@vorionsys/atsf-core 0.2.3 → 0.2.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/api/index.d.ts +1 -1
- package/dist/api/index.js +1 -1
- package/dist/api/server.d.ts +2 -2
- package/dist/api/server.d.ts.map +1 -1
- package/dist/api/server.js +147 -184
- package/dist/api/server.js.map +1 -1
- package/dist/arbitration/index.d.ts +4 -4
- package/dist/arbitration/index.d.ts.map +1 -1
- package/dist/arbitration/index.js +41 -46
- package/dist/arbitration/index.js.map +1 -1
- package/dist/arbitration/types.d.ts +10 -10
- package/dist/arbitration/types.d.ts.map +1 -1
- package/dist/basis/evaluator.d.ts +1 -1
- package/dist/basis/evaluator.d.ts.map +1 -1
- package/dist/basis/evaluator.js +54 -56
- package/dist/basis/evaluator.js.map +1 -1
- package/dist/basis/index.d.ts +3 -3
- package/dist/basis/index.js +3 -3
- package/dist/basis/parser.d.ts +2 -2
- package/dist/basis/parser.d.ts.map +1 -1
- package/dist/basis/parser.js +25 -32
- package/dist/basis/parser.js.map +1 -1
- package/dist/basis/types.d.ts +2 -2
- package/dist/chain/index.d.ts.map +1 -1
- package/dist/chain/index.js +16 -16
- package/dist/chain/index.js.map +1 -1
- package/dist/cognigate/index.d.ts +1 -1
- package/dist/cognigate/index.d.ts.map +1 -1
- package/dist/cognigate/index.js +33 -44
- package/dist/cognigate/index.js.map +1 -1
- package/dist/common/adapters.d.ts +4 -4
- package/dist/common/adapters.d.ts.map +1 -1
- package/dist/common/adapters.js +52 -62
- package/dist/common/adapters.js.map +1 -1
- package/dist/common/config.d.ts +69 -68
- package/dist/common/config.d.ts.map +1 -1
- package/dist/common/config.js +50 -50
- package/dist/common/config.js.map +1 -1
- package/dist/common/index.d.ts +4 -4
- package/dist/common/index.js +4 -4
- package/dist/common/logger.d.ts +1 -1
- package/dist/common/logger.js +8 -8
- package/dist/common/types.d.ts +5 -5
- package/dist/common/types.js +5 -5
- package/dist/containment/index.d.ts +3 -3
- package/dist/containment/index.d.ts.map +1 -1
- package/dist/containment/index.js +105 -119
- package/dist/containment/index.js.map +1 -1
- package/dist/containment/types.d.ts +11 -11
- package/dist/containment/types.d.ts.map +1 -1
- package/dist/contracts/index.d.ts +9 -9
- package/dist/contracts/index.d.ts.map +1 -1
- package/dist/contracts/index.js +54 -59
- package/dist/contracts/index.js.map +1 -1
- package/dist/contracts/types.d.ts +12 -12
- package/dist/contracts/types.d.ts.map +1 -1
- package/dist/crewai/callback.d.ts +2 -2
- package/dist/crewai/callback.d.ts.map +1 -1
- package/dist/crewai/callback.js +27 -27
- package/dist/crewai/callback.js.map +1 -1
- package/dist/crewai/executor.d.ts +95 -4
- package/dist/crewai/executor.d.ts.map +1 -1
- package/dist/crewai/executor.js +457 -16
- package/dist/crewai/executor.js.map +1 -1
- package/dist/crewai/index.d.ts +4 -4
- package/dist/crewai/index.js +4 -4
- package/dist/crewai/tools.d.ts +1 -1
- package/dist/crewai/tools.d.ts.map +1 -1
- package/dist/crewai/tools.js +38 -39
- package/dist/crewai/tools.js.map +1 -1
- package/dist/crewai/types.d.ts +66 -3
- package/dist/crewai/types.d.ts.map +1 -1
- package/dist/enforce/index.d.ts +229 -7
- package/dist/enforce/index.d.ts.map +1 -1
- package/dist/enforce/index.js +52 -80
- package/dist/enforce/index.js.map +1 -1
- package/dist/enforce/trust-aware-enforcement-service.d.ts +8 -8
- package/dist/enforce/trust-aware-enforcement-service.d.ts.map +1 -1
- package/dist/enforce/trust-aware-enforcement-service.js +107 -125
- package/dist/enforce/trust-aware-enforcement-service.js.map +1 -1
- package/dist/governance/fluid-workflow.d.ts +8 -8
- package/dist/governance/fluid-workflow.d.ts.map +1 -1
- package/dist/governance/fluid-workflow.js +86 -114
- package/dist/governance/fluid-workflow.js.map +1 -1
- package/dist/governance/index.d.ts +7 -7
- package/dist/governance/index.d.ts.map +1 -1
- package/dist/governance/index.js +74 -81
- package/dist/governance/index.js.map +1 -1
- package/dist/governance/proof-bridge.d.ts +6 -6
- package/dist/governance/proof-bridge.d.ts.map +1 -1
- package/dist/governance/proof-bridge.js +5 -5
- package/dist/governance/proof-bridge.js.map +1 -1
- package/dist/governance/types.d.ts +9 -16
- package/dist/governance/types.d.ts.map +1 -1
- package/dist/governance/types.js.map +1 -1
- package/dist/index.d.ts +27 -29
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +25 -31
- package/dist/index.js.map +1 -1
- package/dist/intent/index.d.ts +55 -5
- package/dist/intent/index.d.ts.map +1 -1
- package/dist/intent/index.js +21 -24
- package/dist/intent/index.js.map +1 -1
- package/dist/intent/persistent-intent-service.d.ts +2 -2
- package/dist/intent/persistent-intent-service.d.ts.map +1 -1
- package/dist/intent/persistent-intent-service.js +31 -43
- package/dist/intent/persistent-intent-service.js.map +1 -1
- package/dist/intent/supabase-intent-repository.d.ts +124 -0
- package/dist/intent/supabase-intent-repository.d.ts.map +1 -0
- package/dist/intent/supabase-intent-repository.js +404 -0
- package/dist/intent/supabase-intent-repository.js.map +1 -0
- package/dist/langchain/callback.d.ts +2 -2
- package/dist/langchain/callback.d.ts.map +1 -1
- package/dist/langchain/callback.js +30 -30
- package/dist/langchain/callback.js.map +1 -1
- package/dist/langchain/executor.d.ts +4 -4
- package/dist/langchain/executor.d.ts.map +1 -1
- package/dist/langchain/executor.js +80 -82
