@vorionsys/atsf-core 0.2.2 → 0.2.4

package/dist/enforce/index.js

@@ -214,11 +214,80 @@ export class MockEnforcementService {
  */
 export class EnforcementService extends MockEnforcementService {
 }
+// =============================================================================
+// SERVICE FACTORY & INJECTION
+// =============================================================================
+let enforcementService = null;
+/**
+ * Set the enforcement service implementation to use at runtime.
+ * Call this during application bootstrap with a real backend.
+ */
+export function setEnforcementService(service) {
+    enforcementService = service;
+}
 /**
- * @deprecated Use new MockEnforcementService() for testing
+ * Get the configured enforcement service.
+ * Throws if no real backend has been provided via setEnforcementService().
  */
-export function createEnforcementService(policy) {
-    logger.warn('createEnforcementService() creates an in-memory mock. For production, connect to the Vorion API.');
-    return new EnforcementService(policy);
+export function getEnforcementService() {
+    if (!enforcementService) {
+        throw new Error('No enforcement service backend configured. Pass a real EnforcementService implementation or see docs for setup.');
+    }
+    return enforcementService;
 }
+/**
+ * Create a new enforcement service instance
+ *
+ * Throws if no real backend is provided. For tests, use createMockEnforcementService().
+ */
+export function createEnforcementService(service) {
+    if (!service) {
+        throw new Error('No enforcement service backend configured. Pass a real EnforcementService implementation or see docs for setup.');
+    }
+    return service;
+}
+/**
+ * Create a mock enforcement service for testing only.
+ */
+export function createMockEnforcementService(policy) {
+    return new MockEnforcementService(policy);
+}
+// =============================================================================
+// PRODUCTION IMPLEMENTATION
+// =============================================================================
+export { TrustAwareEnforcementService } from './trust-aware-enforcement-service.js';
+/**
+ * Compose policies with AND — all must pass for the combined policy to pass.
+ */
+export function allOf(...predicates) {
+    return (context) => predicates.every(p => p(context));
+}
+/**
+ * Compose policies with OR — at least one must pass.
+ */
+export function anyOf(...predicates) {
+    return (context) => predicates.some(p => p(context));
+}
+/**
+ * Negate a policy predicate.
+ */
+export function not(predicate) {
+    return (context) => !predicate(context);
+}
+/**
+ * Built-in policy predicates for common checks.
+ */
+export const PolicyPredicates = {
+    /** Trust level is at or above the given threshold */
+    minTrustLevel: (level) => (ctx) => (ctx.trustLevel ?? 0) >= level,
+    /** Action type matches */
+    actionType: (type) => (ctx) => ctx.intent.actionType === type,
+    /** Data sensitivity is at most the given level */
+    maxSensitivity: (level) => {
+        const order = { PUBLIC: 0, INTERNAL: 1, CONFIDENTIAL: 2, RESTRICTED: 3 };
