;
|
|
472
|
+
static invalidPolicyKey(rawPolicyKey: string, cause: string): PolicyEvaluationError;
|
|
473
|
+
static policyNotFound(policyKey: string, cause: string): PolicyEvaluationError;
|
|
474
|
+
static policyDefinitionNotFound(policyKey: string, asOf: Date, contextVersion: number, cause: string): PolicyEvaluationError;
|
|
475
|
+
static policyVariantNotFound(params: {
|
|
476
|
+
readonly policyKey: string;
|
|
477
|
+
readonly policyKind: PolicyKind;
|
|
478
|
+
readonly payloadSchemaVersion: number;
|
|
479
|
+
readonly gateEngineVersion?: number;
|
|
480
|
+
readonly computeEngineVersion?: number;
|
|
481
|
+
readonly cause: string;
|
|
482
|
+
}): PolicyEvaluationError;
|
|
483
|
+
static engineFailure(policyKey: string, engine: PolicyKind, engineVersion: number, cause: string): PolicyEvaluationError;
|
|
484
|
+
}
|
|
485
|
+
//#endregion
|
|
486
|
+
//#region src/core/policies/service/policy-service.d.ts
|
|
487
|
+
interface EvaluateInput {
|
|
488
|
+
readonly decisionId: PolicyDecisionId;
|
|
489
|
+
readonly policyKey: string;
|
|
490
|
+
readonly scopeChain: readonly PolicyScope[];
|
|
491
|
+
readonly contextVersion: number;
|
|
492
|
+
readonly seed: ContextSeed;
|
|
493
|
+
}
|
|
494
|
+
interface PolicyServiceOptions {
|
|
495
|
+
readonly asOf?: DeriveAsOfOptions;
|
|
496
|
+
readonly reporter?: PolicyReporter;
|
|
497
|
+
}
|
|
498
|
+
interface PolicyServiceParams {
|
|
499
|
+
readonly catalog: PolicyCatalog;
|
|
500
|
+
readonly contextBuilder: PolicyContextBuilder;
|
|
501
|
+
readonly defRepo: PolicyDefinitionRepository;
|
|
502
|
+
readonly resolver: PolicyResolver;
|
|
503
|
+
readonly gateEngines: GateEngineRegistry;
|
|
504
|
+
readonly computeRegistry: ComputeRegistry;
|
|
505
|
+
readonly options?: PolicyServiceOptions;
|
|
506
|
+
}
|
|
507
|
+
/** Union of all possible policy decision Outcomes. */
|
|
508
|
+
type PolicyDecision = GateOutcome | ComputeOutcome;
|
|
509
|
+
interface PolicyEvaluationResult {
|
|
510
|
+
readonly decisionId: PolicyDecisionId;
|
|
511
|
+
readonly ref: {
|
|
512
|
+
readonly definitionId: PolicyDefinitionId;
|
|
513
|
+
readonly policyKey: string;
|
|
514
|
+
readonly policyVersion: string;
|
|
515
|
+
readonly payloadHash: string;
|
|
516
|
+
readonly gateEngineVersion?: number;
|
|
517
|
+
readonly computeEngineVersion?: number;
|
|
518
|
+
};
|
|
519
|
+
readonly kind: "GATE" | "COMPUTE";
|
|
520
|
+
readonly asOf: Date;
|
|
521
|
+
readonly evaluatedAt: Date;
|
|
522
|
+
readonly contextVersion: number;
|
|
523
|
+
/** Business decision expressed as an Outcome — not a technical Result. */
|
|
524
|
+
readonly decision: PolicyDecision;
|
|
525
|
+
}
|
|
526
|
+
declare class PolicyService {
|
|
527
|
+
#private;
|
|
528
|
+
private readonly catalog;
|
|
529
|
+
private readonly contextBuilder;
|
|
530
|
+
private readonly defRepo;
|
|
531
|
+
private readonly resolver;
|
|
532
|
+
private readonly gateEngines;
|
|
533
|
+
private readonly computeRegistry;
|
|
534
|
+
private readonly options;
|
|
535
|
+
constructor(params: PolicyServiceParams);
|
|
536
|
+
private resolveEvaluationNow;
|
|
537
|
+
evaluate(input: EvaluateInput): Promise<Result<PolicyEvaluationResult, PolicyEvaluationError>>;
|
|
538
|
+
}
|
|
539
|
+
//#endregion
|
|
540
|
+
export { FindCandidatesParams as A, PolicyKey as B, ContextSeed as C, InMemoryPolicyDefinitionRepository as D, PolicyPackage as E, PolicyScope as F, PolicyHashing as G, PolicyKind as H, PolicyScopeMatcher as I, coreConfig as K, ScopeChain as L, PolicyDefinition as M, PolicyDefinitionProps as N, BasePolicyDefinitionProps as O, PolicyDefinitionStatus as P, PolicyCatalog as R, ContextValueResolver as S, PolicyCatalogFactory as T, PolicyOwner as U, AsOfSource as V, PolicyScopeLevel as W, ContextResolverRegistry as _, PolicyServiceOptions as a, ContextResolverResilienceOptions as b, PolicyEvaluationErrors as c, PolicyAsOfResolver as d, PolicyContextPath as f, PolicyContextBuilderOptions as g, PolicyContextBuilder as h, PolicyService as i, GatePolicyDefinitionProps as j, ComputePolicyDefinitionProps as k, PolicyResolver as l, registerNamespacedContextResolvers as m, PolicyDecision as n, PolicyServiceParams as o, contextResolverRegistry as p, PolicyEvaluationResult as r, PolicyEvaluationError as s, EvaluateInput as t, DeriveAsOfOptions as u, registerNamespacedContextResolversIn as v, ContextSeedValidator as w, ContextResolverRetryOptions as x, ContextResolverCircuitBreakerOptions as y, PolicyCatalogEntryProps as z };
|
|
541
|
+
//# sourceMappingURL=policy-service.d.ts.map
|