# Auditable Exception Objects

## Module
Policy

## Status
VERIFIED

## Description
Exception objects with full audit trail including creation, approval, application, expiry, and revocation events. Supports evidence-linked approval workflows and audit-grade persistence.

## Implementation Details
- **Exception Library**: `src/Policy/__Libraries/StellaOps.Policy.Exceptions/` -- core exception system
  - `Models/` -- exception domain models (ExceptionRecord, ExceptionApproval, etc.)
  - `Services/` -- exception services (ExceptionService, ExceptionApprovalService)
  - `Repositories/` -- exception persistence (IExceptionRepository)
- **Exception Adapter**: `src/Policy/StellaOps.Policy.Engine/Adapters/ExceptionAdapter.cs` -- adapts exceptions for policy evaluation
  - `ExceptionEffectRegistry.cs` -- tracks effects of applied exceptions
- **Exception Domain**: `src/Policy/StellaOps.Policy.Engine/Domain/ExceptionContracts.cs` -- exception contracts
  - `ExceptionMapper.cs` -- maps between exception models
- **Exception Cache**: `src/Policy/StellaOps.Policy.Engine/ExceptionCache/` -- exception caching
  - `ExceptionCacheModels.cs`, `IExceptionEffectiveCache.cs`, `MessagingExceptionEffectiveCache.cs`, `RedisExceptionEffectiveCache.cs`
- **Exception Events**: `src/Policy/StellaOps.Policy.Engine/Events/ExceptionEventPublisher.cs` -- publishes exception lifecycle events
- **Lifecycle Workers**: `src/Policy/StellaOps.Policy.Engine/Workers/ExceptionLifecycleService.cs`, `ExceptionLifecycleWorker.cs` -- background processing
- **Approval Rules**: `src/Policy/StellaOps.Policy.Engine/Services/ExceptionApprovalRulesService.cs` -- approval workflow rules
- **Exception-Aware Evaluation**: `src/Policy/StellaOps.Policy.Engine/Services/ExceptionAwareEvaluationService.cs` -- evaluation with exception awareness

## E2E Test Plan
- [ ] Create an exception object and verify audit trail records creation event
- [ ] Approve an exception with evidence links and verify approval audit record
- [ ] Apply an exception to a policy evaluation and verify it modifies the verdict
- [ ] Let an exception expire and verify expiry event is recorded
- [ ] Revoke an exception and verify revocation audit trail
- [ ] Query exception history via API and verify all lifecycle events present
- [ ] Verify exception cache invalidation on approval/revocation