+        return (ctx) => order[(ctx.intent.dataSensitivity ?? 'PUBLIC')] <= order[level];
+    },
+    /** Action is reversible */
+    isReversible: () => (ctx) => ctx.intent.reversibility !== 'IRREVERSIBLE',
+};
 //# sourceMappingURL=index.js.map

package/dist/enforce/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/enforce/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AAWnD,MAAM,MAAM,GAAG,YAAY,CAAC,EAAE,SAAS,EAAE,SAAS,EAAE,CAAC,CAAC;AA+RtD,gFAAgF;AAChF,sBAAsB;AACtB,gFAAgF;AAEhF,MAAM,cAAc,GAAsB;IACxC,aAAa,EAAE,MAAM;IACrB,eAAe,EAAE;QACf,gBAAgB,EAAE,CAAC;QACnB,sBAAsB,EAAE,CAAC;QACzB,aAAa,EAAE,CAAC;KACjB;IACD,oBAAoB,EAAE,OAAO;IAC7B,oBAAoB,EAAE,MAAM;IAC5B,qBAAqB,EAAE,CAAC;CACzB,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,OAAO,sBAAsB;IACzB,MAAM,CAAoB;IAC1B,SAAS,GAA2B,IAAI,GAAG,EAAE,CAAC;IAC9C,SAAS,GAA8B,IAAI,GAAG,EAAE,CAAC;IAEzD,YAAY,MAA0B;QACpC,IAAI,CAAC,MAAM,GAAG,EAAE,GAAG,cAAc,EAAE,GAAG,MAAM,EAAE,CAAC;IACjD,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,OAA2B;QACtC,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC;QACzE,MAAM,aAAa,GAAG,OAAO,CAAC,aAAa,IAAI,MAAM,CAAC,UAAU,EAAE,CAAC;QACnE,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QAErC,iBAAiB;QACjB,MAAM,IAAI,GAAG,IAAI,CAAC,aAAa,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;QAExD,kBAAkB;QAClB,MAAM,QAAQ,GAAkB;YAC9B,EAAE,EAAE,MAAM,CAAC,UAAU,EAAE;YACvB,QAAQ;YACR,QAAQ,EAAE,MAAM,CAAC,EAAE;YACnB,OAAO,EAAE,MAAM,CAAC,QAAQ;YACxB,aAAa;YACb,IAAI;YACJ,SAAS,EAAE,IAAI,KAAK,OAAO;YAC3B,SAAS,EAAE,IAAI,UAAU,IAAI,IAAI,CAAC,gBAAgB,CAAC,UAAU,CAAC,EAAE;YAChE,UAAU;YACV,SAAS,EAAE,IAAI,CAAC,cAAc,CAAC,IAAI,EAAE,UAAU,EAAE,UAAU,CAAC;YAC5D,iBAAiB,EAAE,CAAC;YACpB,SAAS,EAAE,GAAG;YACd,SAAS,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,oBAAoB,IAAI,OAAO,CAAC,CAAC,CAAC,WAAW,EAAE;YAC7F,SAAS,EAAE,CAAC;SACb,CAAC;QAEF,4BAA4B;QAC5B,IAAI,IAAI,KAAK,OAAO,EAAE,CAAC;YACrB,QAAQ,CAAC,WAAW,GAAG;gBACrB,YAAY,EAAE,CAAC,GAAG,CAAC;gBACnB,UAAU,EAAE,CAAC,GAAG,CAAC;gBACjB,UAAU,EAAE,EAAE;gBACd,iBAAiB,EAAE,EAAE;gBACrB,qBAAqB,EAAE,KAAK;gBAC5B,UAAU,EAAE,CAAC;aACd,CAAC;QACJ,CAAC;QAED,oCAAoC;QACpC,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;YACtB,QAAQ,CAAC,kBAAkB,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,oBAAoB,IAAI,MAAM,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;YAChH,QAAQ,CAAC,qBAAqB,GAAG,IAAI,CAAC,MAAM,CAAC,qBAAqB,IAAI,CAAC,CAAC;YACxE,QAAQ,CAAC,iBAAiB,GAAG;gBAC3B;oBACE,EAAE,EAAE,MAAM,CAAC,UAAU,EAAE;oBACvB,MAAM,EAAE,iBAAiB;oBACzB,WAAW,EAAE,+BAA+B;oBAC5C,kBAAkB,EAAE,GAAG;oBACvB,MAAM,EAAE,KAAK;iBACd;gBACD;oBACE,EAAE,EAAE,MAAM,CAAC,UAAU,EAAE;oBACvB,MAAM,EAAE,kBAAkB;oBAC1B,WAAW,EAAE,wBAAwB;oBACrC,kBAAkB,EAAE,GAAG;oBACvB,MAAM,EAAE,QAAQ;iBACjB;aACF,CAAC;QACJ,CAAC;QAED,6BAA6B;QAC7B,IAAI,IAAI,KAAK,KAAK,EAAE,CAAC;YACnB,QAAQ,CAAC,YAAY,GAAG,kBAAkB,CAAC;YAC3C,QAAQ,CAAC,UAAU,GAAG,IAAI,CAAC;QAC7B,CAAC;QAED,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC;QAE1C,kBAAkB;QAClB,MAAM,QAAQ,GAAqB;YACjC,EAAE,EAAE,MAAM,CAAC,UAAU,EAAE;YACvB,QAAQ;YACR,QAAQ,EAAE,MAAM,CAAC,EAAE;YACnB,OAAO,EAAE,MAAM,CAAC,QAAQ;YACxB,aAAa;YACb,KAAK,EAAE,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC;YAC7B,iBAAiB,EAAE,QAAQ,CAAC,EAAE;YAC9B,YAAY,EAAE;gBACZ,EAAE,IAAI,EAAE,