- package/dist/langchain/executor.js.map +1 -1
- package/dist/langchain/index.d.ts +5 -5
- package/dist/langchain/index.js +5 -5
- package/dist/langchain/tools.d.ts +1 -1
- package/dist/langchain/tools.d.ts.map +1 -1
- package/dist/langchain/tools.js +34 -36
- package/dist/langchain/tools.js.map +1 -1
- package/dist/langchain/types.d.ts +3 -3
- package/dist/langchain/types.d.ts.map +1 -1
- package/dist/layers/implementations/L0-request-format.d.ts +2 -2
- package/dist/layers/implementations/L0-request-format.d.ts.map +1 -1
- package/dist/layers/implementations/L0-request-format.js +52 -54
- package/dist/layers/implementations/L0-request-format.js.map +1 -1
- package/dist/layers/implementations/L1-input-size.d.ts +2 -2
- package/dist/layers/implementations/L1-input-size.d.ts.map +1 -1
- package/dist/layers/implementations/L1-input-size.js +39 -49
- package/dist/layers/implementations/L1-input-size.js.map +1 -1
- package/dist/layers/implementations/L2-charset-sanitizer.d.ts +2 -2
- package/dist/layers/implementations/L2-charset-sanitizer.d.ts.map +1 -1
- package/dist/layers/implementations/L2-charset-sanitizer.js +71 -81
- package/dist/layers/implementations/L2-charset-sanitizer.js.map +1 -1
- package/dist/layers/implementations/L3-schema-conformance.d.ts +3 -3
- package/dist/layers/implementations/L3-schema-conformance.d.ts.map +1 -1
- package/dist/layers/implementations/L3-schema-conformance.js +73 -82
- package/dist/layers/implementations/L3-schema-conformance.js.map +1 -1
- package/dist/layers/implementations/L4-injection-detector.d.ts +4 -4
- package/dist/layers/implementations/L4-injection-detector.d.ts.map +1 -1
- package/dist/layers/implementations/L4-injection-detector.js +81 -85
- package/dist/layers/implementations/L4-injection-detector.js.map +1 -1
- package/dist/layers/implementations/L5-rate-limiter.d.ts +2 -2
- package/dist/layers/implementations/L5-rate-limiter.d.ts.map +1 -1
- package/dist/layers/implementations/L5-rate-limiter.js +20 -20
- package/dist/layers/implementations/L5-rate-limiter.js.map +1 -1
- package/dist/layers/implementations/index.d.ts +6 -6
- package/dist/layers/implementations/index.d.ts.map +1 -1
- package/dist/layers/implementations/index.js +6 -6
- package/dist/layers/implementations/index.js.map +1 -1
- package/dist/layers/index.d.ts +3 -3
- package/dist/layers/index.d.ts.map +1 -1
- package/dist/layers/index.js +71 -99
- package/dist/layers/index.js.map +1 -1
- package/dist/layers/types.d.ts +16 -16
- package/dist/layers/types.d.ts.map +1 -1
- package/dist/persistence/file.d.ts +3 -3
- package/dist/persistence/file.d.ts.map +1 -1
- package/dist/persistence/file.js +28 -32
- package/dist/persistence/file.js.map +1 -1
- package/dist/persistence/index.d.ts +7 -7
- package/dist/persistence/index.d.ts.map +1 -1
- package/dist/persistence/index.js +18 -18
- package/dist/persistence/index.js.map +1 -1
- package/dist/persistence/memory.d.ts +3 -3
- package/dist/persistence/memory.d.ts.map +1 -1
- package/dist/persistence/memory.js +8 -10
- package/dist/persistence/memory.js.map +1 -1
- package/dist/persistence/sqlite.d.ts +3 -3
- package/dist/persistence/sqlite.d.ts.map +1 -1
- package/dist/persistence/sqlite.js +40 -39
- package/dist/persistence/sqlite.js.map +1 -1
- package/dist/persistence/supabase.d.ts +3 -3
- package/dist/persistence/supabase.d.ts.map +1 -1
- package/dist/persistence/supabase.js +45 -43
- package/dist/persistence/supabase.js.map +1 -1
- package/dist/persistence/types.d.ts +5 -5
- package/dist/phase6/ceiling.d.ts +5 -5
- package/dist/phase6/ceiling.d.ts.map +1 -1
- package/dist/phase6/ceiling.js +36 -69
- package/dist/phase6/ceiling.js.map +1 -1
- package/dist/phase6/context.d.ts +3 -3
- package/dist/phase6/context.d.ts.map +1 -1
- package/dist/phase6/context.js +47 -93
- package/dist/phase6/context.js.map +1 -1
- package/dist/phase6/index.d.ts +12 -12
- package/dist/phase6/index.d.ts.map +1 -1
- package/dist/phase6/index.js +15 -15
- package/dist/phase6/index.js.map +1 -1
- package/dist/phase6/presets.d.ts +2 -2
- package/dist/phase6/presets.d.ts.map +1 -1
- package/dist/phase6/presets.js +33 -39
- package/dist/phase6/presets.js.map +1 -1
- package/dist/phase6/provenance.d.ts +4 -4
- package/dist/phase6/provenance.d.ts.map +1 -1
- package/dist/phase6/provenance.js +35 -42
- package/dist/phase6/provenance.js.map +1 -1
- package/dist/phase6/role-gates/index.d.ts +2 -2
- package/dist/phase6/role-gates/index.js +2 -2
- package/dist/phase6/role-gates/kernel.d.ts.map +1 -1
- package/dist/phase6/role-gates/kernel.js +16 -16
- package/dist/phase6/role-gates/kernel.js.map +1 -1
- package/dist/phase6/role-gates/policy.d.ts +2 -2
- package/dist/phase6/role-gates/policy.js +6 -6
- package/dist/phase6/role-gates.d.ts +4 -4
- package/dist/phase6/role-gates.d.ts.map +1 -1
- package/dist/phase6/role-gates.js +58 -80
- package/dist/phase6/role-gates.js.map +1 -1
- package/dist/phase6/types.d.ts +20 -19
- package/dist/phase6/types.d.ts.map +1 -1
- package/dist/phase6/types.js +82 -177
- package/dist/phase6/types.js.map +1 -1
- package/dist/phase6/weight-presets/canonical.d.ts.map +1 -1
- package/dist/phase6/weight-presets/canonical.js +10 -10
- package/dist/phase6/weight-presets/canonical.js.map +1 -1
- package/dist/phase6/weight-presets/deltas.d.ts +2 -2
- package/dist/phase6/weight-presets/deltas.d.ts.map +1 -1
- package/dist/phase6/weight-presets/deltas.js +27 -27
