Skip to main content

typesec_odrl/
lib.rs

1//! # typesec-odrl
2//!
3//! ODRL (Open Digital Rights Language, W3C) policy engine.
4//!
5//! ODRL is a richer policy model than RBAC — rules can carry *constraints*
6//! that are evaluated at check time (e.g., "only allowed before 2027-01-01",
7//! "only for purpose=analytics"). This makes ODRL well-suited to AI agent
8//! scenarios where access is conditional on context, not just identity.
9//!
10//! ## ODRL Concepts
11//!
12//! - **Policy** — container, has a UID and type (`Set`, `Offer`, `Agreement`).
13//! - **Rule** — a `permission`, `prohibition`, or `duty`.
14//! - **Action** — what the rule applies to (maps to our `Permission::name()`).
15//! - **Constraint** — a runtime condition that must hold for the rule to apply.
16//!
17//! ## Audit Trail
18//!
19//! Every `check()` call emits a structured `tracing::info!` event with the
20//! policy UID, rule type, constraint evaluation results, and final verdict.
21//! This gives a full audit trail for compliance and forensics.
22
23#![forbid(unsafe_code)]
24#![warn(missing_docs, clippy::all)]
25
26pub mod audit;
27pub mod constraint;
28pub mod engine;
29pub mod model;
30
31pub use engine::OdrlEngine;
32pub use model::{OdrlConstraint, OdrlPolicy, OdrlRule, OdrlRuleType, RuleAction};