Skip to main content

yarli_cli/yarli-policy/src/
error.rs

1//! Policy engine error types.
2
3use thiserror::Error;
4use uuid::Uuid;
5
6/// Errors from policy evaluation.
7#[derive(Debug, Error)]
8pub enum PolicyError {
9    /// The requested action was denied by policy.
10    #[error("policy denied action '{action}': {reason} (rule: {rule_id})")]
11    Denied {
12        action: String,
13        rule_id: String,
14        reason: String,
15    },
16
17    /// The action requires an approval token that is missing or invalid.
18    #[error("action '{action}' requires approval: {reason}")]
19    ApprovalRequired { action: String, reason: String },
20
21    /// An approval token was provided but is expired.
22    #[error("approval token {token_id} expired")]
23    TokenExpired { token_id: Uuid },
24
25    /// An approval token was provided but doesn't match the requested scope.
26    #[error("approval token {token_id} scope mismatch: {details}")]
27    TokenScopeMismatch { token_id: Uuid, details: String },
28
29    /// Safe mode does not permit this action.
30    #[error("safe mode '{mode}' does not permit action '{action}'")]
31    SafeModeViolation { mode: String, action: String },
32
33    /// Internal error during policy evaluation.
34    #[error("policy evaluation error: {0}")]
35    Internal(String),
36}