- package/dist/phase6/weight-presets/deltas.js.map +1 -1
- package/dist/phase6/weight-presets/index.d.ts +3 -3
- package/dist/phase6/weight-presets/index.js +3 -3
- package/dist/phase6/weight-presets/merger.d.ts +2 -2
- package/dist/phase6/weight-presets/merger.d.ts.map +1 -1
- package/dist/phase6/weight-presets/merger.js +43 -39
- package/dist/phase6/weight-presets/merger.js.map +1 -1
- package/dist/proof/index.d.ts +3 -3
- package/dist/proof/index.d.ts.map +1 -1
- package/dist/proof/index.js +38 -44
- package/dist/proof/index.js.map +1 -1
- package/dist/proof/merkle.d.ts +24 -3
- package/dist/proof/merkle.d.ts.map +1 -1
- package/dist/proof/merkle.js +116 -32
- package/dist/proof/merkle.js.map +1 -1
- package/dist/proof/zk-proofs.d.ts +6 -6
- package/dist/proof/zk-proofs.d.ts.map +1 -1
- package/dist/proof/zk-proofs.js +43 -42
- package/dist/proof/zk-proofs.js.map +1 -1
- package/dist/provenance/index.d.ts +3 -3
- package/dist/provenance/index.d.ts.map +1 -1
- package/dist/provenance/index.js +17 -19
- package/dist/provenance/index.js.map +1 -1
- package/dist/provenance/types.d.ts +4 -4
- package/dist/provenance/types.d.ts.map +1 -1
- package/dist/sandbox-training/challenges.d.ts +1 -1
- package/dist/sandbox-training/challenges.d.ts.map +1 -1
- package/dist/sandbox-training/challenges.js +228 -228
- package/dist/sandbox-training/challenges.js.map +1 -1
- package/dist/sandbox-training/graduation.d.ts +1 -1
- package/dist/sandbox-training/graduation.d.ts.map +1 -1
- package/dist/sandbox-training/graduation.js +15 -14
- package/dist/sandbox-training/graduation.js.map +1 -1
- package/dist/sandbox-training/index.d.ts +9 -9
- package/dist/sandbox-training/index.d.ts.map +1 -1
- package/dist/sandbox-training/index.js +6 -6
- package/dist/sandbox-training/index.js.map +1 -1
- package/dist/sandbox-training/promotion-service.d.ts +4 -4
- package/dist/sandbox-training/promotion-service.d.ts.map +1 -1
- package/dist/sandbox-training/promotion-service.js +5 -5
- package/dist/sandbox-training/promotion-service.js.map +1 -1
- package/dist/sandbox-training/runner.d.ts +1 -1
- package/dist/sandbox-training/runner.d.ts.map +1 -1
- package/dist/sandbox-training/runner.js +73 -74
- package/dist/sandbox-training/runner.js.map +1 -1
- package/dist/sandbox-training/scorer.d.ts +4 -4
- package/dist/sandbox-training/scorer.js +5 -5
- package/dist/sandbox-training/types.d.ts +4 -4
- package/dist/sandbox-training/types.d.ts.map +1 -1
- package/dist/sandbox-training/types.js +7 -11
- package/dist/sandbox-training/types.js.map +1 -1
- package/dist/trust-engine/ceiling-enforcement/audit.d.ts +1 -1
- package/dist/trust-engine/ceiling-enforcement/audit.d.ts.map +1 -1
- package/dist/trust-engine/ceiling-enforcement/audit.js +4 -3
- package/dist/trust-engine/ceiling-enforcement/audit.js.map +1 -1
- package/dist/trust-engine/ceiling-enforcement/index.d.ts +2 -2
- package/dist/trust-engine/ceiling-enforcement/index.js +2 -2
- package/dist/trust-engine/ceiling-enforcement/kernel.d.ts +12 -10
- package/dist/trust-engine/ceiling-enforcement/kernel.d.ts.map +1 -1
- package/dist/trust-engine/ceiling-enforcement/kernel.js +26 -20
- package/dist/trust-engine/ceiling-enforcement/kernel.js.map +1 -1
- package/dist/trust-engine/context-policy/enforcement.d.ts.map +1 -1
- package/dist/trust-engine/context-policy/factory.d.ts +1 -1
- package/dist/trust-engine/context-policy/factory.d.ts.map +1 -1
- package/dist/trust-engine/context-policy/factory.js +1 -1
- package/dist/trust-engine/context-policy/factory.js.map +1 -1
- package/dist/trust-engine/context-policy/index.d.ts +2 -2
- package/dist/trust-engine/context-policy/index.js +2 -2
- package/dist/trust-engine/creation-modifiers/index.d.ts +1 -1
- package/dist/trust-engine/creation-modifiers/index.js +1 -1
- package/dist/trust-engine/creation-modifiers/types.d.ts.map +1 -1
- package/dist/trust-engine/creation-modifiers/types.js +3 -2
- package/dist/trust-engine/creation-modifiers/types.js.map +1 -1
- package/dist/trust-engine/decay-profiles.d.ts +37 -136
- package/dist/trust-engine/decay-profiles.d.ts.map +1 -1
- package/dist/trust-engine/decay-profiles.js +68 -178
- package/dist/trust-engine/decay-profiles.js.map +1 -1
- package/dist/trust-engine/index.d.ts +135 -168
- package/dist/trust-engine/index.d.ts.map +1 -1
- package/dist/trust-engine/index.js +239 -525
- package/dist/trust-engine/index.js.map +1 -1
- package/dist/trust-engine/phase6-types.d.ts +18 -11
- package/dist/trust-engine/phase6-types.d.ts.map +1 -1
- package/dist/trust-engine/phase6-types.js +33 -29
- package/dist/trust-engine/phase6-types.js.map +1 -1
- package/package.json +1 -1
- package/dist/enforce/types.d.ts +0 -234
- package/dist/enforce/types.d.ts.map +0 -1
- package/dist/enforce/types.js +0 -10
- package/dist/enforce/types.js.map +0 -1
- package/dist/intent/types.d.ts +0 -69
- package/dist/intent/types.d.ts.map +0 -1
- package/dist/intent/types.js +0 -10
- package/dist/intent/types.js.map +0 -1
- package/dist/intent-gateway/index.d.ts +0 -522
- package/dist/intent-gateway/index.d.ts.map +0 -1
- package/dist/intent-gateway/index.js +0 -1499
- package/dist/intent-gateway/index.js.map +0 -1
- package/dist/trust-engine/types.d.ts +0 -77
- package/dist/trust-engine/types.d.ts.map +0 -1
- package/dist/trust-engine/types.js +0 -20
- package/dist/trust-engine/types.js.map +0 -1