WAA4B,EAAE,EAAE,EAAE,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,aAAa,IAAI,EAAE,EAAE,SAAS,EAAE,GAAG,EAAE;aAChH;YACD,SAAS,EAAE,GAAG;YACd,SAAS,EAAE,GAAG;YACd,SAAS,EAAE,QAAQ,CAAC,SAAS;SAC9B,CAAC;QAEF,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC;QAExC,MAAM,CAAC,IAAI,CACT,EAAE,UAAU,EAAE,QAAQ,CAAC,EAAE,EAAE,QAAQ,EAAE,MAAM,CAAC,EAAE,EAAE,IAAI,EAAE,EACtD,kCAAkC,CACnC,CAAC;QAEF,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,IAAI,EAAE,iBAAiB,EAAE,QAAQ,CAAC,iBAAiB,EAAE,CAAC;IACrF,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,OAA0B,EAAE,QAAY;QACnD,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;QACxD,IAAI,CAAC,QAAQ,IAAI,QAAQ,CAAC,IAAI,KAAK,QAAQ;YAAE,OAAO,IAAI,CAAC;QAEzD,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QAErC,0DAA0D;QAC1D,MAAM,OAAO,GAAkB;YAC7B,GAAG,QAAQ;YACX,EAAE,EAAE,MAAM,CAAC,UAAU,EAAE;YACvB,IAAI,EAAE,OAAO;YACb,SAAS,EAAE,IAAI;YACf,iBAAiB,EAAE,QAAQ,CAAC,iBAAiB,GAAG,CAAC;YACjD,SAAS,EAAE,CAAC,6CAA6C,CAAC;YAC1D,WAAW,EAAE;gBACX,YAAY,EAAE,CAAC,GAAG,CAAC;gBACnB,UAAU,EAAE,CAAC,GAAG,CAAC;gBACjB,UAAU,EAAE,EAAE;gBACd,iBAAiB,EAAE,EAAE;gBACrB,qBAAqB,EAAE,IAAI;gBAC3B,UAAU,EAAE,CAAC;aACd;YACD,SAAS,EAAE,GAAG;SACf,CAAC;QAEF,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,EAAE,OAAO,CAAC,CAAC;QAExC,kBAAkB;QAClB,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;QACvD,IAAI,QAAQ,EAAE,CAAC;YACb,QAAQ,CAAC,KAAK,GAAG,UAAU,CAAC;YAC5B,QAAQ,CAAC,iBAAiB,GAAG,OAAO,CAAC,EAAE,CAAC;YACxC,QAAQ,CAAC,SAAS,GAAG,GAAG,CAAC;YACzB,QAAQ,CAAC,YAAY,CAAC,IAAI,CAAC;gBACzB,IAAI,EAAE,oBAAoB;gBAC1B,EAAE,EAAE,UAAU;gBACd,MAAM,EAAE,kBAAkB;gBAC1B,SAAS,EAAE,GAAG;aACf,CAAC,CAAC;QACL,CAAC;QAED,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAS,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;IACnE,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,EAAM,EAAE,QAAY;QACpC,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACxC,OAAO,QAAQ,EAAE,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC;IAC3D,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,QAAY,EAAE,QAAY;QAC1C,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC9C,OAAO,QAAQ,EAAE,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC;IAC3D,CAAC;IAED,SAAS,CAAC,MAAyB;QACjC,IAAI,CAAC,MAAM,GAAG,EAAE,GAAG,cAAc,EAAE,GAAG,MAAM,EAAE,CAAC;IACjD,CAAC;IAEO,aAAa,CAAC,UAA4B,EAAE,UAAsB;QACxE,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,eAAgB,CAAC;QAEhD,IAAI,UAAU,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,MAAM,IAAI,CAAC,CAAC,MAAM,KAAK,WAAW,CAAC,EAAE,CAAC;YAC1F,OAAO,KAAK,CAAC;QACf,CAAC;QACD,IAAI,UAAU,GAAG,UAAU,CAAC,aAAa;YAAE,OAAO,KAAK,CAAC;QACxD,IAAI,UAAU,GAAG,UAAU,CAAC,sBAAsB;YAAE,OAAO,QAAQ,CAAC;QACpE,IAAI,UAAU,IAAI,UAAU,CAAC,gBAAgB,IAAI,UAAU,CAAC,MAAM;YAAE,OAAO,OAAO,CAAC;QACnF,OAAO,QAAQ,CAAC;IAClB,CAAC;IAEO,cAAc,CAAC,IAAkB,EAAE,UAA4B,EAAE,UAAsB;QAC7F,IAAI,IAAI,KAAK,OAAO;YAAE,OAAO,CAAC,mBAAmB,EAAE,UAAU,UAAU,qBAAqB,CAAC,CAAC;QAC9F,IAAI,IAAI,KAAK,QAAQ;YAAE,OAAO,CAAC,8BAA8B,CAAC,CAAC;QAC/D,OAAO,CAAC,kBAAkB,EAAE,wBAAwB,CAAC,CAAC;IACxD,CAAC;IAEO,WAAW,CAAC,IAAkB;QACpC,OAAO,IAAI,KAAK,OAAO,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,oBAAoB,CAAC,CAAC,CAAC,QAAQ,CAAC;IAC7F,CAAC;IAEO,gBAAgB,CAAC,KAAiB;QACxC,MAAM,KAAK,GAAG,