mur_core/policy/

rules.rs

//! Policy rules — allow/deny/require-approval with conditions.

use serde::{Deserialize, Serialize};

/// What happens when a policy rule matches.
#[derive(Debug, Clone, Serialize, Deserialize, PartialEq, Eq)]
#[serde(rename_all = "snake_case")]
pub enum RuleAction {
    /// Allow the action immediately.
    Allow,
    /// Deny the action with a reason.
    Deny { reason: String },
    /// Require human approval before proceeding.
    RequireApproval { prompt: String },
}

/// Conditions under which a rule applies.
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct RuleCondition {
    /// Match against action type (e.g., "execute", "api_call", "write").
    #[serde(skip_serializing_if = "Option::is_none")]
    pub action_type: Option<String>,
    /// Glob pattern to match against action command.
    #[serde(skip_serializing_if = "Option::is_none")]
    pub command_pattern: Option<String>,
    /// Glob pattern to match against action description.
    #[serde(skip_serializing_if = "Option::is_none")]
    pub description_pattern: Option<String>,
    /// Match against workflow ID.
    #[serde(skip_serializing_if = "Option::is_none")]
    pub workflow_id: Option<String>,
    /// Match against time-of-day range (e.g., "09:00-17:00").
    #[serde(skip_serializing_if = "Option::is_none")]
    pub time_range: Option<String>,
    /// Match against cost threshold (action cost must exceed this).
    #[serde(skip_serializing_if = "Option::is_none")]
    pub cost_above: Option<f64>,
}

impl RuleCondition {
    /// Check if this condition matches a given context.
    pub fn matches(&self, ctx: &RuleContext) -> bool {
        if let Some(ref at) = self.action_type {
            if !pattern_matches(&ctx.action_type, at) {
                return false;
            }
        }
        if let Some(ref cp) = self.command_pattern {
            if !pattern_matches(&ctx.command, cp) {
                return false;
            }
        }
        if let Some(ref dp) = self.description_pattern {
            if !pattern_matches(&ctx.description, dp) {
                return false;
            }
        }
        if let Some(ref wid) = self.workflow_id {
            if ctx.workflow_id.as_deref() != Some(wid.as_str()) {
                return false;
            }
        }
        if let Some(threshold) = self.cost_above {
            if ctx.estimated_cost.unwrap_or(0.0) <= threshold {
                return false;
            }
        }
        if let Some(ref range) = self.time_range {
            if !check_time_range(range) {
                return false;
            }
        }
        true
    }
}

/// Context for evaluating policy rules against an action.
#[derive(Debug, Clone)]
pub struct RuleContext {
    pub action_type: String,
    pub command: String,
    pub description: String,
    pub workflow_id: Option<String>,
    pub estimated_cost: Option<f64>,
}

/// A single policy rule.
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct PolicyRule {
    /// Human-readable name for the rule.
    pub name: String,
    /// Optional description.
    #[serde(default)]
    pub description: String,
    /// Priority (lower = evaluated first, higher priority).
    #[serde(default = "default_priority")]
    pub priority: i32,
    /// Conditions that must all match.
    pub condition: RuleCondition,
    /// Action to take when conditions match.
    pub action: RuleAction,
    /// Whether this rule is enabled.
    #[serde(default = "default_true")]
    pub enabled: bool,
}

fn default_priority() -> i32 {
    100
}
fn default_true() -> bool {
    true
}

/// A set of policy rules loaded from YAML.
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct PolicyRuleSet {
    #[serde(default)]
    pub rules: Vec<PolicyRule>,
}

impl PolicyRuleSet {
    /// Load rules from a YAML string.
    pub fn from_yaml(content: &str) -> Result<Self, serde_yaml::Error> {
        serde_yaml::from_str(content)
    }

    /// Evaluate rules against a context. Returns the first matching rule's action,
    /// or None if no rules match.
    pub fn evaluate(&self, ctx: &RuleContext) -> Option<RuleAction> {
        let mut sorted_rules: Vec<&PolicyRule> =
            self.rules.iter().filter(|r| r.enabled).collect();
        sorted_rules.sort_by_key(|r| r.priority);

        for rule in sorted_rules {
            if rule.condition.matches(ctx) {
                return Some(rule.action.clone());
            }
        }
        None
    }

    /// Add a rule to the set.
    pub fn add_rule(&mut self, rule: PolicyRule) {
        self.rules.push(rule);
    }

    /// Remove a rule by name.
    pub fn remove_rule(&mut self, name: &str) -> bool {
        let before = self.rules.len();
        self.rules.retain(|r| r.name != name);
        self.rules.len() < before
    }
}