package/dist/enforce/index.js
CHANGED
|
@@ -13,14 +13,13 @@
|
|
|
13
13
|
*
|
|
14
14
|
* @packageDocumentation
|
|
15
15
|
*/
|
|
16
|
-
import { createLogger } from
|
|
17
|
-
|
|
18
|
-
const logger = createLogger({ component: "enforce" });
|
|
16
|
+
import { createLogger } from '../common/logger.js';
|
|
17
|
+
const logger = createLogger({ component: 'enforce' });
|
|
19
18
|
// =============================================================================
|
|
20
19
|
// MOCK IMPLEMENTATION
|
|
21
20
|
// =============================================================================
|
|
22
21
|
const DEFAULT_POLICY = {
|
|
23
|
-
defaultAction:
|
|
22
|
+
defaultAction: 'deny',
|
|
24
23
|
trustThresholds: {
|
|
25
24
|
autoApproveLevel: 4,
|
|
26
25
|
requireRefinementLevel: 2,
|
|
@@ -58,7 +57,7 @@ export class MockEnforcementService {
|
|
|
58
57
|
agentId: intent.entityId,
|
|
59
58
|
correlationId,
|
|
60
59
|
tier,
|
|
61
|
-
permitted: tier ===
|
|
60
|
+
permitted: tier === 'GREEN',
|
|
62
61
|
trustBand: `T${trustLevel}_${this.getTrustBandName(trustLevel)}`,
|
|
63
62
|
trustScore,
|
|
64
63
|
reasoning: this.buildReasoning(tier, evaluation, trustLevel),
|
|
@@ -68,10 +67,10 @@ export class MockEnforcementService {
|
|
|
68
67
|
latencyMs: 1,
|
|
69
68
|
};
|
|
70
69
|
// Add constraints for GREEN
|
|
71
|
-
if (tier ===
|
|
70
|
+
if (tier === 'GREEN') {
|
|
72
71
|
decision.constraints = {
|
|
73
|
-
allowedTools: [
|
|
74
|
-
dataScopes: [
|
|
72
|
+
allowedTools: ['*'],
|
|
73
|
+
dataScopes: ['*'],
|
|
75
74
|
rateLimits: [],
|
|
76
75
|
requiredApprovals: [],
|
|
77
76
|
reversibilityRequired: false,
|
|
@@ -79,29 +78,29 @@ export class MockEnforcementService {
|
|
|
79
78
|
};
|
|
80
79
|
}
|
|
81
80
|
// Add refinement options for YELLOW
|
|
82
|
-
if (tier ===
|
|
81
|
+
if (tier === 'YELLOW') {
|
|
83
82
|
decision.refinementDeadline = new Date(Date.now() + (this.policy.refinementDeadlineMs ?? 900000)).toISOString();
|
|
84
83
|
decision.maxRefinementAttempts = this.policy.maxRefinementAttempts ?? 3;
|
|
85
84
|
decision.refinementOptions = [
|
|
86
85
|
{
|
|
87
86
|
id: crypto.randomUUID(),
|
|
88
|
-
action:
|
|
89
|
-
description:
|
|
87
|
+
action: 'ADD_CONSTRAINTS',
|
|
88
|
+
description: 'Accept additional constraints',
|
|
90
89
|
successProbability: 0.9,
|
|
91
|
-
effort:
|
|
90
|
+
effort: 'low',
|
|
92
91
|
},
|
|
93
92
|
{
|
|
94
93
|
id: crypto.randomUUID(),
|
|
95
|
-
action:
|
|
96
|
-
description:
|
|
94
|
+
action: 'REQUEST_APPROVAL',
|
|
95
|
+
description: 'Request human approval',
|
|
97
96
|
successProbability: 0.7,
|
|
98
|
-
effort:
|
|
97
|
+
effort: 'medium',
|
|
99
98
|
},
|
|
100
99
|
];
|
|
101
100
|
}
|
|
102
101
|
// Add denial details for RED
|
|
103
|
-
if (tier ===
|
|
104
|
-
decision.denialReason =
|
|
102
|
+
if (tier === 'RED') {
|
|
103
|
+
decision.denialReason = 'policy_violation';
|
|
105
104
|
decision.hardDenial = true;
|
|
106
105
|
}
|
|
107
106
|
this.decisions.set(decision.id, decision);
|
|
@@ -115,42 +114,32 @@ export class MockEnforcementService {
|
|
|
115
114
|
state: this.tierToState(tier),
|
|
116
115
|
currentDecisionId: decision.id,
|
|
117
116
|
stateHistory: [
|
|
118
|
-
{
|
|
119
|
-
from: "SUBMITTED",
|
|
120
|
-
to: this.tierToState(tier),
|
|
121
|
-
reason: `Decision: ${tier}`,
|
|
122
|
-
timestamp: now,
|
|
123
|
-
},
|
|
117
|
+
{ from: 'SUBMITTED', to: this.tierToState(tier), reason: `Decision: ${tier}`, timestamp: now },
|
|
124
118
|
],
|
|
125
119
|
createdAt: now,
|
|
126
120
|
updatedAt: now,
|
|
127
121
|
expiresAt: decision.expiresAt,
|
|
128
122
|
};
|
|
129
123
|
this.workflows.set(intent.id, workflow);
|
|
130
|
-
logger.info({ decisionId: decision.id, intentId: intent.id, tier },
|
|
131
|
-
return {
|
|
132
|
-
decision,
|
|
133
|
-
workflow,
|
|
134
|
-
tier,
|
|
135
|
-
refinementOptions: decision.refinementOptions,
|
|
136
|
-
};
|
|
124
|
+
logger.info({ decisionId: decision.id, intentId: intent.id, tier }, 'Enforcement decision made (mock)');
|
|
125
|
+
return { decision, workflow, tier, refinementOptions: decision.refinementOptions };
|
|
137
126
|
}
|
|
138
127
|
async refine(request, tenantId) {
|
|
139
128
|
const original = this.decisions.get(request.decisionId);
|
|
140
|
-
if (!original || original.tier !==
|
|
129
|
+
if (!original || original.tier !== 'YELLOW')
|
|
141
130
|
return null;
|
|
142
131
|
const now = new Date().toISOString();
|
|
143
132
|
// Create refined decision (simple: just upgrade to GREEN)
|
|
144
133
|
const refined = {
|
|
145
134
|
...original,
|
|
146
135
|
id: crypto.randomUUID(),
|
|
147
|
-
tier:
|
|
136
|
+
tier: 'GREEN',
|
|
148
137
|
permitted: true,
|
|
149
138
|
refinementAttempt: original.refinementAttempt + 1,
|
|
150
|
-
reasoning: [
|
|
139
|
+
reasoning: ['Refined to GREEN after applying constraints'],
|
|
151
140
|
constraints: {
|
|
152
|
-
allowedTools: [
|
|
153
|
-
dataScopes: [
|
|
141
|
+
allowedTools: ['*'],
|
|
142
|
+
dataScopes: ['*'],
|
|
154
143
|
rateLimits: [],
|
|
155
144
|
requiredApprovals: [],
|
|
156
145
|
reversibilityRequired: true,
|
|
@@ -162,17 +151,17 @@ export class MockEnforcementService {
|
|
|
162
151
|
// Update workflow
|
|
163
152
|
const workflow = this.workflows.get(original.intentId);
|
|
164
153
|
if (workflow) {
|
|
165
|
-
workflow.state =
|
|
154
|
+
workflow.state = 'APPROVED';
|
|
166
155