CAAC,SAAS,EAAE,UAAU,EAAE,aAAa,EAAE,WAAW,EAAE,UAAU,EAAE,SAAS,EAAE,WAAW,EAAE,YAAY,CAAC,CAAC;QACpH,OAAO,KAAK,CAAC,KAAK,CAAC,IAAI,SAAS,CAAC;IACnC,CAAC;IAED,KAAK;QACH,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC;QACvB,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC;IACzB,CAAC;CACF;AAED,gFAAgF;AAChF,+BAA+B;AAC/B,gFAAgF;AAEhF;;GAEG;AACH,MAAM,OAAO,kBAAmB,SAAQ,sBAAsB;CAAG;AAEjE;;GAEG;AACH,MAAM,UAAU,wBAAwB,CAAC,MAA0B;IACjE,MAAM,CAAC,IAAI,CAAC,kGAAkG,CAAC,CAAC;IAChH,OAAO,IAAI,kBAAkB,CAAC,MAAM,CAAC,CAAC;AACxC,CAAC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/enforce/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AAWnD,MAAM,MAAM,GAAG,YAAY,CAAC,EAAE,SAAS,EAAE,SAAS,EAAE,CAAC,CAAC;AA+RtD,gFAAgF;AAChF,sBAAsB;AACtB,gFAAgF;AAEhF,MAAM,cAAc,GAAsB;IACxC,aAAa,EAAE,MAAM;IACrB,eAAe,EAAE;QACf,gBAAgB,EAAE,CAAC;QACnB,sBAAsB,EAAE,CAAC;QACzB,aAAa,EAAE,CAAC;KACjB;IACD,oBAAoB,EAAE,OAAO;IAC7B,oBAAoB,EAAE,MAAM;IAC5B,qBAAqB,EAAE,CAAC;CACzB,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,OAAO,sBAAsB;IACzB,MAAM,CAAoB;IAC1B,SAAS,GAA2B,IAAI,GAAG,EAAE,CAAC;IAC9C,SAAS,GAA8B,IAAI,GAAG,EAAE,CAAC;IAEzD,YAAY,MAA0B;QACpC,IAAI,CAAC,MAAM,GAAG,EAAE,GAAG,cAAc,EAAE,GAAG,MAAM,EAAE,CAAC;IACjD,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,OAA2B;QACtC,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC;QACzE,MAAM,aAAa,GAAG,OAAO,CAAC,aAAa,IAAI,MAAM,CAAC,UAAU,EAAE,CAAC;QACnE,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QAErC,iBAAiB;QACjB,MAAM,IAAI,GAAG,IAAI,CAAC,aAAa,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;QAExD,kBAAkB;QAClB,MAAM,QAAQ,GAAkB;YAC9B,EAAE,EAAE,MAAM,CAAC,UAAU,EAAE;YACvB,QAAQ;YACR,QAAQ,EAAE,MAAM,CAAC,EAAE;YACnB,OAAO,EAAE,MAAM,CAAC,QAAQ;YACxB,aAAa;YACb,IAAI;YACJ,SAAS,EAAE,IAAI,KAAK,OAAO;YAC3B,SAAS,EAAE,IAAI,UAAU,IAAI,IAAI,CAAC,gBAAgB,CAAC,UAAU,CAAC,EAAE;YAChE,UAAU;YACV,SAAS,EAAE,IAAI,CAAC,cAAc,CAAC,IAAI,EAAE,UAAU,EAAE,UAAU,CAAC;YAC5D,iBAAiB,EAAE,CAAC;YACpB,SAAS,EAAE,GAAG;YACd,SAAS,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,oBAAoB,IAAI,OAAO,CAAC,CAAC,CAAC,WAAW,EAAE;YAC7F,SAAS,EAAE,CAAC;SACb,CAAC;QAEF,4BAA4B;QAC5B,IAAI,IAAI,KAAK,OAAO,EAAE,CAAC;YACrB,QAAQ,CAAC,WAAW,GAAG;gBACrB,YAAY,EAAE,CAAC,GAAG,CAAC;gBACnB,UAAU,EAAE,CAAC,GAAG,CAAC;gBACjB,UAAU,EAAE,EAAE;gBACd,iBAAiB,EAAE,EAAE;gBACrB,qBAAqB,EAAE,KAAK;gBAC5B,UAAU,EAAE,CAAC;aACd,CAAC;QACJ,CAAC;QAED,oCAAoC;QACpC,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;YACtB,QAAQ,CAAC,kBAAkB,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,oBAAoB,IAAI,MAAM,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;YAChH,QAAQ,CAAC,qBAAqB,GAAG,IAAI,CAAC,MAAM,CAAC,qBAAqB,IAAI,CAAC,CAAC;YACxE,QAAQ,CAAC,iBAAiB,GAAG;gBAC3B;oBACE,EAAE,EAAE,MAAM,CAAC,UAAU,EAAE;oBACvB,MAAM,EAAE,iBAAiB;oBACzB,WAAW,EAAE,+BAA+B;oBAC5C,kBAAkB,EAAE,GAAG;oBACvB,MAAM,EAAE,KAAK;iBACd;gBACD;oBACE,EAAE,EAAE,MAAM,CAAC,UAAU,EAAE;oBACvB,MAAM,EAAE,kBAAkB;oBAC1B,WAAW,EAAE,wBAAwB;oBACrC,kBAAkB,EAAE,GAAG;oBACvB,MAAM,EAAE,QAAQ;iBACjB;aACF,CAAC;QACJ,CAAC;QAED,6BAA6B;QAC7B,IAAI,IAAI,KAAK,KAAK,EAAE,CAAC;YACnB,QAAQ,CAAC,YAAY,GAAG,kBAAkB,CAAC;YAC3C,QAAQ,CAAC,UAAU,GAAG,IAAI,CAAC;QAC7B,CAAC;QAED,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC;QAE1C,kBAAkB;QAClB,MAAM,QAAQ,GAAqB;YACjC,EAAE,EAAE,MAAM,CAAC,UAAU,EAAE;YACvB,QAAQ;YACR,QAAQ,EAAE,MAAM,CAAC,EAAE;YACnB,OAAO,EAAE,MAAM,CAAC,QAAQ;YACxB,aAAa;YACb,KAAK,EAAE,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC;YAC7B,iBAAiB,EAAE,QAAQ,CAAC,EAAE;YAC9B,YAAY,EAAE;gBACZ,EAAE,IAAI,EAAE,WAA4B,EAAE,EAAE,EAAE,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,aAAa,IAAI,EAAE,EAAE,SAAS,EAAE,GAAG,EAAE;aAChH;YACD,SAAS,EAAE,GAAG;YACd,SAAS,EAAE,GAAG;YACd,SAAS,EAAE,QAAQ,CAAC,SAAS;SAC9B,CAAC;QAEF,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC;QAExC,MAAM,CAAC,IAAI,CACT,EAAE,UAAU,EAAE,QAAQ,CAAC,EAAE,EAAE,QAAQ,EAAE,MAAM,CAAC,EAAE,EAAE,IAAI,EAAE,EACtD,kCAAkC,CACnC,CAAC;QAEF,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,IAAI,EAAE,iBAAiB,EAAE,QAAQ,CAAC,iBAAiB,EAAE,CAAC;IACrF,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,OAA0B,EAAE,QAAY;QACnD,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;QACxD,IAAI,CAAC,QAAQ,IAAI,QAAQ,CAAC,IAAI,KAAK,QAAQ;YAAE,OAAO,IAAI,CAAC;QAEzD,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QAErC,0DAA0D;QAC1D,MAAM,OAAO,GAAkB;YAC7B,GAAG,QAAQ;YACX,EAAE,EAAE,MAAM,CAAC,UAAU,EAAE;YACvB,IAAI,EAAE,OAAO;YACb,SAAS,EAAE,IAAI;YACf,iBAAiB,EAAE,QAAQ,CAAC,iBAAiB,GAAG,CAAC;YACjD,SAAS,EAAE,CAAC,6CAA6C,CAAC;YAC1D,WAAW,EAAE;gBACX,YAAY,EAAE,CAAC,GAAG,CAAC;gBACnB,UAAU,EAAE,CAAC,GAAG,CAAC;gBACjB,UAAU,EAAE,EAAE;gBACd,iBAAiB,EAAE,EAAE;gBACrB,qBAAqB,EAAE,IAAI;gBAC3B,UAAU,EAAE,CAAC;aACd;YACD,SAAS,EAAE,GAAG;SACf,CAAC;QAEF,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,EAAE,OAAO,CAAC,CAAC;QAExC,kBAAkB;QAClB,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;QACvD,IAAI,QAAQ,EAAE,CAAC;YACb,QAAQ,CAAC,KAAK,GAAG,UAAU,CAAC;YAC5B,QAAQ,CAAC,iBAAiB,GAAG,OAAO,CAAC,EAAE,CAAC;YACxC,QAAQ,CAAC,SAAS,GAAG,GAAG,CAAC;YACzB,QAAQ,CAAC,YAAY,CAAC,IAAI,CAAC;gBACzB,IAAI,EAAE,oBAAoB;gBAC1B,EAAE,EAAE,UAAU;gBACd,MAAM,EAAE,kBAAkB;gBAC1B,SAAS,EAAE,GAAG;aACf,CAAC,CAAC;QACL,CAAC;QAED,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAS,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;IACnE,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,EAAM,EAAE,QAAY;QACpC,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACxC,OAAO,QAAQ,EAAE,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC;IAC3D,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,QAAY,EAAE,QAAY;QAC1C,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC9C,OAAO,QAAQ,EAAE,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC;IAC3D,CAAC;IAED,SAAS,CAAC,MAAyB;QACjC,IAAI,CAAC,MAAM,GAAG,EAAE,GAAG,cAAc,EAAE,GAAG,MAAM,EAAE,CAAC;IACjD,CAAC;IAEO,aAAa,CAAC,UAA4B,EAAE,UAAsB;QACxE,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,eAAgB,CAAC;QAEhD,IAAI,UAAU,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,MAAM,IAAI,CAAC,CAAC,MAAM,KAAK,WAAW,CAAC,EAAE,CAAC;YAC1F,OAAO,KAAK,CAAC;QACf,CAAC;QACD,IAAI,UAAU,GAAG,UAAU,CAAC,aAAa;YAAE,OAAO,KAAK,CAAC;QACxD,IAAI,UAAU,GAAG,UAAU,CAAC,sBAAsB;YAAE,OAAO,QAAQ,CAAC;QACpE,IAAI,UAAU,IAAI,UAAU,CAAC,gBAAgB,IAAI,UAAU,CAAC,MAAM;YAAE,OAAO,OAAO,CAAC;QACnF,OAAO,QAAQ,CAAC;IAClB,CAAC;IAEO,cAAc,CAAC,IAAkB,EAAE,UAA4B,EAAE,UAAsB;QAC7F,IAAI,IAAI,KAAK,OAAO;YAAE,OAAO,CAAC,mBAAmB,EAAE,UAAU,UAAU,qBAAqB,CAAC,CAAC;QAC9F,IAAI,IAAI,KAAK,QAAQ;YAAE,OAAO,CAAC,8BAA8B,CAAC,CAAC;QAC/D,OAAO,CAAC,kBAAkB,EAAE,wBAAwB,CAAC,CAAC;IACxD,CAAC;IAEO,WAAW,CAAC,IAAkB;QACpC,OAAO,IAAI,KAAK,OAAO,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,oBAAoB,CAAC,CAAC,CAAC,QAAQ,CAAC;IAC7F,CAAC;IAEO,gBAAgB,CAAC,KAAiB;QACxC,MAAM,KAAK,GAAG,CAAC,SAAS,EAAE,UAAU,EAAE,aAAa,EAAE,WAAW,EAAE,UAAU,EAAE,SAAS,EAAE,WAAW,EAAE,YAAY,CAAC,CAAC;QACpH,OAAO,KAAK,CAAC,KAAK,CAAC,IAAI,SAAS,CAAC;IACnC,CAAC;IAED,KAAK;QACH,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC;QACvB,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC;IACzB,CAAC;CACF;AAED,gFAAgF;AAChF,+BAA+B;AAC/B,gFAAgF;AAEhF;;GAEG;AACH,MAAM,OAAO,kBAAmB,SAAQ,sBAAsB;CAAG;AAEjE,gFAAgF;AAChF,8BAA8B;AAC9B,gFAAgF;AAEhF,IAAI,kBAAkB,GAA+B,IAAI,CAAC;AAE1D;;;GAGG;AACH,MAAM,UAAU,qBAAqB,CAAC,OAA4B;IAChE,kBAAkB,GAAG,OAAO,CAAC;AAC/B,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,qBAAqB;IACnC,IAAI,CAAC,kBAAkB,EAAE,CAAC;QACxB,MAAM,IAAI,KAAK,CACb,iHAAiH,CAClH,CAAC;IACJ,CAAC;IACD,OAAO,kBAAkB,CAAC;AAC5B,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,wBAAwB,CAAC,OAA6B;IACpE,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CACb,iHAAiH,CAClH,CAAC;IACJ,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,4BAA4B,CAAC,MAA0B;IACrE,OAAO,IAAI,sBAAsB,CAAC,MAAM,CAAC,CAAC;AAC5C,CAAC;AAED,gFAAgF;AAChF,4BAA4B;AAC5B,gFAAgF;AAEhF,OAAO,EAAE,4BAA4B,EAAE,MAAM,sCAAsC,CAAC;AAkBpF;;GAEG;AACH,MAAM,UAAU,KAAK,CAAC,GAAG,UAA6B;IACpD,OAAO,CAAC,OAA2B,EAAE,EAAE,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC;AAC5E,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,KAAK,CAAC,GAAG,UAA6B;IACpD,OAAO,CAAC,OAA2B,EAAE,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC;AAC3E,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,GAAG,CAAC,SAA0B;IAC5C,OAAO,CAAC,OAA2B,EAAE,EAAE,CAAC,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;AAC9D,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG;IAC9B,qDAAqD;IACrD,aAAa,EAAE,CAAC,KAAa,EAAmB,EAAE,CAChD,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,UAAU,IAAI,CAAC,CAAC,IAAI,KAAK;IAEzC,0BAA0B;IAC1B,UAAU,EAAE,CAAC,IAAY,EAAmB,EAAE,CAC5C,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,UAAU,KAAK,IAAI;IAEzC,kDAAkD;IAClD,cAAc,EAAE,CAAC,KAA4D,EAAmB,EAAE;QAChG,MAAM,KAAK,GAAG,EAAE,MAAM,EAAE,CAAC,EAAE,QAAQ,EAAE,CAAC,EAAE,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE,CAAC,EAAE,CAAC;QACzE,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,eAAe,IAAI,QAAQ,CAAuB,CAAC,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC;IACxG,CAAC;IAED,2BAA2B;IAC3B,YAAY,EAAE,GAAoB,EAAE,CAClC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,aAAa,KAAK,cAAc;CAC9C,CAAC"}

package/dist/enforce/trust-aware-enforcement-service.d.ts

@@ -0,0 +1,121 @@
+/**
+ * Trust-Aware Enforcement Service
+ *
+ * Production-quality enforcement service that provides:
+ * - Real-time trust score lookups via TrustEngine
+ * - Three-tier fluid governance (GREEN/YELLOW/RED)
+ * - Configurable trust thresholds for automatic decisions
+ * - Risk-based constraint computation from intent metadata
+ * - Refinement workflow with attempt tracking
+ * - Tenant isolation and decision expiration
+ *
+ * Replaces MockEnforcementService for production use.