/// Simple glob-like pattern matching (case-insensitive, * as wildcard).
pub fn pattern_matches(text: &str, pattern: &str) -> bool {
    let text_lower = text.to_lowercase();
    let pattern_lower = pattern.to_lowercase();

    if pattern_lower.contains('*') {
        let parts: Vec<&str> = pattern_lower.split('*').collect();
        let mut pos = 0;
        for part in &parts {
            if part.is_empty() {
                continue;
            }
            match text_lower[pos..].find(part) {
                Some(idx) => pos += idx + part.len(),
                None => return false,
            }
        }
        true
    } else {
        text_lower.contains(&pattern_lower)
    }
}

/// Check if current time falls within a time range (e.g., "09:00-17:00").
fn check_time_range(range: &str) -> bool {
    let parts: Vec<&str> = range.split('-').collect();
    if parts.len() != 2 {
        return false; // Invalid range → fail-closed
    }

    let parse_time = |s: &str| -> Option<chrono::NaiveTime> {
        chrono::NaiveTime::parse_from_str(s.trim(), "%H:%M").ok()
    };

    let (start, end) = match (parse_time(parts[0]), parse_time(parts[1])) {
        (Some(s), Some(e)) => (s, e),
        _ => return false, // Invalid time format → fail-closed
    };

    let now = chrono::Local::now().time();

    if start <= end {
        // Normal range: e.g., "09:00-17:00"
        now >= start && now <= end
    } else {
        // Midnight-spanning range: e.g., "22:00-06:00"
        now >= start || now <= end
    }
}

#[cfg(test)]
mod tests {
    use super::*;

    fn make_ctx(action_type: &str, command: &str, description: &str) -> RuleContext {
        RuleContext {
            action_type: action_type.into(),
            command: command.into(),
            description: description.into(),
            workflow_id: None,
            estimated_cost: None,
        }
    }

    #[test]
    fn test_pattern_matches_exact() {
        assert!(pattern_matches("git push", "git push"));
        assert!(!pattern_matches("git pull", "git push"));
    }

    #[test]
    fn test_pattern_matches_wildcard() {
        assert!(pattern_matches("deploy production", "deploy *"));
        assert!(pattern_matches("deploy staging", "deploy *"));
    }

    #[test]
    fn test_pattern_matches_case_insensitive() {
        assert!(pattern_matches("DROP DATABASE", "drop database"));
    }

    #[test]
    fn test_rule_condition_matches() {
        let cond = RuleCondition {
            action_type: Some("execute".into()),
            command_pattern: Some("git push*".into()),
            description_pattern: None,
            workflow_id: None,
            time_range: None,
            cost_above: None,
        };

        let ctx = make_ctx("execute", "git push origin main", "Push to remote");
        assert!(cond.matches(&ctx));

        let ctx2 = make_ctx("read", "git push origin main", "Push to remote");
        assert!(!ctx2.action_type.contains("execute") || cond.matches(&ctx2));
    }

    #[test]
    fn test_rule_condition_cost_threshold() {
        let cond = RuleCondition {
            action_type: None,
            command_pattern: None,
            description_pattern: None,
            workflow_id: None,
            time_range: None,
            cost_above: Some(1.0),
        };

        let mut ctx = make_ctx("api_call", "model invoke", "Call GPT-4");
        ctx.estimated_cost = Some(0.5);
        assert!(!cond.matches(&ctx));

        ctx.estimated_cost = Some(1.5);
        assert!(cond.matches(&ctx));
    }

    #[test]
    fn test_policy_rule_set_evaluate() {
        let rule_set = PolicyRuleSet {
            rules: vec![
                PolicyRule {
                    name: "block-production".into(),
                    description: "Block production deploys".into(),
                    priority: 1,
                    condition: RuleCondition {
                        action_type: None,
                        command_pattern: Some("deploy production*".into()),
                        description_pattern: None,
                        workflow_id: None,
                        time_range: None,
                        cost_above: None,
                    },
                    action: RuleAction::Deny {
                        reason: "Production deploys require manual approval flow".into(),
                    },
                    enabled: true,
                },
                PolicyRule {
                    name: "allow-staging".into(),
                    description: "Allow staging deploys".into(),
                    priority: 10,
                    condition: RuleCondition {
                        action_type: None,
                        command_pattern: Some("deploy staging*".into()),
                        description_pattern: None,
                        workflow_id: None,
                        time_range: None,
                        cost_above: None,
                    },
                    action: RuleAction::Allow,
                    enabled: true,
                },
            ],
        };

        let ctx = make_ctx("execute", "deploy production v2", "Deploy to prod");
        let result = rule_set.evaluate(&ctx);
        assert!(matches!(result, Some(RuleAction::Deny { .. })));

        let ctx2 = make_ctx("execute", "deploy staging v2", "Deploy to staging");
        let result2 = rule_set.evaluate(&ctx2);
        assert!(matches!(result2, Some(RuleAction::Allow)));

        let ctx3 = make_ctx("read", "git log", "View history");
        let result3 = rule_set.evaluate(&ctx3);
        assert!(result3.is_none());
    }

