Interface: IZeroTrustPolicy
Defined in: src/types/interfaces/zero-trust.interface.ts:361
Zero Trust policy interface.
Remarks
Provides policy evaluation via Open Policy Agent.
Example
const policy = container.resolve<IZeroTrustPolicy>('IZeroTrustPolicy');
const decision = await policy.evaluate({
subject: { did: userDid, roles: ['author'] },
action: 'read',
resource: { type: 'preprint', id: preprintId },
});
if (!decision.allow) {
throw new AuthorizationError('Access denied');
}
Methods
auditDecision()
auditDecision(
decision,input):Promise<void>
Defined in: src/types/interfaces/zero-trust.interface.ts:404
Audit a policy decision.
Parameters
decision
Policy decision
input
Original policy input
Returns
Promise<void>
Remarks
Logs the decision for compliance and debugging.
evaluate()
evaluate(
input):Promise<PolicyDecision>
Defined in: src/types/interfaces/zero-trust.interface.ts:370
Evaluate policy for given input.
Parameters
input
Policy input
Returns
Promise<PolicyDecision>
Policy decision
getPolicyVersion()
getPolicyVersion():
Promise<string>
Defined in: src/types/interfaces/zero-trust.interface.ts:391
Get current policy version.
Returns
Promise<string>
Policy version string
loadPolicy()
loadPolicy(
bundleUrl):Promise<void>
Defined in: src/types/interfaces/zero-trust.interface.ts:382
Load policy bundle from URL.
Parameters
bundleUrl
string
URL to OPA bundle
Returns
Promise<void>
Remarks
Fetches and loads OPA bundle.