+ *
+ * @packageDocumentation
+ */
+import type { ID, TrustLevel } from '../common/types.js';
+import type { TrustEngine } from '../trust-engine/index.js';
+import type { IEnforcementService, EnforcementContext, EnforcementPolicy, FluidDecision, FluidDecisionResult, DecisionConstraints, RefinementRequest, WorkflowInstance } from './index.js';
+/**
+ * Input for policy evaluation.
+ * Minimal interface to avoid hard dependency on @vorionsys/security.
+ */
+export interface PolicyEvaluationInput {
+    intent: import('../common/types.js').Intent;
+    trustScore: import('../common/types.js').TrustScore;
+    trustLevel: import('../common/types.js').TrustLevel;
+    context?: Record<string, unknown>;
+}
+/**
+ * A violation detected by the security policy engine.
+ */
+export interface PolicyViolation {
+    policyId: string;
+    policyName: string;
+    action: 'deny' | 'escalate' | 'limit' | 'monitor';
+    reason: string;
+}
+/**
+ * Interface for security policy engine integration.
+ * The full SecurityPolicyEngine from @vorionsys/security satisfies this interface.
+ * Defined locally to avoid hard dependency in the public SDK package.
+ */
+export interface IPolicyEngine {
+    evaluate(context: PolicyEvaluationInput): PolicyViolation[];
+}
+export interface TrustAwareEnforcementConfig {
+    /** Trust level at or above which intents are auto-approved (default: T4) */
+    autoApproveLevel?: TrustLevel;
+    /** Trust level below which refinement is required (default: T2) */
+    requireRefinementLevel?: TrustLevel;
+    /** Trust level below which intents are auto-denied (default: T0) */
+    autoDenyLevel?: TrustLevel;
+    /** Decision expiration time in ms (default: 1 hour) */
+    decisionExpirationMs?: number;
+    /** Refinement deadline in ms (default: 15 minutes) */
+    refinementDeadlineMs?: number;
+    /** Maximum refinement attempts (default: 3) */
+    maxRefinementAttempts?: number;
+    /** Default constraints for GREEN decisions */
+    defaultConstraints?: Partial<DecisionConstraints>;
+    /** Optional security policy engine for additional policy evaluation */
+    policyEngine?: IPolicyEngine;
+}
+/**
+ * Production enforcement service wired to the Trust Engine.
+ *
+ * Provides real three-tier fluid governance with:
+ * - Trust-based tier determination using live TrustEngine scores
+ * - Risk-aware constraint computation from intent metadata
+ * - Refinement workflow with configurable attempt limits
+ * - Full audit trail via decision/workflow records
+ */
+export declare class TrustAwareEnforcementService implements IEnforcementService {
+    private config;
+    private policy;
+    private decisions;
+    private workflows;
+    private trustEngine;
+    private policyEngine;
+    constructor(trustEngine: TrustEngine | null, config?: TrustAwareEnforcementConfig, policy?: EnforcementPolicy);
+    decide(context: EnforcementContext): Promise<FluidDecisionResult>;
+    refine(request: RefinementRequest, tenantId: ID): Promise<FluidDecisionResult | null>;
+    getDecision(id: ID, tenantId: ID): Promise<FluidDecision | null>;
+    getWorkflow(intentId: ID, tenantId: ID): Promise<WorkflowInstance | null>;
+    setPolicy(policy: EnforcementPolicy): void;
+    /**
+     * Refresh policy configuration at runtime (hot-reload).
+     * Accepts partial updates — only specified fields are changed.
+     * Existing in-flight decisions are not affected.
+     */
+    refreshPolicy(updates: Partial<TrustAwareEnforcementConfig>): void;
+    /**
+     * Get current policy configuration (for inspection/debugging).
+     */
+    getPolicy(): {
+        config: Required<Omit<TrustAwareEnforcementConfig, 'policyEngine'>>;
+        policy: EnforcementPolicy;
+    };
+    /**
+     * Set or replace the security policy engine.
+     * Can be called at runtime to add/swap policy evaluation.
+     */
+    setPolicyEngine(engine: IPolicyEngine | null): void;
+    /**
+     * Get count of active decisions.
+     */
+    decisionCount(): number;
+    /**
+     * Get count of active workflows.
+     */
+    workflowCount(): number;
+    /**
+     * Clear all state (for testing).
