generated from coulomb/repo-seed
70 lines
1.8 KiB
JSON
70 lines
1.8 KiB
JSON
{
|
|
"id": "decision:tenant-alpha-internal-note",
|
|
"request_id": "check:tenant-alpha-internal-note",
|
|
"effect": "allow",
|
|
"reason": "reader_relation",
|
|
"matched_policy_version": "markitect.documents.v1",
|
|
"matched_rule": "allow_document_read",
|
|
"resource": {
|
|
"id": "document:internal-note",
|
|
"type": "document",
|
|
"system": "markitect-tool",
|
|
"tenant": "tenant:alpha"
|
|
},
|
|
"subject": {
|
|
"id": "user:alice",
|
|
"type": "Human",
|
|
"tenant": "tenant:alpha"
|
|
},
|
|
"obligations": [
|
|
{
|
|
"type": "log_access",
|
|
"parameters": {
|
|
"level": "standard"
|
|
}
|
|
}
|
|
],
|
|
"diagnostics": {
|
|
"policy_package": "examples/caring"
|
|
},
|
|
"provenance": {
|
|
"evaluator": "flex-auth",
|
|
"mode": "standalone",
|
|
"policy_package": "markitect.documents",
|
|
"policy_version": "v1",
|
|
"decision_time": "2026-05-17T00:00:00Z"
|
|
},
|
|
"caring": {
|
|
"profile": "caring-0.4.0-rc2",
|
|
"descriptor": {
|
|
"id": "descriptor:tenant-alpha-document-reader",
|
|
"profile": "caring-0.4.0-rc2",
|
|
"subject_type": "Human",
|
|
"organization_relation": "Customer",
|
|
"canonical_role": "Doer",
|
|
"scope": {
|
|
"level": "Resource",
|
|
"id": "document:internal-note",
|
|
"tenant": "tenant:alpha",
|
|
"resource": "document:internal-note"
|
|
},
|
|
"planes": ["Data"],
|
|
"capabilities": ["View"],
|
|
"exposure_modes": ["Masked", "Plaintext"],
|
|
"conditions": ["PurposeBound", "Logged"],
|
|
"lifecycle_state": "Operate",
|
|
"restrictions": ["ExportBlocked"],
|
|
"access_path": "direct"
|
|
},
|
|
"restrictions_evaluated": ["ExportBlocked"],
|
|
"exposure_modes": ["Masked", "Plaintext"],
|
|
"conformance_findings": [
|
|
{
|
|
"code": "CARING-EXPORT-SEPARATION",
|
|
"severity": "info",
|
|
"message": "View is allowed, but Exportable exposure remains separately blocked."
|
|
}
|
|
]
|
|
}
|
|
}
|