|
workflow.currentDecisionId = refined.id;
|
|
167
156
|
workflow.updatedAt = now;
|
|
168
157
|
workflow.stateHistory.push({
|
|
169
|
-
from:
|
|
170
|
-
to:
|
|
171
|
-
reason:
|
|
158
|
+
from: 'PENDING_REFINEMENT',
|
|
159
|
+
to: 'APPROVED',
|
|
160
|
+
reason: 'Refined to GREEN',
|
|
172
161
|
timestamp: now,
|
|
173
162
|
});
|
|
174
163
|
}
|
|
175
|
-
return { decision: refined, workflow: workflow, tier:
|
|
164
|
+
return { decision: refined, workflow: workflow, tier: 'GREEN' };
|
|
176
165
|
}
|
|
177
166
|
async getDecision(id, tenantId) {
|
|
178
167
|
const decision = this.decisions.get(id);
|
|
@@ -187,43 +176,30 @@ export class MockEnforcementService {
|
|
|
187
176
|
}
|
|
188
177
|
determineTier(evaluation, trustLevel) {
|
|
189
178
|
const thresholds = this.policy.trustThresholds;
|
|
190
|
-
if (evaluation.violatedRules.some((r) => r.action ===
|
|
191
|
-
return
|
|
179
|
+
if (evaluation.violatedRules.some((r) => r.action === 'deny' || r.action === 'terminate')) {
|
|
180
|
+
return 'RED';
|
|
192
181
|
}
|
|
193
182
|
if (trustLevel < thresholds.autoDenyLevel)
|
|
194
|
-
return
|
|
183
|
+
return 'RED';
|
|
195
184
|
if (trustLevel < thresholds.requireRefinementLevel)
|
|
196
|
-
return
|
|
185
|
+
return 'YELLOW';
|
|
197
186
|
if (trustLevel >= thresholds.autoApproveLevel && evaluation.passed)
|
|
198
|
-
return
|
|
199
|
-
return
|
|
187
|
+
return 'GREEN';
|
|
188
|
+
return 'YELLOW';
|
|
200
189
|
}
|
|
201
190
|
buildReasoning(tier, evaluation, trustLevel) {
|
|
202
|
-
if (tier ===
|
|
203
|
-
return [
|
|
204
|
-
if (tier ===
|
|
205
|
-
return [
|
|
206
|
-
return [
|
|
191
|
+
if (tier === 'GREEN')
|
|
192
|
+
return ['All checks passed', `Trust T${trustLevel} meets requirements`];
|
|
193
|
+
if (tier === 'YELLOW')
|
|
194
|
+
return ['Refinement options available'];
|
|
195
|
+
return ['Policy violation', 'Request cannot proceed'];
|
|
207
196
|
}
|
|
208
197
|
tierToState(tier) {
|
|
209
|
-
return tier ===
|
|
210
|
-
? "APPROVED"
|
|
211
|
-
: tier === "YELLOW"
|
|
212
|
-
? "PENDING_REFINEMENT"
|
|
213
|
-
: "DENIED";
|
|
198
|
+
return tier === 'GREEN' ? 'APPROVED' : tier === 'YELLOW' ? 'PENDING_REFINEMENT' : 'DENIED';
|
|
214
199
|
}
|
|
215
200
|
getTrustBandName(level) {
|
|
216
|
-
const names = [
|
|
217
|
-
|
|
218
|
-
"OBSERVED",
|
|
219
|
-
"PROVISIONAL",
|
|
220
|
-
"MONITORED",
|
|
221
|
-
"STANDARD",
|
|
222
|
-
"TRUSTED",
|
|
223
|
-
"CERTIFIED",
|
|
224
|
-
"AUTONOMOUS",
|
|
225
|
-
];
|
|
226
|
-
return names[level] ?? "SANDBOX";
|
|
201
|
+
const names = ['SANDBOX', 'OBSERVED', 'PROVISIONAL', 'MONITORED', 'STANDARD', 'TRUSTED', 'CERTIFIED', 'AUTONOMOUS'];
|
|
202
|
+
return names[level] ?? 'SANDBOX';
|
|
227
203
|
}
|
|
228
204
|
clear() {
|
|
229
205
|
this.decisions.clear();
|
|
@@ -255,7 +231,7 @@ export function setEnforcementService(service) {
|
|
|
255
231
|
*/
|
|
256
232
|
export function getEnforcementService() {
|
|
257
233
|
if (!enforcementService) {
|
|
258
|
-
throw new Error(
|
|
234
|
+
throw new Error('No enforcement service backend configured. Pass a real EnforcementService implementation or see docs for setup.');
|
|
259
235
|
}
|
|
260
236
|
return enforcementService;
|
|
261
237
|
}
|
|
@@ -266,7 +242,7 @@ export function getEnforcementService() {
|
|
|
266
242
|
*/
|
|
267
243
|
export function createEnforcementService(service) {
|
|
268
244
|
if (!service) {
|
|
269
|
-
throw new Error(
|
|
245
|
+
throw new Error('No enforcement service backend configured. Pass a real EnforcementService implementation or see docs for setup.');
|
|
270
246
|
}
|
|
271
247
|
return service;
|
|
272
248
|
}
|
|
@@ -279,21 +255,18 @@ export function createMockEnforcementService(policy) {
|
|
|
279
255
|
// =============================================================================
|
|
280
256
|
// PRODUCTION IMPLEMENTATION
|
|
281
257
|
// =============================================================================
|
|
282
|
-
export { TrustAwareEnforcementService } from
|
|
283
|
-
// =============================================================================
|
|
284
|
-
// POLICY COMPOSITION
|
|
285
|
-
// =============================================================================
|
|
258
|
+
export { TrustAwareEnforcementService } from './trust-aware-enforcement-service.js';
|
|
286
259
|
/**
|
|
287
|
-
* Compose policies with AND
|
|
260
|
+
* Compose policies with AND — all must pass for the combined policy to pass.
|
|
288
261
|
*/
|
|
289
262
|
export function allOf(...predicates) {
|
|
290
|
-
return (context) => predicates.every(
|
|
263
|
+
return (context) => predicates.every(p => p(context));
|
|
291
264
|
}
|
|
292
265
|
/**
|
|
293
|
-
* Compose policies with OR
|
|
266
|
+
* Compose policies with OR — at least one must pass.
|
|
294
267
|
*/
|
|
295
268
|
export function anyOf(...predicates) {
|
|
296
|
-
return (context) => predicates.some(
|
|
269
|
+
return (context) => predicates.some(p => p(context));
|
|
297
270
|
}
|
|
298
271
|
/**
|
|
299
272
|
* Negate a policy predicate.
|
|
@@ -312,10 +285,9 @@ export const PolicyPredicates = {
|
|
|
312
285
|
/** Data sensitivity is at most the given level */
|
|
313
286
|
maxSensitivity: (level) => {
|
|
314
287
|
const order = { PUBLIC: 0, INTERNAL: 1, CONFIDENTIAL: 2, RESTRICTED: 3 };
|
|
315
|
-
return (ctx) => order[(ctx.intent.dataSensitivity ??