+     */
+    clear(): void;
+    private determineTier;
+    private buildReasoning;
+    private tierToState;
+    private getTrustBandName;
+}
+//# sourceMappingURL=trust-aware-enforcement-service.d.ts.map

package/dist/enforce/trust-aware-enforcement-service.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"trust-aware-enforcement-service.d.ts","sourceRoot":"","sources":["../../src/enforce/trust-aware-enforcement-service.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAGH,OAAO,KAAK,EAAE,EAAE,EAAE,UAAU,EAAc,MAAM,oBAAoB,CAAC;AACrE,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AAE5D,OAAO,KAAK,EACV,mBAAmB,EACnB,kBAAkB,EAClB,iBAAiB,EACjB,aAAa,EACb,mBAAmB,EAEnB,mBAAmB,EAEnB,iBAAiB,EACjB,gBAAgB,EAEjB,MAAM,YAAY,CAAC;AAkBpB;;;GAGG;AACH,MAAM,WAAW,qBAAqB;IACpC,MAAM,EAAE,OAAO,oBAAoB,EAAE,MAAM,CAAC;IAC5C,UAAU,EAAE,OAAO,oBAAoB,EAAE,UAAU,CAAC;IACpD,UAAU,EAAE,OAAO,oBAAoB,EAAE,UAAU,CAAC;IACpD,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACnC;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,MAAM,EAAE,MAAM,GAAG,UAAU,GAAG,OAAO,GAAG,SAAS,CAAC;IAClD,MAAM,EAAE,MAAM,CAAC;CAChB;AAED;;;;GAIG;AACH,MAAM,WAAW,aAAa;IAC5B,QAAQ,CAAC,OAAO,EAAE,qBAAqB,GAAG,eAAe,EAAE,CAAC;CAC7D;AAkKD,MAAM,WAAW,2BAA2B;IAC1C,4EAA4E;IAC5E,gBAAgB,CAAC,EAAE,UAAU,CAAC;IAC9B,mEAAmE;IACnE,sBAAsB,CAAC,EAAE,UAAU,CAAC;IACpC,oEAAoE;IACpE,aAAa,CAAC,EAAE,UAAU,CAAC;IAC3B,uDAAuD;IACvD,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,sDAAsD;IACtD,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,+CAA+C;IAC/C,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B,8CAA8C;IAC9C,kBAAkB,CAAC,EAAE,OAAO,CAAC,mBAAmB,CAAC,CAAC;IAClD,uEAAuE;IACvE,YAAY,CAAC,EAAE,aAAa,CAAC;CAC9B;AAgBD;;;;;;;;GAQG;AACH,qBAAa,4BAA6B,YAAW,mBAAmB;IACtE,OAAO,CAAC,MAAM,CAA8D;IAC5E,OAAO,CAAC,MAAM,CAAoB;IAClC,OAAO,CAAC,SAAS,CAAgC;IACjD,OAAO,CAAC,SAAS,CAAmC;IACpD,OAAO,CAAC,WAAW,CAAqB;IACxC,OAAO,CAAC,YAAY,CAAuB;gBAGzC,WAAW,EAAE,WAAW,GAAG,IAAI,EAC/B,MAAM,CAAC,EAAE,2BAA2B,EACpC,MAAM,CAAC,EAAE,iBAAiB;IAsBtB,MAAM,CAAC,OAAO,EAAE,kBAAkB,GAAG,OAAO,CAAC,mBAAmB,CAAC;IA8KjE,MAAM,CAAC,OAAO,EAAE,iBAAiB,EAAE,QAAQ,EAAE,EAAE,GAAG,OAAO,CAAC,mBAAmB,GAAG,IAAI,CAAC;IAqHrF,WAAW,CAAC,EAAE,EAAE,EAAE,EAAE,QAAQ,EAAE,EAAE,GAAG,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC;IAYhE,WAAW,CAAC,QAAQ,EAAE,EAAE,EAAE,QAAQ,EAAE,EAAE,GAAG,OAAO,CAAC,gBAAgB,GAAG,IAAI,CAAC;IAM/E,SAAS,CAAC,MAAM,EAAE,iBAAiB,GAAG,IAAI;IAW1C;;;;OAIG;IACH,aAAa,CAAC,OAAO,EAAE,OAAO,CAAC,2BAA2B,CAAC,GAAG,IAAI;IAwBlE;;OAEG;IACH,SAAS,IAAI;QAAE,MAAM,EAAE,QAAQ,CAAC,IAAI,CAAC,2BAA2B,EAAE,cAAc,CAAC,CAAC,CAAC;QAAC,MAAM,EAAE,iBAAiB,CAAA;KAAE;IAQ/G;;;OAGG;IACH,eAAe,CAAC,MAAM,EAAE,aAAa,GAAG,IAAI,GAAG,IAAI;IAQnD;;OAEG;IACH,aAAa,IAAI,MAAM;IAIvB;;OAEG;IACH,aAAa,IAAI,MAAM;IAIvB;;OAEG;IACH,KAAK,IAAI,IAAI;IASb,OAAO,CAAC,aAAa;IAkCrB,OAAO,CAAC,cAAc;IAgCtB,OAAO,CAAC,WAAW;IAQnB,OAAO,CAAC,gBAAgB;CAGzB"}