    #[test]
    fn test_add_and_remove_rule() {
        let mut rule_set = PolicyRuleSet { rules: vec![] };

        rule_set.add_rule(PolicyRule {
            name: "test-rule".into(),
            description: "".into(),
            priority: 50,
            condition: RuleCondition {
                action_type: None,
                command_pattern: Some("*".into()),
                description_pattern: None,
                workflow_id: None,
                time_range: None,
                cost_above: None,
            },
            action: RuleAction::Allow,
            enabled: true,
        });

        assert_eq!(rule_set.rules.len(), 1);
        assert!(rule_set.remove_rule("test-rule"));
        assert!(rule_set.rules.is_empty());
        assert!(!rule_set.remove_rule("nonexistent"));
    }

    #[test]
    fn test_disabled_rules_skipped() {
        let rule_set = PolicyRuleSet {
            rules: vec![PolicyRule {
                name: "disabled-rule".into(),
                description: "".into(),
                priority: 1,
                condition: RuleCondition {
                    action_type: None,
                    command_pattern: Some("*".into()),
                    description_pattern: None,
                    workflow_id: None,
                    time_range: None,
                    cost_above: None,
                },
                action: RuleAction::Deny {
                    reason: "should not fire".into(),
                },
                enabled: false,
            }],
        };

        let ctx = make_ctx("execute", "anything", "anything");
        assert!(rule_set.evaluate(&ctx).is_none());
    }

    #[test]
    fn test_rule_set_from_yaml() {
        // First serialize to learn the exact format, then parse it back
        let rule_set = PolicyRuleSet {
            rules: vec![
                PolicyRule {
                    name: "block-rm".into(),
                    description: "Block dangerous rm commands".into(),
                    priority: 1,
                    condition: RuleCondition {
                        action_type: None,
                        command_pattern: Some("rm -rf *".into()),
                        description_pattern: None,
                        workflow_id: None,
                        time_range: None,
                        cost_above: None,
                    },
                    action: RuleAction::Deny {
                        reason: "rm -rf is forbidden".into(),
                    },
                    enabled: true,
                },
                PolicyRule {
                    name: "allow-read".into(),
                    description: "".into(),
                    priority: 100,
                    condition: RuleCondition {
                        action_type: Some("read".into()),
                        command_pattern: None,
                        description_pattern: None,
                        workflow_id: None,
                        time_range: None,
                        cost_above: None,
                    },
                    action: RuleAction::Allow,
                    enabled: true,
                },
            ],
        };

        let yaml = serde_yaml::to_string(&rule_set).unwrap();
        let parsed = PolicyRuleSet::from_yaml(&yaml).unwrap();
        assert_eq!(parsed.rules.len(), 2);
        assert_eq!(parsed.rules[0].name, "block-rm");
        assert!(matches!(parsed.rules[1].action, RuleAction::Allow));
    }

    #[test]
    fn test_rule_action_serialization() {
        let allow = RuleAction::Allow;
        let json = serde_json::to_string(&allow).unwrap();
        assert_eq!(json, "\"allow\"");

        let deny = RuleAction::Deny {
            reason: "forbidden".into(),
        };
        let json = serde_json::to_string(&deny).unwrap();
        assert!(json.contains("forbidden"));
    }

    #[test]
    fn test_priority_ordering() {
        let rule_set = PolicyRuleSet {
            rules: vec![
                PolicyRule {
                    name: "low-priority".into(),
                    description: "".into(),
                    priority: 100,
                    condition: RuleCondition {
                        action_type: None,
                        command_pattern: Some("test*".into()),
                        description_pattern: None,
                        workflow_id: None,
                        time_range: None,
                        cost_above: None,
                    },
                    action: RuleAction::Allow,
                    enabled: true,
                },
                PolicyRule {
                    name: "high-priority".into(),
                    description: "".into(),
                    priority: 1,
                    condition: RuleCondition {
                        action_type: None,
                        command_pattern: Some("test*".into()),
                        description_pattern: None,
                        workflow_id: None,
                        time_range: None,
                        cost_above: None,
                    },
                    action: RuleAction::Deny {
                        reason: "high priority wins".into(),
                    },
                    enabled: true,
                },
            ],
        };

        let ctx = make_ctx("execute", "test something", "test");
        let result = rule_set.evaluate(&ctx);
        assert!(matches!(result, Some(RuleAction::Deny { .. })));
    }
}