stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
e11c0a6b59f2efa6f3bb46f2f14eac408bfa87f5
git.stella-ops.org/docs/features/checked/policy/auditable-exception-objects.md
master 9ca2de05df more features checks. setup improvements
2026-02-13 02:04:55 +02:00

2.3 KiB
Raw Blame History

Auditable Exception Objects

Module

Policy

Status

VERIFIED

Description

Exception objects with full audit trail including creation, approval, application, expiry, and revocation events. Supports evidence-linked approval workflows and audit-grade persistence.

Implementation Details

  • Exception Library: src/Policy/__Libraries/StellaOps.Policy.Exceptions/ -- core exception system
    • Models/ -- exception domain models (ExceptionRecord, ExceptionApproval, etc.)
    • Services/ -- exception services (ExceptionService, ExceptionApprovalService)
    • Repositories/ -- exception persistence (IExceptionRepository)
  • Exception Adapter: src/Policy/StellaOps.Policy.Engine/Adapters/ExceptionAdapter.cs -- adapts exceptions for policy evaluation
    • ExceptionEffectRegistry.cs -- tracks effects of applied exceptions
  • Exception Domain: src/Policy/StellaOps.Policy.Engine/Domain/ExceptionContracts.cs -- exception contracts
    • ExceptionMapper.cs -- maps between exception models
  • Exception Cache: src/Policy/StellaOps.Policy.Engine/ExceptionCache/ -- exception caching
    • ExceptionCacheModels.cs, IExceptionEffectiveCache.cs, MessagingExceptionEffectiveCache.cs, RedisExceptionEffectiveCache.cs
  • Exception Events: src/Policy/StellaOps.Policy.Engine/Events/ExceptionEventPublisher.cs -- publishes exception lifecycle events
  • Lifecycle Workers: src/Policy/StellaOps.Policy.Engine/Workers/ExceptionLifecycleService.cs, ExceptionLifecycleWorker.cs -- background processing
  • Approval Rules: src/Policy/StellaOps.Policy.Engine/Services/ExceptionApprovalRulesService.cs -- approval workflow rules
  • Exception-Aware Evaluation: src/Policy/StellaOps.Policy.Engine/Services/ExceptionAwareEvaluationService.cs -- evaluation with exception awareness

E2E Test Plan

  • Create an exception object and verify audit trail records creation event
  • Approve an exception with evidence links and verify approval audit record
  • Apply an exception to a policy evaluation and verify it modifies the verdict
  • Let an exception expire and verify expiry event is recorded
  • Revoke an exception and verify revocation audit trail
  • Query exception history via API and verify all lifecycle events present
  • Verify exception cache invalidation on approval/revocation