notify doctors work, audit work, new product advisory sprints

src/Policy/StellaOps.Policy.Engine/Endpoints/PolicyLintEndpoints.cs

@@ -26,7 +26,7 @@ public static class PolicyLintEndpoints
         group.MapGet("/rules", GetLintRulesAsync)
             .WithName("Policy.Lint.GetRules")
             .WithDescription("Get available lint rules and their severities")
-            .AllowAnonymous();
+            .RequireAuthorization(policy => policy.RequireClaim("scope", "policy:read"));
 
         return routes;
     }

src/Policy/StellaOps.Policy.Engine/Endpoints/PolicyPackEndpoints.cs

@@ -2,6 +2,7 @@ using System.Security.Claims;
 using Microsoft.AspNetCore.Http.HttpResults;
 using Microsoft.AspNetCore.Mvc;
 using StellaOps.Auth.Abstractions;
+using StellaOps.Determinism;
 using StellaOps.Policy.Engine.Domain;
 using StellaOps.Policy.Engine.Services;
 
@@ -59,6 +60,7 @@ internal static class PolicyPackEndpoints
         HttpContext context,
         [FromBody] CreatePolicyPackRequest request,
         IPolicyPackRepository repository,
+        IGuidProvider guidProvider,
         CancellationToken cancellationToken)
     {
         var scopeResult = ScopeAuthorization.RequireScope(context, StellaOpsScopes.PolicyEdit);
@@ -78,7 +80,7 @@ internal static class PolicyPackEndpoints
         }
 
         var packId = string.IsNullOrWhiteSpace(request.PackId)
-            ? $"pack-{Guid.NewGuid():n}"
+            ? $"pack-{guidProvider.NewGuid():n}"
             : request.PackId.Trim();
 
         var pack = await repository.CreateAsync(packId, request.DisplayName?.Trim(), cancellationToken).ConfigureAwait(false);
@@ -157,6 +159,7 @@ internal static class PolicyPackEndpoints
         [FromBody] ActivatePolicyRevisionRequest request,
         IPolicyPackRepository repository,
         IPolicyActivationAuditor auditor,
+        TimeProvider timeProvider,
         CancellationToken cancellationToken)
     {
         var scopeResult = ScopeAuthorization.RequireScope(context, StellaOpsScopes.PolicyActivate);
@@ -185,7 +188,7 @@ internal static class PolicyPackEndpoints
             packId,
             version,
             actorId,
-            DateTimeOffset.UtcNow,
+            timeProvider.GetUtcNow(),
             request.Comment,
             cancellationToken).ConfigureAwait(false);
 

src/Policy/StellaOps.Policy.Engine/Endpoints/PolicySnapshotEndpoints.cs

@@ -0,0 +1,84 @@
+using Microsoft.AspNetCore.Mvc;
+using StellaOps.Auth.Abstractions;
+using StellaOps.Policy.Engine.Snapshots;
+
+namespace StellaOps.Policy.Engine.Endpoints;
+
+/// <summary>
+/// API endpoints for snapshot CRUD under /api/policy.
+/// </summary>
+internal static class PolicySnapshotEndpoints
+{
+    public static IEndpointRouteBuilder MapPolicySnapshotsApi(this IEndpointRouteBuilder endpoints)
+    {
+        var group = endpoints.MapGroup("/api/policy/snapshots")
+            .RequireAuthorization()
+            .WithTags("Policy Snapshots");
+
+        group.MapPost(string.Empty, CreateAsync)
+            .WithName("PolicyEngine.Api.Snapshots.Create");
+
+        group.MapGet(string.Empty, ListAsync)
+            .WithName("PolicyEngine.Api.Snapshots.List");
+
+        group.MapGet("/{snapshotId}", GetAsync)
+            .WithName("PolicyEngine.Api.Snapshots.Get");
+
+        return endpoints;
+    }
+
+    private static async Task<IResult> CreateAsync(
+        HttpContext context,
+        [FromBody] SnapshotRequest request,
+        SnapshotService service,
+        CancellationToken cancellationToken)
+    {
+        var scopeResult = ScopeAuthorization.RequireScope(context, StellaOpsScopes.PolicyEdit);
+        if (scopeResult is not null)
+        {
+            return scopeResult;
+        }
+
+        try
+        {
+            var snapshot = await service.CreateAsync(request, cancellationToken).ConfigureAwait(false);
+            return Results.Json(snapshot);
+        }
+        catch (ArgumentException ex)
+        {
+            return Results.BadRequest(new { message = ex.Message });
+        }
+    }
+
+    private static async Task<IResult> ListAsync(
+        HttpContext context,
+        [FromQuery(Name = "tenant_id")] string? tenantId,
+        SnapshotService service,
+        CancellationToken cancellationToken)
+    {
+        var scopeResult = ScopeAuthorization.RequireScope(context, StellaOpsScopes.PolicyRead);
+        if (scopeResult is not null)
+        {
+            return scopeResult;
+        }
+
+        var (items, cursor) = await service.ListAsync(tenantId, cancellationToken).ConfigureAwait(false);
+        return Results.Json(new { items, next_cursor = cursor });
+    }
+
+    private static async Task<IResult> GetAsync(
+        HttpContext context,
+        [FromRoute] string snapshotId,
+        SnapshotService service,
+        CancellationToken cancellationToken)
+    {
+        var scopeResult = ScopeAuthorization.RequireScope(context, StellaOpsScopes.PolicyRead);
+        if (scopeResult is not null)
+        {
+            return scopeResult;
+        }
+
+        var snapshot = await service.GetAsync(snapshotId, cancellationToken).ConfigureAwait(false);
+        return snapshot is null ? Results.NotFound() : Results.Json(snapshot);
+    }
+}

src/Policy/StellaOps.Policy.Engine/Endpoints/RiskProfileSchemaEndpoints.cs

@@ -18,7 +18,7 @@ internal static class RiskProfileSchemaEndpoints
             .WithTags("Schema Discovery")
             .Produces<string>(StatusCodes.Status200OK, contentType: JsonSchemaMediaType)
             .Produces(StatusCodes.Status304NotModified)
-            .AllowAnonymous();
+            .RequireAuthorization();
 
         endpoints.MapPost("/api/risk/schema/validate", ValidateProfile)
             .WithName("ValidateRiskProfile")