|
|
316
|
-
order[level];
|
|
288
|
+
return (ctx) => order[(ctx.intent.dataSensitivity ?? 'PUBLIC')] <= order[level];
|
|
317
289
|
},
|
|
318
290
|
/** Action is reversible */
|
|
319
|
-
isReversible: () => (ctx) => ctx.intent.reversibility !==
|
|
291
|
+
isReversible: () => (ctx) => ctx.intent.reversibility !== 'IRREVERSIBLE',
|
|
320
292
|
};
|
|
321
293
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/enforce/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/enforce/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AAWnD,MAAM,MAAM,GAAG,YAAY,CAAC,EAAE,SAAS,EAAE,SAAS,EAAE,CAAC,CAAC;AA+RtD,gFAAgF;AAChF,sBAAsB;AACtB,gFAAgF;AAEhF,MAAM,cAAc,GAAsB;IACxC,aAAa,EAAE,MAAM;IACrB,eAAe,EAAE;QACf,gBAAgB,EAAE,CAAC;QACnB,sBAAsB,EAAE,CAAC;QACzB,aAAa,EAAE,CAAC;KACjB;IACD,oBAAoB,EAAE,OAAO;IAC7B,oBAAoB,EAAE,MAAM;IAC5B,qBAAqB,EAAE,CAAC;CACzB,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,OAAO,sBAAsB;IACzB,MAAM,CAAoB;IAC1B,SAAS,GAA2B,IAAI,GAAG,EAAE,CAAC;IAC9C,SAAS,GAA8B,IAAI,GAAG,EAAE,CAAC;IAEzD,YAAY,MAA0B;QACpC,IAAI,CAAC,MAAM,GAAG,EAAE,GAAG,cAAc,EAAE,GAAG,MAAM,EAAE,CAAC;IACjD,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,OAA2B;QACtC,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC;QACzE,MAAM,aAAa,GAAG,OAAO,CAAC,aAAa,IAAI,MAAM,CAAC,UAAU,EAAE,CAAC;QACnE,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QAErC,iBAAiB;QACjB,MAAM,IAAI,GAAG,IAAI,CAAC,aAAa,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;QAExD,kBAAkB;QAClB,MAAM,QAAQ,GAAkB;YAC9B,EAAE,EAAE,MAAM,CAAC,UAAU,EAAE;YACvB,QAAQ;YACR,QAAQ,EAAE,MAAM,CAAC,EAAE;YACnB,OAAO,EAAE,MAAM,CAAC,QAAQ;YACxB,aAAa;YACb,IAAI;YACJ,SAAS,EAAE,IAAI,KAAK,OAAO;YAC3B,SAAS,EAAE,IAAI,UAAU,IAAI,IAAI,CAAC,gBAAgB,CAAC,UAAU,CAAC,EAAE;YAChE,UAAU;YACV,SAAS,EAAE,IAAI,CAAC,cAAc,CAAC,IAAI,EAAE,UAAU,EAAE,UAAU,CAAC;YAC5D,iBAAiB,EAAE,CAAC;YACpB,SAAS,EAAE,GAAG;YACd,SAAS,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,oBAAoB,IAAI,OAAO,CAAC,CAAC,CAAC,WAAW,EAAE;YAC7F,SAAS,EAAE,CAAC;SACb,CAAC;QAEF,4BAA4B;QAC5B,IAAI,IAAI,KAAK,OAAO,EAAE,CAAC;YACrB,QAAQ,CAAC,WAAW,GAAG;gBACrB,YAAY,EAAE,CAAC,GAAG,CAAC;gBACnB,UAAU,EAAE,CAAC,GAAG,CAAC;gBACjB,UAAU,EAAE,EAAE;gBACd,iBAAiB,EAAE,EAAE;gBACrB,qBAAqB,EAAE,KAAK;gBAC5B,UAAU,EAAE,CAAC;aACd,CAAC;QACJ,CAAC;QAED,oCAAoC;QACpC,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;YACtB,QAAQ,CAAC,kBAAkB,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,oBAAoB,IAAI,MAAM,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;YAChH,QAAQ,CAAC,qBAAqB,GAAG,IAAI,CAAC,MAAM,CAAC,qBAAqB,IAAI,CAAC,CAAC;YACxE,QAAQ,CAAC,iBAAiB,GAAG;gBAC3B;oBACE,EAAE,EAAE,MAAM,CAAC,UAAU,EAAE;oBACvB,MAAM,EAAE,iBAAiB;oBACzB,WAAW,EAAE,+BAA+B;oBAC5C,kBAAkB,EAAE,GAAG;oBACvB,MAAM,EAAE,KAAK;iBACd;gBACD;oBACE,EAAE,EAAE,MAAM,CAAC,UAAU,EAAE;oBACvB,MAAM,EAAE,kBAAkB;oBAC1B,WAAW,EAAE,wBAAwB;oBACrC,kBAAkB,EAAE,GAAG;oBACvB,MAAM,EAAE,QAAQ;iBACjB;aACF,CAAC;QACJ,CAAC;QAED,6BAA6B;QAC7B,IAAI,IAAI,KAAK,KAAK,EAAE,CAAC;YACnB,QAAQ,CAAC,YAAY,GAAG,kBAAkB,CAAC;YAC3C,QAAQ,CAAC,UAAU,GAAG,IAAI,CAAC;QAC7B,CAAC;QAED,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC;QAE1C,kBAAkB;QAClB,MAAM,QAAQ,GAAqB;YACjC,EAAE,EAAE,MAAM,CAAC,UAAU,EAAE;YACvB,QAAQ;YACR,QAAQ,EAAE,MAAM,CAAC,EAAE;YACnB,OAAO,EAAE,MAAM,CAAC,QAAQ;YACxB,aAAa;YACb,KAAK,EAAE,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC;YAC7B,iBAAiB,EAAE,QAAQ,CAAC,EAAE;YAC9B,YAAY,EAAE;gBACZ,EAAE,IAAI,EAAE,WAA4B,EAAE,EAAE,EAAE,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,aAAa,IAAI,EAAE,EAAE,SAAS,EAAE,GAAG,EAAE;aAChH;YACD,SAAS,EAAE,GAAG;YACd,SAAS,EAAE,GAAG;YACd,SAAS,EAAE,QAAQ,CAAC,SAAS;SAC9B,CAAC;QAEF,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC;QAExC,MAAM,CAAC,IAAI,CACT,EAAE,UAAU,EAAE,QAAQ,CAAC,EAAE,EAAE,QAAQ,EAAE,MAAM,CAAC,EAAE,EAAE,IAAI,EAAE,EACtD,kCAAkC,CACnC,CAAC;QAEF,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,IAAI,EAAE,iBAAiB,EAAE,QAAQ,CAAC,iBAAiB,EAAE,CAAC;IACrF,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,OAA0B,EAAE,QAAY;QACnD,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;QACxD,IAAI,CAAC,QAAQ,IAAI,QAAQ,CAAC,IAAI,KAAK,QAAQ;YAAE,OAAO,IAAI,CAAC;QAEzD,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QAErC,0DAA0D;QAC1D,MAAM,OAAO,GAAkB;YAC7B,GAAG,QAAQ;YACX,EAAE,EAAE,MAAM,CAAC,UAAU,EAAE;YACvB,IAAI,EAAE,OAAO;YACb,SAAS,EAAE,IAAI;YACf,iBAAiB,EAAE,QAAQ,CAAC,iBAAiB,GAAG,CAAC;YACjD,SAAS,EAAE,CAAC,6CAA6C,CAAC;YAC1D,WAAW,EAAE;gBACX,YAAY,EAAE,CAAC,GAAG,CAAC;gBACnB,UAAU,EAAE,CAAC,GAAG,CAAC;gBACjB,UAAU,EAAE,EAAE;gBACd,iBAAiB,EAAE,EAAE;gBACrB,qBAAqB,EAAE,IAAI;gBAC3B,UAAU,EAAE,CAAC;aACd;YACD,SAAS,EAAE,GAAG;SACf,CAAC;QAEF,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,EAAE,OAAO,CAAC,CAAC;QAExC,kBAAkB;QAClB,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;QACvD,IAAI,QAAQ,EAAE,CAAC;YACb,QAAQ,CAAC,KAAK,GAAG,UAAU,CAAC;YAC5B,QAAQ,CAAC,iBAAiB,GAAG,OAAO,CAAC,EAAE,CAAC;YACxC,QAAQ,CAAC,SAAS,GAAG,GAAG,CAAC;YACzB,QAAQ,CAAC,YAAY,CAAC,IAAI,CAAC;gBACzB,IAAI,EAAE,oBAAoB;gBAC1B,EAAE,EAAE,UAAU;gBACd,MAAM,EAAE,kBAAkB;gBAC1B,SAAS,EAAE,GAAG;aACf,CAAC,CAAC;QACL,CAAC;QAED,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAS,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;IACnE,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,EAAM,EAAE,QAAY;QACpC,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACxC,OAAO,QAAQ,EAAE,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC;IAC3D,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,QAAY,EAAE,QAAY;QAC1C,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC9C,OAAO,QAAQ,EAAE,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC;IAC3D,CAAC;IAED,SAAS,CAAC,MAAyB;QACjC,IAAI,CAAC,MAAM,GAAG,EAAE,GAAG,cAAc,EAAE,GAAG,MAAM,EAAE,CAAC;IACjD,CAAC;IAEO,aAAa,CAAC,UAA4B,EAAE,UAAsB;QACxE,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,eAAgB,CAAC;QAEhD,IAAI,UAAU,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,MAAM,IAAI,CAAC,CAAC,MAAM,KAAK,WAAW,CAAC,EAAE,CAAC;YAC1F,OAAO,KAAK,CAAC;QACf,CAAC;QACD,IAAI,UAAU,GAAG,UAAU,CAAC,aAAa;YAAE,OAAO,KAAK,CAAC;QACxD,IAAI,UAAU,GAAG,UAAU,CAAC,sBAAsB;YAAE,OAAO,QAAQ,CAAC;QACpE,IAAI,UAAU,IAAI,UAAU,CAAC,gBAAgB,IAAI,UAAU,CAAC,MAAM;YAAE,OAAO,OAAO,CAAC;QACnF,OAAO,QAAQ,CAAC;IAClB,CAAC;IAEO,cAAc,CAAC,IAAkB,EAAE,UAA4B,EAAE,UAAsB;QAC7F,IAAI,IAAI,KAAK,OAAO;YAAE,OAAO,CAAC,mBAAmB,EAAE,UAAU,UAAU,qBAAqB,CAAC,CAAC;QAC9F,IAAI,IAAI,KAAK,QAAQ;YAAE,OAAO,CAAC,8BAA8B,CAAC,CAAC;QAC/D,OAAO,CAAC,kBAAkB,EAAE,wBAAwB,CAAC,CAAC;IACxD,CAAC;IAEO,WAAW,CAAC,IAAkB;QACpC,OAAO,IAAI,KAAK,OAAO,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,oBAAoB,CAAC,CAAC,CAAC,QAAQ,CAAC;IAC7F,CAAC;IAEO,gBAAgB,CAAC,KAAiB;QACxC,MAAM,KAAK,GAAG,CAAC,SAAS,EAAE,UAAU,EAAE,aAAa,EAAE,WAAW,EAAE,UAAU,EAAE,SAAS,EAAE,WAAW,EAAE,YAAY,CAAC,CAAC;QACpH,OAAO,KAAK,CAAC,KAAK,CAAC,IAAI,SAAS,CAAC;IACnC,CAAC;IAED,KAAK;QACH,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC;QACvB,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC;IACzB,CAAC;CACF;AAED,gFAAgF;AAChF,+BAA+B;AAC/B,gFAAgF;AAEhF;;GAEG;AACH,MAAM,OAAO,kBAAmB,SAAQ,sBAAsB;CAAG;AAEjE,gFAAgF;AAChF,8BAA8B;AAC9B,gFAAgF;AAEhF,IAAI,kBAAkB,GAA+B,IAAI,CAAC;AAE1D;;;GAGG;AACH,MAAM,UAAU,qBAAqB,CAAC,OAA4B;IAChE,kBAAkB,GAAG,OAAO,CAAC;AAC/B,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,qBAAqB;IACnC,IAAI,CAAC,kBAAkB,EAAE,CAAC;QACxB,MAAM,IAAI,KAAK,CACb,iHAAiH,CAClH,CAAC;IACJ,CAAC;IACD,OAAO,kBAAkB,CAAC;AAC5B,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,wBAAwB,CAAC,OAA6B;IACpE,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CACb,iHAAiH,CAClH,CAAC;IACJ,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,4BAA4B,CAAC,MAA0B;IACrE,OAAO,IAAI,sBAAsB,CAAC,MAAM,CAAC,CAAC;AAC5C,CAAC;AAED,gFAAgF;AAChF,4BAA4B;AAC5B,gFAAgF;AAEhF,OAAO,EAAE,4BAA4B,EAAE,MAAM,sCAAsC,CAAC;AAkBpF;;GAEG;AACH,MAAM,UAAU,KAAK,CAAC,GAAG,UAA6B;IACpD,OAAO,CAAC,OAA2B,EAAE,EAAE,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC;AAC5E,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,KAAK,CAAC,GAAG,UAA6B;IACpD,OAAO,CAAC,OAA2B,EAAE,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC;AAC3E,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,GAAG,CAAC,SAA0B;IAC5C,OAAO,CAAC,OAA2B,EAAE,EAAE,CAAC,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;AAC9D,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG;IAC9B,qDAAqD;IACrD,aAAa,EAAE,CAAC,KAAa,EAAmB,EAAE,CAChD,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,UAAU,IAAI,CAAC,CAAC,IAAI,KAAK;IAEzC,0BAA0B;IAC1B,UAAU,EAAE,CAAC,IAAY,EAAmB,EAAE,CAC5C,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,UAAU,KAAK,IAAI;IAEzC,kDAAkD;IAClD,cAAc,EAAE,CAAC,KAA4D,EAAmB,EAAE;QAChG,MAAM,KAAK,GAAG,EAAE,MAAM,EAAE,CAAC,EAAE,QAAQ,EAAE,CAAC,EAAE,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE,CAAC,EAAE,CAAC;QACzE,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,eAAe,IAAI,QAAQ,CAAuB,CAAC,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC;IACxG,CAAC;IAED,2BAA2B;IAC3B,YAAY,EAAE,GAAoB,EAAE,CAClC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,aAAa,KAAK,cAAc;CAC9C,CAAC"}
|
|
@@ -13,17 +13,17 @@
|
|
|
13
13
|
*
|
|
14
14
|
* @packageDocumentation
|
|
15
15
|
*/
|
|
16
|
-
import type { ID, TrustLevel } from
|
|
17
|
-
import type { TrustEngine } from
|
|
18
|
-
import type { IEnforcementService, EnforcementContext, EnforcementPolicy, FluidDecision, FluidDecisionResult, DecisionConstraints, RefinementRequest, WorkflowInstance } from
|
|
16
|
+
import type { ID, TrustLevel } from '../common/types.js';
|
|
17
|
+
import type { TrustEngine } from '../trust-engine/index.js';
|
|
18
|
+
import type { IEnforcementService, EnforcementContext, EnforcementPolicy, FluidDecision, FluidDecisionResult, DecisionConstraints, RefinementRequest, WorkflowInstance } from './index.js';
|
|
19
19
|
/**
|
|
20
20
|
* Input for policy evaluation.
|
|
21
21
|
* Minimal interface to avoid hard dependency on @vorionsys/security.
|
|
22
22
|
*/
|
|
23
23
|
export interface PolicyEvaluationInput {
|
|
24
|
-
intent: import(
|
|
25
|
-
trustScore: import(
|
|
26
|
-
trustLevel: import(
|
|
24
|
+
intent: import('../common/types.js').Intent;
|
|
25
|
+
trustScore: import('../common/types.js').TrustScore;
|
|
26
|
+
trustLevel: import('../common/types.js').TrustLevel;
|
|
27
27
|
context?: Record<string, unknown>;
|
|
28
28
|
}
|
|
29
29
|
/**
|
|
@@ -32,7 +32,7 @@ export interface PolicyEvaluationInput {
|
|
|
32
32
|
export interface PolicyViolation {
|
|
33
33
|
policyId: string;
|
|
34
34
|
policyName: string;
|
|
35
|
-
action:
|
|
35
|
+
action: 'deny' | 'escalate' | 'limit' | 'monitor';
|
|
36
36
|
reason: string;
|
|
37
37
|
}
|
|
38
38
|
/**
|
|
@@ -93,7 +93,7 @@ export declare class TrustAwareEnforcementService implements IEnforcementService
|
|
|
93
93
|
* Get current policy configuration (for inspection/debugging).
|
|
94
94
|
*/
|
|
95
95
|
getPolicy(): {
|
|
96
|
-
config: Required<Omit<TrustAwareEnforcementConfig,
|
|
96
|
+
config: Required<Omit<TrustAwareEnforcementConfig, 'policyEngine'>>;
|
|
97
97
|
policy: EnforcementPolicy;
|
|
98
98
|
};
|
|
99
99
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"trust-aware-enforcement-service.d.ts","sourceRoot":"","sources":["../../src/enforce/trust-aware-enforcement-service.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAGH,OAAO,KAAK,EAAE,EAAE,EAAE,UAAU,EAAc,MAAM,oBAAoB,CAAC;AACrE,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AAE5D,OAAO,KAAK,EACV,mBAAmB,EACnB,kBAAkB,EAClB,iBAAiB,EACjB,aAAa,EACb,mBAAmB,EAEnB,mBAAmB,EAEnB,iBAAiB,EACjB,gBAAgB,EAEjB,MAAM,YAAY,CAAC;AAkBpB;;;GAGG;AACH,MAAM,WAAW,qBAAqB;IACpC,MAAM,EAAE,OAAO,oBAAoB,EAAE,MAAM,CAAC;IAC5C,UAAU,EAAE,OAAO,oBAAoB,EAAE,UAAU,CAAC;IACpD,UAAU,EAAE,OAAO,oBAAoB,EAAE,UAAU,CAAC;IACpD,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACnC;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,MAAM,EAAE,MAAM,GAAG,UAAU,GAAG,OAAO,GAAG,SAAS,CAAC;IAClD,MAAM,EAAE,MAAM,CAAC;CAChB;AAED;;;;GAIG;AACH,MAAM,WAAW,aAAa;IAC5B,QAAQ,CAAC,OAAO,EAAE,qBAAqB,GAAG,eAAe,EAAE,CAAC;CAC7D;
|
|
1
|
+
{"version":3,"file":"trust-aware-enforcement-service.d.ts","sourceRoot":"","sources":["../../src/enforce/trust-aware-enforcement-service.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAGH,OAAO,KAAK,EAAE,EAAE,EAAE,UAAU,EAAc,MAAM,oBAAoB,CAAC;AACrE,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AAE5D,OAAO,KAAK,EACV,mBAAmB,EACnB,kBAAkB,EAClB,iBAAiB,EACjB,aAAa,EACb,mBAAmB,EAEnB,mBAAmB,EAEnB,iBAAiB,EACjB,gBAAgB,EAEjB,MAAM,YAAY,CAAC;AAkBpB;;;GAGG;AACH,MAAM,WAAW,qBAAqB;IACpC,MAAM,EAAE,OAAO,oBAAoB,EAAE,MAAM,CAAC;IAC5C,UAAU,EAAE,OAAO,oBAAoB,EAAE,UAAU,CAAC;IACpD,UAAU,EAAE,OAAO,oBAAoB,EAAE,UAAU,CAAC;IACpD,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACnC;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,MAAM,EAAE,MAAM,GAAG,UAAU,GAAG,OAAO,GAAG,SAAS,CAAC;IAClD,MAAM,EAAE,MAAM,CAAC;CAChB;AAED;;;;GAIG;AACH,MAAM,WAAW,aAAa;IAC5B,QAAQ,CAAC,OAAO,EAAE,qBAAqB,GAAG,eAAe,EAAE,CAAC;CAC7D;AAkKD,MAAM,WAAW,2BAA2B;IAC1C,4EAA4E;IAC5E,gBAAgB,CAAC,EAAE,UAAU,CAAC;IAC9B,mEAAmE;IACnE,sBAAsB,CAAC,EAAE,UAAU,CAAC;IACpC,oEAAoE;IACpE,aAAa,CAAC,EAAE,UAAU,CAAC;IAC3B,uDAAuD;IACvD,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,sDAAsD;IACtD,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,+CAA+C;IAC/C,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B,8CAA8C;IAC9C,kBAAkB,CAAC,EAAE,OAAO,CAAC,mBAAmB,CAAC,CAAC;IAClD,uEAAuE;IACvE,YAAY,CAAC,EAAE,aAAa,CAAC;CAC9B;AAgBD;;;;;;;;GAQG;AACH,qBAAa,4BAA6B,YAAW,mBAAmB;IACtE,OAAO,CAAC,MAAM,CAA8D;IAC5E,OAAO,CAAC,MAAM,CAAoB;IAClC,OAAO,CAAC,SAAS,CAAgC;IACjD,OAAO,CAAC,SAAS,CAAmC;IACpD,OAAO,CAAC,WAAW,CAAqB;IACxC,OAAO,CAAC,YAAY,CAAuB;gBAGzC,WAAW,EAAE,WAAW,GAAG,IAAI,EAC/B,MAAM,CAAC,EAAE,2BAA2B,EACpC,MAAM,CAAC,EAAE,iBAAiB;IAsBtB,MAAM,CAAC,OAAO,EAAE,kBAAkB,GAAG,OAAO,CAAC,mBAAmB,CAAC;IA8KjE,MAAM,CAAC,OAAO,EAAE,iBAAiB,EAAE,QAAQ,EAAE,EAAE,GAAG,OAAO,CAAC,mBAAmB,GAAG,IAAI,CAAC;IAqHrF,WAAW,CAAC,EAAE,EAAE,EAAE,EAAE,QAAQ,EAAE,EAAE,GAAG,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC;IAYhE,WAAW,CAAC,QAAQ,EAAE,EAAE,EAAE,QAAQ,EAAE,EAAE,GAAG,OAAO,CAAC,gBAAgB,GAAG,IAAI,CAAC;IAM/E,SAAS,CAAC,MAAM,EAAE,iBAAiB,GAAG,IAAI;IAW1C;;;;OAIG;IACH,aAAa,CAAC,OAAO,EAAE,OAAO,CAAC,2BAA2B,CAAC,GAAG,IAAI;IAwBlE;;OAEG;IACH,SAAS,IAAI;QAAE,MAAM,EAAE,QAAQ,CAAC,IAAI,CAAC,2BAA2B,EAAE,cAAc,CAAC,CAAC,CAAC;QAAC,MAAM,EAAE,iBAAiB,CAAA;KAAE;IAQ/G;;;OAGG;IACH,eAAe,CAAC,MAAM,EAAE,aAAa,GAAG,IAAI,GAAG,IAAI;IAQnD;;OAEG;IACH,aAAa,IAAI,MAAM;IAIvB;;OAEG;IACH,aAAa,IAAI,MAAM;IAIvB;;OAEG;IACH,KAAK,IAAI,IAAI;IASb,OAAO,CAAC,aAAa;IAkCrB,OAAO,CAAC,cAAc;IAgCtB,OAAO,CAAC,WAAW;IAQnB,OAAO,CAAC,gBAAgB;CAGzB"}
|